Closing the Printer App in Leopard

June 2009

Control click the printer icon on the Dock and select Auto Quit.

Thanks Apple (n0te the sarcasm)

So U Can Hack Facebook...AND...

June 2009

New Facebook blog: We can hack into your profile. FBHive, a new blog devoted to the discussion of all things Facebook, has debuted with the revelation that its creators have discovered a hack that can expose some crucial profile data. It will not expose an individual’s personal photos or wall posts. But, FBHive says, it can bring up all the “basic information” that a user has entered into their profile, even if a user has elected to keep that information private. This is the section that includes location, gender, relationship status, relationships (significant other, parents, siblings), political views, religious views, birthday, and hometown. That is enough to be a problem in the identity theft department, as it could easily expose frequent password hints like dates of birth and mothers’ maiden names. FBHive has not shared the details of the newly discovered hack; more disconcertingly, it said Facebook has done nothing since it alerted the social network to the issue earlier this month.

Speak! All New...

June 2009

Effective cybersecurity requires common language. The former cybersecurity director at DHS had some sobering words last week about the battle for cybersecurity. “We lost,” the former director, now chief executive officer of NetWitness Corp., said at the Symantec Government Symposium in Washington. “We lost the cyber war over the last 15 years. Our computing environment is already compromised,” and things are likely to get worse going forward because we do not really understand security. “We lack any meaningful metrics or measures to say how secure a system is.” It no longer is true that the best minds are on the side of the hackers. The dark side of cyberspace has been co-opted by organized crime, entrepreneurs of questionable integrity and, possibly, terrorists. Much of the process of illegal hacking has been mechanized to the point that it involves automation, not innovation. Part of the problem was identified by the U.S. Computer Emergency Readiness Team director. ”We lack a common language for discussing many of the elements of security. We need to reinvent not only how we do incident response, but how we talk about events,” the director said at the symposium.

Go Forward!! "NEW" Cyber Command!!!

June 2009

Military command is created for cyber security. The U.S. Defense Secretary created a new military command dedicated to cyber security on June 23, reflecting the U.S. President’s plans to centralize and elevate computer security as a major national-security issue. In a memo to senior Pentagon officials, the U.S. Defense Secretary said he intends to recommend that the director of the National Security Agency take on the additional role as commander of the Cyber Command with the rank of a four-star general. The U.S. Defense Secretary’s budget envisions training more than 200 cyber-security officers annually. The decision follows the U.S. President’s announcement last month that he will establish a new cyber-security office at the White House, whose chief will coordinate all government efforts to protect computer networks. The Pentagon initiative will reshape the military’s efforts to protect networks from attacks by hackers, especially those from China and Russia. It also consolidates the largest concentration of cyber warriors and investigators in the government under one military command, exacerbating concerns of some experts who worry about military control of civilian computer systems.

g O-O gle has eyes&ears...

June 2009

Google’s online security helps fight malware. Google’s online security recently started to identify web pages that infect computers via drive-by downloads, i.e. web pages that attempt to exploit their visitors by installing and running malware automatically. During that time they have investigated billions of URLs and found more than three million unique URLs on over 180,000 web sites automatically installing malware. Third-party content is one avenue for malicious activity. Today, a lot of third-party content is due to advertising. In Google’s analysis, they found that on average 2 percent of malicious web sites were delivering malware via advertising. The underlying problem is that advertising space is often syndicated to other parties who are not known to the web site owner. In addition, Google’s security team also investigated the structural properties of malware distribution sites. Some malware distribution sites had as many as 21,000 regular web sites pointing to them. It was also found that the majority of malware was hosted on web servers located in China. Interestingly, Chinese malware distribution sites are mostly pointed to by Chinese web servers. Google says they are constantly scanning their index for potentially dangerous sites. Their automated search systems found more than 4,000 different sites that appeared to be set up for distributing malware by massively compromising popular web sites

NINE BALL in the pocket...

June 2009

“Nine-Ball” mass injection attack compromised 40,000 sites. A new threat dubbed “Nine-Ball” has compromised up to 40,000 legitimate Web sites, which are, in turn, infecting users with an information-stealing trojan, according to security vendor Websense. The attack is called “Nine-Ball” because of the name of the final, malicious landing page, which is loaded with drive-by exploits, that unsuspecting users automatically are redirected to if they visit one of the compromised sites. Ninetoraq.in, the exploit site, contains malicious code that looks for already patched vulnerabilities in Acrobat Reader, QuickTime, Microsoft Data Access Components (MDAC) and AOL SuperBuddy, which it then attempts to exploit, the manager of security research at Websense, told SCMagazineUS.com on June 17. The flaws have all been patched; some date back to 2006, the manager said. But, the Reader and QuickTime vulnerabilities are newer, making it less likely that users are patched for them. If the malicious code finds an unpatched vulnerability to exploit, it either drops a malicious PDF file or a trojan designed to steal user information, the manager said. All of the exploits currently have low detection rates, he added. The 40,000 legit but compromised Web sites were “sleeping” up until June 15, the manager said. Before then, if a user visited one of them, they were redirected to Ask.com. On June 15, though, the attack updated and users started being redirected to the ninetoraq malicious site.

Is Snow Leopard a Icy Kitty???

June 2009

Apple accepts Mac’s vulnerability to malware. Security company ‘SecureMac’ reports that Apple has eventually admitted that viruses and spyware pose a threat to Mac OS X and to its most recent operating system ‘Snow Leopard.’ According to Apple, Snow Leopard is being designed to add new mechanism that would facilitate in protecting against attacks like phishing and sandboxing in Safari. However, this technology is not a complete anti-malware solution. Apple claimed on its official website that Mac had built-in technologies, which helped to protect from malicious software as well as other security threats. Since computer systems were not cent percent immune from attacks, antivirus software might be deployed for additional protection, Apple suggested. Responding to Apple’s statement, SecureMac said that they appreciated Apple for acknowledging the fact that Mac was not immune to malware attacks. This statement contradicted Apple’s TV advertisements that criticized their counterparts by claiming that Macs were totally safe. Nevertheless, it was vital that one should realize that the new mechanisms built into the operating software would not safeguard from all attacks, SecureMac added.

Microsoft, Microsoft, Microsoft...

June 2009

Steve Ballmer named 2009 Media Person of the Year

Cannes Lions International Advertising Festival pays tribute to Microsoft’s CEO

Get a free Web site
Office Live Small Business provides a free Web site, hosting, e-mail, and other online tools for your business

MSN revamp to include stronger Bing ties

Microsoft looks to give MSN fresh wings

Microsoft: No new Xbox coming next year

Microsoft pitches $40 mouse for Netbooks

Microsoft wins deal to sell NBC ads

Microsoft veteran launches Twitter search engine

Microsoft posts teaser for Office 2010

Microsoft's Bing has a second good week

Thanks I. Fried

Apple isn't this like the 2nd or 3rd time now???

June 2009

iPhone 3G S buyers are still experiencing delays activating their new smartphones, but Apple apparently wants to make it up to them.

Dear Apple Customer,

Thank you for your recent Apple Store order. We appreciate your patience and apologize for the inconvenience caused by the delay in your iPhone activation.

We are still resolving the issue that was encountered while activating your iPhone with AT&T. Unfortunately, due to system issues and continued high activation volumes, this could take us up to an additional 48 hours to complete.

On Monday, you'll receive an email from Apple with an iTunes Store credit in the amount of $30. We hope you will enjoy this gift and accept our sincere apologies for the inconvenience this delay has caused.

Thank you for choosing Apple.

Sincerely,
Apple Online Store Team

One analyst expected Apple to sell 500,000 iPhones this weekend. That's half as many phones as Apple sold when it launched the iPhone 3G, but Apple sold that phone in 21 countries on the first day. In comparison, the iPhone 3G S was sold in only eight countries on its first day.

Thanks S. Musil @CNET

Apple's New $99 iPhone 3G

June 19 2009

The iPhone is an internet-connected, multimedia smartphone designed and marketed by Apple Inc. Since its minimal hardware interface lacks a physical keyboard, the multi-touchscreen renders a virtual keyboard when necessary. The iPhone functions as a camera phone (also including text messaging and visual voicemail), a portable media player (equivalent to a video iPod), and an Internet client (with email, web browsing, and Wi-Fi connectivity). The first-generation phone hardware was quad-band GSM with EDGE; the second generation added UMTS with HSDPA.^[15]

Apple announced the iPhone on January 9, 2007,^[16] after months of rumors and speculation.^[17] The original iPhone was introduced in the United States on June 29, 2007 before being marketed worldwide. Time magazine named it the Invention of the Year in 2007.^[18] Released July 11, 2008, the iPhone 3G supports faster 3G data speeds and assisted GPS.^[15] On March 17, 2009, Apple announced version 3.0 of the iPhone OS operating system for the iPhone (and iPod Touch), released on June 17, 2009.^[19] The iPhone 3G S was announced on June 8, 2009. It will be released in the U.S., Canada and some European countries on June 19,^[3] Australia on June 26,^[20] and will see international release in July and August.

Go here for more information about the iPhone or to the Apple iPhone site:

http://en.wikipedia.org/wiki/IPhone

http://store.apple.com/us/browse/home/shop_iphone/family/iphone?mco=MTE2NTQ

The Over the Hill 40 year old INTERNET

JUNE 2009

You’re so used to paying bills, getting your news and weather, and doing more and more of your purchasing online, you probably think the Internet has been around forever. But it hasn’t. As you’ll learn from this program on Open University, the Internet turns 40 this year. How did it get started? Where is it taking us next? Find out by listening to these Internet pioneers on iTunes U.

THANKS PENNY BOREHAM

The 25 year History of ADOBE (ADBE: 30.25)

June 2009

The major leader in print, web and how people communicate their ideas.

Thousands of sites stung? What by Bees?Wasps? or Scorpions?

June 2009

As many as 40,000 Web sites have been hacked to redirect unwitting victims to another Web site that tries to infect PCs with malicious software, according to security vendor Websense. The affected sites have been hacked to host java_script code that directs people to a fake Google Analytics Web site, which provides data for Web site owners on a site’s usage, then to another bad site, said the threat research manager for Websense. Those Web sites have likely been hacked via a SQL injection attack, in which improperly configured Web applications accept malicious data and get hacked, the researcher said. Another possibility is that the FTP credentials for the sites have somehow been obtained by hackers, giving them access to the inner workings of the site. It appears the hackers are using automated tools to seek out vulnerable Web sites, the researcher said. The latest campaign underscores the success hackers have at hosting dangerous code on poorly secured Web sites. Once a user has been directed to the bogus Google analytics site, it redirects again to another malicious domain. That site tests to see if the PC has software vulnerabilities in either Microsoft Corp.’s Internet Explorer browser or Firefox that can be exploited in order to deliver malware, the researcher said. If it does not find a problem there, it will launch a fake warning saying the computer is infected with malware and then try to get the user to willingly download a program that purports to be security software but is actually a Trojan downloader, he said. The fake security programs are often called “scareware” and do not work as advertised. As of May 29, only four of 39 security software programs could detect that Trojan, although that is now likely changed as vendors such as Websense swap malware samples with other companies in order to improve overall Internet security.

Apple updates Quicktime and iTunes

June 2009

Apple patches QuickTime, updates iTunes. Apple has issued a slew of critical patches for its QuickTime media player and updated the digital media application iTunes. Version 7.6.2 of QuickTime received the majority of patches, targeted at patching holes that allow maliciously crafted files to perform unexpected application terminations or arbitrary code executions. The iTunes upgraded software now supports iPhone and iPod touch with the iPhone’s 3.0 software update, and Version 8.2 also includes “many accessibility improvements and bug fixes,” according to Apple. In March, Apple announced that iPhone firmware Version 3.0 was due to be released in mid-2009. One QuickTime patch fixes a memory corruption issue that existed in the player’s handling of Sorenson 3 video files, while another addressed the issue of a heap buffer overflow existing in the handling of FLC compression files. Eight of the patches concern Apple and Microsoft operating systems, and two patches address vulnerabilities found only in Microsoft Vista and XP versions. The update is the second this year for QuickTime; the first, issued in January, fixes seven security vulnerabilities. Microsoft noted in a security report published in 2008 that, in the first half of 2008, a QuickTime flaw had been the third-most attacked vulnerability for Windows XP users and the fourth-most attacked for Vista customers.

Einstein or Echelon or Does it really matter...

June 2009

Obama Administration begins work on cybersecurity R&D. Maximizing government investment in federal cybersecurity research and development is a major component of the U.S. President’s plan to bolster defenses against high-tech attacks. If the White House’s new cyber strategy and key agencies’ fiscal 2010 budget requests are any indication, they are off to a solid start. In the near term, the White House’s unnamed cyber czar will be charged with developing a framework for R&D strategies that focus on “game-changing technologies” and provide the research community access to event data to help develop tools and testing theories, according to the May 29 report, which stemmed from a 60-day review. That czar will eventually develop threat scenarios and metrics for risk management decisions, recovery planning and R&D prioritization. “Research on new approaches to achieving security and resiliency in information and communications infrastructures is insufficient,” the report stated. “The government needs to increase investment in research that will help address cybersecurity vulnerabilities while also meeting our economic needs and national security requirements.” The President proposed a $37.2 million cyber R&D budget for DHS in fiscal 2010 to support operations in its national cybersecurity division as well as projects within the CNCI. DHS is using much of its fiscal 2009 allotment to deploy Einstein, a system to analyze civilian agencies’ systems for cyber threats and intrusions.

http://en.wikipedia.org/wiki/Einstein_(US-CERT_program)

http://en.wikipedia.org/wiki/ECHELON

Apple, iPhone, Government, & Medical Files...

June 2009

Is Apple the next Halliburton? So let's assume that a hospital digitizes its records through a program that has an iPhone app companion. If the hospital wants its doctors to have portable access to the records, then it will probably choose the iPhone rather than some poorly-designed device nobody's ever used. And that means it needs to buy a batch of iPhones at a few hundred bucks a pop. All of a sudden, Apple has a new income stream. Courtesy of the federal government. Go to The Big Money to read the full article.

Thank C. Matlin Great piece...

Gumblar!!!

June 1, 2009

‘Gumblar’ virus could be bigger than Conficker worm. A new malware virus is on the loose and within days has become accountable for half the malware on the web. It is particularly vicious because it targets Google users in particular. The worm, also known as JSRedir-R, attacks computers through vulnerabilities in Adobe PDF reader and Flash player. By last week, more than half of all malware found on websites was identified as Gumblar, with a new webpage infected every 4.5 seconds. The worm redirects the user’s Google search results to sites that download more malware onto the machine or allow criminals to conduct phishing attacks to steal login details. It has begun to spread on sites where passwords or software have been previously compromised and visitors are infected without realizing it. It is believed the malicious worm draws its code from a webpage based in China. Once cybercriminals are in possession of a victim’s FTP credentials, any sites that the victim manages can also be targeted for compromise — a common malware propagation tactic, said IT security firm ScanSafe.

Will BING Overtake Google???

Ready for a new way to search? Microsoft's taking on Google with Bing.com calling it a "decision engine" vs. a search engine, promising to answer more questions on the search results page, without having to click through to a result. Why? They want to grab a bigger slice of the online ad market.

Are you unhappy with searching things on Google? Apparently, two-thirds of people say they're satisfied with search, but 15% of the time, search queries go abandoned without answer. Do you think Microsoft can get you to stop Googling and start Binging? Do you think Microsoft's ad campaign will work? And finally, how do you feel about Microsoft, the company?

How will it be different than Google?Bing will be available to the public by next Wednesday at www.bing.com
thanks alice@mymodernmet