Thursday, April 12, 2007
A tale of two animated cursor attacks
April 9th, 2007 Posted by Ryan Naraine (ZDNet) At the height of the animated cursor(.ani) attacks last week, there were two different groups using different motives to hit a different set of targets. According to Websense Security Labs, the first set of attacks started in the China region and appear to be the work of groups within the Asia Pacific Region. The attackers have compromised hundreds of machines and placed IFRAME’s back to the main servers that host the exploit code. In most cases the payload and motivation of these attacks is to gather credentials for online games. A few days later, a second set of attacks started up from a group in Eastern Europe known for using malware lures to launch identity theft attacks. This group has been placing exploit code on sites for many years now and has a very resilient infrastructure. They have used WMF, VML, and several other exploits in there routines previously. As of now they have also added the ANI attacks to their arsenal. The payload and motivation is somewhat different however as they are more known to install rootkit’s and crimeware which is designed to install form grabbing software and keyloggers in order to compromise end-user banking details. Also in the past they have installed fake anti-spyware software as a distraction and as a means to falsify someone into acquiring some anti-spyware software. More than two weeks after the attacks were first spotted, there are still more than 2,000 unique sites that are hosting exploit code and/or are compromised and are pointing to machines that host exploit code, Websense said. According to Andreas Marx of AV Test, there are more than 46,000 different URLs that together serve up almost 3,000 different corrupted animated cursor files.
Posted by Augustine at 1:07 AM
Wednesday, April 11, 2007
'Flexible' plastic for electronic circuits?
April 11th, 2007 ‘Flexible’ plastic for electronic circuits?Posted by Roland Piquepaille @ 9:39 am Categories: By adding a polymer acid to a common plastic, chemists at the University of Texas at Austin have developed a plastic with changeable conductivity which could be used to build future electronic devices. This 'doped' plastic can be manufactured at room temperature and can have a conductivity ten times higher than the 'non-doped' one. The flexible sheets of plastics obtained in the lab can be printed with wires and interconnects which could be used to design military camouflage that changes colors, foldable electronic displays and medical sensors. This project has been led by Yueh-Lin (Lynn) Loo, an assistant professor of chemical engineering at the University of Texas at Austin, and the members of her research group. Below is a picture of Loo holding a pliable sheet with printed polyaniline wires and interconnects (Credit: Caroling Lee, University of Texas at Austin). Here are two links to a larger version of this photo and to a page containing several other pictures. Here are some more details about this 'doped' plastic. By combining polyaniline [also known as PANI,] with a chemical that gives it conductivity, Loo discovered she could increase the plastic's conductivity one- to six-fold based on the version of the chemical added. Chemically altered polyaniline has several advantages over the more commonly used metals, like gold and copper, in devices other than computers. For example, Loo’s previous research has demonstrated that “doped” polyaniline can be manufactured in solution at room temperatures and without vacuum chambers. Producing metal-based wires requires special manufacturing conditions in addition to the high cost of the metals. I'm sure you all want to know what was the special ingredient added to polyaniline (PANI) to increase its conductivity. It's a polymer acid named poly(2-acrylamido-2-methyl-1-propanesulfonic acid), or PAAMPSA. But if I've named this post "PAAMPSA meets PANI," would you have read it? For more information, this research work has been published by the Journal of Materials Chemistry under the name "Improving the Electrical Conductivity of Polymer-Acid-Doped Polyaniline by Controlling the Template Molecular Weight" (Volume 17, Issue 13, Pages 1268-1275, 2007). Here are two links to the abstract and to the full paper (PDF format, 8 pages, 392 KB). You also may want to read a previous news release about Loo's work, "Putting a charge in plastics" (January 16, 2006), describing how she researches ways to make cheap, flexible electronic devices. Sources: University of Texas at Austin news release, April 9, 2007; and various websites
Posted by Augustine at 9:59 PM
5 lessons of Photobucket Fiasco
from GigaOM by Om Malik Photobucket, which started out as a plain-vanilla hosting service, cried wolf last night when it claimed that MySpace was blocking its videos. The truth came out this morning: because Photobucket is selling ads on videos that get shown on MySpace via widgets, MySpace is blocking them just like it would anyone else. It is clearly an emotional issue, as you can tell from the big debate that rages on the blogs. The fact is, Photobucket and MySpace are both for-profit entities, and this is less about emotion than it is about capitalism. Nevertheless, there are some lessons here for start-ups hoping to thrive in the new disaggregated web world. Don’t depend too much on one partner, especially one you don’t have a formal relationship with. Or as one smart commentator writes, “One line of code from that 3rd party literally puts these guys out of business.” If you are going to depend on one partner, don’t make waves. Stay under the radar. I am sure bragging in Fortune didn’t help Photobucket’s case. Don’t lose sight of your own mantra. Photobucket said all along it was just a service provider, and didn’t care about page views on its own site. How it was going to scale and build its revenues, based on that model, is a tough question Photobucket didn’t ask itself in the early days. Pay to play and ensure longevity. Remember, even Google had to pay MySpace, and you the start-up are not that special. Free is a tactic, not a business model, and has strings attached to it. Liz pointed out during a chat this morning that these are all truisms of the old media world that some optimists had thought wouldn’t apply to to the new new media world. Now, it seems the new theories of disaggregation are getting throughly trampled. I haven’t had a chance to ponder over that, but would like to throw this open to debate and get your thoughts on this. Are there other lessons to be learned from this fiasco? What does Photobucket do? Become a destination? Are destinations a better option for a start-up? Let the conversation begin!
Posted by Augustine at 9:46 PM
24-inch LED Backlit LCD Coming from Samsung
byJohn Martellaro, 4:40 PM EDT, April 11th, 2007 Samsung has announced a 24-inch (60 cm) LED backlit LCD display with 180 degree viewing and near perfect light uniformity, according to DailyTech. "As notebooks become thinner, the need for LED-backlit screens become more important as they take up far less space and requires less power," the author reported. "The same is true for desktop displays, but LED-backlit LCD panels are used primarily for a different reason here: uniformity and color gamut." The new displays boast a high contrast ratio and excellent color saturation. Samsung said that these displays will reach 111 percent of the NTSC standard while traditional LCDs commonly manage about 72 percent. The resolution will be 1920 x 1200 and the panel will have a true 180 degree viewing angle. In terms of availability, Samsung hasn't yet committed. However, the author noted that," the lag between Samsung panel announcements and monitor production can sometimes exceed six months." With the new 24-inch LCD monitor display, technology-demanding consumers, professional graphics designers and digital photographers will enjoy the same true-to-life colors that premium LCD TVs can provide, thanks to Samsung's proprietary LED backlight. The LED-backlit monitor panel has an industry-high color saturation level of 111% (of NTSC standard) compared to a saturation level of only 72% of NTSC for conventional monitors.The panel's 24-inch screen size is optimal for systems equipped with the Windows Vista operating system. While conventional thinking has been that Windows Vista works best with a 22-inch screen (the size of two A4 pieces of paper), 22 inches is not wide enough to support full-HD. In addition, industry experts now say that 24 inches provides a better Windows Vista fit to also include the Vista right side bar and margins.The advent of Windows Vista and the spread of HD technology have accelerated the demand for wide-screen monitors delivering true-color imagery. Meanwhile, a steadily increasing number of consumers are using their monitors to watch high quality video images. Samsung's new 24-inch LCD display with its vivid colors represents one of the most advanced monitor screens available today to meet market needs.The new monitor display also features Samsung's highly successful S-PVA (Super Patterned-ITO Vertical Alignment) technology that provides the widest viewing angle possible—180 degrees—at the highest contrast ratio for LCD monitors today (>1,000:1). It also supports WUXGA resolution (1,920x1,200 pixels), which is the computer equivalent to Full HD resolution.The new display's backlight does not use mercury and is therefore is environmentally-friendly.
Posted by Augustine at 9:32 PM