Firefox 3 beta 5 released

April 2, 2008 – 12:53 PM

Mozilla has released yet another beta version of the next generation Firefox web browser. Firefox 3 beta 5 doesn’t have a ton of new features, but it fixes a lot of bugs and packs a bunch of under the hood tweaks that make the browser easier to use and more attractive.

Firefox 3 beta 5 features tighter integration with the Windows, Mac, and Linux operating system. That means you have native icons and interface widgets. The OS X version supports Growl notifications, and the Linux version uses the native GTK theme.

The Places organizer has been updated, making it easier to organize, search, tag, and browse through your bookmarks and browsing history.

And the JavaScript engine has been updated, meaning web applications like Gmail and Zoho Office run much faster in Firefox 3 beta 5 than in Firefox 2.

Keep in mind that this is still a beta, and you may experience problems. Extensions and add-ons that work in prior versions of Firefox might not be compatible with Firefox 3 beta 5.

Source: Download Squad

Posted in Internet, Security, Software | No Comments

Biometric Hacking Tool Debuts

April 2, 2008 – 10:46 AM

A British security researcher has demonstrated a “biologging” system for intercepting biometric authentication data, warning that attacks on biometric systems could become relatively straightforward if current practices don’t change.

Matthew Lewis, of London-based Information Risk Management, demonstrated a proof-of-concept biologger last week at Black Hat Amsterdam and released the tool’s source code.

Biologger is designed to highlight what Lewis considers a defect in the design of many current biometric systems: the biometric data isn’t encrypted between the biometric scanner and the processing server.

The tool identifies and captures such data, opening the way to exploits such as man-in-the-middle attacks, Lewis said.

A number of difficulties remain in carrying out an attack, not the least of which would be inserting the biologger into the network, Lewis said. However, Lewis’ point was to highlight that such dangers exist.

“Organisations across a number of different sectors are beginning to implement biometric systems as part of their physical and logical access controls, while a number of these systems and devices are configured to integrate with existing infrastructures for ease of deployment, such as through the use of IP protocols,” Lewis said in a recent white paper on biologging. “It is properties such as this that we seek to explore and exploit as part of a proof of concept construction of a biologger.”

Read the rest of this story…

Posted in Hardware, Privacy, Security | No Comments

You’ve been iframed

April 2, 2008 – 5:29 AM

Injected iframes into legitimate sites are becoming more and more common these days.  One of the latest targets is a Chinese government site at www.zhangzhu.gov.cn:

Please note that while the site adminstrators have been notified, the injected iframe is still present in the site at the time of this posting.

The iframe downloads a page from another chinese site that redirects the browser to a .com site – that contains tons of new iframes.

End result of this iframe jungle is that exploits try to download executables to the users computer:

lz.exe
614.exe

Both of these files are already detected as Trojan-Downloader.Win32.Small.suu using the latest database updates.

Drive-by-downloads are getting more sophisticated nowadays with this case using several exploits including MDAC and Real Player exploits.

As always, remember safe computing pratices even when on familiar grounds, lest you find yourself iframed.

Source: F-Secure

Posted in Coding, Internet, Security | No Comments

USB malware on the rise

April 2, 2008 – 5:20 AM

Around a tenth of all malware is designed to use portable storage media, such as removable USB drives, as an attack and spread vector.

Security firm ESET said that 10.3 per cent of malware detections last month were identified as files containing information on programs to be run automatically when removable media are inserted into a computer.

ESET revealed that INF/Autorun, a generic identification for malware that tries to use the autorun.inf file as a way of compromising a PC, has retained its number one spot and increased its share of detected malware during March.

“Portable storage media started to become a noticeable threat last summer,” said Paul Brook, managing director of ESET UK.

“Since then it has gathered pace and continues to grow as a popular infection vector with malware writers, and it is easy to see why.

“It has been drummed into users for so long that email is the main source of infection that users have forgotten the threats from yesteryear when media such as floppy disks were the main concern.

“Consequently, basic desktop protection is now often overlooked, particularly by home users.”

Adware still features prominently in the top 10 detected threats in March, with variations of the pernicious Virtumonde steadfastly refusing to budge.

Virtumonde is causing misery to computer users that have had their machines compromised because of inadequate protection.

“Some PC users report instances where this program has taken over a system to such an extent, displaying so many unwanted advertising windows, that the PC becomes all but unusable,” said Brook.

“The problem is exacerbated by the fact that if the malware is not fully removed, it will try to replace registry keys and malicious DLLs. There are generic tools available that can help, but they need some knowledge to use safely.”

Source: vnunet

Posted in Hardware, Internet, Privacy, Security | No Comments

Build The Ultimate Quad-Core Desktop With Intel’s QX9770

April 2, 2008 – 5:13 AM

Intel has quietly begun shipping its hottest quad core desktop processor ever, the Core 2 Extreme QX9770. We built a PC, to see just how fast the 3.2-GHz, 45-nm chip, complete with a 1600-MHz front-side bus, really is.

Our previous project, where we put together a system last fall with Intel’s then top-of-the-line QX9650, resulted in a solid machine stymied by a poor choice in graphics cards.

This time, we went with a high-end Gigabyte GeForce 8800 GTS graphics, with 640-MB of video memory. For the motherboard — the key component of any system — we selected an Asus P5E64 WS Professional. This mobo uses the new Intel X38 chipset, and was one of the first to support the 1600-MHz front-side bus used in the QX9770. (Most Intel Socket 975 boards only handle FSB speeds up to 1066- or 1333-MHz. The P5E64 WS exhibit’s Asus’s usual attention to detail, incorporating an ample complement of on-board copper cooling pipes to draw heat away from the processor and core-logic chipset.

However, the mobo did hammer home one often-neglected item which should be on every PC builder’s to-do list. Namely, always check whether a BIOS update is available for your motherboard. In the case of the Asus, attention to this detail would have same us a lot of time spend investigating what at first glance appeared to be a memory compatibility issue.

A key element of the project turned out not be to electrical, but rather physical. This was the task of picking out a case. No part of the project is less enticing. However, the PC’s enclosure used to be an afterthought. Nowadays, with hot-running modern processors, it’s critical.

Complicating the problem is that the choice of cases used to be limited to a $39 special or some fancy day-glo model aimed at gamers. Now, there are too many options. The first crop I call “snap-in” designs. These are the cases with all those do-dads so you supposedly don’t have to screw in the drives and cards; these never work properly, by the way. The second, more important category of cases is designed to support good cooling.

Read the rest of this story…

Posted in Gaming, Hardware | No Comments