Monday, March 17, 2008

Malware A Real Danger for Computers

What is it?

Server-side polymorphic malware is unique permutations of similar malicious code launched via multiple infection sources in quick succession. It has become the most popular email-borne malware type because it effectively manages to circumvent most existing anti-virus engines.

How does it work?

It is circulated with slightly modified attributes to make it undetectable by signature- and behavior-based anti-virus and intrusion-detection defenses. This exploits the "real-time" vulnerability inherent in traditional anti-virus solutions, which must propagate a solution for each variation.

Should I be worried?

With an outbreak of server-side polymorphic malware, the hourly/daily volume of unique variants is high and typically overwhelms traditional anti-virus solutions. Because the number of samples per variant is typically low, it can be difficult to track them to analyze/develop/propagate a response in time.

How can I prevent it?

Real-time response is critical. Your solution should "block first and ask questions later," examining active outbreaks and preventing them before they enter your network. If you depend on a system that propagates responses before acting, it may be too late.

Tuesday, December 25, 2007

Intresting Technology News

A lot of interesting stuff going on today, most of it I don’t have time to comment on, just read.

Internet Explorer 8 and Acid2: A Milestone As a team, we’ve spent the last year heads down working hard on IE8. Last week, we achieved an important milestone that should interest web developers. IE8 now renders the “Acid2 Face” correctly in IE8 standards mode.

Duke Nukem Forever Teaser Debuts on Shacknews Following yesterday’s screenshot release, Shacknews is pleased to premiere the first new Duke Nukem Forever teaser trailer in over six years. According to George Broussard of developer 3D Realms, the approximately minute-long video was originally created internally for the purpose of holiday festivities and marks the beginning of further media unveilings surrounding the notoriously long-in-development first- person shooter.

Antivirus firm: Google text ad Trojan detected Advertisements placed by Google in Web pages are being hijacked by so-called Trojan horse software that replaces the intended text with ads from a different provider, Romanian antivirus company BitDefender says.

The Trojan redirects queries meant to be sent to Google servers to a rogue server, which displays ads from a third party instead of ads from Google, BitDefender said in a statement.

The Ultimate Fate of Supplemental Results In 2003, Google introduced a “supplemental index” as a way of showing more documents to users. Most webmasters will probably snicker about that statement, since supplemental docs were famous for refreshing less often and showing up in search results less often. But the supplemental index served an important purpose: it stored unusual documents that we would search in more depth for harder or more esoteric queries.

Worm Hits Google’s Orkut Google’s Orkut social networking site appeared to have been hit by a relatively harmless worm, but one that demonstrated the continuing vulnerability of Web applications.

The People Inside Google’s Black Box After I wrote about Google’s search technology earlier this year, I got an e-mail from an engineer at another search engine telling me not to believe Google when it said its search results were simply the product of fancy formulas. Google, he said, has human beings helping to pick the best sites for many queries.

Intel to delay launch of three 45nm quad-core CPUs on poor AMD performance Intel has recently adjusted its product strategy and will postpone three 45nm quad-core CPUs that were originally scheduled to launch in January next year, according to sources at motherboard makers.

Intel has already notified its partners that it will push back the launch of the three CPUs to February or March next year, depending on AMD’s schedule for triple-core and the upcoming Phenom CPUs.

Firefox 3 Beta 2 now available for download Firefox 3 Beta 2 is now available for download. This is the tenth developer milestone focused on testing the core functionality provided by many new features and changes to the platform scheduled for Firefox 3. Ongoing planning for Firefox 3 can be followed at the Firefox 3 Planning Center.

Source: tipsdr

Software errors to delay hybrid drive takeoff

A report from market researcher Objective Analysis predicts that only about 13 million of the hybrid hard disks that incorporate NAND flash for caching key data will ship in 2008 due to software errors.

"Microsoft has a good concept with its ReadyDrive software, but they can't devote attention to it because they have diverted energy to fixing Vista bugs," said Jim Handy, principal of Objective Analysis.

Early benchmarks of the drives have given them mixed results so far, Handy said, indicating performance tuning is needed. "Some of the benchmarks suggest the hybrid drives run some software faster and other software slower," he said.

The new drives, aimed primarily at notebook computers, "will become significant but not next year, and their success is contingent on Microsoft putting adequate attention on the software issues," Handy said.

The firm estimates fewer than one million hybrid drives will ship this year and only about 13 million in 2008. However, shipments could rise to 90 million in 2009 and 220 million in 2010.

Only Samsung and Seagate current have shipping hybrid drives. Both companies have models with 256Mbyte NAND cache and drive capacity of 80-, 120- or 160Gbyte. Other drive makers are waiting for market demand to pick up before launching the products, he said.

Using software in Vista, the hybrid drives are geared to slash the time for booting a system or loading applications. The code can also cache frequently accessed data.

In addition, the hybrid drives may hamper the rise of solid-state drives (SSD) that use flash memory and aim to give a bigger boost in performance and reliability but at a steeper cost. Handy estimated a hybrid drive carries a premium of about $10 while a SSD carries a premium of as much as $300.

"Hybrids offer 80 percent of more of the performance of solid-state drives at a much lower cost," he said.

Source: EETASIA

Wednesday, December 19, 2007

Latest Version of Firefox 3.0 Goes to Developers

Christmas came a little early for developers this year. Mozilla on Wednesday released the second beta version of Firefox 3.0 that promises enhanced security features and performance capabilities.

The release features an enhanced location bar that matches against page titles and addresses from local history, bookmarks and tags. It also incorporates feedback about security from Beta 1 testers, and includes an "effective top-level domain" that ensures that cookies and other Web content is only visible in a single domain, Mozilla said.

The company cautioned that the release is only geared toward Web developers and Mozilla's testing community, and is not intended for the average Web user.

"We encourage testers to download and install the Beta 2 release to test it against the Web sites they normally visit, and provide feedback about any incompatibilities," Mozilla said in a statement. "It is intended for testing purposes only."

Additional enhancements include more easily decipherable security notices, and a password manager that checks to make sure the correct password has been entered before Mozilla saves it. There is also an automatic check for insecure plugins, extensions and Java, and anti-virus integration with the new download manager.

Beta 2 also includes revamped personalization tools, improved text and graphics rendering, support for offline browsing and Web-based protocol handlers, and full-page zooming, Mozilla said.

Developers interested in testing out the release can visit the Mozilla developer center for more information.

Mozilla released version one of 3.0 in November. It later said it would fix only 20 percent of its known bugs before the latest version of the browser is released in its final version next year. Mike Shaver, Mozilla director of ecosystem development, subsequently penned a blog post that said that 20 percent prediction was a misunderstanding.

Source: PCMAG

Tuesday, December 11, 2007

Drive to use legal computer software

Domestic enterprises wanting to go public should aim to use legal computer software, an official said Monday.

The country will work strenuously to encourage and supervise enterprises to build a sound environment for the software industry, head of copyright administration Liu Binjie added at a national legal software conference.

"Strengthening protection for legal software and creating a conducive environment is a significant part of the national intellectual property rights (IPR) strategy", said Vice-Premier Wu Yi, who is also head of the national IPR working team, in a letter to the conference.

Initiated last year by nine authorities including the copyright and information industry, commerce, finance administrations and regulators of banks, insurances and securities firms, the ongoing campaign targeting enterprises is seen as a powerful government effort to realize the wide use of legal software.

Domestic enterprises are responding positively to the country's call to use legal computer software since then, Liu said.

More than 1,500 large enterprises with annual sales of over 300 million yuan ($40.5 million) are currently using legal computer software, a result of the nine ministries' efforts to weed out software piracy nationwide.

The groups include the headquarters of the major 157 State-owned enterprisessuch as Sinopec and Huaneng Group, and their subsidiaries across China.

Another 1,300 large-scale en-terprises are reportedly speeding up efforts to install licensed software on the operating system of their computers.

Source: China Daily