A Windows Vista Zero-Day Exploit Costs $50,000

$50,000 for a Windows Vista zero-day exploit. The 0-day exploits have not been released in the wild but are, instead, made an integer part of the underground Internet commerce. The Proof of Concept code for an exploit affecting Microsoft’s latest operating system can cost as much as $50.000.

As far, neither the exploit nor the PoC for Windows Vista have been submitted to an independent evaluation process. In this context, the authenticity of the Windows Vista 0-day exploit has not been confirmed from any sources aside from its creators. Microsoft has, as yet, failed to issue an official comment.

Trend Micro’s chief technology officer, Raimund Genes confirmed that Trend Micro was able to verify that the 0-day Vista exploit was indeed available for sale on an auctioning marketplace online. The consistent amount for which the 0-day exploit is being auctioned is an indication of the fact that the vulnerability at its basis allows for remote code execution.

Prices for similar code execution vulnerabilities that have not been patched by the developers range from $20,000 to $30,000. As a general rule, the more popular the software, the higher the price. Raimund Genes revealed that bots and Trojan downloaders targeting the Windows operating system have an estimated price of $5,000.

This kind of underground commerce mirrors the fact that the malware environment has geared from a destructive, viral aspect, to a lucrative market. “I think the malware industry is making more money than the anti-malware industry,” Genes commented.

Java 6 released

Java SE 6 is the current major release of the Java SE platform. Sun endeavors to foster the highest level of transparency and collaboration on the platform with the Java community through Project JDK 6, resulting in the following key features:

New Security Features and Enhancements

• Native platform Security (GSS/Kerberos) integration.
• Java Authentication and Authorization Service (JAAS) login module that employs LDAP authentication
• New Smart Card I/O API
  
  

Integrated Web Services

• New API for XML digital signature services for secure web services
• New Client and Core Java Architecture for XML-Web Services (JAX-WS) 2.0 APIs
• New support for Java Architecture for XML Binding (JAXB) 2.0
  
  

Scripting Language Support (JSR 223)

• New framework and API for scripting languages
• Mozilla Rhino engine for JavaScript built into the platform
  
  

Enhanced Management and Serviceability

• Improved JMX Monitoring API
• Runtime Support for dTrace (Solaris 10 and future Solaris OS releases only)
• Improved memory usage analysis and leak detection
  
  

Increased Developer Productivity

• JDBC 4.0 support (JSR 221)
• Significant library improvements
• Improvements to the Java Platform Debug Architecture (JPDA) & JVM Tool Interface

Improved User Experience

• look-and-feel updates to better match underlying operating system
• Improved desktop performance and integration
• Enhanced internationalization support

VideoLan Client 0.8.6 final released

Building on feedback from the 29 million downloads of VLC media player 0.8.5, we bring you version 0.8.6 with many bugfixes, as well as a couple of new features we think you will truly enjoy. Most prominent are probably Windows Media Video 9 and Flash Video. Other important changes are improved H.264 decoding, better Windows Unicode support, a Fullscreen controller and Apple Remote support for Mac OS X.

core 2 duo

In Market Intel Pentium core 2 duo 1.86
conroe e6400 with 4MB cache is available for
desktops.

Then why are you rushing for dual core.

I am going to purchase a desktop

1.86 core 2 Duo
1GB Ram 667 FSB
946 Intel Motherboard

If any one suggest me much better leave comment.

Open Suse V10.2 released

The openSUSE project is a community program sponsored by Novell. Promoting the use of Linux everywhere, openSUSE.org provides free, easy access to the world’s most usable Linux distribution, openSUSE. The openSUSE project gives Linux developers and enthusiasts everything they need to get started with Linux.

The goals of the openSUSE project are:

• Make openSUSE the easiest Linux distribution for anyone to obtain and the most widely used open source platform.
• Provide an environment for open source collaboration that makes openSUSE the world’s best Linux distribution for new and experienced Linux users.
• Dramatically simplify and open the development and packaging processes to make openSUSE the platform of choice for Linux hackers and application developers.

Add "find Target" To Your Shortcuts!

Hello users!
Windows missed out something...something very useful..."Find Target" option directly on the menu of a shortcut... beginners do not find it that useful....advanced users are tired of properties>Find Target...

Here is the solution:

1)Copy this code as it is:


@echo off
setlocal
set FT="%TEMP%\Find_Target.tmp"
set FTV="C:\Find_Target.vbs"
@echo REGEDIT4>%FT%
@echo.>>%FT%
@echo [HKEY_CLASSES_ROOT\lnkfile\Shell\Find Target\command]>>%FT%
@echo @="wscript.exe \"C:\\Find_target.vbs\" \"%%1\"">>%FT%
@echo.>>%FT%
@echo.>>%FT%
@echo Dim param, filenam, targt, shortct>%FTV%
@echo Set param = WScript.Arguments>>%FTV%
@echo filenam = param (0)>>%FTV%
@echo Set WshShell = WScript.CreateObject("WScript.Shell")>>%FTV%
@echo Set shortct = WshShell.CreateShortcut(filenam)>>%FTV%
@echo targt = shortct.TargetPath>>%FTV%
@echo WshShell.Run "%windir%\explorer.exe /select," ^& Chr(34) ^& targt ^& Chr(34)>>%FTV%
regedit /s %FT%
del /q %FT%
endlocal



2)Copy and paste this code in Notepad...yes only Notepad...Wordpad won't do! (Start>Run>Notepad)

3)Save this file as Find_Target.bat in the root drive of your OS(directly in the drive where Documents and Settings, Program Files and WINDOWS reside)

4)Run Find_Target.bat (Just press Enter!)

A VB Script is created...DO NOT TOUCH THAT FILE!

Going to purchase a new desktop - need suggestions

Hey Friends,

I am going to purchase a new Desktop. I decide to take

2.8 Dual Core 4MB Cache
Intel Genuine MotherBoard D102 or 945
512MB Ram 667 DDR

if u suggest something more supirior plz but with little explaination for my understanding

send urs configuration in comments

Core 2 Duo to Reach 3GHz

Core 2 Duo is slowly evolving into quite a successful product. It’s both a powerful and affordable CPU. And then there’s the fact that it succeeded in turning the tables to INTEL’s side after 2 years of AMD supremacy.

Take into account that there is still a large quantity of older NetBurst CPUs represented by the 900 series and only about 20% of the sales this year INTEL has made represent Core 2 Duo products. And there’s also the problem of availability, since high priced Conroes are pretty rare. And you’d better remember this if you’re planning to buy a new PC on Christmas, since you’ll be lucky if you catch an Allendale CPU.

When it comes to future chipsets, it seems that INTEL has already figured out the recipe.
Salt Creek is the following chipset line coming from INTEL and will include several variations of the following products: X38 (Q3 2007) as the new high end chipset, P35 (Q2 2007) representing mainstream segment and G33/35 chipsets which will be value oriented. All chips will be built around the new ICH9 southbridge. X38 for example will be the first to introduce FSB 1333 and DDR3-1333. G33/35 line will have an integrated GPU with HDCP support and DirectX 10 features and will also use DDR3 rated at only 1066MHz. ICH9 means the disappearance of PATA connectors as well as integrating no less than 12 USB ports onboard among many other things.

The second quarter of 2008 will also bring the new 45nm line represented at first by the mobile Perynn line. That may sound a little far, but the fact that AMD is still struggling with 65nm CPU production should give INTEL all the time it needs.

......

Birthdays and Characteristics!

January 01-10 ~ Dog
January 10-24 ~ Mouse
January 25-31 ~ Lion
February 01-05 ~ Cat
February 06-14 ~ Dove
February 15-21 ~ Turtle
February 22-28 ~ Panther
March 01-12 ~ Monkey
March 13-15 ~ Lion
March 16-23 ~ Mouse
March 24-31 ~ Cat
April 01-03 ~ Dog
April 04-14 ~ Panther
April 15-26 ~ Mouse
April 27-30 ~ Turtle
May 01-13 ~ Monkey
May 14-21 ~ Dove
May 22-31 ~ Lion
June 01-03 ~ Mouse
June 04-14 ~ Turtle
June 15-20 ~ Dog
June 21-24 ~ Monkey
June 25-30 ~ Cat
July 01-09 ~ Mouse
July 10-15 ~ Dog
July 16-26 ~ Dove
July 27-31 ~ Cat
August 01-15 ~ Monkey
August 16-25 ~ Mouse
August 26-31 ~ Turtle
September 01-14 ~ Dove
September 15-27 ~ Cat
September 28-30 ~ Dog
October 01-15 ~ Monkey
October 16-27 ~ Turtle
October 28-31 ~ Panther
November 01-16 ~ Lion
November 17-30 ~ Cat
December 01-16 ~ Dog
December 17-25 ~ Monkey
December 26-31 ~ Dove

If you are a Dog: A very loyal and sweet person. Your loyalty can never be doubted. You are quite honest and sincere when it comes to your attitude towards working. You are a very simple person, indeed. Absolutely hassle free, humble and down-to-earth!! That explains the reason why your friends cling on to you! You have a good taste for clothes. If your wardrobe is not updated with what is trendy, you sure are depressed. Popular and easy going. You have a little group of dignified friends, all of them being quality personified.

If you are a Mouse: Always up to some sort of a mischief! The mischievous gleam in your eyes is what makes you so cute and attractive to everyone. You are an extremely fun-to-be-with kind of person. No wonder, people seek for your company and look forward to include you for all get-togethers. However, you are sensitive, which is a drawback. People need to select their words while talking to you. If someone tries to fiddle around and play with words while dealing with you. It is enough to invite your wrath. God bless the person then!

If you are a Lion: Quite contradictory to your name, you are a peace loving person. You best try to avoid a situation where in you are required to fight. An outdoor person, you dislike sitting at one place for a long duration. You are a born leader, and have it in you how to tactfully derive work from people. You love being loved, and when you receive your share of limelight from someone, you are all theirs!!! Well, well… hence some people could even take an advantage, flatter you to the maximum and get their work done. So be careful…

If you are a Cat: An extremely lovable, adorable person, sometimes shy, with a passion for quick wit. At times, you prefer quietness. You love exploring various things and going into depth of each thing. Under normal circumstances you’re cool, when given a reason to, you are like a volcano waiting to erupt. You’re a fashion bird. People look forward to you as an icon associated with fashion. Basically, you mingle along freely but don’t like talking much to strangers. People feel very easy in your company. You observe care in choosing your friends.

If you are a Turtle: You are near to perfect and nice at heart. The examples of your kindness are always circulated in groups of people. You too, love peace. You wouldn’t like to retaliate even to a person who is in the wrong. You are loved due to this. You do not wish to talk behind one’s back. People love the way you always treat them. You can give, give and give love, and the best part is that you do not expect it back in return. You are generous enough. Seeing things in a practical light is what remains the best trait of you guys.

If you are a Dove: You symbolize a very happy-go-lucky approach in life. Whatever the surroundings may be, grim or cheerful, you remain unaffected. In fact, you spread cheer wherever you go. You are the leader of your group of friends and good at consoling people in their times of need. You dislike hypocrisy and trend to shirk away from hypocrites. They can never be in your good books, no matter what. You are very methodical and organized in your work. No amount of mess, hence, can ever encompass you. Beware, it is easy for you to fall in love…

If you are a Panther: You are mysterious. You are someone who can handle pressure with ease, and can handle any atmosphere without going berserk. You can be mean at times and love to gossip with your selected group. Very prim and proper. You like all situations and things to be in the way you desire, which, sometimes is not possible. As a result, you may lose out in some relationships. But otherwise, you love to help people out from difficult and tight spots when they really need you.

If you are a Monkey: Very impatient and hyper!!! You want things to be done as quickly as possible. At heart you are quite simple and love if you are the center of attraction. That way, you people are unique. You would like to keep yourself safe from all the angles. Shall your name be dragged or featured in any sort of a controversy, you then go all panicky. Therefore, you take your precautions from the very beginning. When you foresee anything wrong, your sixth sense is what saves you from falling in traps. Quite a money minded bunch you people are!!

WinDVD v8

The world’s #1 DVD and video playback software, with over 175 million copies sold worldwide. Enjoy crystal-clear, smooth playback of your standard and High-Def video and audio. Whether you’re a movie buff, frequent flyer, or just like to watch video clips, WinDVD 8 gives you the best digital entertainment experience.

More info here.

New phone Nokia N70

Finally after a month of planning, i bought the Nokia N70! Im *very* happy with it! The sound quality in the headphones is simply amazing! The camera is also of amazing quality! Hopefully this phone should satisfy my appetite for another 2-3 years

Tech Specs of Nokia N70

New Releases

Two new releases this week:

Nvidia Drivers v93.71 (Official)

Adobe Acrobat v8 (Reader, Professional)


..

Windows Media Player 11 Final Released!

So microsoft is on a release spree! First it was Internet Explorer 7 and now WMP11. And Vista is gonna RTM this month only! Anyway find out more about WMP11

Need for Speed Carbon - Demo!

Need for Speed Carbon delivers the next generation of adrenaline-filled street racing and will challenge players to face the ultimate test of driving skill on treacherous canyon roads. What starts in the city is settled in the canyons as Need for Speed Carbon immerses you into the world’s most dangerous and adrenaline-filled form of street racing. You and your crew must race in an all-out war for the city, risking everything to take over your rivals’ neighbourhoods one block at a time. As the police turn up the heat, the battle ultimately shifts to Carbon Canyon, where territories and reputations can be lost on every perilous curve. Need for Speed Carbon delivers the next generation of customization giving you the power to design and tweak your crew’s cars in every way using the ground-breaking new Autosculpt technology. Represent your car class, your crew, and your turf in Need for Speed Carbon, the next revolution in racing games.

Links:

http://www.files4games.de/demos/nfs_carbon_demo_eu.exe

http://download.gamezone.cz/_dema/nfs_carbon_demo_eu.exe

ftp://download.gamer.no/gamer.no/nfs_carbon_demo_eu.exe

Beware though! Its a 650 MB Download!

..........

Nero CD-DVD Speed 4.7.0.0 released!

This is a small (just in size, not in features) tool bundled with the Nero Burning Rom application. It’s used for benchmarking and doing quality scans of the burnt media. A must have IMHO.
Changes

• Added Advanced Disc Quality test for certain BenQ drives
  Following parameters are measured:
  CD: E11,E21,E31,E12,E22,E32,BLER,Jitter
  DVD: 1-5 PIE,PIE,PIF,POE,POF,Jitter
• Disc Quality test:
• Jitter can be reported with recent LiteOn drives
• Added CLV and P-CAV settings for BenQ drives (CD scanning)
• Added Advanced options button
• Replaced ‘Write and Verify’ option by ‘Streaming’ option
• Bitsetting: improved support for NEC drives
• Small improvements and bug fixes

Bit Comet v0.66

BitComet is a p2p file-sharing freeware fully compatible with Bittorrent, which is one of the most popular p2p protocol designed for high-speed distribution of 100MB or GB sized files. BitComet is a powerful, clean, fast, and easy-to-use bittorrent client. It supports simultaneous downloads, download queue, selected downloads in torrent package, fast-resume, chatting, disk cache, speed limits, port mapping, proxy, ip-filter, etc. Changelog: v0.66 2006.4.27 Core Improved: more program run-time error can be detected by the crash report
Core Bugfix: fix the bug that the sometimes program will crash when display chat message

100 Amazing Facts!

1. The speed of light is generally rounded down to 186,000 miles per second. In exact terms it is 299,792,458 m/s (metres per second - that is equal to 186,287.49 miles per second).

2. It takes 8 minutes 17 seconds for light to travel from the Sun’s surface to the Earth.

3. October 12th, 1999 was declared “The Day of Six Billion” based on United Nations projections.

4. 10 percent of all human beings ever born are alive at this very moment.

5. The Earth spins at 1,000 mph but it travels through space at an incredible 67,000 mph.

6. Every year over one million earthquakes shake the Earth.

7. When Krakatoa erupted in 1883, its force was so great it could be heard 4,800 kilometres away in Australia.

8. The largest ever hailstone weighed over 1kg and fell in Bangladesh in 1986.

9. Every second around 100 lightning bolts strike the Earth.

10. Every year lightning kills 1000 people.

11. In October 1999 an Iceberg the size of London broke free from the Antarctic ice shelf .

12. If you could drive your car straight up you would arrive in space in just over an hour.

13. Human tapeworms can grow up to 22.9m.

14. The Earth is 4.56 billion years old…the same age as the Moon and the Sun.

15. The dinosaurs became extinct before the Rockies or the Alps were formed.

16. Female black widow spiders eat their males after mating.

17. When a flea jumps, the rate of acceleration is 20 times that of the space shuttle during launch.

18. ——-

19. If our Sun were just inch in diameter, the nearest star would be 445 miles away.

20. The Australian billygoat plum contains 100 times more vitamin C than an orange.

21. Astronauts cannot belch - there is no gravity to separate liquid from gas in their stomachs.

22. The air at the summit of Mount Everest, 29,029 feet is only a third as thick as the air at sea level.

23. One million, million, million, million, millionth of a second after the Big Bang the Universe was the size of a …pea.

24. DNA was first discovered in 1869 by Swiss Friedrich Mieschler.

25. The molecular structure of DNA was first determined by Watson and Crick in 1953.

26. The first synthetic human chromosome was constructed by US scientists in 1997.

27. The thermometer was invented in 1607 by Galileo.

28. Englishman Roger Bacon invented the magnifying glass in 1250.

29. Alfred Nobel invented dynamite in 1866.

30. Wilhelm Rontgen won the first Nobel Prize for physics for discovering X-rays in 1895.

31. The tallest tree ever was an Australian eucalyptus - In 1872 it was measured at 435 feet tall.

32. Christian Barnard performed the first heart transplant in 1967 - the patient lived for 18 days.

33. The wingspan of a Boeing 747 is longer than the Wright brother’s first flight.

34. An electric eel can produce a shock of up to 650 volts.

35. ‘Wireless’ communications took a giant leap forward in 1962 with the launch of Telstar, the first satellite capable of relaying telephone and satellite TV signals.

36. The earliest wine makers lived in Egypt around 2300 BC.

37. The Ebola virus kills 4 out of every 5 humans it infects.

38. In 5 billion years the Sun will run out of fuel and turn into a Red Giant.

39. Giraffes often sleep for only 20 minutes in any 24 hours. They may sleep up to 2 hours (in spurts - not all at once), but this is rare. They never lie down.

40. A pig’s orgasm lasts for 30 minutes.

41. Without its lining of mucus your stomach would digest itself.

42. Humans have 46 chromosomes, peas have 14 and crayfish have 200.

43. There are 60,000 miles of blood vessels in the human body.

44. An individual blood cell takes about 60 seconds to make a complete circuit of the body.

45. Utopia ia a large, smooth lying area of Mars.

46. On the day that Alexander Graham Bell was buried the entire US telephone system was shut down for 1 minute in tribute.

47. The low frequency call of the humpback whale is the loudest noise made by a living creature.

48. The call of the humpback whale is louder than Concorde and can be heard from 500 miles away.

49. A quarter of the world’s plants are threatened with extinction by the year 2010.

50. Each person sheds 40lbs of skin in his or her lifetime.

51. At 15 inches the eyes of giant squids are the largest on the planet.

52. The largest galexies contain a million, million stars.

53. The Universe contains over 100 billion galaxies.

54. Wounds infested with maggots heal quickly and without spread of gangrene or other infection.

55. More germs are transferred shaking hands than kissing.

56. The longest glacier in Antarctica, the Almbert glacier, is 250 miles long and 40 miles wide.

57. The fastest speed a falling raindrop can hit you is 18mph.

58. A healthy person has 6,000 million, million, million haemoglobin molecules.

59. A salmon-rich, low cholesterol diet means that Inuits rarely suffer from heart disease.

60. Inbreeding causes 3 out of every 10 Dalmation dogs to suffer from hearing disability.

61. The world’s smallest winged insect, the Tanzanian parasitic wasp, is smaller than the eye of a housefly.

62. If the Sun were the size of a beach ball then Jupiter would be the size of a golf ball and the Earth would be as small as a pea.

63. It would take over an hour for a heavy object to sink 6.7 miles down to the deepest part of the ocean.

64. There are more living organisms on the skin of each human than there are humans on the surface of the earth.

65. The grey whale migrates 12,500 miles from the Artic to Mexico and back every year.

66. Each rubber molecule is made of 65,000 individual atoms.

67. Around a million, billion neutrinos from the Sun will pass through your body while you read this sentence.

68….and now they are already past the Moon.

69. Quasars emit more energy than 100 giant galaxies.

70. Quasars are the most distant objects in the Universe.

71. The saturn V rocket which carried man to the Moon develops power equivalent to fifty 747 jumbo jets.

72. Koalas sleep an average of 22 hours a day, two hours more than the sloth.

73. Light would take .13 seconds to travel around the Earth.

74. Males produce one thousand sperm cells each second - 86 million each day.

75. Neutron stars are so dense that a teaspoonful would weigh more than all the people on Earth.

76. One in every 2000 babies is born with a tooth.

77. Every hour the Universe expands by a billion miles in all directions.

78. Somewhere in the flicker of a badly tuned TV set is the background radiation from the Big Bang.

79. Even travelling at the speed of light it would take 2 million years to reach the nearest large galaxy, Andromeda.

80. The temperature in Antarctica plummets as low as -35 degrees celsius.

81. At over 2000 kilometres long The Great Barrier Reef is the largest living structure on Earth.

82. A thimbleful of a neutron star would weigh over 100 million tons.

83. The risk of being struck by a falling meteorite for a human is one occurence every 9,300 years.

84. The driest inhabited place in the world is Aswan, Egypt where the annual average rainfall is .02 inches.

85. The deepest part of any ocean in the world is the Mariana trench in the Pacific with a depth of 35,797 feet.

86. The largest meteorite craters in the world are in Sudbury, Ontario, canada and in Vredefort, South Africa.

87. The largest desert in the world, the Sahara, is 3,500,000 square miles.

88. The largest dinosaur ever discovered was Seismosaurus who was over 100 feet long and weighed up to 80 tonnes.

89. The African Elephant gestates for 22 months.

90. The short-nosed Bandicoot has a gestation period of only 12 days.

91. The mortality rate if bitten by a Black Mamba snake is over 95%.

92. In the 14th century the Black Death killed 75,000,000 people. It was carried by fleas on the black rat.

93. A dog’s sense of smell is 1,000 times more sensitive than a humans.

94. A typical hurricane produces the nergy equivalent to 8,000 one megaton bombs.

95. 90% of those who die from hurricanes die from drowning.

96. To escape the Earth’s gravity a rocket need to travel at 7 miles a second.

97. If every star in the Milky Way was a grain of salt they would fill an Olympic sized swimming pool.

98. Microbial life can survive on the cooling rods of a nuclear reactor.

99. Micro-organisms have been brought back to life after being frozen in perma-frost for three million years.

100. Our oldest radio broadcasts of the 1930s have already travelled past 100,000 stars.

WinRAR 3.60 Beta 3 relased

RAR is a general purpose archiving and compression program competing with/replacing programs such as PKZip, ARJ, and others. It offers significantly improved compression ratios, easier use and a cheaper price as well as supporting long file names, disk spanning, and self-extracting file creation.

Latest Changes:

• Previous beta version could create duplicate copies of same file when updating an archived file with high ASCII characters in file name
• SFX module crashed if single string length in “License” or “Text” block exceeded 4096 characters

They are recruiting software professionals. I’ve joined their mailing lists so ill keep you updated.

VideoLAN Player v0.8.5 released

VLC (initially VideoLAN Client) is a highly portable multimedia player for various audio and video formats (MPEG-1, MPEG-2, MPEG-4, DivX, mp3, ogg, …) as well as DVDs, VCDs, and various streaming protocols. It can also be used as a server to stream in unicast or multicast in IPv4 or IPv6 on a high-bandwidth network. (business web hosting).
Release: VLC media player 0.8.5 (2006-05-066 May 2006) This new Release features many improvements, including MacIntel support, a statistic system, the support of DV inputs on Linux, improvements in the Audio CD playback (CDDB), many new and improved video filters, a new AJAX HTTP interface, Winamp 2 Skins support, a Mozilla plugin on Mac OS X (PowerPC only), a new default skin..

Changes between 0.8.4a and 0.8.5

Core support:

• Statistics collection (bitrates, packets, connections, …)
• Support for downloading updates
• Updated strings

Input:

• Initial support for RTSP-over-HTTP (to allow NAT traversal)
• Linux DV (Digital Video - Firewire) input
• Improvements to the Audio CD input
• - Separate playlist entries for the tracks
• - Support for CDDB
• Support for more DVB (satellite) encryption modules
• Improved subtitles encoding support
• Improved support for playing MP4 files from the Web

Decoders:

• Cook (Real audio) support

Playlist / Services discovery:

• XSPF playlist support
• Podcast support
• Updated Shoutcast to use new listing

Audio output:

• New JACK audio output

Video output:

• New video filters:
• - magnify: allows you to zoom on part of the image
• - gradient and edge detection: “cartoon-like” effect
• - bluescreen: overlay parts of a video transparently on another one
• Logo video filter: can now loop through multiple images
• RSS video filter: display feed images. Support for Atom feeds.
• Improvements to the subtitles rendering

Stream output:

• Initial support for throttling users on VOD streams

Interfaces:

• System to inform the user and request information
• - HTTP authentication
• - Fatal errors
• - …
• wxWidgets
• - VLM (VideoLAN Media Manager) control panel
• - Improved media information panel (shows statistics, metadata, …)
• - Drag & Drop support in the playlist
• Skins2
• - New default skin
• - Support for Winamp 2 skins
• - Improved playlist handling
• - Support for popup menus, animated bitmaps, equalizer, …
• OS X
• - Embedded Video output
• - new Go-To-Specific-Time feature
• - Video cropping and aspect ratio changing while playing
• - Improved media information panel (shows statistics, metadata, …)
• - support for processing multiple items with the wizard in a single run
• - option to save selections in the wizard for a session (default enabled)
• HTTP
• - New default interface pages for VLC and VLM (including a mosaic wizard)
• - A bunch of new RPN functions

Windows Port:

• MSN messenger “Now playing” support

OS X Port:

• Mac-Intel compatibility
• Enhanced support of various audio output devices
• Growl “Now playing” support

*Nix port:

• Ability to log to syslog
• Root wrapper to avoid running VLC as root

Developers:

• New libvlc API (not finished yet)
• Java bindings
• A bit more automatic testing

Mozilla Firefox v1.5.0.3 released

The award-winning, free Web browser is better than ever. Browse the Web with confidence - Firefox protects you from viruses, spyware and pop-ups. Enjoy improvements to performance, ease of use and privacy. It’s easy to import your favorites and settings and get started. Download Firefox now and get the most out of the Web.

Firefox 1.5.0.3 is a security update that is part of our ongoing program to provide a safe Internet experience for our customers. We recommend that all users upgrade to this latest version.

New P2P Virus

Win32.Polipos

SYMPTOMS:

• Size of executable increases with about 60-70 KB.
• There could be detected unusual network activity.
• Suspect activity for the running processes (searching and modifying executable files).

TECHNICAL DESCRIPTION:
Win32.Polipos.A is a dangerous, polymorphic file infector, with a worm-like spreading capability. It’s targets are EXE and SCR files.

It is a memory-resident virus, because once executed, it injects code in the running processes. The first files it infects are those located in %ProgramFiles% and %WINDIR% directories. But it hooks imported functions for the infected proceses, so that all executables accessed by those processes will be infected.

This infector uses different encryption layers, the first of them being the hardest to decrypt. It is a simplified version of XTEA (eXtended Tiny Encryption Algorithm), but decrypting it could take a long time.

It also has an advanced polymorphic engine, combined with a junk-code generator, antidebugging and antiemulation techniques, making it’s detection more difficult.

FILE INFECTION METHOD:

Using different entry-point obscuring techniques, Polipos makes itself a hard to detect virus:

• It chooses a random imported function from the victim, and hooks all calls or jumps to that function.
• It searches for functions that have the same stack-frame-restore code, and patches all instances of that code, with a call to its own body.

If it finds unused space in victim’s code sections, it inserts code into them, as much as it can, without increasing those sections’ sizes.
It increases the VirtualSize for the data sections of the victim, and will use that space from it’s junk code.
If a resource section is found in the victim, sometimes it shifts that section, and inserts a new section after the last data section, and before the resources (other times it appends it’s section after the resources), and repairs the resource section (otherwise it would damage the victim).

When infecting a file, it searches for the following files in same directory as the file that is going to be infected:

• drwebase.vdb
• avg.avi
• vs.vsn
• anti-vir.dat
• avp.crc
• chklist.ms
• ivb.ntz
• ivp.ntz
• chklist.cps
• smartchk.ms
• smartchk.cps
• aguard.dat
• avgqt.dat
• lguard.vps

It will delete these files if they are found.

Once the control of an infected file is passed to the virus body, it cleans the memory copy of the file (restores the original code at the patched locations), to make sure it is run only once from a certain file.

When the virus is executed from an file with overlay, it makes a copy of that in the %TEMP% folder, disinfects it, and runs it from that location. This is useful in case of installers or SFX archives that use integrity checks.
The virus will not infect the files matching the following names:

• vtf tb dbg f- nav pav mon rav nvc fpr dss ibm inoc scn
• pack vsaf vswp fsav adinf sqstart mc watch kasp nod setup
• temp norton mcafee anti tmp secure upx forti scan “zone labs”
• alarm symantec retina eeye virus firewall spider backdoor
• drweb viri debug panda shield kaspersky doctor “trend micro”
• sonique cillin barracuda sygate rescue pebundle ida spf
• assemble pklite aspack disasm gladiator ort expl process
• eliashim tds3 starforce sec avx root burn aladdin
• esafe olly grisoft avg armor numega mirc softice norman
• neolite tiny ositis proxy webroot hack spy iss pkware
• blackice lavasoft aware pecompact clean hunter common kerio
• route trojan spyware heal alwil qualys tenable avast a2
• etrust spy steganos security principal agnitum outpost avp
• personal softwin defender intermute guard inoculate sophos
• frisk alwil protect eset nod32 f-prot avwin ahead nero
• blindwrite clonecd elaborate slysoft hijack roxio imapi
• newtech infosystems adaptec “swift sound” copystar astonsoft
• “gear software” sateira dfrgntfs

The decrypted virus body contains the following text:

Win32.Polipos v1.2 by Joseph.

PROCESS INFECTION METHOD:

The virus will infect all running processes excepting those matching the following names: savedump, dumprep, dwwin, drwatson, drwtsn32, smss, csrss, spoolsv, ctfmon, temp.

For the processes it infects, it hooks the following APIs, by patching directly the kernel copy from each process address space:

• CreateFileW
• CreateFileA
• SearchPathW
• SearchPathA
• CreateProcessW
• CreateProcessA
• LoadLibraryExW
• LoadLibraryExA
• ExitProcess

These hooks will allow the virus to infect all files that an infected process accesses through the APIs mentioned above.

SPREADING METHOD:

The virus is able to connect to Gnutella P2P network, acting as a client. It uses a predefined list of Gnutella webcache servers, in order to obtain lists of available nodes (connected clients). Using the P2P network, it has a strong ability to spread itself like a worm.

New Bluetooth Virus

A newly detected mobile phone virus is charging mobile phone users $5 to send a premium rate SMS message, security experts warned today at Infosec Europe 2006.
F-Secure explained that this type of attack had been reengineered to make money illegally from mobile phone users.

F-Secure warned that users are still leaving their mobile devices and laptops open to attack by using unsecured Bluetooth connections, despite the company’s warnings at trade shows such as CeBIT.

The new attack is similar to the CommWarrior mobile virus, which originally spread itself over mobiles without causing anything more than a higher bill for sending itself to contact via MMS as well as Bluetooth.

User ignorance is still the main reason for the spread of CommWarrior type viruses, according to F-Secure.

“If someone’s phone is infected with CommWarrior, all of these phones in range would be getting a message saying: ‘Install CommWarrior, yes or no?’,” said Richard Hales, country manager for UK and Ireland at F-Secure.

“If you say no it immediately pops the message back up again if you’re still within range. So you press no, no, no, oh for goodness sake, yes.”

Hamachi 1.0.1.0 Final

Hamachi will allow you to establish secure direct connections to PC’s that are not accessible otherwise due to the restrictions in network setup.

For example, if your home computer is connected to the Internet via Connection Sharing or Broadband Router, you will not generally be able to access it, say, from your office.

By installing Hamachi on both computers and clicking a couple of buttons you can connect them instantly and securely. Now you can browse file shares, run remote desktop or even host a multiplayer game on one computer and join in from another. Just as if they were connected with a physical wire.

Hamachi is a networking technology enabling any two computers on the Internet to talk directly to each other regardless of the presence of firewalls or address translation devices on the route between them.

Most interestingly, Hamachi enables peer-to-peer communications between two computers residing behind two different connection sharing devices. In geek language - it allows for bidirectional NAT traversal.

Peer to peer connectivity becomes possible with the help of Hamachi servers that mediate the establishment of an initial contact between peers.

Once peers connect the traffic starts to flow directly between them. This not only ensures that data travels the best route possible, but it also minimizes latency (ping time) and maximizes transfer speeds.

Hamachi is secure. All Hamachi communications are encrypted and authenticated using industry-standard algorithms and protocols. Nobody will be able to see what two Hamachi peers are talking about.

However what is more important - Hamachi security architecture is completely open meaning that its detailed description is available for review to anyone interested.

......

Sony Will Ship Blu-Ray Media

Sony Electronics announced that it had begun to ship its single-layer blank Blu-ray optical media and that it would start delivering dual-layer discs at the beginning of June. The company also confirmed the rumor saying that the manufacturer plans to equip its computers with Blu-ray disc drives.

Sony is shipping 25-GB BD media, which will retail for about $25 each disc. The 50-GB versions

of the media (BD-R and BD-RE) will be dual-layer discs that will be sold for $48 and $60, similar to pricing on TDK’s or Panasonic’s BD media. mesothelioma

It seems that, later this year, Sony will also release the internal BWU-100A drive, which will be able to handle both 25-GB and 50-GB discs, burning a full 25 GB disc in about 30 minutes. Retail pricing for the BWU-100A drive will be available later this year.