dr2web - more than web!: February 2010

Showing newest 32 of 86 posts from February 2010. Show older posts

VirusTotal Brand Abused to Push Scareware

Saturday, February 27, 2010

If it doesn't end in .com don't trust it

The name of the popular file analysis service VirusTotal is being abused by cyber-crooks to infect users with scareware. A recent forum spam campaign tries to trick people into visiting a malicious website hosted at virus-total.in.

Security researchers from Sophos reported a spam run promoting the rogue virus-total domain, as a private message on a forum. The message employs scare tactics in order to frighten users into visiting the scareware-pushing website.

"There are viruses’ activities from your computer! Highly recommend you to scan your computer for malicious and potentially unwanted software. If you do not follow this, I will have to make a complaint to your Internet Service Provider with attached log file (your IP address, etc.). If you want to find a report about your computer’s security and solve every problem with it, please click here: [malicious url] This is an online service that you can use for free spyware removal," the message reads.

This attack clearly targets VirusTotal.com, a popular free service which allows users to scan suspicious files with over 40 antivirus engines and other tools. Julio Canto, VirusTotal's project manager, issued an alert about the rogue virus-total.in website via Twitter.

The site displays bogus security warnings and fake antivirus scans to unsuspecting visitors, tricking them into installing a scareware program called SecurityTool. Rogue security programs such as these are commonly used by cyber-criminals to charge money for useless licenses and steal credit card details.

"An unfortunate side effect of a scam like this is that the real VirusTotal could start to receive emails from irate victims of the fake site claiming they’ve 'infected my PC' – fingers crossed it doesn’t get to that stage. Remember: the REAL domain for VirusTotal is Virustotal.com. Don’t fall for this scam!" Sunbelt's Chris Boyd advises.

Another unusual aspect of this attack is the threat of filing a complaint with a user's ISP about the virus activity alleged in the spam message. This statement comes at a time when ISPs have announced initiatives to identify compromised computers on their networks and take proactive measures to clean them.

CorelDRAW Graphics Suite X5 Just Introduced with Better Color Management

Friday, February 26, 2010

Let's draw

I will always consider some programs more than software, and actually call them gadgets, just because they cover as supplements for drawing, sketching or modeling tools. Some of those programs come from Corel Corporation that has just introduced the CorelDRAW Graphics Suite X5, namely the company's newest edition of the award-winning package of professional graphics applications.

Being comprised of more than fifty new and enhanced features, the CoreDRAW Graphics Suite X5 packs drastic enhancements to asset management, color management, web graphics, as well as wide array of learning resources and more content than ever before.

“Throughout the development cycle for CorelDRAW Graphics Suite X5, our team worked hand-in-hand with our user community to ensure we were delivering the new features and enhancements that would make a meaningful difference to them. We wanted to truly understand what they loved about the product and what they needed to make their experience that much better,” said Gérard Métrailler, senior director of product management, Graphics, for Corel.

Corel CONNECT is one of the fresh built-in applications that allow users to have quick access to content on a computer, network or disc, by synchronizing with both CorelDRAW and Corel PHOTO-PAINT. Compliant or supporting more than 100 commonly used file formats, the application makes sure that users can easily collaborate and exchange files with virtually anyone, from clients to colleagues. The color javascript:void(0)management has clearly been reinvented, as it now assures users with accurate color representation, while also permitting them to save project-specific colors, which can be reused in future projects.

Since the company got customers used to being provided with the widest selections of fonts, clip-art and other collateral content, the new suite includes 10,000 high quality clipart and digital images, 1,000 professional, high resolution, royalty-free digital photos, 1,000 OpenType fonts, included with Windows Glyph List4 and engraving fonts, as well as 2,000 vehicle templates and 350 professionally designed templates.

Germans to Produce the Logo CULV Mini-Laptop

Smartbook by Smartbook

Lately, some new CULV models started invading our marketplaces but that's fine with us, let it rain with portable devices. The technology clouds are bringing this new smartbook all the way from Germany and it seems to have created confusion in this domain, as the founding fathers of this company called it Smartbook long before the technological neologism has appeared. So, now, Smartbook is releasing Logo, their latest product. I know, again uninspired regarding the name.

Although the Germans might not be the most creative people on the planet, they do have a tendency to make everything precise in the smallest of details, which is why if ever owning such a smartbook like the Smartbook Logo, you will be pleasantly surprised to find out that it weighs precisely 1.3 Kg, has precisely 1 GB of RAM memory and an even more precisely capacitated 250 GB hard disk drive.

It uses a 3G UMTS modem so that it can stay connected to the very internet you are using right now and it is operated by Windows 7, the Home Premium version. Of course, Hannover will be the place where they will launch their product and right after CeBit, they will make it available throughout Europe at a $940 USD price (699 Euros).

German manufacturer Smartbook has also put a battery that will keep its 11.6-inch screen lit for about eight hours, after that, you will have to recharge it to have it on. If you don't like what you see on its small screen capable of delivering a 1,366 x 768 resolution, you can always run it through your TV set at home or at the office via its HDMI port. Too bad for the 3G modem, some high-speed Wi-Fi could have been a little more useful, if you ask me. The Germans have lost their competitive spirit, it seems.

PlanetSolar Completed in 13 Months, Debarking in 2011 for World Tour

First solar energy across the globe

You know that a technology has reached its target and broadened its audience when you see something like the boat in the picture to your left. This, my friends, is the PlanetSolar, a boat that took 13 months to build and measures 102 feet in length and 50 feet in width for 24 1/2 feet height. Such dimensions definitely don't make it the largest boat in the world, but surely make the PlanetSolar claim the title of world's largest solar-powered boat.
The official launch of the PlanetSolar, along with all the formalities, will happen in April this year, but the world tour will have to wait until 2011. What I could relate to is that probably in 2011, the ozone layer will thin even more, thus the sun will provide a lot more light, and allow the PlanetSolar to cruise with ease.

The world tour will be the first ever that go around the world with solar energy and wants to provide proof that the society can turn to the all-day shining star out there, turning away from this fossil oil era we live in.
All of this can do nothing but get me happy, as I can see more and more people trying to profit from renewable energy sources. The crew that will take the boat across the globe will share experience with people around the world (it would be a shame if they don't listen to Daft Punk - Around the world). Even more, thanks to their Vllage, the team will be able to live broadcast the experience of a clean and silent navigation, with the sun.

Marketing has to touch all, so mind that you can support the project yourself, by purchasing a numbered postcard in a limited edition. The postcard will do the first world tour with solar energy, aboard the PlanetSolar, before being sent to the address of your choice.

Viliv S10 Blade Tablet PC Now Available for Pre-Order in US

Has a multitouch swiveling screen

Also from the 699 price category, only this time, it's $699 USD, a gadget, which has only now started pre-orders in the U.S although it was seen for the first time at CES. A portable device that can be best described as a Tablet PC. Though it might slip between the papers you carry in your bag, as it is only one inch thick, this swiveling screen PC is quite expensive, especially if you take a close look at all the models that are starting to show up.
Viliv's S10 Blade is a newly made available member of that bunch and comes with features that are common to those of most similar products out there. It has its strengths, regarding the ten-hour battery life, for example, but somehow doesn't manage to convince.

Also in the above mentioned list of features, the 10.1-inch screen of the somewhat lighter 1.21 kg (2.67 lbs.) tablet has multitouch abilities. These abilities include three-finger navigating through the screen with easy gesture controls that the Windows 7 OS supports. It comes with its own stylus so that you can use it even if you gain some extra pounds and your fingers start to look like wieners.

Its maximum supported WXVGA screen resolution is 1,366 x 768 and will let you watch movies in the popular 16:9 format for about seven hours straight. I forgot to mention that the ten-hour autonomy is only achievable if you're reading books or browsing the web.

You might wonder how it can manage to hold on for that long, considering that it has the same Intel Atom processor like the rest of the portables out there. The answer is very simple, as Viliv's S10 Blade uses an SSD hard drive for storage with the maximum capacity of 64 GB. It even supports Wi-Fi, but has an integrated 3G modem as well.

Guppie Multi-Tool Is Built on a Carabiner

Definitely versatile

I have always liked Swiss pocket knives, as most of them feature just about anything one would need when going camping, or when getting stuck somewhere, but I just wanted to point the good side first. As much as I like my Bosch pocket knife, now that I have come across the Guppie multi-tool, I am considering it as a better solution when going in the great outdoors.
This thing was engineered by Columbia River Knife & Tools, and will suit probably anyone in any demanding problem, on the road, on the go or on the mountain, without excluding by the river, just to be friendly with the company name.

As for the tools the Guppie embeds, well, I have quite a long list to mention, so I will start with the adjustable wrench, screw driver with several magnetic heads, the menacing knife, LED flashlight, as well as beer bottle opener that can also open other bottles but will open beers most probably. Slight mention - the adjustable wrench jaw can open to about 12.7mm, thus will suit most repairs and assembly jobs.

According to the guys that designed the Guppie Multi-Tool, namely Launce Barber and Tom Stokes, this pocket tool was engineered so that everything included can be made ready for use in the shortest time possible, right out of the pocket. Speaking of pocket, the Guppie won't just sit in your pocket like that, hidden from all the people - it needs to show off and intimidate - that's why the designers made it with a carabiner architecture so real men can hang it from their belts or belt loops.

Nevertheless, the carabiner can definitely be useful in situations where you need it right at hand, on a rope, backpack or D-ring, without having to reach inside a pocket. Pricing for this one is a mere $39.99.

Vine Linux 5.1 Released

First maintenance release for Vine Linux 5

Daisuke Suzuki announced yesterday, February 25th, the immediate availability of Vine Linux 5.1 ISO images for 32-bit, 64-bit and PowerPC architectures. Vine Linux is a free Linux-based operating system, for the Japanese community. It is designed for both workstations and server machines. The new version of Vine Linux brings only security updates and bug fixes that were announced since the release of Vine Linux 5.0. Therefore, it should be considered a maintenance version, with no new features!

"Vine Linux 5, unlike the commercial version (Vine Linux CR), does not come with any 'supports' - if you face any troubles and problems with Vine Linux, or if you have any questions, a mailing list for Vine Linux users (vine-users ML) would be appropriate. In case you need a 'support' for the Vine Linux, you may buy a commercial support service individually." - was written in the official release notes for Vine Linux 5.

Highlights of Vine Linux 5.1:

· Linux kernel 2.6.27.29;
· X.Org 7.4;
· X Server 1.6.3;
· GNOME 2.26.3;
· Mozilla Firefox 3.5.2;
· Faster and lightweight;
· Reorganized software collection;
· Support for x86_64 (64-bit) platforms;
· Support for PPC (PowerPC) platforms;
· Greatly improved the look and feel;
· Added user-friendly utilities;
· Added DVD/USB installable images.

Minimum System Requirements for Vine Linux 5.1:

For 32-bit edition:

· Pentium 1GHz or higher processor;
· 256MB (Recommend 512MB) system memory;
· 700MB free disk space for minimum install;
· 4GB free disk space for full install.

For 64-bit edition:

· A 64-bit processor (AMD64 or Intel64 architecture CPU);
· 256MB (Recommend 1GB) system memory;
· At least 1GB (Recommend 4GB) free disk space.

Download Vine Linux 5.1 right now

-[Read more>>]- Vine Linux 5.1 Released

Palm Pixi and Pixi Plus See Price Cuts

Pixi goes $49.99, Pixi Plus is free

Palm Pixi is the second mobile phone Sunnyvale-based handset vendor Palm launched on the market with its webOS platform on board, and now it is available for purchase in the US via wireless carrier Sprint, which has just lowered its price tag to $49.99 upon the signing of a two-year contract agreement. And, if that wasn't enough, Pixi Plus, the model available via Verizon Wireless, is also cheaper than before, as Best Buy has just lowered its on-contract price tag to nothing.

The Palm Pixi was launched on Sprint's network late last year, and is the second webOS-based device Palm has brought to the market. Sporting a candybar form factor, with a QWERTY keyboard and touchscreen display, the Palm Pixi was until recently available for purchase from the wireless carrier for $99 on contract, and now those interested in it will only have to pay $49.99 for the device, though a two-year contract agreement with Sprint and a $100 mail-in rebate are still included in the equation.

As for the Palm Pixi Plus, the upgraded model launched in January on the airwaves of Verizon Wireless, it can be purchased from Best Buy for free, with a two-year contract agreement with Big Red. The Palm Pixi Plus on Verizon was already a pretty appealing device, one should agree, especially since the carrier had included it in its ongoing BOGO promotion, through which users can get two devices, each with its own contract, and only pay for one, and now it should attract even more users on its side.

In case there are some looking for more power than what Pixi can deliver, there is always the Palm Pre handset on Sprint, or the Palm Pre Plus model on Verizon. The same as with Pixi Plus, the Pre Plus sports upgraded hardware specs, as well as a very attractive price tag, again at Best Buy. The retailer has it available for only $99.99 with a two-year contract agreement with Verizon, and after instant rebate. Not to mention that this handset is also included in Big Red's BOGO deal, which will bring two units in one's hands for only $149.99 (but with the activation of two contracts).

Twitter's Innovative Ad Platform: 'TweetWords'

Twitter to borrow more than a few cues from Google in its upcoming ad roll-out

Twitter has managed to create quite a bit of hype with its long awaited ad platform. There haven't been any actual details on how the company plans to implement ads on the site but, if you take Twitter's word on it, they will be "fascinating," "non-traditional" and "really cool.” But if the latest leaked details are to be believed, most people wound't use any of the above words to describe them. Then again, most people don't run Twitter.

So what are these mysterious, innovative ads we keep hearing about? Get ready for this, they're search ads. That is to say, ads that show when doing a search on the site. If the concept seems vaguely familiar it's perhaps this little-known startup, Google, has been doing for close to a decade now, with a fair amount of success, in the range of a few tens of billions of dollars each year.

But don't dismiss them out of hand, let's see what they're all about. People 'close to the matter' are telling All Things Digital's Peter Kafka that the ads, for now at least, will only show up in searches. They'll also follow Twitter's model so they'll be limited to 140 characters. The ads will also tap into Twitter's, arguably, biggest asset its API so third-party developers will be able to integrate them in their ads and services and split the revenue with Twitter. Finally, for starters, Twitter will work directly with advertisers and agencies, but as the platform ramps up, it will introduce a self-serve model as well.

Of course, the details are still being worked out so things may change, perhaps dramatically, by the time the ad platform launches, supposedly some time in the first half of the year. But if this is the best that Twitter could come up with, it all feels more than a bit underwhelming. That is not to say that it won't work, it's just that for one of the hottest new-comers of the moment but one behind the long shadow cast by Facebook, something just 'good enough' won't cut it.

Google Adds Location Filter to Search

An underwhelming but great feature

There were two major trends on the web last year, the real-time web and location. Google's got one covered, its real-time search is still adding new sources, and now it’s time to tackle the other. The search engine has introduced a new location filter to its search option enabling you to search for results nearby geographically.

"Location has become an important part of the way we search. If you're a foodie looking for restaurant details, food blogs or the closest farmer's market, location can be vital to helping you find the right information. Starting today, we've added the ability to refine your searches with the 'Nearby' tool in the Search Options panel," Jackie Bavaro, product manager at Google writes.

"One of the really helpful things about this tool is that it works geographically — not just with keywords — so you don't have to worry about adding 'Minneapolis' to your query and missing webpages that only say 'St. Paul' or 'Twin Cities'," she adds.

To search for things near your location, or any location actually, all you have to do is click on Show Options and select "Nearby." This will automatically filter any search you were doing and shows you the results from pages which Google believes are near your location, which is also selected automatically by default.

You can also choose a custom location to filter the results to an even smaller area or to look for things near a place different than your current location. Of course, the option will be more relevant for some searches and less so for others but, depending on your query, the results could alter dramatically and for the better. On first glance, the new feature may look a bit underwhelming, but once people get used to factoring location when doing a search the tool could prove very powerful and very useful. The hardest part, likely, will be to get people to remember to use it.

µTorrent 2.0 Build 18296 Stable

µTorrent is an efficient and feature rich BitTorrent client for Windows sporting a very small footprint. µTorrent was designed to use as little cpu, space and memory as possible while offering all the functionalites expected from advanced clients. With BitTorrent, you can download files faster and contribute by sharing files and bandwidth. Most of the features present in other BitTorrent clients are present in µTorrent, including bandwidth prioritization, scheduling, RSS auto-downloading and Mainline DHT (compatible with BitComet). Additionally, µTorrent supports the Protocol Encryption joint specification (compatible with Azureus 2.4.0.0 and above, BitComet 0.63 and above) and peer exchange. µTorrent was written with efficiency in mind. Unlike many torrent clients, it does not hog valuable system resources - typically using less than 6MB of memory, allowing you to use the computer as if it weren't there at all. Additionally, the program itself is contained within a single executable less than 400 KB in size.

Various icon, toolbar graphic and status icon replacements are available, and creating your own is very simple. µTorrent also has support for localization, and with a language file present, will automatically switch to your system language. If your language isn't available, you can easily add your own, or edit other existing translations to improve them!
The developer puts in a lot of time working on features and making things more user-friendly. Releases only come out when they're ready, with no schedule pressures, so the few bugs that appear are quickly addressed and fixed.

Download : µTorrent 2.0 Build 18296 Stable

Download Accelerator Plus 9.4.0.5 Final

The world's most popular download manager provides faster download speed & greater security.
• Download videos from YouTube, Facebook and more
• See what the leading antivirus apps say about your files
• Choose between IE and Firefox download styles
Download Accelerator Plus (DAP) is the worlds most popular download accelerator, giving you the fastest possible download speeds, with privacy, security, and ease of use. Allows you to download up to 300% faster with increased reliability, resume support and errors recovery. It searches for mirror sites that most effectively serve your downloads through multiserver connections for optimal utilization of dial-up or broadband connections. DAP automatically recovers from shutdowns, lost connections, and other errors.

It is fully integrated into Netscape, Internet Explorer, and Opera, Mozilla/Firefox and offers a toolbar for Internet Explorer with a links catcher and a highlighter, providing the best possible performance from ANY Internet connection (dial-up, cable, DSL / ADSL, T1 etc.), allowing a Faster and more Reliable download experience. It features auto-hang-up after downloading, proxy settings, scheduling, and a unique AlwaysResume service.

DAP is powered by patented multi-channel technology and automated mirror search, and has been recognized for delivering significantly faster download speeds. Come take a look at all the amazing features of DAP. Getting started with DAP is simple. Just install DAP on your computer, download the same way you always have, and watch as your file download speed is significantly improved.

Download : Download Accelerator Plus 9.4.0.5 Final

Norton AntiVirus 2010 17.5.0.127

Symantec's Norton AntiVirus - Winning protection against viruses, spyware, and other malicious threats! Heuristically detects Spyware threats, detects blocks Internet worm attacks, and protects email.

Norton AntiVirus blocks viruses and spyware with advanced protection. It helps protect your entire computer by stopping viruses, spyware, and other security risks. Norton AntiVirus works in the background so you can surf the Internet, read the news, play games, and download software or music without disruption. It also scans and cleans all email and instant messaging (IM) attachments, preventing you from receiving viruses, or spreading them to others. With set-it and forget-it functionality, Norton AntiVirus checks for updates continuously and automatically blocks new and emerging threats from getting on your system. In addition to protection updates, Norton AntiVirus provides new product features as available throughout your service subscription.

Download : Norton AntiVirus 2010 17.5.0.127

Norton Internet Security 2010 17.5.0.127

Norton Internet Security - Strong on protection, light on system resources, award winning!
Norton Internet Security runs quietly in the background to detect and block today's complex threats and to protect your identity when you buy, bank, or browse online. The friendly and efficient product design helps minimize confusing security alerts and system slowdowns that can get in the way of your online experience. Norton Internet Security™ provides essential protection from viruses, hackers, spyware, spam and other privacy threats. A comprehensive set of security tools, Norton internet Security helps keep you safe online as you surf and email, swap files, download programs, and chat. In addition to protecting against viruses and unwelcome intrusions from the internet.

NIS also allows you to automatically block annoying banner ads and pop-up windows, set up parental site blocking options for restricting access to specific Web sites, and selectively determine which, if any, Java applets and ActiveX controls should be allowed to download and execute on your computer. Enjoy the Internet with award-winning protection!

Download : Norton Internet Security 2010 17.5.0.127

PapugLinux 10.1 Has Arrived

Thursday, February 25, 2010

Bringing the Gentoo-based Live CD distro up-to-date

PapugLinux is a lightweight, Gentoo-based distro using the Fluxbox window manager and a number of other applications with an equally small footprint. PapugLinux 10.1 is the first major release in a little over a year and likely the only one for 2010 based on previous release schedules. PapugLinux 10.1 is mostly aimed at bringing the various software components up-to-date, though version numbers aren't, for the most part, the newest ones.

"Version 10.1 is a major release of PapugLinux in term[s] of package update and hardware support. The latest version of X server will allow you to enjoy PapugLinux at the best capacity of your hardware," Sylvain Balbous said in the official announcement.

PapugLinux 10.1 comes with a very short list of default applications installed with just the bare-bone functionality covered. The latest version updates the X-Window server to X.Org-7.4 (the latest stable release is 7.5). Mozilla Firefox 3.5.6 is included as the default web browser, email is handled by Sylpheed 2.6.0. and instant messaging by Pidgin 2.6.3.

For simple office tasks, the AbiWord 2.6.4 word processor and the Gnumeric 1.8.4 spreadsheet editor are also included. On the server side, PapugLinux 10.1 comes with the Apache 2.2.14 web server, the latest version, the Cups 1.3.11 print server and the ProFTP 1.3.2b FTP server.

PapugLinux 10.1 uses the Rox 2.9 file manager/desktop environment with a few customizations for better integration. The distro is designed as a Live CD that should run on even the oldest x86 hardware, but it can also be used as a stand-alone hard drive install.

Note: "User 'papuglinux' is the default operating user, no password is required. System user 'root' can be used by advanced users, the password has been set to 'papuglinux.' If you have 512 MB of RAM, try 'linux copy2ram' as boot option."

	PapugLinux LiveCD 10.1 (ISO) [iso] [279 MB]
	MD5 [md5] [0 KB]

Download PapugLinux 10.1 right now

MSI Expands Lightning Series with Custom HD 5870

Uses military-class components and the Twin Frozr II Thermal design

Not long ago, Micro-Star International expanded its Lightning Series of graphics cards with the new, custom-made R5770 Hawk. Eager to further increase its range of high-end graphics adapters, the company has now revealed that it has completed yet another model in this series, namely the top-tier R5870 Lightning. Essentially an optimized, custom-cooled Radeon HD 5870 adapter, the product comes with top-quality components that increase its stability and endurance, making it ideal for overclocking purposes.

Besides the obvious DirectX 11 support, MSI's latest card has the GPU frequency set at 900 MHz and the 1GB of GDDR5 running at 4800MHz. Such high clocks are possible thanks to the reliability added by military-class components, such as 100% Solid State Choke (SSC), Hi-c CAP for GPU power and gold-plated connectors. In addition, the adapter receives the power it needs to run via what MSI calls “the industry's first 15-phase (13+2) power supply design.” With two 8-pin power connectors, this design can fuel the GPU with over two times more power. This, along with the Proadlizer Capacitor and the use of V-check points, make the new R5870 capable of withstanding significant frequency boosts.

The Hi-c CAP design provides the card with a significant boost in lifespan, the ability to run at lower temperatures and a better transmission efficiency. This added stability is complemented by the Proadlizer capacitor, which can allow very high currents and a more stable power supply. Furthermore, the low ESR ensures lower operating temperatures, leaving it to the Twin Frozr II Thermal Design and SuperPipe Technology to dissipate the remaining heat.

Of course, the high power supply structure and high-end cooler would not have much meaning without matching overclocking features. The new Lightning Series card supports MSI's Afterburner overlocking software, which can tweak both GPU and memory frequencies. This clock-boosting possibility is complemented by the Over Voltage Function of the graphics processor. Finally, the aforementioned V-Check points will allow for current voltage status to be easily obtained when a multi-meter is attached.

PowerColor Tweaks the Radeon HD 5830

Factory overclocked

Once again, the time has come for Advanced Micro Devices to expand its DirectX 11 graphics-card offering. The Sunnyvale, California-based CPU and GPU maker has released the Radeon HD 5830 and, naturally, its partners have immediately followed suite with their own custom models. PowerColor, of course, did not tarry and, as such, has already unwrapped what it calls “the latest HD gaming solution,” namely the PCS+ HD5830. As its name implies, the graphics adapter is a modified version of the ATI Radeon HD 5830. It has modified clocks and “a superior silent and efficient cooling solution.”

The PCS+ HD5830 has 1,120 stream processors, 1GB of GDDR5 memory, a memory bandwidth of 256 bits and support for the ATI Eyefinity and CrossFireX technologies. These specifications are the same as those of the stock model, but PowerColor's card comes with a slight boost to both the memory and GPU frequencies. More specifically, the graphics processor runs at 825MHz instead of the reference 800MHz, whereas the memory operates at 4200MHz instead of 4000Mhz.

In order to enable triple-display scenarios, the video card is designed with an HDMI, a DVI and a DisplayPort output. The adapter also features the company's own silent and efficient cooling mechanism that can not only keep temperatures low, but can do so while not needing the fan to operate at high speeds. This is possible because the heatsink's copper base and four heatpipes dissipate heat very well, removing the need for high numbers of rotations per minute. As such, the 92mm fan operates at low-noise levels.

“The PCS+ HD5830 fits a void in the market,” Ted Chen, CEO of TUL Corporation, said. “With right price segment and immersive gaming performance, the PCS+ HD5830 is ready to tackle all the critical gamers’ need for a HD gaming experience.” The PowerColor PCSS+ HD5830 graphics card has yet to become available, but, when it does, its price shouldn't be much higher than the reference card's US$239 tag.

AMD Radeon HD 5830 Makes a Debut

Lowest-performance Cypress-card on the market

Sunnyvale, California-based Advanced Micro Devices announced today the launch of its latest graphics card, part of the outfit's Radeon HD 5800-series, namely the Radeon HD 5830. Designed to provide consumers with a high-performance 5000-series graphics card, the new GPU comes as scaled down version of the 5850, consequently becoming the lowest-performance card in the Cypress family of GPUs. The SEP for the new card, according to the chip maker, is set at US$239.

“The ATI Radeon HD 5830 graphics card makes enthusiast-level performance even more accessible to gamers, adding another compelling choice to the award-winning ATI Radeon HD 5800 series,” said Matt Skynner, vice president and general manager, AMD Graphics Division. “Cutting-edge features such as full DirectX 11 support, ATI Eyefinity multi-display capabilities and ATI Stream technology position the ATI Radeon HD 5830 graphics card to become a favorite with the gaming community.”

The new card has been featured with 2.15 billion 40nm transistors, 1120 Stream Processing Units, 56 Texture units and 16 ROP units. The card comes with a core speed of 800MHz and has processing power of 1.792 TeraFLOPS (single precision) and 358 GigaFLOPS (double precision). As the other HD 5800-series graphics cards from AMD's current lineup, the new card will integrate GDDR5 memory and provide support for DirectX 11, Shader Model 5.0 and OpenGL 3.2. Designed for high-end gaming, the new card will deliver support for the proprietary ATI Eyefinity multi-display technology.

The Radeon HD 5830 could end-up as the last of the Radeon HD 5000 series, with AMD now having to wait until NVIDIA unveils its much anticipated Fermi-based GeForce cards. Set to be released on March 26, the new Fermi cards are expected to deliver a considerable performance boost, compared to AMD's current offering. However, AMD still has an advantage, being the first company to deliver hardware support for DirectX 11.

Aperture 3.0.1 Fixes Tons of Issues

Software Update

Via its Downloads area, Apple is informing Aperture 3 users that a new update is available to fix all the user-reported issues following the major 3.0 release. The Mac maker claims, “This update improves overall stability and addresses a number of issues in Aperture 3.” A lengthy list of such fixes is provided on the company’s Support section.

Posted yesterday, and weighing in at 29.41MB, Aperture 3.0.1 fixes issues in the following areas, Apple says, asking users to note that this update is recommended for all Aperture 3 customers:

- Upgrading libraries from earlier versions of Aperture;
- Importing libraries from iPhoto;
- Importing photos directly from a camera;
- Memory usage when processing heavily-retouched photos;
- Face recognition processing;
- Adding undetected faces using the Add Missing Face button;
- Printing pages containing multiple images;
- Printing photos and contact sheets with borders and metadata;
- Editing photos using an external editor;
- Display of images with Definition and Straighten adjustments applied;
- Zooming photos in the Viewer and in the Loupe using keyboard shortcuts;
- Accessing Aperture libraries on a network volume Selecting and moving pins on the Places map;
- Adding and editing custom locations using the Manage My Places window;
- Switching between masters when working with RAW+JPEG pairs.

However, this is just scratching the surface, as far as Aperture 3 issues are concerned. Elsewhere on the Mac maker’s website, it is revealed that many more tweaks have been made via this update. A support document entitled “Aperture 3.0.1: Release notes” says, “Aperture 3.0.1 is an update for Aperture 3 which is a paid upgrade to Aperture with over 200 new features.” The company adds, “If you are upgrading your Aperture library from an earlier version of Aperture, here are some guidelines to assist you in a successful move to Aperture 3,” assisting users in any way it can.

Apple Launches iPhone SDK 3.2 Beta 3

Includes support for converting existing apps to work with iPad

Reports confirm that Apple has updated the iPad development tools to version 3.2 Beta 3, which allows developers to easily update existing iPhone projects to include the necessary files to support iPads. This will make it easier to develop and submit universal apps, sources inform.

Minutes after it was available for download, the third beta of the iPad SDK was pulled without explanation, AppleInsider reported yesterday. Soon after, Gizmodo’s readers were able to confirm that the download was again available.

On the topic of app conversion for iPads, AppleInsider reported that the third beta for the iPad operating system allowed "existing iPhone projects to include the necessary files to support" the iPad. Although released to developers under a non-disclosure agreement on Tuesday afternoon, a Photos.app walkthrough with the iPhone OS 3.2 SDK Beta 3 iPad simulator surfaced on the web.

"iPhone Developer Program Members can start developing the next generation of innovative applications for iPad with iPhone SDK 3.2 beta, now available in the iPhone Dev Center," Apple informed devs on January 27, via its iPhone Dev Center. "The iPhone Dev Center also provides members with additional resources including the iPad Programming Guide, iPad Human Interface Guidelines, Preparing Universal Applications, and sample code," the company behind the Mac OS said.

For developers still working with the iPhone and iPod touch, iPhone SDK 3.1.3 is the latest version available. The kit is aimed solely at iPhone and iPod touch development, and delivers support for targeting non-Mac OS X platforms (including iPhone OS SDK; GCC 4.2 & LLVM GCC 4.2 optional compilers for use with Mac OS X 10.5 SDK), updated assistants (to create new projects, targets, and source files), integrated SCM support working with Subversion 1.5, and more.

While iPhone Developer Program Members can develop iPad applications with iPhone SDK 3.2 beta, free registered iPhone Developers can access iPhone SDK 3.1.3 for developing iPhone and iPod touch applications.

Next Call of Duty Seems Headed for Vietnam

Wednesday, February 24, 2010

Casting call confirmation

It now seems pretty clear that Call of Duty developed by Treyarch, which should be released by Activision during the fall of 2010, will be set in Vietnam. A casting call published by a Los Angeles-based company talks about the main character of the upcoming game, Frank Barnes, who is described as being a part of Military Assistance Command, Vietnam – Studies and Observations Group.

He is further described as “a fiercely patriotic veteran of WW2… A solid leader, possessed with an excellent ability to assess and respond to any situation quickly and decisively.”

The casting call refers to both voice work and motion capture for the character and also talks about another three important faces players will encounter in the next Call of Duty: Joseph Lewis, who is 20 years old and described as “very physically fit” and black; Jason Hudson, who has “over 15 years of military experience, making him an excellent tactician and mission co-coordinator” and is about 30; Kristina Ivanova, a CIA spook born in Russia and a person who is “calm to the point of being cold and detached”.

It appears that the title set in Vietnam will stray away from the idea of the normal soldier part of a normal company who does extraordinary things, which was very clearly presented in Call of Duty: World at War.

The focus on a guy who is part of Military Assistance Command, Vietnam – Studies and Observations Group opens up a variety of possibilities, as the group was mainly involved in reconnaissance deep behind enemy lines, rescue operations targeting high level prisoners and psychological warfare operations that aimed to reduce the will to fight of the North Vietnamese troops.

As always, Activision is not commenting on the next Call of Duty but the casting call is pretty clear in its details and fans can look forward to going through the jungle in the next game.

Warner Bros. Gets Majority Stake in Batman Developer Rocksteady

Ready for more Dark Knight

Warner Bros. Home Entertainment Group has announced that it has taken over developer Rocksteady Studios, the creators of the Arkham Asylum Batman-themed videogame. It was very well received when it was released in 2009, managing to capture the essence of the comic book character while delivering a mix of combat and adventure that made it one of the highest reviewed titles of the year. Warner Bros. now has a majority stake in the developer and the move is part of a strategy to bring high-profile game development in house.

Jamie Walker, who is the studio director at Rocksteady Studios, stated that “We are proud to strengthen our association with WBIE, a world class publisher that we have enjoyed working with since we began developing Batman: Arkham Asylum.”

Martin Tremblay, the president of Warner Bros. Interactive Entertainment, said that “With the successful release of Batman: Arkham Asylum, a franchise that is a key focus for Warner Bros., Rocksteady has proven that they have the expertise to create hit games with mass appeal. We are currently working with Rocksteady on the sequel to Batman: Arkham Asylum and look forward to bringing the continuation of the franchise to fans worldwide.”

At the moment, Rocksteady is working on Batman: Arkham Asylum 2, a game shown only in a short trailer at the VGA ceremony. It seems that again players will need to round up the various inmates of the institution but somewhere in the middle of Gotham City.

Warner Bros. began its acquisition strategy with TT Games, which is best known for creating the LEGO-based titles involving well known characters like Batman, Indiana Jones or the cast of Star Wars. The entertainment company also picked up Snowblind Studios, now tasked with developing a new videogame based on The Lord of the Rings. The most recent acquisition is Midway Games that brought with it the Mortal Kombat franchise and two studios.

Stargate Worlds MMO in Trouble

As developer declares bankruptcy

Cheyenne Mountain, the developer of Stargate Worlds, has filed for bankruptcy as shareholders in the company also filed legal action against the former chairman and the Chief Executive Officer of the company alleging that they did not act in the best interest of the business.

An official statement posted on the Stargate Worlds forum reads “Cheyenne Mountain’s corporate structure has undergone some dramatic changes in the last few weeks, and that has resulted in various actions such as the filing for Chapter 11.”

The hope seems to be that the bankruptcy procedure will not lead to the closure of the development studio but will allow for all the financial issues to “be sorted out in the legal and proper manner, and all of us on the development side of things hope it’s done as quickly as possible” so that work can continue on the Stargate MMO.

It appears that one of the main problems Cheyenne faces is linked with Garvick Properties, a company owned by ex-chairman Gary Whiting, who did not honor some payment obligations and forced the default on debt.

Cheyenne was born in 2005 with the stated aim of capitalizing on the popularity of the Stargate intellectual property and planned an ambitious MMO project that would allow the player to take on the role of a team member who explores far flung worlds and takes on the various enemies of humanity. Development went along pretty slowly with the company needing three years to secure full funding for its project.

The studio also created and released a third person shooter called Stargate Resistance, hoping the revenue derived from it would be enough to fund the creation of the more ambitious MMO project. It's not clear whether the MMO will ever be delivered to gamers, considering the financial issues at the company and the slow pace of the project, which did not manage to come out when the Stargate television series was at its peak.

Atlona Shows Off HDMI to Mini DisplayPort Converter

Designed for Xbox 360, PSE, Blu-ray players and other HDMI devices

Atlona has a history of offering a variety of connectivity solutions, especially signal converters, one of the latest being a USB-powered 1080p VGA to HDMI adapter. The company has also been selling a DVI to Mini DisplayPort converter known as the DP200. Most recently, Atlona has launched a modified version of this device, which will be responsible with converting HDMI signals and output them via a Mini DisplayPort output, for display on 27-inch iMacs and LED Cinema Displays.

Among the devices whose signals will be convertible via the DP200HD are Xbox 360 consoles, PS3s, Blu-ray players and other devices with HDMi outputs. The only limitation encountered in the actual conversion process is not so much a problem with the converter as it is a hardware limitation of the 27-inch iMac.

Such systems only support 800x 600, 1280 x 720 or 2560 x 1440 resolutions, whereas the Atlona HMDI to Mini DisplayPort converter is limited to single-link 1920x1200 and, thus, cannot display in 2560x1440. This makes the next resolution down the list, namely the 720p, the maximum at which video can be transmitted.

The device is USB-powered, uses true pixel to pixel signals and is HDCP-ready, which allows it to play copy-protected material. In addition, being hardware-based, the converter will not have any issues with the iMac's operating system, even if Apple updates it. Furthermore, Atlona's DP200HD will work with any HDMI device capable of 720p resolutions and uses the Re-clocking technology to ensure that the signal has the same quality it had before entering the converter.

Atlona tested the product on all Apple DVI-based computers, as well as AppleTV devices, PS3s, the Xbox 360, Blu-ray players, DirectTv and Dish Network boxes and even Comcast Cable boxes. The product has already been made available and comes with a price tag of roughly $150.

Nokia Announces Finalists for “PUSH N900 MOD IN THE USA”

The top three finalists have been selected

Finnish mobile phone maker Nokia announced a while ago the launch of a Nokia “PUSH N900 MOD IN THE USA” competition for those who are interested in modifying a Nokia N900 handset into something else, and now it unveiled the selected top three finalists of the contest. According to the company, these finalists will have the chance to compete for up to USD 10,000 in prizes while also being able to bring their ideas to life.

At the same time, Nokia also says that there have been a lot of ideas included in the competition, as “numerous creative proposals” were displayed for morphing “Nokia’s powerful new Nokia N900 mobile computer into something new.” The new competition was kicked off following the great success the global PUSH N900 competition held back in October 2009 registered.

“A panel of Nokia N900 and Maemo experts selected Niko, the Pit Crew and Bike Dashboard as the top three finalists. These three teams will now go on to build their proposed mods and then send a representative to CTIA Wireless in Las Vegas, where they will present their creations to a judging panel of industry experts for a chance to win top honors,” a recent post on Nokia Press Bulletin Board notes.

Niko the Robot puts together the N900 with Lego NXT and creates a robot that has the handset as its brain. The robot can be commanded via twitter, and it can send info on the area around it, as well as photos taken with N900's camera. The Pit Crew aims at making the N900 the brain behind a slot car and compete with it against humans.

“Bike Dashboard is an interesting idea too as it utilizes several different features of the Nokia N900. From the GPS to the camera, the team believes they can turn the Nokia N900 into a car-like dashboard. Showing a speedometer, odometer, mapping your route with GPS and even providing a car horn, this app might be everything a cyclist needs,” the post notes. Additional details on the PUSH N900 MOD IN THE USA finalists can be found here.

Sprint Announces Extended Buy-Back Program

For all new and existing customers
Wireless carrier Sprint Nextel announced on Tuesday the launch of an extended buy-back program for wireless devices. According to the company's CEO Dan Hesse, the carrier aims at boosting U.S. wireless recycling rates, and offers instant point-of-sale credit to all new and existing Sprint users who will come up with up to three eligible wireless devices, regardless the manufacturer or carrier. Those interested in the offer can go with the handsets to more than 1,000 Sprint-owned retail stores in the US, and can receive credit ranging from $5 to up to $300, depending on the model they bring in.

“The new Sprint Buyback program will allow customers to take advantage of the current value of their unused cell phones and will reduce the number of wireless devices that end up in landfills,” said Dan Hesse, Sprint CEO. “The Buyback program is another step to help us reach our ambitious goal to recover and recycle the equivalent of 90 percent of the handsets we sell by 2017. We look forward to continuously increasing our collection rates with the support of customers through the Buyback program and all of our sustainability initiatives.”

According to Sprint, the new national Buyback program is meant to offer a financial incentive to all existing and new Sprint users, willing to trade eligible devices. There are a wide range of devices that should qualify for the program, the carrier notes, adding that those who do not qualify can be donated to Sprint Project Connect, a free recycling service that accepts all used devices, as well as batteries, accessories and data cards. The carrier also notes that its wireless reuse and recycling programs have generated more than $7 million in charitable contributions.

Sprint’s newly announced program also includes:
- Instant account credit at any of Sprint’s more than 1,000 retail stores for existing and new customers who turn in up to three used devices when activating or upgrading a Sprint phone.
- 24/7 online access to sprintbuyback.com, where current and new subscribers can find the program terms and conditions, determine device eligibility for credit, estimate current market value, download free postage-paid labels, and access guidelines for deleting personal data prior to mail-in.
- For every one device purchased, up to three eligible devices may be returned to Sprint for an account credit, per 12 months. The exact account credit is based on the model and the price in place at the time the old phone is turned in. Current credit amounts are listed on the “Eligible Phone Models” tab of the program Web site.

Software Update 1.3.18 Available for Motorola CLIQ

With nice enhancements, no Android 2.1

Mobile phone maker Motorola has just released a new software update for one of its Android-based handsets on the market, the Motorola CLIQ, namely firmware version 1.3.18. According to the company, those who will download and install the solution, which comes over-the-air, will enjoy a nice range of enhancements, but no Android 2.1 this time. However, the upgrade to the new operating system flavor will arrive on the handset soon, just sit back and wait for it.

“The 1.3.18 software update for Motorola CLIQ provides improvements to the Motorola CLIQ's battery life, touch screen sensitivity, GPS performance, and other functions outlined below. For optimal performance, we encourage you to download and install this latest software update. In addition to this interim update, it was recently announced that CLIQ users can expect to see a software upgrade to Android 2.1 at a later date. We will share further details on the timing of the release as they are available,” Motorola notes on its website.

Among the improvements the new 1.3.18 software update for CLIQ comes around with, we can count enhanced battery performance, increased touch screen sensitivity and responsiveness of the device, audio routing fixes (“prevents spontaneous speakerphone activations during calls and the random occurrence of music playback through the earpiece instead of appropriate external speakers”), enhanced user interface performance, faster GPS performance and improved stability, as well as more media formats supported, including .WMA and .WAV Windows media files.

Other enhancements included in the update would be:
Bluetooth Improvements - Allows a Bluetooth car kit to sync to your device so your car kit can display the names of incoming callers, download phone book contacts so calls can be made from the car kit display and allows you to view the call history list from the car kit display.
- Listen to visual voicemail over Bluetooth.
SIM Card Management - Import, export or delete contacts individually or in groups.
The Latest Versions of Google Applications - Updated GMS application provides access to the latest versions of Google apps like Maps, Talk, YouTube, Market and more.
Updated Quickoffice - Read, edit or create Microsoft Office documents with the latest, preloaded version of Quickoffice

Before proceeding with the installation of the new software update for Motorola CLIQ, one should also consider performing a backup of all data on the device, including contacts, messages, personal files and more, so as to make sure they are not lost during the installation. According to Motorola, users should also make sure the battery in the phone is fully charged, and, in case they have problems with the installation, they should head over to T-Mobile for support. The Android 2.1 update for CLIQ should arrive soon too, so stay tuned for additional info on the matter.

openSUSE 11.3 Milestone 2 Has Linux Kernel 2.6.33 and KDE SC 4.4

Monday, February 22, 2010

Codename Rousseau

The openSUSE development team, through Henne Vogelsang, announced last evening (February 17th) the immediate availability for testing of the openSUSE 11.3 Milestone 2 operating system. In the new release, we can find bleeding-edge components, such as Linux kernel 2.6.33, KDE Software Compilation 4.4.0, GNOME 2.30 Beta 1, OpenOffice.org 3.2.0, lots of improvements over the first milestone release, and many bugs squashed! As usual, Live CDs with KDE SC 4.4 and GNOME 2.30 Beta are available for everyone who wants to test the new development release of the upcoming openSUSE 11.3 (see download link at the end of the article).

"Late last month we released the first milestone of openSUSE 11.3, now we follow up with the second. Milestone 2 is part of the milestones where we track new releases in the open source universe and test the building of our various distribution images with them. [...] We are also preparing everything to switch to GCC 4.5.0 as the default compiler. Currently our staging version of Factory already builds with it and our compiler people document/fix the most serious issues, they aim at milestone 3 for the switch." - was stated in the official release announcement.

Highlights of openSUSE 11.3 Milestone 2:

· Linux kernel 2.6.33;
· GNOME 2.29.90;
· KDE SC 4.4.0;
· OpenOffice.org 3.2.0.5;
· Digikam 1.1.0;
· VirtualBox OSE 3.1.4;
· Ghostscript 8.70;
· HWinfo 16.12;
· GnuTLS 2.8.5;
· Libgphoto2 2.4.8;
· NetworkManager 0.7.999;
· ModemManager 0.3;
· aria2 1.8.1;
· fetchmail 6.3.14;
· Mono 2.6;
· MonoDevelop 2.2;
· bootchart 2.0.0.9;
· kiwi 4.16;
· GCC 4.5.0.

Testers should be aware of some known major bugs in openSUSE 11.3 Milestone 2, for example: libjpeg7 is not available as a 32-bit package, which will probably crash some third-party applications; it is impossible to save date in GNOME Keyring; the autologin function is broken in the KDE Live CD.

The openSUSE 11.3 Release Schedule:

February 1st - openSUSE 11.3 Milestone 1
February 18th - openSUSE 11.3 Milestone 2
March 4th - openSUSE 11.3 Milestone 3
March 25th - openSUSE 11.3 Milestone 4
April 9th - openSUSE 11.3 Milestone 5
April 22nd - openSUSE 11.3 Milestone 6
May 21st - openSUSE 11.3 Milestone 7
June 17th - openSUSE 11.3 RC1
July 1st - openSUSE 11.3 RC2
July 15th - openSUSE 11.3 Final release

As you can notice from the release schedule above, the public release of openSUSE 11.3 should be available sometime in mid-July, and the Gold Master should be ready one week earlier.

Download openSUSE 11.3 Milestone 2 right now

	openSUSE Linux 11.2 i586 DVD (torrent) [torrent1] [4.20 GB]
	openSUSE Linux 11.2 x86_64 DVD (torrent) [torrent2] [4.30 GB]
	openSUSE Linux 11.2 Net Install CD i586 (ISO) [iso] [189 MB]
	openSUSE Linux 11.2 Net Install CD x86_64 (ISO) [iso] [147 MB]
	openSUSE Linux 11.2 i586 Addon-Lang (ISO) [iso] [652 MB]
	openSUSE Linux 11.2 x86_64 Addon-Lang (ISO) [iso] [652 MB]
	openSUSE Linux 11.3 Milestone 2 (ISO) KDE x86 [iso] [676 MB]
	openSUSE Linux 11.3 Milestone 2 (ISO) KDE x86_64 [iso] [691 MB]
	openSUSE Linux 11.3 Milestone 2 (ISO) GNOME x86 [iso] [659 MB]
	openSUSE Linux 11.3 Milestone 2 (ISO) GNOME x86_64 [iso] [659 MB]

Remember that this is a development release and it should NOT be installed on production machines. It is intended to be used for testing purposes only. Please report bugs to the official openSUSE Bug Tracker.

NVIDIA's Fermi-Based GTX 480 Gets Listed

With multiple tessellation units

There has been much anticipation surrounding the upcoming DirectX 11-capable cards from NVIDIA, but the products were delayed so many times that some end-users might actually no longer be surprised at hearing that the cards were delayed yet again. In a more surprising turn of events, however, one of these upcoming graphics adapters, namely the GeForce GTX 480, is now being listed on SabrePC, showing that, this once, NVIDIA might actually deliver the new cards on time.

Seeing how NVIDIA made end-users wait for its products for such a long time, the general expectation is that, for NVIDIA to score massively and regain the ground it lost while AMD exclusively sold DirectX 11 cards, the Fermi-enabled devices would have to be superior in all ways to existing products.

Unfortunately, the listing does not exactly provide sufficient information on the product specifications in order to establish whether or not the card does meet these standards. The specs that are revealed, however, show 512 CUDA cores (shader units), no less than 2GB of GDDR5 memory with an interface of 384 bits and a number of tessellation units.

This card is expected to be launched by NVIDIA along with a lower cost version during the last part of this quarter. The insufficiently detailed XFX card is, currently, bearing a price tag of $699 before a 20$ rebate. Unfortunately, the site does not mention any ETA, although the simple fact that the card is listed seems to imply that, this time around at least, NVIDIA will get the card out on the intended date.

The latest rumors concerning Fermi availability imply that, while NVIDIA might officially introduce its cards during the first quarter of its Fiscal Year 2011, actual mass availability won't come before Q2. What is left is to wait for the devices to actually launch and see just how well they fare in benchmark tests against AMD's own products.

Memory-Resident Malware Infects Routers

The rise of the Chuck Norris botnet

Czech security researchers warn of a worm-like piece of malware infecting Linux-based routers, DLS modems and other embedded devices. The infected devices form a botnet capable of launching Distributed Denial of Service (DDoS) attacks.

According to a report from Computerworld, the researchers have named the worm Chuck Norris, after a comment found in the malware code, which reads, "In nome di Chuck Norris," Italian for "in the name of Chuck Norris." Jan Vykopal, the head of the network security department with Masaryk University's Institute of Computer Science in Brno, the Czech Republic, explains that poorly configured devices are specifically at risk of being infected with this new threat.

According to Mr. Vykopal, the worm is resident in memory and does not survive hardware reboots. But this is unlikely to make much of a difference to the botnet, since networking devices are rarely restarted and, even if one is, it would get reinfected shortly afterwards.

The worm employs several propagation techniques including brute force attacks and exploiting vulnerabilities. Infected devices scan both the internal networks and the Internet for other potential targets and attempts to log into their administrative interface using the default credentials.

It is a well-known fact that a lot of people, particularly home users, fail to change the default passwords for their routers or cable modems. Last year, researchers from the Intrusion Detection Systems Lab at the Columbia University estimated that as many as six million vulnerable embedded network devices were connected to the Internet. Their study revealed that 41.62% of such devices were running on factory settings.

But, sometimes, ISPs are to blame just as much as home users. Back in October, we reported that Time Warner had mass-deployed tens of thousands of insecure routers to its customers. Not only that, but their set-ups also prevented users from securing the devices on their own.

According to the experts, the "Chuck Norris" botnet comprises MIPS-based devices spread across the globe, from routers to TV receivers. The army of zombie embedded systems is controlled from IRC and has crippling Denial of Service capabilities. The infected devices can also be commanded to replace the default DNS servers with some under the attacker's control.

A router-based botnet is rare, but not unprecedented. Last year in March, the team at DroneBL discovered a similar threat, which reached 80,000 clients before being destroyed by its maker. Given the striking similarities between the two, they might even be related.

Win a Custom Color MacBook Pro and Office 2008 for Mac

Microsoft Office for Mac loved the Mac community since way back

If you’re a fan of Microsoft’s software and Apple’s hardware, the contest we’re here to tell you about should interest you. The company behind the Windows operating system has announced a race to win a custom-painted MacBook Pro + a copy of Microsoft Office 2008 for Mac.

Although not very straightforward, the announcement goes:

“Enter to Win a Custom-Color MacBook Pro and Office 2008 for Mac. Microsoft Office for Mac loved the Mac community since way back when. What's the perfect gift for a long-term commitment? How about a chance to win a custom-color, 2.53GHz MacBook Pro? Winners will also get a copy of Office 2008 for Mac.”

According to Microsoft, there are two ways to enter the sweepstakes. Contestants can either follow @officeformac, or retweet @OfficeforMac and include the hashtag #officeformac. Microsoft says that only one retweet will be counted per person. Whether or not you win, the company wishes contestants the best of luck, and says that, “Office for Mac loves you no matter what.”

According to a commenter over at The Unofficial Apple Weblog (TUAW), the MacBook Pro artwork on the respective site matches the one on ColorWare's website. By looking closely, readers will notice that this observation is pretty accurate, which makes Microsoft lame, adding that the colors aren’t all that attractive to begin with.

Windows vs. Rootkits

Sunday, February 21, 2010

The root(kit) of all evil

The recent MS10-015 incident, related to BSODs and rootkit infections, got me thinking about a time, not so long ago, when Microsoft had to fight with security companies in order actually secure Windows. I know of no other example of a company doing valid work to bulletproof their software only to be accused by prominent members of the security industry that it was actually making its products less secure. But such is Microsoft and the Windows ecosystem, full of paradoxes. Some three years back, the Redmond company had to fight its way amidst accusations fueling the perspective that Windows and user security were not intersecting concepts in a PR face-off, just to add mitigations to its OS to prevent rootkit infections. The kind of mitigation that safeguards PCs against Alureon, and other rootkits.

Sometimes, all it takes is an apparently insignificant piece of malware for customers to lose their sensitive information via credit card data theft, or get their identities stolen, to have their compromised PCs turned into zombie computers and harvested for botnets, or to find their machine completely useless. Just ask the Windows users recently infected with the Alureon rootkit. As soon as they deployed Microsoft Security Bulletin MS10-015 (KB977165) released this month, they threw their PCs in an unbootable state and were confronted with frustrating Blue Screen of Death errors. And this is the least of their problems, as they should run to check their bank accounts for disappearing money.

I say ‘apparently insignificant’ because, ahead of MS10-015, the Alureon rootkit infections had little visibility. And for all the right reasons, as the last thing that the authors of Alureon wanted was any sort of attention. They were more than content with their malicious code running in the background and harvesting sensitive information from customers. After all, Win32/Alureon is a family of data-stealing trojans.

“These trojans allow an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. The Win32/Alureon trojan may also allow an attacker to transmit malicious data to the infected computer. The trojan may modify DNS settings on the host computer to enable the attacker to perform these tasks. Therefore it may be necessary to reconfigure DNS settings after the trojan is removed from the computer,” Microsoft explains.

PatchGuard in 64-bit (x64) Windows Vista

At the start of 2006, when Windows Vista was launched, 32-bit (x86) architectures were prevalent by far, with 64-bit (x64) still considered exceptions in consumer computing. Vista was the first client OS from Microsoft to truly bet on x64 CPUs becoming mainstream in the near future, and the 64-bit flavor of the platform was more evolved than the 32-bit version. Among the extra technologies that it packed was a “small thing” called PatchGuard, or Kernel Patch Protection, and the detail that got Symantec, McAfee and other security vendors all fired up.

Here is what Symantec’s Oliver Friedrichs said at the time: “I have to say that it is not surprising to see that Microsoft is countering the claims (that Symantec, McAfee, and others are making) that Windows Vista will hinder innovation, while putting consumers at risk.” (emphasis added)

“(…) The security industry is very concerned that the decisions being made with 64-bit Windows will, in turn, result in a less secure platform. They will directly impact the development of new security technologies, and Microsoft themselves will lose out, due to an insecure platform. Security ISVs who deliver advanced behavior blocking and tamper-resistant security technologies all agree that this issue must be addressed,” he added. (emphasis added)

The explanation was also made available: “PatchGuard prevents anyone (with the exception of Microsoft) from tampering with, extending, enhancing, and protecting the Windows Vista kernel. It does this by detecting when a driver, or other code running inside the kernel, attempts to add this extended functionality. It monitors key system structures, one in particular being the System Service Dispatch Table (SSDT). When it detects a modification to this table, it results in a blue screen of death (BSOD), with the belief that malicious code may have tampered with the kernel. It is important to note that there are both legitimate, as well as malicious reasons for an application to modify this table.”

“The SSDT is frequently used by many software vendors in existing versions of Microsoft Windows to extend the kernel in order to protect users. Entire classes of security technologies, behavior blocking for one, rely on this much needed capability. The SSDT allows security vendors to monitor System Services, which are the fundamental functions in Windows that applications need to do their work. There are over 400 System Service calls. Each of these provide a specific function; whether it is to access the registry, access files, add a user to the system, or reboot the computer. By monitoring System Services, security technologies can monitor the behavior of both good and bad applications running on a system,” Friedrichs explained.

The accusations exchanged between Microsoft and some security companies escalated to the point in which the European Antitrust Commission felt the need to step in and ask the Redmond company to remove PatchGuard. Microsoft refused. The software giant instead chose to work with Symantec, McAfee and others to provide APIs (application programming interfaces) to compensate the fact that the Windows Kernel was now locked and could no longer be patched.

However, this was not a conspiracy of the members of the security industry. While they were quick to form an anti-PatchGuard group, security vendors were essentially interested in selling their products and nothing more. Symantec was trying to pressure Microsoft into providing APIs that would allow its security products to deliver similar functionality to System Services monitoring patches. But Symantec simply went too far claiming that Microsoft was opening 64-bit Vista to attackers, when in fact it was securing the OS.

Jim Allchin, co-president, Platforms & Services Division, responded in October 2006. “Contrary to some media reports, Microsoft will not weaken the security of 64-bit Windows by enabling some applications to modify the kernel of the operating system.
“We have applied our no-exceptions policy against kernel patching to Microsoft applications as well as third party applications, consistent with our Windows Principles. No application can bypass or weaken Kernel Patch Protection—this is essential to improving security and reliability for you. Note that many third-party security companies provide highly competitive products without modifying the Windows kernel in unsupported ways.

“For legitimate third-party applications that have intentionally patched the 32-bit Windows kernel in unsupported ways, Microsoft will continue to work with these third-parties to identify, prioritize, design and develop new interfaces for 64-bit Windows that will help their applications perform needed tasks, without directly modifying, bypassing or weakening Kernel Patch Protection. We have already begun discussions with the engineering teams of major third-party security vendors about the functionality they are seeking.”

The root(kit) of all evils
Fast forward three years. Microsoft releases a patch for a 17-year-old vulnerability in Windows that crashes computers infected with the Alureon. Infected are mostly 32-bit copies of Windows XP that do not feature PatchGuard. In fact, the Redmond company informs that no 64-bit copies of Windows, be them Vista or Windows 7, had been compromised by Alureon. The rootkit can’t get past PatchGuard. Microsoft went ahead and, after it pulled MS10-015 from Automatic Updates, started the distribution of the patch for x64 Windows via AU once again.

“Microsoft has taken steps to deter tampering with the Windows Kernel using technologies like Kernel Patch Protection (sometimes referred to as PatchGuard) and Kernel Mode Code Signing (KMCS), both of which are enabled in 64-bit systems. These technologies make it possible to detect when integrity checks fail. The different versions of Alureon that we have investigated only infect 32-bit systems and would fail to infect 64-bit systems. That said, it is important to note that running as a standard user instead of using an administrator account is a best practice that in most cases will prevent kernel mode malware from infecting a system. Similarly, keeping anti-virus signatures current will also prevent most malware from infections. Additionally, since we have determined that 64-bit systems are not affected, we are opening Automatic Updates for these platforms,” Mike Reavey, director, MSRC, said.

“Alureon has existed for several years and has undergone a number of evolutionary changes. The ability to ‘infect’ the miniport driver associated with the hard disk of the operating system is a recent notable change. This functionality first appeared around August 2009. For the most common system configuration (for machines using ATA hard disk drives), the ATA miniport driver ‘atapi.sys’ is the file which is targeted,” Microsoft’s Scott Molenkamp stated.

“While the concept of modifying Windows system files as part of an installation method is not new, it is not a common approach. The file modification performed by Alureon overwrites the data in the target driver’s resource section with its own code. The entry point of the driver is modified to point to this code. By doing so, the malicious code is executed when the driver is loaded by the operating system. (Note that this infection method is mitigated on the 64-bit versions of Windows from XP SP1 onwards because of a technology called Kernel Patch Protection (‘PatchGuard’)),” he added.

Microsoft is currently cooking a solution that will detect and remove the Alureon rootkit from infected computers. It is important to underline that users of 64-bit Windows Vista and Windows 7 benefitted from the additional protection offered by PatchGuard, which locked the kernel to Alureon infections. Critics have pointed out that Kernel Patch Protection can be bypassed by attackers and malware, with several circumventing methods already documented in the wild as early as 2006.

Yes, this is completely true. Nowhere does Microsoft claim that PatchGuard is an impenetrable security barrier. But an attacker or a piece of malicious code attempting to own a 64-bit Windows 7 machine for example won’t have just PatchGuard standing in its way, but also User Account Control, IE Protect Mode, Data Execution Prevention (DEP), Address space layout randomization (ASLR), etc. It is the combination of all these security mitigations that contributes to making Windows 7 secure, the sum of security elements and not a single silver-bullet solution.

Security and hypocrisy

It’s not about the truth; it’s about how you market it and how it is interpreted by end users. At the start of this year, the all-praised IT giant that coined a synonym for Internet search after its own brand decided to drop support for Internet Explorer 6. Google was applauded for the move, which Microsoft won’t do because it is committed to supporting XP until 2014, and XP comes with IE6 as a default component. But Microsoft itself was quick to applaud Google’s move to drive nails into IE6’s coffin, even though the company won’t touch the hammer itself.

Google announced that it was cutting support for IE6 after it made public the existence of Chinese-based hack attempts that used a vulnerability in the browser as one of the attack vectors. To many it appeared that Google was taking a stand against the continued support of IE6, and that it was leading by example, catalyzing users to dump Internet Explorer 6 and to upgrade to more recent browser releases. To many it seems that Google and not Microsoft has end users’ best interests at heart, even though the Redmond company has been advising users to upgrade since the end of 2006 when IE7 was offered initially.

And of course, Google is the organization to turn to for its “leading” and “best in breed” security practices, especially in its own infrastructure. Wait, what? That doesn’t really sound right. Didn’t Google get hacked because it was still relying on Internet Explorer 6 itself? Almost a decade after IE6 was released, at over a year after Google made its own browser, Chrome, the Mountain View-based search giant was still using IE6 when it starting advising customers to dump IE6. What was that old saying about practicing and preaching?

-[Read more>>]- Windows vs. Rootkits

Category

sponsored