Hong Kong domain has jumped 28 places as the most dangerous place to surf and search on the web according to a new McAfee report called "Mapping the Mal Web Revisited"
"Just like the real world, the virtual threats and risks are constantly changing. As our research shows, Web sites that are safe today can be dangerous tomorrow. Surfing the Web based or conventional wisdom is not enough to avoid risk online," said Jeff Green, Senior Vice President of Product Development...
Wednesday, June 11, 2008
Hard Drive Withstands Fire And Water Submersion
Auburn (CA) - Most small businesses and consumers do not have elaborate disaster recovery plans in place, which means that their data may be at risk, especially if backups are stored nearby. Fire and water can wipe out at least portions of the contents stored on hard drives in a matter of seconds. ioSafe announced new hard drives that promise to withstand fire and water and offer a type of product for all those who don’t invest in off-site storage.
ioSafe claims that it is the first company to offer fire- and waterproof hard drives, which may be worth a look not just for businesses, but also families who are looking for ways to keep those digital family pictures safe, even when a house burns down. The company uses 2.5" drives within 3.5" enclosures are specially equipped with heat and water barriers.
Fire protection is provided by the firm’s "DataCast endothermic insulation technology", which the manufacturer claims forms a chemical bond with water molecules that, at temperature above 160 degrees Fahrenheit, releases water vapor to limit the internal temperature of the unit. Combined with the insulation, ioSafe claims that the drive can sustain outside temperatures of up to 1400 degrees Fahrenheit for up to 15 minutes and short term peak temperatures of up to 1700 degrees Fahrenheit.
In the case of a fire, the plastic tabs on the inside of the 3.5" casing will melt at a temperature of 250 degrees Fahrenheit, closing the drive and blocking airflow. The manufacturer said that the inside of the 2.5" drive should not get hotter than 210 degrees Fahrenheit during a fire, as 98% of radiant heat can be deflected. Typical house fires reach a heat of about 1100 degrees Fahrenheit with 3 to 5 minutes.
There was no detailed information on the water protection technology, other than the claim that the drive will be protected from fresh or salt water damage, both in full submersion and spray/splash scenarios. Full submersion protection is guaranteed for up to 24 hours in up to 5 ft of water.
Just in case the drive is damaged, ioSafe offers an optional data recovery plan that is activated through the registration of a product. The service, which is offered free of charge, provides access to data recovery experts and includes up to $2500 payment by ioSafe to a third-party data extraction service plus replacement product, if required.
Not surprisingly, ioSafe’s hard drives come at a premium over regular hard drives. The price list ranges from $330 for a 5400 rpm 80 GB drive to $460 for a 7200 rpm 200 GB drive. The highest capacity is offered by a 320 GB 5400 rpm model for $450.
ioSafe claims that it is the first company to offer fire- and waterproof hard drives, which may be worth a look not just for businesses, but also families who are looking for ways to keep those digital family pictures safe, even when a house burns down. The company uses 2.5" drives within 3.5" enclosures are specially equipped with heat and water barriers.
Fire protection is provided by the firm’s "DataCast endothermic insulation technology", which the manufacturer claims forms a chemical bond with water molecules that, at temperature above 160 degrees Fahrenheit, releases water vapor to limit the internal temperature of the unit. Combined with the insulation, ioSafe claims that the drive can sustain outside temperatures of up to 1400 degrees Fahrenheit for up to 15 minutes and short term peak temperatures of up to 1700 degrees Fahrenheit.
In the case of a fire, the plastic tabs on the inside of the 3.5" casing will melt at a temperature of 250 degrees Fahrenheit, closing the drive and blocking airflow. The manufacturer said that the inside of the 2.5" drive should not get hotter than 210 degrees Fahrenheit during a fire, as 98% of radiant heat can be deflected. Typical house fires reach a heat of about 1100 degrees Fahrenheit with 3 to 5 minutes.
There was no detailed information on the water protection technology, other than the claim that the drive will be protected from fresh or salt water damage, both in full submersion and spray/splash scenarios. Full submersion protection is guaranteed for up to 24 hours in up to 5 ft of water.
Just in case the drive is damaged, ioSafe offers an optional data recovery plan that is activated through the registration of a product. The service, which is offered free of charge, provides access to data recovery experts and includes up to $2500 payment by ioSafe to a third-party data extraction service plus replacement product, if required.
Not surprisingly, ioSafe’s hard drives come at a premium over regular hard drives. The price list ranges from $330 for a 5400 rpm 80 GB drive to $460 for a 7200 rpm 200 GB drive. The highest capacity is offered by a 320 GB 5400 rpm model for $450.
Microsoft Warns Against Using Safari
Microsoft on Friday warned of a serious risk to people who use Safari on Windows XP or Vista, going so far as to suggest people "restrict use of Safari as a web browser until an appropriate update is available from Microsoft and/or Apple."
Good news is that according to Redmond there aren't yet any known attacks against the flaw. Bad news is that if anyone does create such an attack, a crook could install any software he wished - such as 'bot' malware that allows for complete remote control - on a victim PC.
The threat targets two separate flaws, one in Safari and one in IE, and you'd have to first browse a malicious site with Safari. Doing so would download unwanted software onto your desktop, which could then be executed without your permission by triggering a separate flaw in IE (and you wouldn't have to start IE to get hit). In its security advisory, Microsoft acknowledges the critical risk of 'remote code execution,' which is as bad as it gets.
Apple, on the other hand, says "we are not treating this as a security issue," according to a quoted e-mail posted by stopbadware.org. Not a good move, if you ask me.
If you do use Safari, Microsoft says you can apply a workaround to protect yourself. Change the default download location (normally the desktop) in Safari with the following steps:
Launch Safari. Under the Edit menu select Preferences.
At the option where it states Save Downloaded Files to:, select a different location on the local drive.
Source : http://www.pcworld.com/
Good news is that according to Redmond there aren't yet any known attacks against the flaw. Bad news is that if anyone does create such an attack, a crook could install any software he wished - such as 'bot' malware that allows for complete remote control - on a victim PC.
The threat targets two separate flaws, one in Safari and one in IE, and you'd have to first browse a malicious site with Safari. Doing so would download unwanted software onto your desktop, which could then be executed without your permission by triggering a separate flaw in IE (and you wouldn't have to start IE to get hit). In its security advisory, Microsoft acknowledges the critical risk of 'remote code execution,' which is as bad as it gets.
Apple, on the other hand, says "we are not treating this as a security issue," according to a quoted e-mail posted by stopbadware.org. Not a good move, if you ask me.
If you do use Safari, Microsoft says you can apply a workaround to protect yourself. Change the default download location (normally the desktop) in Safari with the following steps:
Launch Safari. Under the Edit menu select Preferences.
At the option where it states Save Downloaded Files to:, select a different location on the local drive.
Source : http://www.pcworld.com/
Internet Explorer 8 Coming in August
Microsoft said yesterday it is planning on releasing yet another test version (Beta 2) of its Internet Explorer 8 (IE 8) Web browser in August.
In March this year, the company released IE 8 Beta 1 offering Web developers/designers a preview of the latest iteration of its popular Web browser. Also in March, the company revealed some of the new features IE 8 sports: for instance 'Activities' that lets you highlight text on a Web page and then take that passage to another Web service.
Microsoft said the upcoming IE 8 Beta 2 would be targeted more at ordinary Web users, and that it would have almost all of the features of the final-version IE 8 browser. Microsoft has given no official release date yet for IE8.
In March this year, the company released IE 8 Beta 1 offering Web developers/designers a preview of the latest iteration of its popular Web browser. Also in March, the company revealed some of the new features IE 8 sports: for instance 'Activities' that lets you highlight text on a Web page and then take that passage to another Web service.
Microsoft said the upcoming IE 8 Beta 2 would be targeted more at ordinary Web users, and that it would have almost all of the features of the final-version IE 8 browser. Microsoft has given no official release date yet for IE8.
Rediff Enhances Product Search
Catering to users who like to shop offline but compare features online, Rediff has introduced an enhanced version of its popular Product Search. This service from Rediff aims to offer consumers a one-stop destination to compare shopping across various categories of products and make a better informed decision.
The new enhanced service allows users to compare products across brands, features, price points, user ratings, and check availability in their city along with complete contact details. Rediff Product Search now covers more than 16 product categories under electronics, and has also introduced cars and bikes as new categories.
Users can now also get a grid view of products under different brands and can find and do feature-based comparison of products by brands, by latest price points, or by most popular products to help them make a better informed decision.
One of the new unique features of the service is the actual market price history of the product, which covers the price movement for a period of over 6 months. This feature also lets users set a price alert by just entering their email address and setting their target price; the system then automatically sends them an alert as soon as the price is close to the set target price.
And if the user chooses to be contacted by the seller representative to get further information about the product, they can send a free SMS to the seller expressing their interest from the system itself. This feature is particularly useful when one is comparing a bike or a car -- as the user can use the SMS service to ask for a free test-drive of the vehicle.
Rediff says that based on consumers' needs to do comparison-shopping, their Product Search offers users all the information they need before they zero down on a particular product. Rediff adds that users find this service extremely useful especially for electronic products like digital cameras, mobile phones, laptops, mp3 players, home appliances, and storage devices as there are unlimited options available for each of these products at a variety of price points offered by several brands.
Meanwhile, the service is designed to bridge the gap between offline sellers and consumers who want to buy products offline but cannot decide on which product to buy and from where, claims Rediff.
The new enhanced service allows users to compare products across brands, features, price points, user ratings, and check availability in their city along with complete contact details. Rediff Product Search now covers more than 16 product categories under electronics, and has also introduced cars and bikes as new categories.
Users can now also get a grid view of products under different brands and can find and do feature-based comparison of products by brands, by latest price points, or by most popular products to help them make a better informed decision.
One of the new unique features of the service is the actual market price history of the product, which covers the price movement for a period of over 6 months. This feature also lets users set a price alert by just entering their email address and setting their target price; the system then automatically sends them an alert as soon as the price is close to the set target price.
And if the user chooses to be contacted by the seller representative to get further information about the product, they can send a free SMS to the seller expressing their interest from the system itself. This feature is particularly useful when one is comparing a bike or a car -- as the user can use the SMS service to ask for a free test-drive of the vehicle.
Rediff says that based on consumers' needs to do comparison-shopping, their Product Search offers users all the information they need before they zero down on a particular product. Rediff adds that users find this service extremely useful especially for electronic products like digital cameras, mobile phones, laptops, mp3 players, home appliances, and storage devices as there are unlimited options available for each of these products at a variety of price points offered by several brands.
Meanwhile, the service is designed to bridge the gap between offline sellers and consumers who want to buy products offline but cannot decide on which product to buy and from where, claims Rediff.
"Sabka Spice" for Rural India
Punjab's premier telecom service provider Spice Telecom has today launched a handset combo offer comprising a handset plus Spice connection. The offer is called "Sabka Spice", and will be made available at just Rs 599 in a bid to make mobile telephony accessible to the rural populace. Under the "Sabka Spice" offer, the handset comes with a three-years warranty and a choice of Spice prepaid or postpaid connection.
The stylish Spice S 300 handset includes features such as: long battery life with promised talk time of 3.5 to 4 hours and stand-by time of 250 to 300 hours; Intelligent Audio Interface System that substitutes for LCD (alerts on the mobile are called out through this mechanism, meaning even those people who can't read can use the phone just by following audio alerts); choice of languages including English, Hindi, and Punjabi (even semi-literate rural consumers can use the phone with ease); speaker-phone that allows the phone to be operated even in noisy environments; universal charger (the phone can be charged using any mobile phone charger); speed dial that allows consumers to store oft-used numbers which could then be dialed with a simple push of the button; and intelligent LEDs comprising Red LED (on full charge, the color changes to green and missed calls are represented by blinking five times a second) and Blue LED (for network availability).
If the consumer opts for a prepaid connection, he/she gets the Spice S 300 handset along with three-years warranty. Additionally, he/she gets a Spice prepaid connection with SIM worth Rs 101, one-year validity worth Rs 198, or zero rental for one year worth Rs 148. Spice to Spice local calls cost 50 paise per minute; calls from Spice to other local GSM numbers cost 65 paise per minute; and calls from Spice to other local numbers cost Rs 1.10 per minute.
In the event the consumer opts for a postpaid connection, he/she gets the Spice S 300 handset with three-years warranty. In addition, he/she needs to pay a monthly fixed charge of Rs 35. Spice to Spice local calls cost 10 paise per minute while calls from Spice to other local numbers cost 75 paise per minute.
The stylish Spice S 300 handset includes features such as: long battery life with promised talk time of 3.5 to 4 hours and stand-by time of 250 to 300 hours; Intelligent Audio Interface System that substitutes for LCD (alerts on the mobile are called out through this mechanism, meaning even those people who can't read can use the phone just by following audio alerts); choice of languages including English, Hindi, and Punjabi (even semi-literate rural consumers can use the phone with ease); speaker-phone that allows the phone to be operated even in noisy environments; universal charger (the phone can be charged using any mobile phone charger); speed dial that allows consumers to store oft-used numbers which could then be dialed with a simple push of the button; and intelligent LEDs comprising Red LED (on full charge, the color changes to green and missed calls are represented by blinking five times a second) and Blue LED (for network availability).
| |
If the consumer opts for a prepaid connection, he/she gets the Spice S 300 handset along with three-years warranty. Additionally, he/she gets a Spice prepaid connection with SIM worth Rs 101, one-year validity worth Rs 198, or zero rental for one year worth Rs 148. Spice to Spice local calls cost 50 paise per minute; calls from Spice to other local GSM numbers cost 65 paise per minute; and calls from Spice to other local numbers cost Rs 1.10 per minute.
In the event the consumer opts for a postpaid connection, he/she gets the Spice S 300 handset with three-years warranty. In addition, he/she needs to pay a monthly fixed charge of Rs 35. Spice to Spice local calls cost 10 paise per minute while calls from Spice to other local numbers cost 75 paise per minute.
Monday, June 9, 2008
Blackmail ransomware returns with 1024-bit encryption key
Virus analysts at Kaspersky Lab intercepted a new variant of Gpcode, a malicious virus that encrypts important files on an infected desktop and demands payment for a key to recover the data.
The biggest change in this variant of the ransomeware is the use of RSA encryption algorithm with a 1024-bit key, making it impossible to crack without without the author’s key. Here’s the explanation:
We recently started getting reports from infected victims, analysed a sample, and added detection for Gpcode.ak to our antivirus databases yesterday, on June 4th. However, although we detect the virus itself, we can’t currently decrypt files encrypted by Gpcode.ak – the RSA encryption implemented in the malware uses a very strong, 1024 bit key.
The RSA encryption algorithm uses two keys: a public key and a private key. Messages can be encrypted using the public key, but can only be decrypted using the private key. And this is how Gpcode works: it encrypts files on victim machines using the public key which is coded into its body. Once encrypted, files can only be decrypted by someone who has the private key – in this case, the author or the owner of the malicious program.
After Gpcode encrypts files on the victim machine, it adds ._CRYPT to the extension of the encrypted files and places a text file named !_READ_ME_!.txt in the same folder. In the text file the criminal tells the victims that the file has been encrypted and offers to sell them a “decryptor”:
«Your files are encrypted with RSA-1024 algorithm.
To recovery your files you need to buy our decryptor.
To buy decrypting tool contact us at: ********@yahoo.com»
There are three Yahoo e-mail addresses associated with the new version of the ransomware.
Subscribe to:
Posts (Atom)
-
Tuesday, June 10, 2008 2:10 PM PDT A leak on a Microsoft Web site referring to a product in the Office suite hints at a 2009 release for the...
-
Another week, another quantum computing story. Quantum computing is a very hot topic in the world of physics at the moment because, for the...
-
holy_calamity writes "New Scientist reports on worries that the OLPC's BitFrost security protocols could hand a ready-made surveil...
