Latest Post

Apple Battery Hack, Detected by a Security Researcher

Written By Unknown on Wednesday, 27 July 2011 | 10:05

macbook-battery-legs

A security "noob" mistake has left the batteries in Apple’s laptops open to hacking, which could result in a bricked battery or, in a worst case scenario, fire or explosion. This was revealed Friday after Accuvant Labs security researcher Charlie Miller disclosed that he plans to detail the hack at the annual Black Hat security conference in early August.

ars-technica_logo.gif
According to Ars Technica, "we were curious as to how Miller, known for repeated hacks of Apple’s Safari Web browser at the annual Pwn2Own hacking competition, stumbled upon this hack in the first place—after all, it is somewhat obscure and doesn’t fall into what most people consider to be his typical focus area (browsers). Miller took time to answer our questions about what the hack is and how he found it, as well as what he plans to do when Black Hat rolls around."

The vulnerability

Laptop batteries include microcontrollers which constantly monitor charging voltage, current, and thermal characteristics, among other properties. These microcontrollers are part of a system called the Smart Battery System, designed to improve the safety of Li-Ion and Li-Poly cells used in these batteries.

According to Miller, these controllers can be hacked in a fairly straightforward manner. By reprogramming the microcontroller’s firmware, a battery could report a much lower internal voltage or current, causing the charger to overcharge the battery. In Miller’s testing, he was only successfully able to turn a series of seven $130 MacBook Pro batteries into expensive bricks, but he told Ars that it may be possible to cause fire or even an explosion.

"Lithium-ion batteries are potentially dangerous, and it’s possible that futzing with the parameters could cause the battery to fail at best, or explode at worst," Miller said. "I know there are internal fuses and other safeguards to prevent that from happening, and I never did it myself, but there’s certainly potential to get some malware to rewrite the smart battery firmware and cause some catastrophic failure."

sbs_system_diagram.png
Typical single smart battery system. (SBS-IF)

As Miller noted, Smart Battery Systems include fuses which can disable cells if they reach dangerous internal voltages. But even these safeguards occasionally fail, resulting in toasted laptops.

Miller also told Ars that the battery firmware hack could be used to create a sort of “permanent” malware infection. Such malware, or a least a portion of it, could be installed in the micorcontroller’s flash memory. Even if an infected computer’s drive were replaced and the operating system re-installed, it’s possible that an exploit could allow the malware to be reloaded from a laptop’s Smart Battery System firmware.

The discovery

While the threat of un-installable viruses that cause laptop batteries to explode is highly unlikely, the truth is that the vulnerability exists in the first place because of a blunder on Apple’s part. While researching potential vulnerabilities in the MacBook Pro’s power management system, Miller inadvertently discovered that Apple used default passwords described in publicly available documentation on the Smart Battery System, which allows rewriting the firmware itself.

Miller began by trying to determine if it was possible to manipulate or control the battery charging system. He downloaded a battery firmware update that Apple released a couple years ago, and dug through its code to see how the system communicates with the Smart Battery System. Inside the firmware updater, he found a password and a command to “unseal” the microcontroller, which allowed the firmware updater to change some of the battery’s parameters.

This particular updater, according to Miller, merely told the battery to always keep a slightly higher minimum charge in order to keep the battery from becoming unable to hold a charge after being unused for an extended period of time. But searching for the unseal command led Miller to the Smart Battery Charger Specifications. Digging through the documentation, Miller learned that the password Apple used to unseal the microcontroller was the default used in the specifications.

On a whim, Miller tried the default password to switch the microcontroller into “full access mode,” sort of like an administrator account on your Mac. “Unlike the unsealed mode, in full access mode, I could change anything: recalibrate the battery, access the controller at a really low level, including getting the firmware or changing it,” Miller said.

Miller downloaded the firmware and reverse engineered the microcontroller’s machine code, bricking several batteries in the process. Eventually he was able to change the firmware to “always lie, like to say it wasn’t fully charged even when it was.”

The fact that Apple never bothered to change the default password is disconcerting, especially considering the effort Apple has made to beef up security in Mac OS X Lion. Lion’s implementation of address space layout randomization (ASLR) is now “complete,” according to Miller, making it impossible to know where the OS has loaded system functions into memory. Furthermore, Safari—Miller’s preferred exploit vector—is now divided into two sandboxed processes, one for the GUI and one for rendering Web content.

“That second process is sandboxed; it can’t access your files and other stuff,” Miller explained. “Even if you have browser exploits, the only way to do anything [useful] is to get out of the sandbox.” Miller said that would mean finding a bug in the kernel itself. “That’s not impossible… but it’s definitely much harder with a sandbox than without.

“It’s certainly going to be a lot harder to own a Mac at Pwn2Own next year,” Miller admitted.

Miller speculated that Apple assumed that the battery would never be a target for hackers, and so kept the default passwords described in the documentation as a convenience. Unfortunately, that convenience has resulted in a potential headache for Apple laptop users.

Miller handed his research over to Apple a few weeks ago to give the company time to come up with its own workaround before he presents his findings at the Black Hat conference on August 4. Miller has also written a Mac OS X tool that will generate a random password and store it in a battery’s firmware, preventing future hacks—but also preventing future firmware updates, which will be released when he gives his talk at Black Hat.

Anonymous, LulzSec Urges Paypal BoyCott, Condemns FBi Raids

Anonymous is seriously lashing out today at the FBI and especially at PayPal, urging users of the electronic payments site to empty their accounts.

We encourage anyone using PayPal to immediately close their accounts and consider an alternative. The first step to being truly free is not putting one's trust into a company that freezes accounts when it feels like, or when it is pressured by the U.S. government. PayPal's willingness to fold to legislation should be proof enough that they don't deserve the customers they get. They do not deserve your business, and they do not deserve your respect.

Join us in our latest operation against PayPal - tweet pictures of your account closure, tell us on IRC, spread the word. Anonymous has become a powerful channel of information, and unlike the governments of the world, we are here to fight for you. Always.
antisec
The group wants supporters to empty their accounts and avoid using the payment service in protest against the prosecution of a university student who allegedly participated in denial of service attacks against PayPal last year. Mercedes Haefer, a 20-year-old journalism student at the university of Nevada, is among around 14 people facing hacking charges punishable by a sentence of up to 15 years imprisonment and a fine of $500,000. It has been alleged that Haefer had used her home PC to attack PayPal's systems.

In response, Anonymous and LulzSec put out a statement calling for a boycott of PayPal, as the first phase of #OpPayPal.

In recent weeks, we've found ourselves outraged at the FBI's willingness to arrest and threaten those who are involved in ethical, modern cyber operations. Law enforcement continues to push its ridiculous rules upon us - Anonymous "suspects" may face a fine of up to 500,000 USD with the addition of 15 years' jailtime, all for taking part in a historical activist movement. Many of the already-apprehended Anons are being charged with taking part in DDoS attacks against corrupt and greedy organizations, such as PayPal.

What the FBI needs to learn is that there is a vast difference between adding one's voice to a chorus and digital sit-in with Low Orbit Ion Cannon, and controlling a large botnet of infected computers. And yet both of these are punishable with exactly the same fine and sentence.

In addition to this horrific law enforcement incompetence, PayPal continues to withhold funds from WikiLeaks, a beacon of truth in these dark times. By simply standing up for ourselves and uniting the people, PayPal still sees it fit to wash its hands of any blame, and instead encourages and assists law enforcement to hunt down participants in the AntiSec movement.

Quite simply, we, the people, are disgusted with these injustices. We will not sit down and let ourselves be trampled upon by any corporation or government. We are not scared of you, and that is something for you to be scared of. We are not the terrorists here: you are.
Anonymous is now claiming through its Twitter account that PayPal has lost more than 9,000 account in just a couple of hours. The group also claimed that PayPal had taken down its Web page where people can cancel their accounts, though the site seemed to be up and running normally.

WikiLeaks was quick to crow that Anonymous' campaign dealt a "$933M stock crash" this morning for PayPal parent eBay. Shares in eBay did drop about 3 percent at the market open, but have since recovered somewhat.

PayPal was not immediately available for comment, according to CNET's reporter.

Last December, PayPal released to WikiLeaks all existing funds in its account up to that time but cut off the ability of the whistleblowing site to receive future funds from supporters via its PayPal account.

By caving into the law enforcement establishment in freezing the WikiLeaks account, PayPal doesn't deserve the business or respect of its customers, says Anonymous.

In recent weeks Anonymous and LulzSec have rarely stayed with the same target for more than a day at a time, so it will be interesting to see how long #OpPayPal lasts or how it evolves. Security firm Panda has already spotted chatter suggesting a move towards illegal tactics is already being discussed, at least.

Phishers Targeting Google AdWords account

Written By Unknown on Tuesday, 26 July 2011 | 07:35

Cybercrooks have launched a "Google AdWords" phishing campaign in an attempt to trick marks into handing over sensitive login credentials to a bogus, newly registered, website.

Spam messages promoting the ruse falsely claim that a recipient's campaign has been stopped and they need to login to their "Adwords account" in order to reactivate it. The widely distributed spam messages link to a realistic replica of the Google AdWords page, net security firm Sophos warns.

phishers-attack-googleadwords
The dodgy site – google-oa.net – was only registered this week.

Google AdWords accounts normally use the same login credentials as other associated Google accounts (Gmail, Google Docs etc). It could be that the fraudsters behind the scam are just as interested in these accounts as in compromised access to Google AdWords accounts, though this much remains unclear.

The whole scheme further illustrates that phishing fraudsters are going after a wider range of targets outside of old favourites such as PayPal and online banking accounts. Phishing fraudsters in Brazil, for example, have begun targeting air miles accounts, trading stolen vouchers as a form of currency in exchange for renting access to botnets via underground markets.

Intended victims of the air miles or Google AdWords scams might be less aware of the risk and therefore more likely to respond to fraudulent emails, perhaps.

How to install Mac OS X Lion's high-quality speech voices

One of the features of OS X Lion that was discussed early on in its development was the updated text-to-speech technology that not only brings much more natural-sounding voices, but also has options for dialect and accent support for various regions of the world. Since early in the Classic Mac OS, Apple has supported text-to-speech technology, with very basic and robotic output that has improved over the years, but with Lion the technology takes a relatively major leap forward.

The system ships with some default voices, including the long-standing novelty ones such as laughing, whispering, bells, and alien voices, but now includes the option to enable high-quality male and female voices that mimic accents from numerous areas of the world. These include numerous European languages, Eastern European, Chinese, Thai, Japanese, other Asian languages, world variations of English (Indian, Australian, U.K., U.S., and more), and Middle Eastern languages like Arabic and Turkish.

The enhanced languages are a bit large at between 300MB and 1GB each. Like other aspects of the OS such as Java, Apple has made them available for download through the OS. To do this, follow these steps:

Lion Speech
Apple's new voices are available along with all the older voices

  1. Go to the Speech system preferences
  2. Select the "Text to Speech" tab
  3. Click the "System Voices" menu and choose Customize
  4. Check the boxes of voices you would like (you can preview them by selecting them and clicking "Play")
  5. If the voice is high-quality then there will be a yellow triangle warning next to it, indicating the voice will need to be automatically downloaded.
  6. Click OK when you have your desired voices
lion-download-voice
Voices will download through Software Update.

The system will automatically launch Software Update and install the desired voices when you click OK, after which you will be ready to use your new voices. Now just go to an application that supports Apple's Text to Speech (such as TextEdit, Safari, or Mail), select some text, and then right-click it and choose "Start Speaking" from the Speech submenu. This option should also be available in one of the application's menus, such as the Edit menu.

Red Hat Enterprise Linux 5.7 Now Available

Written By Unknown on Monday, 25 July 2011 | 07:00

redhat.jpeg
Red Hat announced the availability of Red Hat Enterprise Linux 5.7 last week. Its update adds features that enhance the flexibility, security, and stability of Red Hat Enterprise Linux 5 environments, and includes a number of features incorporated from Red Hat Enterprise Linux 6. Application interface consistency is maintained between Red Hat Enterprise Linux 5.7 and prior updates, allowing systems to be updated easily without application re-certification.

Highlights of Red Hat Enterprise Linux 5.7 include:

Hardware enablement

Support for new hardware from Red Hat partners encompassing processors, chipsets and new drivers for storage, networking, and graphics allows Red Hat Enterprise Linux 5 deployments to benefit from new hardware platforms delivered in 2011, including Intel, AMD, POWER and IBM System z.

Virtualization improvements

Several virtualization enhancements in Red Hat Enterprise Linux 5.7 include improved migration performance for KVM, as well as several performance and scalability improvements for the Xen hypervisor.

SCAP support

OpenSCAP introduces support for the Security Content Automation Protocol, including a library and set of utilities, giving a standardized approach to validating Red Hat Enterprise Linux security.

Introducing Subscription Manager in Red Hat Enterprise Linux 5

First introduced to Red Hat Enterprise Linux 6.1 customers and now to Red Hat Enterprise Linux 5 customers, the new X.509 certificate-based Subscription Manager feature delivers Red Hat Enterprise Linux subscriptions and software services in a flexible, scalable, and secure way. The Subscription Manager tracks subscriptions assigned to a system and configures software updates for better availability and faster update speeds.

Networking and storage enhancements

Added features for network bridging and LDAP features for autofs improve centralized management of user filesystems in an enterprise environment.

Availability Fencing

New fencing features boost cluster reliability in Cisco UCS system and VMware environments.

For more information about Red Hat Enterprise Linux, visit here. To access the Red Hat Enterprise Linux 5.7 release notes, visit here. Detailed technical notes are available here.

5 Cool Mac Os X Lion features You Might Not Know

1. Spotlight is sexier

If a search box could be attractive, Spotlight would be it. You can now drag and drop directly from search results to another program (like Mail) or another place on your desktop.

Previews are new, too--just search for a doc and hover over a result to get an image preview. And finally, you can search the Web within Spotlight and launch a Google search result in your default browser.

Tip: Hit CMD-SPACE to quickly launch Spotlight.

2. More Photo Booth fun

Lion gives you nine new Photobooth effects including Space Alien, Blockhead, Dizzy (blue birds fly above your head!), and my favorite: Lovestruck (pink hearts float above your head). Hit the arrows in the upper-right corner and enjoy these silly, new effects in Photobooth's beautiful full-screen mode.

3. Files and folders are smarter

You'll immediately notice that the Finder is much more organized and intuitive. There's a new All My Files view, which (obviously) displays all your files organized by type in a pretty interface. Apple also added a smarter search box, and the ability to swipe though files in the icon view.

Folders are more intelligent, too. When you try to combine two folders with the same name, Lion will ask you if you want to merge them. Also new is a feature that lets you create a new folder from a selection of files.

4. Your screensaver is a jukebox

When your iTunes' library artwork is your screensaver, clicking on any album will immediately launch its music. Go to System Preferences > Desktop & Screen Saver > and set is as "iTunes Artwork." Hit "Test," click on any album cover, and jam out with this awesome feature.

5. Add a login message

What happens if you lose your laptop? With Lion, you can add a message to the login screen, so make it useful by adding some personal information (like your phone number or e-mail address). Go to System Preferences > Security & Privacy > General. Check "Show a message when the screen is locked" and add your info in the box below.

Why Would I Have What He's Having?

Written By Unknown on Sunday, 24 July 2011 | 14:32


So, I've been noticing a plethora of ads (such as the one above) that feature "real" people. They're cheaper than discredited celebrity endorsements.

The trouble is people don't believe they're average and they certainly don't want to identify with the typical customer. They don't see one of us, they see someone they'd cross the street to avoid.

Far better to focus on your customers' aspirations than some aggregated categorisation that exists in the marketing department and probably nowhere else.

Lunar Rover Simulator 1.0








 Lunar Rover Simulator 1.0 รฉ um simulador baseado no programa de exploraรงรฃo espacial Constellation da NASA.

Ele permite a vocรช dirigir o veiculo LER (Lunar Eletric Rover  ou Explorador Elรฉtrico Lunar) ao redor das estaรงรตes-base no ambiente lunar, assim como testar suas cameras mรบltiplas e de pontos de vista. Ele tambรฉm mostra subida, descida, simulaรงรฃo de como deverรก ser o reabastecimento do LER, o robรด de exploraรงรฃo athlete. Tudo isso, com base nos dados disponรญveis e arquivo de imagens de conceitos da arquitetura dos veรญculos do projeto Constellations. O jogo tambรฉm tenta simular as condiรงรตes de iluminaรงรฃo e ambiente de um dos possรญveis locais de construรงรฃo de bases lunares.
DOWNLOAD: LINK




Gerencie a economia e o transporte de uma cidade, ao melhor estilo SimCity.
 Embora o game  ainda esteja em desenvolvimento, รฉ possรญvel construir grandes redes de trasnporte entre as indรบstrias e as cidades. 
O jogador pode criar conexรตes por รดnibus e trens e transportar passageiros, mensagens (correios) e mercadorias entre as cidades e as indรบstrias.
As mercadorias sรฃo produzidas pelas indรบstrias atravรฉs das matรฉrias-primas, ร s vezes ao longo de muitas etapas com produtos intermรฉdiรกrios. 
Por exemplo, carvรฃo e do minรฉrio de ferro sรฃo necessรกrios para produzir aรงo em uma usina siderรบrgica. 
Petrรณleo pode ser transformado em plรกstico em uma refinaria. 
Plรกstico e aรงo sรฃo utilizados para construir carros pela indรบstria de automรณvel.
 Por รบltimo, os carros sรฃo vendidos nas cidades. 
Mas agora eles precisam de gasolina, que tambรฉm serรก produzida na refinaria.
Todas as mercadorias devem ser transportadas, este รฉ o objetivo do jogo. 
Transporte tudo e mantenha a atividade industrial a pleno vapor.

DOWNLOAD:Mac OSX PowerPC

LookAtMe! 1.1

Written By Unknown on Friday, 22 July 2011 | 16:42



LookAtMe!  รฉ um software  que gera um pequeno par de olhos na barra de menus que segue seus movimentos na frente do computador utilizando a webcam. 
Os olhos reagem a qualquer movimento em frente a seu computador e tambรฉm sรฃo sensรญveis a intensidade da luz. 
Entre as opรงรตes do programa vocรช poderรก definir as cores, formato da pupila e quantidade de olhos eu sรฃo exibidos na sua barra de menus.

DOWNLOAD: LINK








WeatherDock รฉ um aplicativo gratuito que mostra a previsรฃo do tempo baseada em feeds fornecidos pelo site Weather Channel
O programa mostra as circunstรขncias atuais do tempo com previsรตes para atรฉ 10 dias indicando a temperatura real, a sensaรงรฃo tรฉrmica e as condiรงรตes atuais do cรฉu. 
Alรฉm disso, ele disponibiliza os dados sobre a pressรฃo atmosfรฉrica,velocidade e direรงรฃo dos ventos, umidade do ar, chances de precipitaรงรฃo e muitas outras informacoes.

DOWNLOAD: LINK

Learning JavaScript From Beginner to Advanced Level

Javascript
JavaScript (JS for short) is the programming language that enables web pages to respond to user interaction beyond the basic level provided by HTML links and forms and it is used in billions of Web pages to add functionality, validate forms, communicate with the server, and much more.

The links on this page lead to a variety of JavaScript tutorials and JavaScript training materials. Whether you are just starting out, wanting to learn JS basics, or are an old hand, wanting to sharpen your skills, you can find helpful resources here for JS best practices.

JavaScript is easy to learn and am sure you will enjoy it.

INTRODUCTION LEVEL

Getting Started with JavaScript
MDN
What is JavaScript and how can it help you?

An Introduction to Programming with JavaScript
Wikiversity
Learn the basics of programming with JavaScript


Programming – The Real Basics
Dev.Opera Web
Basic fundamentals of programming. Following articles introduce what you can do with JavaScript, best practices for using it, and more.

JavaScript From the Ground Up
Google Code University
Video tutorial on making pages interactive with JavaScript

JavaScript Guide
MDN
A comprehensive, regularly updated guide to JavaScript for all levels of learning from beginner to advanced.

JavaScript Best Practices
Dev.Opera
Learn about some of the obvious and (not so) obvious best practices when writing JavaScript.

INTERMEDIATE LEVEL

A Re-introduction to JavaScript
MDN
A recap of the JavaScript programming language aimed at intermediate-level developers.

Eloquent JavaScript
A comprehensive guide to intermediate and advanced JavaScript methodologies.

Essential JavaScript Design Patterns
Addy Osmani
An introduction to essential JavaScript design patterns.

The JavaScript Programming Language
YUI Blog
Douglas Crockford explores the language as it is today, and how it came to be.

Introduction to Object-oriented JavaScript
MDN
Learn about the JavaScript object model.

ADVANCED LEVEL

Learning Advanced JavaScript
John Resig
John Resig's guide to advanced JavaScript.

Introducing the JavaScript DOM
Elated
What is the Document Object Model, and why is it useful? This article gives you a gentle introduction to this powerful JavaScript feature.

An Inconvenient API: The Theory of the DOM
YUI Blog
Douglas Crockford explains the Document Object Model.

Advanced JavaScript
YUI Blog
Douglas Crockford looks closely at code patterns from which JavaScript programmers can choose in authoring their applications.

JavaScript Garden
Documentation of the most quirky parts of JavaScript.

Which JavaScript Framework?
StackOverflow
Advice on choosing a JavaScript framework.

Non-blocking JavaScript Downloads
YUI Blog
Tips on improving the download performance of pages containing JavaScript.

These resources are created by web developers who have embraced open standards and best practices for web development. If you think we've omitted a great resource, please tell us using the comment box.

Linux 3.0 Out...No Significant Changes

Linux 3.0 is out and the big changes are nothing to worry about.

Linus Torvalds, its creator and lead developer had warned us that this would be the case: “So what are the big changes?

"NOTHING. Absolutely nothing. Sure, we have the usual two thirds driver changes, and a lot of random fixes, but the point is that 3.0 is *just* about renumbering, we are very much *not* doing a KDE-4 or a Gnome-3 here. No breakage, no special scary new features, nothing at all like that.

We’ve been doing time-based releases for many years now; this is in no way about features. If you want an excuse for the renumbering, you really should look at the time-based one ("20 years") instead. So no ABI [application binary interface] changes, no API [application programming interface] changes, no magical new features - just steady plodding progress."
In case you didn’t get the message first time, when Torvalds finally released Linux 3.0 on July 22nd, he wrote,

"As already mentioned several times, there are no special landmark features or incompatibilities related to the version number change, it’s simply a way to drop an inconvenient numbering system in honor of twenty years of Linux. In fact, the 3.0 merge window was calmer than most, and apart from some excitement from RCU [Ready, Copy, Update] I’d have called it really smooth. Which is not to say that there may not be bugs, but if anything, there are hopefully fewer than usual, rather than the normal ‘.0′ problems."
linux-3.jpg
OK, but surely some things were changed right? Well, yes, there were. The not so big, but significant changes were, in no particular order:

The Xen hypervisor now can run natively with Dom0 (Domain 0) privileges. This gives it, like Linux’s Kernel-based Virtual Machine (KVM), the ability to work at the lowest possible level of the Linux kernel. In practical terms this means Xen virtual machines should run faster.

There have also been improvements with how the kernel works with the still experimental Btrfs (B-tree file system) and the now standard ext4 file system. This, in turn, should lead to faster and, in the case of Btrfs, more reliable, file systems.

The Linux 3.0 kernel also improves its interoperability with UEFI (Unified Extensible Firmware Interface), a replacement for PC’s BIOS. While UEFI has been slow to catch on, it’s beginning to be picked up by major PC and server companies like HP. Since UEFI lends itself well for business desktop and server deployments, you can expect to see more and more UEFI computers entering the market in the next year or two.

3.0 is also bringing in a new implementation of the Berkeley Packet Filter (BPF) The net effect of this improvement will be speed up any application that calls on network services. While this won’t matter that much if you’re just trying to get the most from your Web browser, it can save significant time for Web servers and other network service software.

So, all-in-all, there is good stuff here. Radical? No. Revolutionary? I don’t think so! But, still good, solid improvements.

Feature: Mac OS X 10.7 Lion: The Complete Review

Written By Unknown on Thursday, 21 July 2011 | 08:47

Mac OS X 10.7 Lion
Mac OS X Lion arrived Wednesday morning, available through the Mac App Store as a downloadable upgrade for users of Snow Leopard. Lion is version 10.7 of Apple’s desktop operating system, and it brings some significant changes to Mac computing. But will users welcome those changes?

This review is meant purely to convey what living with Lion as your primary operating system is really like. I’m not going into exhaustive detail about all the new features, but that’s info you can easily find elsewhere anyway. What I will do is review in broad strokes how OS X 10.7 could change the way you use your computer.

Giving the boot to booting

Something that’s long been a feature of desktop computing is the boot process. You start your computer, the OS slowly loads, and then you re-open your documents, applications and services on an as-needed basis. At the end of the day, or session, or week, depending on your practice, you shut everything down and power off, and then get ready to start all over again.

OS X Lion aims to change that. By default, it re-opens all your applications to their state at power down. This means that with enough RAM and, if even better, an SSD, you can power on and off without really missing a beat. It’s amazing how well this feature works, especially with built-in Apple apps that are already designed to work seamlessly with Lion’s Auto Resume capabilities. At first, this felt like I was missing out on a key ritual, but after extended use, it’s something I definitely wouldn’t trade.

Combined with Auto Save and Version features which preserver your documents and document history as you work, which will likely gradually make their way into third-party Mac apps as Lion’s user base grows, Lion’s dramatically different boot process will definitely alter how you use your computer. It makes it easier to both pick up and leave desktop computing, which should be a welcome shift for most people who may feel tied to a computer once they endure the lengthy boot process.

Everything in its place

Mac OS X 10.7 Lion
Some aren’t happy that Apple’s Exposรฉ windows management system has given way to Mission Control, which, admittedly, offers a little more visual clutter. But I’m not really bothered by the new way of doing things, and it hasn’t really affected how I use my computer in any dramatic way. What has changed my habits are Launchpad and Full-Screen apps, both also new in Lion.

Full-screen apps, and the multi-touch gestures you use to navigate between them, actually achieve what Spaces sought to, which is the the compartmentalization of distinct work and leisure activities. Rather than keeping Facebook in a separate tab and trying to pretend its not there, I can actually make Facebook into its own Fluid app and keep it out of my browser. Plus, I can house Mail in its own full-screen implementation, which makes it easier to keep email out of my hair when I need it gone, and helps me plow through email backlog when I actually want to focus on it. Full-screen apps are so useful, they might actually be my favorite new feature of 10.7. Try them out for a little while, and I’m sure you’ll agree.

Mail

Mac OS X 10.7 Lion
 I’ve done a lot of searching around to try to find a better email client for OS X, since Mail is not without its quirks. That’s why the changes to the app in Lion merit their own subsection. Lion’s Mail overhaul brings to OS X email what others have tried to: style and substance. It achieves this primarily by copying a proven model, since it borrows a ton from the iPad Mail app.

It has full-screen support, as I mentioned, and a horizontal three-column design that provides you with tons of information at-a-glance. It also boasts threaded conversations, much smarter search and compact list previews that provide you with information for quick-hit overviews without even so much as a mouse-over. If, like me, you use email a lot, this may be the biggest change Lion brings.

A noble beast

Mac OS X 10.7 Lion
Lion isn’t without its faults. I’m still not crazy about the Finder redesign for example, and I think Apple missed the opportunity to make some changes to that component of OS X that would’ve really resonated with longtime users. Some also seem to think that the some of the redesigned core apps are actually steps backward. But those apps actually aren’t all that important to the core experience, and overall, there’s no question in my mind that Lion represents a significant improvement to the Mac platform. At $29

Source: Gigaom

AnonPlus Social Network Hacked by Hackers

Disclaimer: The content of This News (AnonPlus Social Network Hacked by Hackers) and Other Information is provided by Various Sources for Educational Purpose & Security Awareness only. If any Law Enforcement Agency or Related Company needs Information, Please Feel free to Contact Us.

After they were kicked out of Google+, the Hacking Group decided to launch its own social media site "Anonplus" which has just been hacked by a group calling themselves "AKINCILAR"

Anonplus.com got defaced by AKINCILAR with page title "The Seal to Anonymous from AKINCILAR".

The message posted on site

"We Are TURKIYE. We Are AKINCILAR.

This logo suits you more..How dare you rise against to the World..Do you really think that you are Ottoman Empire? We thought you before that you cannot challenge with the world and we teach you cannot be social
Now all of you go to your doghouse.."
The garbled English and mentions of Turkiye and Akincilar suggest whoever hacked Anonymous' site originates from Turkey, perhaps even the town of Akincilar, which lies in Turkey's Sivas Province. Considering Akincilar has a population of just 4,779, that should narrow the suspects down somewhat—and I'm sure of all people, the Anonymous crew has the means to hunt down whoever wronged them.

While the AnonPlus website has been re-directed back to its messageboard, the users seem angry, with someone passing themselves off (legitimately or otherwise) as the creator of AnonPlus writing that:

"It seems the hacker group AKINCILAR decided we were offering too much freedom for the average person and needed us stopped. This is the most ignorant thing i have ever seen. I knew having anon anywhere in our social networks name might cause confusion but this recent defacement just shows how OUT OF CONTROL the anon sheep actually are."
Update: Akincilar is a Turkish town, it is also "a term in [the] Ottoman army which means raiders or something like that. The reason behind their action is actually Anonymous' past attack on [the] Turkish government's websites...This "Ottoman raider" guys considered it as an attack on our country and with their most nationalistic feelings they attacked back."

Social Objects Masterclass.


I was roused from my marketing world exile last night by a live performance of the acclaimed MacLeod-Earls double-act. They were discussing social objects in a convivial social setting (well as convivial as a media member's club can muster).

Having known them both for years, it's a subject we've discussed at length, but I never fail to come away with some new nuance. That didn't seem to be true for some of the audience who were still thinking in terms of deliverables despite having been explicitly told not to.

The deliverable may, in fact, be the ability to distinguish between a contrived social object and a genuine one. The former is that produced by those marketers who see this as the latest marketing bolt-on. The latter is that which is shared by those marketers who know that disruption isn't gentle and that it requires you to question all your previous assumptions.

Mac OS X Lion Available Today Via Mac App Store

Written By Unknown on Wednesday, 20 July 2011 | 09:36

mac_osx_hero
Apple announced during its Q3 2011 earnings conference call yesterday that it would begin shipping Mac OS 10.7 (a.k.a. Lion) today via the Mac App Store. True to its word, Lion is available today in Mac App Store for $29.

Lion contains over 250 new features including multi-touch gestures, Mission Control, LaunchPad, full-screen apps and a completely redesigned Mail app. Additional new features include:

  • Resume, which conveniently brings your apps back exactly how you left them when you restart your Mac or quit and relaunch an app;
  • Auto Save, which automatically and continuously saves your documents as you work;
  • Versions, which automatically records the history of your document as you create it, and gives you an easy way to browse, revert and even copy and paste from previous versions; and
  • AirDrop, which finds nearby Macs and automatically sets up a peer-to-peer wireless connection to make transferring files quick and easy.
Lion marks the first time that Apple has distributed a whole number OS upgrade exclusively online. That’s right, Lion isn’t available on optical media, you can only get it from the Mac App Store as a 4GB digital download — at least today.

If you don’t have broadband access you can download Lion at Apple retail stores. If you administer a lot of Macs Apple will offer Lion on a USB thumb drive through the Apple Store for $69 (US) in August. The third-generation MacBook Air and new Mac mini will both ship with Lion pre-installed and on a USB flash drive.

If you plan on upgrading to Lion, stop. Take a deep breath and do a little preparation before making the move. If you’re using custom, vertical or other special software to make a living, be sure to check that all of your apps are Lion compatible with their developers. And definitely make a full, bootable backup of your Mac to an external drive and verify that it boots and that all your data is there.

Mashable’s Lion prep guide has some other useful tips for preparing for the big cat, including tips on how to clear off disk space (I’ve been using Disk Radar) and how to find PowerPC apps that are no longer compatible with Lion since Apple officially dropped support for Rosetta.

RoaringApps.com is maintaining a list of Lion compatible apps that is extremely helpful for those planning on upgrading. For example, Verizon’s VZAccess Manager software for its USB modems isn’t Lion compatible.

Google + App Ready for iPhone Users

Written By Unknown on Tuesday, 19 July 2011 | 13:16

Google+ is expanding its mobile reach with today’s debut of an iPhone app dedicated to the new social networking site.

Up until now, clever iPhone users could have added a link to their home screens, but that still would have gone straight to the browser window. (Anyone who did this was also likely already a diehard Google+ addict.)

google-plus-iphone-app


But that isn’t the case anymore. Google has released, as expected, a free app that is available immediately for iOS 3.1 and higher. The technical requirements are that this app only works for the following devices: iPhone 3G, iPhone 3GS, and iPhone 4.

The mobile interface isn’t much different from the ultra-simple and clean desktop version. The app features focus on Circles for sharing particular items with the “right people,” the Huddle for group messaging, and the Stream, which is basically a news feed from all of a user’s Circles.

Naturally, there has already been a dedicated Android app for some time now, downloadable for free from the Android Market.

The Goog’s foray into social networking debuted a few weeks ago, and it is still in invite-only mode. Nevertheless, the Mountain View, Calif.-based company asserted that Google+ already retains 10 million active users.

UPDATE: There are already issues with the Google+ for the iPhone app. Apparently iTunes picked up a test version of the app first, which was available to consumers to download for at least one hour and 40 minutes.

The correct version is listed as 1.0.1.1809. So if you don’t have that one installed, you’ll have to uninstall the first copy and then download this new copy.

Skype Promises to Fix Cross Site Scripting Bug

skype-bug
Skype has promised to fix a cross-site scripting flaw that exposes Windows users of VoIP technology to potential attack.

The flaw was discovered by independent security researcher Levent Kayan, who warned that a hacker might be able to enter a string of JavaScript code into the "mobile phone" field. This would enable a hacker – provided he or she could trick a victim into adding them as a contact – to either compromise the user's Skype account or to load malware onto the user's PC. Skype said that the bug is not very serious, but nonetheless promised an update by the end of the week.

The server-side bug created a possible mechanism for miscreants to redirect Skype users to potentially malicious websites, providing they successfully tricked users into adding them as a contact, as the VoIP outfit explains in an update to its official security blog.

Skype for Windows is not correctly validating some fields of your contacts' profiles. What this means is if one of your Skype contacts has put some specific strings into their profile, it could result in your Skype Home area being redirected to another web page or a message being displayed.

In order for someone to cause these messages to be popped up or to redirect you to a website, they would first have to be one of your accepted Skype contacts. However, this vulnerability should not be there and there is a fix, which we are finalising testing of, that is due to be pushed out early next week.
Cross Site Scripting (XSS) flaws, in general, can be used to present content or pop-ups from potentially hostile websites as if the content had originated from other domains. The class of vulnerability is sometimes used as an adjunct to more highly evolved and subtle phishing scams.

Skype said the necessary fix will be applied without troubling its users with software updates, indicating the bug can be resolved by an update to backend systems alone.

How LulzSec Exploited on the Security Mistakes of The Sun

Infamous pranktivist hackers LulzSec exploited basic security mistakes on a News International website to redirect users towards a fake story on the supposed death of media mogul Rupert Murdoch, it has emerged.

The bogus story claimed that Murdoch had died after ingesting a "large quantity of palladium" (a rare metal*) before stumbling into his "famous topiary garden" (an in-joke reference to Topiary, the most famous member of LulzSec).

Later the same trick was used to redirect visitors of The Sun's website to LulzSec's Twitter feed.

Both hacks relied on exploiting security weaknesses on a site called new-times.co.uk/sun, which had been set up by News International while it was building a paywall for The Times. Hackers used an exploit, identified by The Guardian as likely to be a "local file inclusion" program, to exploit vulnerabilities in order to gain administrative control of this site. The site, although retired, was still linked to NI's Content Management System.

Hackers then used compromised access to the CMS behind The Sun's site to add their own redirection script to the "breaking news" element of the site. The rogue JavaScript was programmed to redirect surfers to locations under the control of hackers once the page reloaded. First it was pointed towards the spoofed story at new-times.co.uk/sun and later towards LulzSec's Twitter feed.

The level of compromised access may have allowed LulzSec access to NI's email database, but this remains unclear.

LulzSec famously disbanded last month after 50 days of mayhem that saw it attack numerous targets including FBI-affiliated security consultancies, UK police agency SOCA, numerous games publishers and Sony. In an update to its Twitter feed the group said it couldn't resist returning for one last gig. "Thank you for the love tonight. I know we quit, but we couldn't sit by with our wine watching this walnut-faced Murdoch clowning around."

The websites of The Sun and The Times were pulled down on Monday following the hack. Both have been restored. The server behind new-times.co.uk has been taken offline, probably permanently.

Meanwhile, the very-much-alive Rupert Murdoch is due to face a grilling from Parliament later today, when he will be expected to answer questions on the News of the World voicemail hacking scandal.

Mencoba Desktop Alternatif LXDE di Linux Mint 11 LXDE

Written By Unknown on Monday, 18 July 2011 | 19:29

Linux Mint 11 LXDE
(Klik pada gambar untuk memperbesar)

Gnome 3 telah rilis, tapi rupanya, feedback yang bergaung di internet tidak sebaik yang mungkin diharapkan banyak orang. Begitu banyak user yang tidak puas dengan inovasi Gnome 3 karena dinilai menghilangkan unsur usability atau kegunafungsian, seperti menghilangnya gnome panel, gnome menu yang cukup menyulitkan untuk mengakses aplikasi dan proses perpindahan jendela. Ini persoalan mendasar, dan secara pribadi, saya sepakat. Bahwa developer Gnome melupakan unsur paling fundamental dari desain desktop, yaitu usability atau efektifitas atau kegunafungsian.

Lalu di sisi lain, Ubuntu membuat terobosan dengan merancang satu desktop baru, yang walau berbasis Gnome sebagai back-end, menghadirkan kesan ingin membuat satu desktop independen yang diberi nama Unity. Secara pribadi, sekali lagi, saya tidak nyaman dengan Unity karena hampir setali tiga uang dengan Gnome 3 yang mengenyahkan Gnome menu yang sangat amat berguna untuk mengakses daftar aplikasi yang terinstal di sistem Linux kita.

Lalu beredarlah isu bahwa ada developer independen yang membuat fork dari Gnome 2 yang diberi nama EXDE, yang ternyata layu sebelum berkembang karena sebab yang tidak diketahui. Isu terakhir, saya mendapati seorang user Archlinux telah berhasil mendevelop sebuah fork dari Gnome 2 yang diberi nama Mate. Annuncement dari isu tersebut ada di forum berikut https://bbs.archlinux.org/viewtopic.php?id=121162

Intinya, secara umum bisa saya simpulkan, bahwa begitu banyak user Linux yang kecewa dengan inovasi Gnome 3 yang dinilai hanya semata-mata memburu Perubahan Revolusioner tetapi melupakan satu hal paling mendasar yaitu usability. Dan jadilah banyak gunjang-gunjing yang membahas topik, alangkah indahnya jika ada developer yang sudi membuat fork dari Gnome 2 seperti yang dilakukan oleh Pearson yang membuat fork dari KDE 3.5 (yang diberi nama Trinity Desktop).

Secara pribadi, saya sedikit apatis dengan isu-isu tersebut. Bolehlah kita menghibur diri dengan memakai Gnome 2 yang paling akhir, tapi suka atau tidak, pada waktunya, kelak, Gnome 2 akan ditinggalkan sepenuhnya oleh developer Linux

Jadi, alih-alih menghibur diri dengan cara seperti itu, saya lebih memilih mencari desktop alternatif, dan saya menemukan juga. Dan jawabannya adalah : LXDE! Desktop ini sangat ringan dan sangat customable, dan yang terpenting : sederhana, usable dan lengkap.

Ada beberapa distribusi yang secara default mengusung LXDE sebagai desktop, antara lain Lubuntu, KNOPPIX dan Porteus. Tetapi, akhirnya saya menemukan pilihan yang jauh lebih baik, yaitu Linux Mint LXDE. Setelah saya mendownload, mencoba dan lalu menginstalasi, secara keseluruhan Linux Mint LXDE sangatlah memuaskan. Berikut ini catatan plus yang bisa saya catat :

1. Cepat. Cepat dan cepat. Sungguh ini nilai plus paling mengesankan dari LXDE.

2. Integrasi Gnome Bluetooth. Ini adalah inovasi yang sangat berguna mengingat by default, LXDE belum memiliki manajemen Bluetooth grafikal / GUI.

3. Kompatibel dengan repositori Ubuntu 11.04 sehingga kita bisa menambah tool, driver atau aplikasi dari lumbung aplikasi Ubuntu 11.04.

Begitulah secara keseluruhan penilaian saya mengenai desktop LXDE yang diusung oleh Linux Mint 11 LXDE. Untuk aplikasi preinstalled, semuanya standar seperti yang ada di Ubuntu 11.04, kecuali tambahan menu Dropbox installer, sebuah layanan online storage gratis yang cukup terkenal.

Catatan : Saat tulisan ini dibuat, baru ada rilis Linux Mint 11 LXDE RC2, namun secara keseluruhan, walau baru Release Candidate, sudah stabil dan fungsional untuk digunakan. Link release notesnya ada disini. Untuk rilis versi final silahkan merujuk ke website Linux Mint.

Selamat mencoba :)

Lulzsec Redirects Homepage Murdoch-Owned 'The Sun' To @LulzSec Twitter Account

Hackers breached the security of Rupert Murdoch's Sun website and briefly redirected many visitors to a hoax article falsely claiming the tabloid media tycoon had been found dead in his garden.

The hack caused many people visiting thesun.co.uk to instead reach www.new-times.co.uk/sun/, which contained a story headlined "Media moguls [sic] body discovered". The breach came as several other Murdoch-owned sites, including The Times,The Sunday Times, newsinternational.co.uk, and rupertmurdoch.co.uk suffered outages that made them inaccessible. The domain name system servers used to revolve many of those sites weren't responding to queries at time of writing.

"Murdoch, aged 80, has said [sic] to have ingested a large quantity of palladium before stumbling into his famous topiary garden late last night, passing out in the early hours of the morning,” the bogus article claimed.

hack_murdoch_small
Murdoch-Owned 'The Sun' hacked by Lulzsec

hack_twitter
LulzSec Twitter-page bragging

The redirections didn't work consistently, making it possible for many Sun visitors to reach the real site as intended. At time of writing, many attempts to reach the site caused redirects to the Twitter account of LulzSec, the prankster hacker collective that has made sport of attacking sites belonging to Sony, the Central Intelligence Agency, and other high-profile targets. LulzSec took responsibility for the Sun hack as well.

“It's not an easy thing to do,” Jeremiah Grossman, CTO of security firm WhiteHat Security, said of the redirection of The Sun's site. “If you can do that, you would classify it as being hacked.” It wasn't clear if the attackers had targeted the site's content management system, upstream provider, or another component.

DNS servers ns1.newsint.co.uk and ns0.newsint.co.uk, upon which the Murdoch-owned sites rely, did not respond to pings at time of writing. Trace routes to the servers' underlying IP addresses also failed.

How to Repair the Safe Mode on Windows

Windows’ Safe Mode is a bare-bone version of the operating system that is often used for troubleshooting PC issues. It is available under all versions of Windows and can be started by tapping on the F8 key during startup of the operating system. It is for instance handy to uninstall software in Safe Mode that you cannot uninstall under the regular OS. Another area where Safe Mode shines is the removal of viruses and malware that has infested the OS.

Malicious software sometimes disables Safe Mode among other things to prevent an easy recovery of the system. That’s a problem if you do not want to reinstall or restore the operating system, or do not have the means to do that.

Windows Safe Mode Fixer is a straightforward application that can be used to repair the Safe Mode, so that it becomes accessible again.

The troubleshooting software needs to be run from within the operating system, which may be the program’s biggest downside. If you still have access to Windows you can run the program to repair the Safe Mode. If you do not have access anymore, the program won’t do you any good.

A short explanation and three buttons are displayed on startup. The program requires no installation and can be started directly after downloading it from the developer website.

safe-mode-fixer

The tool does not explain what it does to repair the Safe Mode, only that it does repair the troubleshooting mode. A click on the Fix button applies the repairs to the operating system and restarts the system automatically afterwards. It is recommended to safe all work and open windows before you click on that button.

The developer recommends to disable all antivirus and firewall solutions prior to pressing it. I personally would not recommend that, and would use it as a last resort if pressing the button without doing so did not fix the broken Safe Mode.

You should try to boot into Safe Mode during that restart to find out if the issue was fixed by the program. I recommend to press F8 repeatedly after BIOS until you see the selection menu with Safe Mode as an option.

Safe Mode Fixer can be downloaded from the official program website at Sergiwa. The program is compatible with 32-bit and 64-bit editions of the Windows operating system.

Source: Ghacks

Find Friends on Google Plus Using "Find People On Plus"

Written By Unknown on Saturday, 16 July 2011 | 09:44

Am sure you might have tried looking for friends on Googleplus to no avail. Unlike Facebook that has the search feature at the top of the page. Google is yet to implement one for Googleplus users and it's really pissing me off.

Its just recently I came across this third party site "Find People on Plus" that enabled me search for people on Google plus. Though am not sure on how long its going to survive when Google adds the features to Google Plus, but its worth giving a shot.

Find People On Plus is more than a basic people search engine. When you open the site you see a list of the most popular Google Plus users currently indexed. About 1 million users of the confirmed ten million are currently indexed, that’s not bad but not super impressive either.

Googleplus

What I like about the site are the filtering options on the left sidebar of the web page. Here it is possible to filter by parameters like relationship, occupation, following and follower numbers, country, state or even city.

Even better, the search can filter those parameters as well. Unlike Google Plus’ original search, it can not only search by name, but also by location, profession or any other data that users add to their accounts.

You could enter a city like Lagos, Ahmedabad or Agra and get users from that city, and a few others that list Ahmedabad in their profile.

Each name has a plus icon next to it which users can click on to open that user’s profile on Google Plus. There it is then possible to look at the profile and follow that user.

Find People On Plus is not the only way to find people on Google’s social networking site. A simpler way would be to search on a search engine like Google. You can use the site:plus.google.com parameter followed by a search term, a location, profession or anything else that you want to find on Google Plus.

But I would still prefer a much better way of doing this i.e. Google should integrate this feature into Google+ as quick as possible. I'll also like to hear your opinion on this site and if you've got a better ways to search for friends, please share it.
 
Support : Creating Website | Johny Template | Mas Template
Copyright © 2011. Turorial Grapich Design and Blog Design - All Rights Reserved
Template Created by Creating Website Published by Mas Template
Proudly powered by Blogger