There is a bunch of updates for free software this week.
Firefox has been updated to v3.6.7. There are 14 vulnerabilities patched:
http://www.mozilla.com/en-US/firefox/3.6.7/releasenotes/
Thunderbird has been updated to v3.1.1. See changes:
http://www.mozillamessaging.com/en-US/thunderbird/3.1.1/releasenotes/
And Truecrypt v7.0 is released. See updates:
http://www.truecrypt.org/docs/?s=version-history
I guess thats a whole lot to download and patch this week.
Search This Blog
Thursday, July 22, 2010
Monday, July 19, 2010
Friday, July 16, 2010
Tell Me Now (What You See) King Arthur 2004 SoundTrack ~ Moya Brennan
Long Ago,
Your name a shadow,
In my dreams, the white,
Brave still searching,
Raining Winds, fall apart.
I believe, your heart.
Tell me now,
What you see.
Tell me what you feel,
Now you're here.
Tell me.
Tell me now,
What you know.
Never let me go.
Tell me now,
What you see.
Who Cries from the hill?
The mist creeps from your eyes,
Your banner will promise,
Let's remember the start,
I believe, your heart.
Tell me now,
What you know.
Never let me go.
Tell me what,
You see.
Tell me now,
What you see.
Tell me what you feel,
Now your here, tell me,
Tell me now.
What you know,
Never let me go.
Tell me now,
Long Ago,
Your name a shadow,
In my dreams, the white,
Brave still searching,
Raining Winds, fall apart.
I believe, your heart.
Tell me now,
What you see.
Tell me what you feel,
Now you're here.
Tell me.
Tell me now,
What you know.
Never let me go.
Tell me now,
What you see.
Who Cries from the hill?
The mist creeps from your eyes,
Your banner will promise,
Let's remember the start,
I believe, your heart.
Tell me now,
What you know.
Never let me go.
Tell me what,
You see.
Tell me now,
What you see.
Tell me what you feel,
Now your here, tell me,
Tell me now.
What you know,
Never let me go.
Tell me now,
What you see.
What you see.
Tuesday, July 13, 2010
Windows XP SP2 End of Life on 13th July 2010
It had been a long 6 years and XP SP2 can be said as one of the longest lasting OS from Microsoft. But still even today, many will still clinge on to SP2. What actually happens when Microsoft says it is end of life for support?
Info:
http://support.microsoft.com/lifecycle/search/default.aspx?alpha=Windows+XP
Basically, you will not get patches anymore from Microsoft that support Windows XP SP2 32 Bits specificly as well as its other component including media player, IE, Outlook Express etc. Wait, you will notice that I mention 32 Bits, that is because 64 bits is still support as there is no such thing as SP3 for 64 Bits.
Some people may decide to hang on for whatever reasons, claiming that if they drop IE and uses Firefox, Outlook Express for Thunderbird and WMP for VLC, they will still continue to get updates. True. But do not forget that some components are still presents, especially those of IE, which arguablely is part of the OS.
Why not simply live a better life and have some peaceful sleep by upgrading to Windows XP SP3? Or even better to Windows 7? Let me know the reason if you happen to be one of those who still need to hang on with XP SP2...
Info:
http://support.microsoft.com/lifecycle/search/default.aspx?alpha=Windows+XP
Basically, you will not get patches anymore from Microsoft that support Windows XP SP2 32 Bits specificly as well as its other component including media player, IE, Outlook Express etc. Wait, you will notice that I mention 32 Bits, that is because 64 bits is still support as there is no such thing as SP3 for 64 Bits.
Some people may decide to hang on for whatever reasons, claiming that if they drop IE and uses Firefox, Outlook Express for Thunderbird and WMP for VLC, they will still continue to get updates. True. But do not forget that some components are still presents, especially those of IE, which arguablely is part of the OS.
Why not simply live a better life and have some peaceful sleep by upgrading to Windows XP SP3? Or even better to Windows 7? Let me know the reason if you happen to be one of those who still need to hang on with XP SP2...
Citibank forces clients to use older (vulnerable) version of Java Runtime (JRE)
Source :
http://packetstormsecurity.org/1007-advisories/citibank-java.txt
Basically in short, Citibank forces their client to use a vulnerable JRE because only that version is compatible with their application. No wonder Citibank is always on the frontpage getting hacked for at least a few times per year. Why doesn't Citibank upgrade their application? Lazy programmers? No budget? To pentest it (again) is too expensive?
Well, its all up to guesses, but seriously, to protect yourself, it is extremely important to uninstall all older version of JRE (btw, in case you did not know, upgrading doesn't really remove the older version in some cases - flagged as vulnerability in 07) so that application such as the above will not work (without telling you).
Also, as a side note, there is also a simply utility called JavaRa to remove older version of JRE:
http://sourceforge.net/projects/javara/
http://packetstormsecurity.org/1007-advisories/citibank-java.txt
Basically in short, Citibank forces their client to use a vulnerable JRE because only that version is compatible with their application. No wonder Citibank is always on the frontpage getting hacked for at least a few times per year. Why doesn't Citibank upgrade their application? Lazy programmers? No budget? To pentest it (again) is too expensive?
Well, its all up to guesses, but seriously, to protect yourself, it is extremely important to uninstall all older version of JRE (btw, in case you did not know, upgrading doesn't really remove the older version in some cases - flagged as vulnerability in 07) so that application such as the above will not work (without telling you).
Also, as a side note, there is also a simply utility called JavaRa to remove older version of JRE:
http://sourceforge.net/projects/javara/
Sunday, July 11, 2010
ALZIP 8 and its time to say good bye to another junkware
While ALZip looks cute, there is absolutely nothing that freeware like &-zip cannot do except the special ALZ format, which is in no way faster ot compress better as compare to other formats. The other possible reason you may want to use this may be the cute icons.
So, it finally upgraded to v8.0 and suddenly my license is no longer valid. Naturally I will not pay another $30 for this crap since 7-zip (which is free) does all the same and I had actually never encounter another ALZ files since then.
So, it time to say goodbye and uninstall another piece of software which is basically wasting space and slowing down my PC in the right click context menu. Moreover, it did not really work well,. Often I get files extracted to the wrong places and all over the places actually when there are nested directories. Well, but thats my opinion, you can still give it a shot and buy it if you like.
So, it finally upgraded to v8.0 and suddenly my license is no longer valid. Naturally I will not pay another $30 for this crap since 7-zip (which is free) does all the same and I had actually never encounter another ALZ files since then.
So, it time to say goodbye and uninstall another piece of software which is basically wasting space and slowing down my PC in the right click context menu. Moreover, it did not really work well,. Often I get files extracted to the wrong places and all over the places actually when there are nested directories. Well, but thats my opinion, you can still give it a shot and buy it if you like.
Monday, July 05, 2010
Stealing information via USB devices
I know it had been known for a long time. But does anyone cares? You should. That innocent looking China-made hello kitty cup warmer or the free thumbdrive from some company in Blackhat. Are they really as innocent as they look? How can you be sure that those are not just means to obtain information by other entities?
In short, devices can "mimic" any other devices by coding in the ID into ttheir chip while in fact they are totally not that device and can be performing other functions such as storing keystrokes or send out files to nearby wifi devices etc. Its all up to the maker to create.
Read about it at:
http://gizmodo.com/5578183/usb-coffee+cup-warmer-could-be-stealing-your-data
In short, devices can "mimic" any other devices by coding in the ID into ttheir chip while in fact they are totally not that device and can be performing other functions such as storing keystrokes or send out files to nearby wifi devices etc. Its all up to the maker to create.
Read about it at:
http://gizmodo.com/5578183/usb-coffee+cup-warmer-could-be-stealing-your-data
Subscribe to:
Posts (Atom)
Amazon Gift Cards!
Thanks for viewing!
Copyright © 2008 nemesisv.blogspot.com, All rights reserved.