Archive for May, 2007

Todays Tech 5/31/2007

Hitting some of the technology highlights.

Data Recovery Using Linux Recovering data from a Windows system using Linux tools.

Well we really screwed this one up? In trying to remove some Live Journals that were violating their terms, specifically pedophile journals and communities, they deleted some that should not have been deleted and are trying to explain what happened and what they are doing to get them back. Related article from News.com here.

Can you say du huh. Studies: music industry overstating threat of P2P piracy Unauthorized sharing of digital music remains a huge issue for the global music business, but is most of that sharing taking place on peer-to-peer networks? For years, peer-to-peer was the bogeyman, the red Communist music monster than was going to devour the industry’s revenues. But new research suggests that sneakernets may be as big a problem as darknets.

EMI Music, Google and YouTube strike milestone partnership Soon, you will be watching videos and recordings from EMI Music artists, through a deal between EMI and Google.

Mahalo Is Hawaiian for Useless Unbiased review of Mahalo, the hand made search engine from Jason Calacanis. Michael Arrington writes a puff piece here.

BBC to broadcast in ‘Second Life’ In the Second Life economy, more than $600,000 changes hands every day. Now the virtual world is about to play host to a BBC show about that economy and how people have made real money from it.

A picture’s worth a thousand clicks Google has bought Panoramio, a community photos website that enables digital photographers to geo-locate, store and organize their photographs — and to view those photographs in Google Earth. Big surprise huh?

Google brings developers offline with ?Gears?; new offline Reader ?Google Gears,? an open source project that will bring offline capabilities to Web Applications ? aimed at developers. From the Gears API Blog Gears is a browser extension that we hope — with time and plenty of input and collaboration from outside of Google — can make not just our applications but everyone’s applications work offline. From Read/Write Web And guess who is most at risk with this announcement? Yes, Microsoft. Google after all has many of the top ‘best of breed’ web apps now, and Mozilla wants more market share against Microsoft’s Internet Explorer browser. Adobe and Microsoft are also engaged in an ongoing battle for Rich Internet App supremacy, which probably explains why Adobe is involved in Gears. And of course, this will have major implications for the Web Office – where Google Apps is directly competing against Microsoft Office (whether Google admits it or not!).

Surface Computing from Microsoft

Big announcement from Microsoft today, well, actually yesterday, surface computing is here and hopefully, it will be coming my way soon, can’t wait to check it out, but there are plenty of videos and information out already to wet your whistle. Microsoft says it will first appear in hotels, restaurants, etc, where touch screens already exist, but not in the same way or amount of screens, I am sure.

Picture a surface that can recognize physical objects from a paintbrush to a cell phone and allows hands-on, direct control of content such as photos, music and maps. Today at the Wall Street Journal?s D: All Things Digital conference, Microsoft Corp. CEO Steve Ballmer will unveil Microsoft Surface?, the first in a new category of surface computing products from Microsoft that breaks down traditional barriers between people and technology. Surface turns an ordinary tabletop into a vibrant, dynamic surface that provides effortless interaction with all forms of digital content through natural gestures, touch and physical objects. Beginning at the end of this year, consumers will be able to interact with Surface in hotels, retail establishments, restaurants and public entertainment venues.

Microsoft Surface puts people in control of their experiences with technology, making everyday tasks entertaining, enjoyable and efficient. Imagine ordering a beverage during a meal with just the tap of a finger. Imagine quickly browsing through music and dragging favorite songs onto a personal playlist by moving a finger across the screen. Imagine creating and sending a personal postcard of vacation pictures instantly to friends and family, while still wearing flip-flops.

Consumers now have an entirely new way to get the information they need, turning their everyday tasks into enjoyable and engaging experiences,? said Pete Thompson, general manager of Microsoft Surface Computing. There are hundreds of thousands of restaurants, hotels and retail locations that are looking to give their customers the unique and memorable experiences that Surface will provide. In turn, companies have a new opportunity for generating additional revenue streams and increasing retail traffic. Source: Microsoft Launches New Product Category: Surface Computing Comes to Life in Restaurants, Hotels, Retail Locations and Casino Resorts

I can see this being handy in a busy bar, where each user selects their drink or refill and it goes into a queue for the bartender to make, taking the decision on who gets served next out of his hands and placing it into the correct order. But, never mind restaurants, bars and hotels, where else will surface computing be useful? Scoble saw a demo for it two years ago and this is how it worked then.

Anyway, surface computing is real and is wild. I want one of these in my house, but it is too expensive. Anyway, here?s how it works:

1) It has a piece of holographic glass that can display images that a projector shoots at it.
2) It has a projector underneath.
3) It has two cameras, aimed at the glass which can triangulate on objects on it.
4) It has software, written in Windows Presentation Foundation, that take advantage of the new hardware. Source: Ahh, the PlayTable, er Surface Computing, how it works?

Popular Mechanics got to see a demo of surface computing from Microsoft, listen to a couple of the cool things they showed them, and then visit their site and check out the video.

Gattis took out a digital camera and placed it on the Surface. Instantly, digital pictures spilled out onto the tabletop. As Gattis touched and dragged each picture, it followed his fingers around the screen. Using two fingers, he pulled the corners of a photo and stretched it to a new size. Then, Gattis put a cell phone on the surface and dragged several photos to it ? just like that, the pictures uploaded to the phone. It was like a magic trick. He was dragging and dropping virtual content to physical objects. I’m not often surprised by new technology, but I can honestly say I’d never seen anything like it. Source: Microsoft Surface: Behind-the-Scenes First Look (with Video)

They also have some great shots and text on how it works exactly. Channel 10 has a great video here. They also answer the question of when will we see these in homes, they said that the first adopters, Harrah?s Entertainment, Starwood Hotels and T-Mobile, will have it first and as it gets bigger and used by more companies, prices will come down and our coffee tables will be surface computers before we know it. Wonder if they will be easier on our kids heads than the coffee tables were?

Techcrunch wonders when it will recognize that our beer is empty and replenishment is automatic. Robert McLaws has a GREAT wrap-up of the history of Microsoft Surface, and says that it started as TouchLight. Lots of great videos and images available at the official site for Microsoft surface here.

Check out this video demo, and the complete list of Microsoft Surface videos we have available.

Todays Security Notes

Lots of security related stuff going on today, or maybe it’s just what I am reading…

Google Acquired a Security Company Google has acquired GreenBorder a security company that created the industry?s first Desktop DMZ software for Windows. It allows users to safely connect anywhere, go to any website, open any Internet email or attachment, and use any downloaded files without worry. Of course you can’t signup now until Google re-brands it, but it will be in beta anyway.

How Long Do Phishing Sites Exist How long is the average phishing site left online and how many people fall for them per day.

Phishing URLs skyrocket The number of phishing Web URLs nearly tripled from March to April, a security group said, as cyber criminals returned to a late-2006 tactic designed to do an end run around browser-based antiphishing filters.

China Crafts Cyber weapons The People’s Liberation Army (PLA) continues to build cyber warfare units and develop viruses to attack enemy computer systems as part of its information-warfare strategy, the U.S. Department of Defense (DOD) warned in a report released on Friday.

Cyber attack in Estonia–what it really means On April 27, officials in Estonia relocated the “Bronze Soldier,” a Soviet-era war memorial commemorating an unknown Russian who died fighting the Nazis. The move incited rioting by ethnic Russians and the blockading of the Estonian Embassy in Moscow. The event also marked the beginning of a large and sustained distributed denial-of-service attack on several Estonian national Web sites, including those of government ministries and the prime minister’s Reform Party.

Slurpr, the Mother of All Wardrive Boxes I included this little item for everyone who is running a wireless network, this little baby allows you to combine multiple wireless networks for one big pipe, and it can crack lightly encrypted wireless networks. How is that for your security?

Scan Your Computer For Free

Here I am listing all of the free online scans for your computer, spyware, virus, registry, process and some great utilities at the end. I’m also listing some of the free tools, like SpyBot, Ad-Aware, etc.

Windows Live OneCare works quietly in the background on your computer, so you don’t have to worry about nasty interruptions from viruses, spyware, hackers, and other unwanted intruders. It also goes beyond security, regularly backing up all your important files and cleaning up and tuning up your computer to help keep it running at top speed. Because you have better things to do with your PC. Download the free trial.

Free Online Spyware Scan This scan is free and will remove what it finds, although, it doesn’t try to find the more complicated stuff as it could not remove it without installing software on your computer.

Housecall Free Online Virus Scanner from Trend Micro.

CSShredder CoolWebSearch is notorious for keeping you from removing their crap from your computer, download this special tool just for removing all of the 100′s of different versions of CoolWebSearch.

CoolWebSearch installs dozens of bookmarks, mostly to porn Web sites, on your desktop, changes your home page without asking, and continually changes it back if you attempt to correct it. Furthermore, it significantly slows down the performance of your PC, and introduces modifications which cause Microsoft Windows to freeze, crash or randomly reboot.

Spybot Search and destroy This is not an online scanner, but it is free and it does remove almost everything. You should always have a couple tools you scan with because none of these tools can remove everything.

Ad-Aware This is also a tool and not a free online scan, but the software is free and it is one of the top spyware and adware removers.

Free Performance scan.

Registry Booster – FREE Registry Scan This registry scanner will clean and optimise your system, free it from registry errors and fragmented entries.

SpyEraser – FREE Spyware Scan Does not remove any spyware, requires you to purchase the program to remove the spyware.

ProcessLibrary.com – FREE Process Directory – Free Process Directory, resources and tools for anyone who immediately wants to know the exact nature and purpose of any process running on your PC.

WinTasks 5 Pro – Increase System Security & Performance WinTasks 5.0 Professional provides you with a wealth of information and a powerful set of tools that will help you enhance the protection against system security threats while dramatically increasing computer performance. The award-winning WinTasks 5.0 Professional is the most reliable and intuitive software that enables you to fully take charge of your computer.

WinBackup 2.0 – Secure Your Data Today! Awarded Best Backup Software by Computer Shopper and termed “exceptionally simple to use” by PC World, WinBackup 2.0 Standard is now the obvious choice for home and small office users. Being one of the most efficient and reliable backup solutions available WinBackup 2.0 Standard will help you save both time and money.

ABC Island Bombed in Second Life

I guess we should file this under something you only see online. The ABC Island was bombed by hackers in Second Life, wiping out months of work overnight. Linden Labs was able to do a rollback this afternoon to restore most of what was destroyed, no word on what exactly was lost.

The head of ABC Innovation, Abigail Thomas, told the abc.net.au website that the facility had been “bombed”.

“We will now be looking closely at security measures, investigating how the hackers breached the existing security and, of course, making changes to protect the Island’s future development,” Ms Thomas said in a statement. Source: Vandals ‘bomb’ Second Life island

It was not mentioned who could’ve done this in the news article, the Second Life Liberation Army has done similar things in the past to get some press, and while one would think bombing your island would be a bad thing, people seem to like having something worth bombing to start with. The most famous such event so far was when vandals unleashed images of flying phalluses into a meeting attended by a Chinese property developer, making her abandon the event.

Todays Tech 5/24/2007

Here are some of the latest technology stories floating around the internet today.

Wal-Mart to begin selling Dell PCs Initial word was that the Dell PCs would go on sale this weekend. A representative for Wal-Mart on Thursday morning said that the PCs are slated to be in stores on June 10, with two models each offered in a bundle priced below $700. Details on the PCs were not provided. Sam’s Club and Wal-Mart Canada stores will carry different models.

Copying HD DVD and Blu-ray discs may become legal Under a licensing agreement in its final stages, consumers may get the right to make several legal copies of HD DVD and Blu-ray Disc movies they’ve purchased, a concession by the movie industry that may quell criticism that DRM (digital rights management) technologies are too restrictive.

This is crazy. I can’t believe I just posted a story that said users MAY get the right to copy their OWN property. The movie and music industries suck and they are killing it all by themselves.

Flexible, full-color OLED On May 24, Sony unveiled what it is calling the world?s first flexible, full-color organic electroluminescent display (OLED) built on organic thin-film transistor (TFT) technology. OLEDs typically use a glass substrate, but Sony researchers developed new technology for forming organic TFT on a plastic substrate, enabling them to create a thin, lightweight and flexible full-color display.

Dell Offers Three Consumer Systems With Ubuntu 7.04 Later today, Dell will offer U.S customers three different systems with Ubuntu 7.04 installed: the XPS 410n and Dimension E520n desktops and the Inspiron E1505n notebook. These systems will be available at www.dell.com/open by 4pm CST today. Starting price for the E520n desktop and the E1505n notebook is $599; the XPS 410n starts at $849.

Why Are CC Numbers Still So Easy To Find? Some “script kiddie” tricks still work after all: Take the first 8 digits of a standard 16-digit credit card number. Search for them on Google in “nnnn nnnn” form. Since the 8-digit prefix of a given card number is often shared with many other cards, about 1/4 of credit card numbers in my random test, turned up pages that included other credit card numbers, and about 1 in 10 turned up a “treasure trove” of card numbers that were exposed through someone’s sloppily written Web app.

DOG (Distrust/Disdain of Google) moves in Me? Google is too secretive. Too unwilling to engage. Too aloof. Oh, and Eric Schmidt, Google?s CEO, has lost touch with how normal people think (if these quotes are correct, and that?s a big ?if?). If they are correct I think it?s evidence that he?s been hanging around too many advertising execs lately. Their goal is to put impulses into your mind so you take certain actions (like buy Diet Coke instead of Diet Pepsi). Believe it or not advertising execs talk like that. So, when Eric is reported to have said, during a visit to Britain this week: ?The goal is to enable Google users to be able to ask the question such as ?What shall I do tomorrow?? and ?What job shall I take??? we all get a little freaked out. We don?t want Google to know that much about us.

Windows XP SP3 in the Works – Microsoft Confirms They have confirmed service pack 3, but the date on that article is wrong, according to Microsoft the release date will be 1st half of 2008, whatever that means.

Cyber Crooks Hijack Activities of Large Web-Hosting Firm Brian Krebs talks about IPOWER Inc, on of the hosting companies that was recently featured by Stopbadware.org as one of the largest hosting companies that are currently silently installing malicious software, as detailed here, Exposing Hosting Companies with Malicious Websites. Brian says organized crime is responsible and IPOWER says it was one compromised server run by another company.

Google is failing the Microsoft litmus test If you want to evaluate the ?evil? quotient of any company?s strategy/behavior, consider how you?d feel about it if it were Microsoft in the driver seat.

Vista no panacea for PC sales Although Microsoft has characterized itself as happy with Vista adoption so far?and Bill Gates said last week at WinHEC that Microsoft had shipped 40 million copies?the release of the new operating system has not resulted in a significant bump in PC sales.

Skype Worm Variant Targets Other Instant Messaging Clients Yesterday, I discovered what appears to be a new collection of “Skype Worm” infection binaries in circulation – it uses the tried and tested methods employed by similar infections over the past few months, with the ultimate payload being the Stration Worm. Aside from that, there’s another little surprise waiting but we’ll get to that shortly…

Julie Amero Sentencing Delayed Yet Again

Not sure if this is some ploy to drag the Julie Amero case out so the community that has built up around her will forget about it or what, but her sentencing has been delayed again this time until June 6, 2007. It is funny watching people change their tunes, the Norwhich Bulletin has always suggested or implied, at least the way that I read it, that she was guilty. Now, they seem to be baking off a little, as they should, all they have done is give local papers a bad name and helped to erode confidence in what you can and cannot believe online and in the papers. Stay tuned.

Computer Forensics Information

Here are some great articles on computer forensics if you are interested in learning that field, or are just interested in the kinds of things that we do. From finding hidden data, to cracking bios passwords, some interesting reading is available. All of these articles that I have read contain some really good info and will definitely help you create a baseline in how and what you do in your computer forensics investigations.

Computer forensics: Finding hidden data If you don’t know anything about how computers store data, this might be an eye opener for you, and a clue on how some file recovery programs are actually able to recover data, mostly, because it’s never really deleted, just eventually overwritten. From finding stuff in slack space, swap space and hibernation files, there are MANY places to find incriminating evidence on a suspect’s computer.

Computer forensics: Cracking a protected BIOS and creating disks for analysis How to get into a system with a bios password, and the steps you need to take to ensure you get a forensic copy of a suspect’s hard drive, as well as tools to make sure you don’t do anything to it, i.e. write data to it, to compromise the image.

Protect endpoint devices from swap and hibernation file data leaks Suggests turning off hibernation and swap files to prevent people from finding sensitive data easily.

Computer forensics: Preparing for electronic evidence acquisition When to do a live or dead forensics analysis, when you do a dead analysis, always unplug the power from the computer, this article says unplug from the wall, one of the classes I took said to unplug from the back of the computer, but I don’t remember why off the top of my head.

Other articles, such as collecting physical evidence, access control and securing permission are covered, and there are many downloads available, mostly free chapters from books you have to buy, etc. Check out the forensics tag from Techrepublic here.

I am starting to play with FTK now and will be going to a training for it in a couple months, hopefully I will learn some new stuff, which I doubt, but learning the proper use of the software will be great all by itself.

Dell & Google Distributing Spyware? Not Really…

In a post from the OpenDNS blog, David Ulevitch says Google turns the page? in a bad way, in it he says Dell and Google have teamed up and are installing software on Dell Computers that borders on being spyware. The issue is that they, meaning computer manufacturers like Dell, Gateway, Sony, etc, are installing this program called Browser Address Error Redirector to redirect users who mistype url’s or enter search terms in the address bar like they do a search box, to a search results page that is filled with sponsored listings, the ones that Dell and Google will make money from if users click on them. Here is why this could happen:

This page was generated because of one of these two reasons:

The web address you typed did not resolve correctly.

You typed a keyword query in the browser address bar.
This page is meant to provide you with helpful related content, including web search results and paid advertisements, based on the meaning of the web address/keyword query that you typed. This program can be uninstalled from the Control Panel “Add/Remove Programs” in Windows XP or “Control Panel > Program > Programs and Features” in Windows Vista. Look for the application named Browser Address Error Redirector. Older versions may be called GoogleAFE.

Sounds pretty innocent to me, if you take them at their word, but the ads, err I mean the search results they serve up are dominated by Google ads, in fact, on most users screens, they probably would not be able to see the actual Google search results. Now, David says it is Google and Dell who is doing it, but I wonder if it is Dell’s decision alone to decide how many ads to place on a search results page such as this? I know I decide how many I show on my site, but I have no exclusive deal with Dell to compare it to. I guess the terms and decision makers will come out when Dell and Google respond, if they haven’t already. David goes on to give some reasons why Dell and Google would do this.

The computer hardware business has razor-thin margins which means making a profit is tough. So the opportunity for Dell to get a recurring revenue stream from an existing customer long after the sale of the computer is more than just enticing, it?s huge. It also means a couple other things:

Dell and Google have an incentive to make it very hard for users to turn this off.
Because users can?t get rid of it, Dell and Google can get away with putting more ads on the page and pushing user-relevant content off the page. Source: Google turns the page? in a bad way

Now, I myself have not seen the redirector in action, most of the Dell computers that I end up seeing are re-imaged when they are received by the buyers, so, this crap does not live on those computers very long, and, as a matter of fact, the last one I looked at did much the same thing, but with a Microsoft results page that was a little more helpful than the Dell/Google page, it only had three sponsored listings and a most popular products listing before the search results. OpenDNS is a service users have to go get, and they do much the same thing, but they are way more friendly on their results page, adding a did you mean this link, like when you misspell something, at the top, and the search results right below it, with the sponsored listings on the right, much like the default Google search page. So, lots of commenters are saying OpenDNs only brought it up because they are in competition and that they are trying to make it sound worse than it is by throwing terms around like spyware and saying it is hard to remove. It is easy to find and obviously named in the Add/Remove programs applet in the control panel, so it is not hard to remove.

Danny Sullivan says:

I wouldn’t consider it spyware, but it certainly isn’t friendly ware. But you can understand why some people would think it’s spyware, when their computers seem to be acting in a strange way. Some searches brought up plenty of people who are confused by the software and what it is doing.

One of the most ironic things in all this is to compare what’s happening to the statements Dell and Google have made about consumer choice in the past. When the deal came out in May 2006, Dell said:

Our motivation is to deliver customers tools that enable them to search and organize information quickly and easily, right out of the box…Dell customers will have the option of choosing Microsoft as their default if they prefer. Source: Google & Dell’s Revenue-Generating URL Error Pages Drawing Fire

As Danny said, Google says they just have to change the defaults in IE 7, if they prefer, but that is something that Google said in the past was too hard for people to do. They even argued that Microsoft was taking the choice away from consumers by setting the search default to Microsoft’s search engine, something Google does in Firefox and now Dell computers. Pot meet kettle, kettle meet pot. They said their motivation was to allow their customers to search and organize information quickly, something this search results page does not do, it is geared for the quick cash.

Ryan Naraine says he has pinged Google to ask them about it, and he asks, what if the software has an exploitable software vulnerability? Something I am sure we will find out soon enough.

Todays Tech Notes

More great technology reads.

The 100 Best Products of 2007 PCWorlds Editors rank the top 100 products of 2007.

Google?s goal to organize your daily life See, now Google is just getting plain scary, they plan on being able to collect all the data they can about us, and be able to answer questions from us like ?What shall I do tomorrow?? and ?What job shall I take?? Might be time to go back offline….

What’s hot today? The hottest products of the moment, the ones that are shown are usually the ones are experiencing surges in searches, like current events, Paris Hilton going to jail, etc. Sounds like an interesting tool.

Proposed National Database Raises Privacy Concerns Experts point out the security risks of the nationwide database of workers’ personal information that would be required under an immigration bill expanding the Employee Eligibility Verification System.

automatically upload a folder of photos to Flickr Say that three times fast. They show you how to have your pictures folder auto magically upload to Flickr whatever you dump in it.

Virtual World Gold Rush? The business of buying businesses is booming once again, but, who’s next?

House passes more tech-friendly antispyware bill In their third effort to enact a federal law targeting spyware, members of the U.S. House of Representatives on Tuesday overwhelmingly approved criminal penalties aimed at anyone implanting certain types of malicious software on computers. More coverage to come on this one…