Category: Computer

All stuffs related to Computer field

Posted on

Critical Security Flaws In All Versions Of Linux Kernels

Linux

Last month, a U.S. Department of Homeland Security (DHS) bug-fixing scheme uncovered an average of one security glitch per 1,000 lines of code in 180 widely used open source software projects.

Security researchers have uncovered “critical” security flaws in a version of the Linux kernel used by a large number of popular distributions.

The three bugs allow unauthorized users to read or write to kernel memory locations or to access certain resources in certain servers, according to a SecurityFocus advisory.

They could be exploited by malicious, local users to cause denial of service attacks, disclose potentially sensitive information or gain “root” privileges, according to security experts.

The bug affects all versions of the Linux kernel up to version 2.6.24.1, which contains a patch. Distributions such as Ubuntu, Turbolinux, SuSE, Red Hat, Mandriva, Debian and others are affected.

The problems are within three functions in the system call fs/splice.c, according to an advisory from Secunia.

“In the 2.6.23 kernel the system call functionality has been further extended resulting in… critical vulnerabilities,” said iSEC Security Research in an advisory.

Secunia disagreed about the bugs’ seriousness, giving them a less critical ranking.

Exploit code for the vulnerabilities has been released publicly on the hacker site milw0rm.com, and Core Security Technologies has also developed a commercial exploit for the bugs, researchers said.

Researchers advised system administrators to update their kernels immediately.

Secunia also previously discovered that the number of security bugs in open source Red Hat Linux operating system and Firefox browsers, far outstripped comparable products from Microsoft last year.

 source:pcword

Posted on

Microsoft is busy preparing its IE8

IE-8

Web site developers may be interested to hear promises made in blog posts by the IE8 platform architect Chris Wilson, who says there is a “lot of potential breakage” in the new browser.

With half a billion supposed IE users and thousands of sites already customised to work with earlier browsers, IE8 has the potential to make Web surfing slicker, or to screw it up for thousands of people.

The team wants IE8 to support the right standards without “breaking the existing Web”. The new hope is an opt-in approach to standards using a element rather than a blanket approach. In theory, this should help avoid the problems that plagued Web sites when IE7 first launched.

No matter what you think if IE, it’s clear that the developer team is aware of these problems. Their goals are certainly admirable, according to this blog post: “We must deliver improved standards support and backwards compatibility so that IE8 continues to work with the billions of pages on the web today that already work in IE6 and IE7 and makes the development of the next billion pages, in an interoperable way, much easier.”

As Chris Wilson explains, “many sites had worked around many of the shortcomings or outright errors in IE6, and now expected IE7 to work just like IE6… Sites didn’t work, and users experienced problems.”

source:itnews 

Posted on

Security Researchers At Linux Role In Botnets Btudied

LINUX
Over two-thirds of the malware infections suffered by Sophos’s Linux honeypots involve Rst-B, which attempts to infect ELF (Executable and Linkable Format) binaries in the current working directory and in /bin, and to create a backdoor to the system.

it a six-year old Linux virus is still in circulation, and Sophos suspects the high uptime exhibited by servers (compared with the typical home or office Windows PC that spends much of the day switched off or asleep) makes them valuable to bot-herders as central control points.

Sophos has created a detection tool specifically for this virus, and encourages administrators to use it and then forward any infected files to SophosLabs for analysis.

“If you don’t find Linux/Rst-B on your system, it’s good news but obviously doesn’t mean that you are not infected with something else, said Billy McCourt, SophosLabs UK.

“I’d encourage you to at least do regular on-demand scans on your Linux box but ideally run an on-access scanner.”

A previous analysis by McCourt suggested that Rst-B infections are not being used by intruders to gain access to systems, rather they occur as a side-effect of already-infected hacking tools being downloaded onto servers once a foothold has been gained.

source:itwire 

Posted on

Firefox 3.0 beta 3 released with Hugh changes!

 Firefox-3

Firefox 3.0 beta 3 is here, with plenty of improvements set to send Firefox’s percentage of market share soaring ever higher once the final version is released to the public.

Having had a quick look at the latest version, the interface certainly looks snazzier, performance seems to be faster and all-in-all, Firefox 3.0 is shaping up to really give Internet Explorer 7 and even bigger run for its money than it has already given, while Microsoft continues dithering around with Internet Explorer 8.

Perhaps new feature will be the option of asking the user to save the contents of tabs on exit. Currently Firefox remembers the contents of tabs in case it crashes and needs to be reloaded (which frankly, for 2.x, happened often enough for that feature to come in very handy). But on a normal program exit, after being asked whether you mean to close the tabs, Firefox cleans the cache…which almost makes a rude exit through Task Manager more preferable to the File menu.

Also making progress is Firefox’s support for JavaScript 1.8, which adds support for features made popular in scripting languages like Python: for instance, inline embedded functions (defining a variable as a function), and the intriguing comparison operator contains that iterates through entries in an array.

Mozilla says that there are around 1300 individual changes from the previous beta, “including fixes for stability, performance, memory usage, platform enhancements and user interface improvements”.

source:mozilla

Posted on

BIOS Will Run Linux Based Maintenance Services Remotely When Windows Fails

 phoenix

Phoenix is currently working with software and hardware vendors to build the platform and its associated applications. Currently, they plan to offer the following: e-mail functions, Web browsing, a media player, IP soft phones, the remote system maintenance and repair functions mentioned below, and embedded security.

“We have the opportunity to be able to provide remote maintenance services even when Windows is down and run diagnostic programs while the user continues uninterrupted,” said Josh Pickus, CEO of SupportSoft.

Linux is already gaining some ground as an embedded operating system. So now Phoenix, which made its name as the core provider of BIOS for PCs, is working with several partners to leverage embedded Linux as a bypass operating system.

The basic concept is that an embedded Linux OS will accompany the core system firmware or BIOS, allowing instant-on applications to be run from it at any time.

This means regardless of the status of Windows — before, during and after it boots up or shuts down, if it has crashed or if maintenance is being performed — some software will be allowed to run, including Web browsers and tools that can read files and documents on the hard drive.

The system will be built upon Phoenix’s HyperCore virtualization platform, and the company expects to offer SupportSoft’s remote management tools as a part of the package. By running support software alongside Windows, it could allow maintenance to be done to a system from an “outside perspective,” eliminating the need in certain instances to actually be on site (like for OS reinstalls, for example.)

source:betanews
Posted on

Vista SP1 Prerequisites Rolled up in Patch

Vistas1

Microsoft included a set of nonsecurity updates that prepare customers to install Windows Vista Service Pack 1 as part of its monthly “Patch Tuesday” security fixes.

Two of three prerequisite updates needed to install SP1 are hitting Microsoft’s Windows Update for the first time today, along with the usual batch of security updates it releases every month.

KB937287 is an update to Vista’s servicing stack, and KB938371 is a multicomponent update, according to the blog post attributed to Nick White, a product manager on the Vista team. Both must be installed before a machine can successfully be updated to Windows Vista SP1.

The technologies — called KB937287 and KB938371 — are marked “Important” and will install automatically if a Windows user has Windows Update set to the recommended configuration, according to a post on the Windows Vista team blog.

The third prerequisite to installing SP1, KB935509, also is being released through Windows Update Tuesday. However, that technology is an update of a previously released technology, not a brand new release.

source:pcworld 
Posted on

Nvidia Launches Apx-2500 Processor for Windows Mobile

APX 2500

Nvidia Corporation, a world leader in visual computing technologies and inventor of the GPU, has just introduced the APX 2500, an applications processor that enables intuitive 3D user interfaces and high-definition video on connected Windows Mobile phones.

The APX 2500 applications processor can apparently deliver up to 10 hours of 720p HD playback – which would be an industry first for video quality and power consumption on a mobile device. It’s capable of HD video recording with an HD camcorder, and offers ultra high-resolution photo imaging capabilities.

Nvidia has worked closely with Microsoft on the development of APX 2500. The combined engineering efforts of these two industry mammoths will ensure that next-gen versions of the Windows Mobile OS will harness the capabilities of the APX 2500 applications processor to the fullest extent.

Maybe this is what Windows Mobile 7 will be all about!

source:tech2 

Posted on

Asus low cost mini-notebooks,Tangent ePC

epc

Wow after HCL’s mini-notebooks, Business and education technology company Tangent has begun selling through computer manufacturer Asus a mini-notebook computer.It is called the Tangent ePC and pricing starts at around $300.

The Tangent ePC, which looks like it will sport the Asus logo on the cover, comes in a variety of colors and incorporates a seven-inch screen. Dimensions are on the small size, with the four models in this line up measuring 8.86- x 6.3 x 0.79-inches and weighing just over two pounds. These are not laptops designed for heavy business use but rather casual applications like Web browsing and word processing.

Other features set to be available on the Tangent ePC include up to 8GB of solid state disk flash storage, 1GB DDR2 memory, Linux, a Web cam, mouse and carrying case. These of course vary depending upon the model. Availability should be now.

source:reuters 

Posted on

Free File Clean-Up Tool ‘CCleaner’

 ccleaner

CCleaner is a freeware system optimization and privacy tool. It removes unused files from your system – allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history. But the best part is that it’s fast (normally taking less than a second to run) and contains NO Spyware or Adware!

I use CCleaner and I strongly recommend you do, too. That’s because the free utility scrubs your system and removes computer-clogging junk, including files in the temp folder and Internet cache.

What makes CCleaner so cool is that you can customize it so the tool deletes specific files and folders every time it runs. For instance, I have a junk folder that I use for files I need for the day, but want cleared out when I run CCleaner.

Customizing is easy. Choose the Options icon on the left, click Include, and add a file or folder using the buttons on the right. Another handy trick is in Settings: Add a “run CCleaner” context menu to your Recycle Bin icon. That way you don’t even have to open CCleaner; just right-click the Recycle Bin icon and choose “run CCleaner.”

I strongly recoment you to use CCleaner

source:CClean 

Posted on

AOL’s New Open Mobile Platform

aol

At the GSMA congress in Barcelona they’ve announced their own open mobile platform, which will enable developers to build RIAs for mobile devices.

“The platform will consist of three components: an XML-based, next-generation markup language; an ultra-lightweight mobile device client; and an application server. A dynamic presentation layer will allow for rapid deployment of new features and easy optimization for a wide variety of mobile devices, allowing developers to build and update applications once, and then distribute them across all supported devices and platforms.”

The platform will become available to developers sometime in the summer and the applications built on the platform will work across most major mobile device platforms – BREW, Java, Linux, RIM, Symbian and Windows Mobile – but interestingly enough, Android is nowhere to be seen.

Furthermore, developers will be able to integrate applications build on the platform with third party APIs, AOL’s other open APIs (AIM, AOL Mail, AOL Video, MapQuest, Userplane, Truveo, Winamp, and others), as well as monetize their mobile apps through AOL’s Platform-A advertising platform.

source:reuters