Tech Thoughts Daily Net News – February 18, 2012

Geek 101: What Is Jailbreaking? – So how does jailbreaking work, and what does it actually do to your coveted iDevice? Can you jailbreak on other platforms or hardware besides Apple’s? What are the risks involved, and is it even legal? Read on as we try to answer all of your jailbreaking questions.

Does your browser feed the cookie monster–or starve it? – Not all tracking cookies are created equal, and as Google just reminded us, neither are the ways in which your browser handles them. Here’s what the five major browsers do for your cookie ‘problem’.

The cost of being social; which apps upload your contacts – Apple looks the other way while developers to pilfer your iPhone contacts, but is committed to righting its wrong in a future software release. But it’s not just Path and Twitter (which keeps your address book on file for 18 months). It turns out that most of the top social apps upload your contacts to their servers, but some are better than others.

Mozilla to Fix Libpng Bug in Firefox and Thunderbird – Thunderbird Firefox patchMozilla is preparing to release a fix for a serious vulnerability in both Firefox and Thunderbird that could result in remote code execution. The update comes just a few days after the company released version 10.0.1 of Firefox, fixing a separate security bug.

Tech Thoughts Daily Tech News 2

Hackers can find you by tracking your cellphone – A team of students and associate professors from the University of Minnesota have proven not only that it can be done, but also that it can be done cheaply by using readily available hardware and open source software.

Mozilla contemplates nuking McAfee – The makers of Firefox say that a popular McAfee security add-on is causing enormous performance problems. Now Mozilla is strongly considering forcibly blocking it.

Researchers Warn Of ‘Ghost Domain’ Flaw in DNS – Researchers are warning about a flaw in the Domain Name System (DNS) that could allow attackers to keep a malicious domain alive and accessible, despite efforts to remove it.

Google, Advertising Companies, Found Bypassing Safari Privacy Settings – Google and several other advertising companies have allegedly been evading the privacy controls of Apple’s Safari browser by placing a special kind of tracking code on a handful of sites, according to new research done by Stanford grad student Jonathan Mayer.

Ransomware impersonates the Italian police – Ransomware targeting Italian-speaking users is being served from compromised websites via malicious JavaScript code, warns Total Defense’s Rossano Ferraris. The users are lured to the websites and the malware is automatically downloaded and run. It immediately disables the Task Manager and compromises the Windows registry of the targeted machine, so that the malware runs every time the computer is restarted.

Open source tool detects videoconferencing equipment vulnerabilities – In this article, I explain the underlying videoconferencing protocol, how it is vulnerable, and how the tool detects the vulnerability. I also discuss why we decided to release this tool rather than fully enabling it in QualysGuard at this time.

How to Create a Compelling Browser-Based Presentation in Minutes with Deck.js – Traditionally, creating presentations requires using an app like Powerpoint and can cause various compatibility issues, but with the free, open source tool deck.js, you can create an elegant set of slides that can run in any browser either online or off. All it takes is minimal knowledge of basic HTML, and we’ve created a starter kit to help you put your first deck together in just a few minutes.

Company News:

Netflix Brings Back DVD-Only Subscription for $7.99 a Month – Netflix has reinstated their DVD-only rental plan for new users, in response to outcry when they combined it with their streaming plan.

Xerox CEO Ursula Burns Focuses on the Core – For years, the IT world thought of Xerox as a company that made printers and copiers. Not so anymore. For some time, Xerox has been moving deeper into services, following the lead of IBM. Behind this massive change is Ursula Burns, the company’s CEO. Burns sat down with eWEEK to talk about the new Xerox.

Microsoft Faces Apple Mobility Challenge in Enterprise – Microsoft’s presence in the enterprise will erode in coming years as workers gravitate increasingly toward tablets and smartphones tethered to the cloud, according Forrester Research. Apple will prove the main beneficiary of the trend.

Webopedia:

Slacker – An Internet radio service that competes with similar offerings like Pandora. Whereas Pandora uses the Music Genome Project for selecting music that matches a listener’s preferences, Slacker utilizes the combined knowledge of music experts to hand-pick songs based on the listener’s personal preferences.

Off Topic (Sort of):

A Digital Consumer Bill of Rights – Online consumers need a legal framework that imposes security responsibilities on internet companies like Facebook and Google that host our personal data.

Android now paying the price for iOS similarities – Jobs wanted to destroy Android, and it seems that things haven’t changed under Tim Cook’s leadership.

China’s factory worker plight shows a world with no conscience – I lost the Great Debate to what can be summed up as harsh statistical reality. But what does our unyielding appetite for Chinese durable goods mean for the first world conscience?

Anonymous Targets U.S. Makers of Crowd Control Tools – Web sites belonging to Combined Systems Inc. (CSI) and Sur-Tec Inc. were both down on Friday. The hacker-collective took responsibility for the attacks, calling both companies war-profiteers and posting internal e-mails, lists of customers and sensitive data from CSI on the Web site Pastebin.com.

Today’s Quote:

“Malware and vampires have something in common; they usually must be invited in.”

–     Various sources

Today’s Free Downloads:

HostsMan 4.0.80 Beta1 – HostsMan is a freeware application that lets you manage your Hosts file with ease.

Process Lasso 5.1.0.49 – Process Lasso is a software that will improve system responsiveness and stability. Process Lasso is a unique new technology intended to automatically restrain running processes that are consuming too many CPU cycles.

6 Comments

Filed under Internet Security Alerts, Tech Net News

6 responses to “Tech Thoughts Daily Net News – February 18, 2012

  1. John Bent

    Hi Bill,

    Re: China’s factory worker plight shows a world with no conscience.

    I find this a hugely difficult problem to get into perspective. As you know, I am no fan of Apple but, not buying their products does not absolve me from any blame. There are a huge number of “ethical” companies sourcing products in China, and not all are technology items. In fact it is hard not to buy anything from there these days.

    If everyone stopped buying from China that would do the workers no good at all. Robotics might be one solution but, even in the west, we have seen that automating production lines can result in unemployment; the motor industry and shipbuilding are but two example of this. As the author correctly states, the incentive in the west was the high cost of labour. That situation was largely brought about by unions demanding ever higher, and eventually unsustainable, wages for their members.

    China needs to grow its economy and it is in our interests that they do so. Markets in the west are shrinking and the Euro members are in some disarray. Increasingly our business interests will lie in the far east. We need to do what we can to ensure that we deal ethically, but this will not be achieved by boycotting. China will not respond to lectures or sanctions. Education and diplomacy are the only hope, so I do not expect to see any dramatic breakthroughs.

    Kind regards,
    John

    • Hi John,

      Tech journalists, and I use that term lightly, should stick to what they know best. Those who wander outside their own limited field, generally step into cow shit. Economists, or human rights activists; they’re not.

      A brief tour through the history of industrialization in their own country, should be a prerequisite to writing an expose on conditions elsewhere. Doing so, might open the door to a more balanced perspective.

      As for boycotting – what nonsense.

      Best,

      Bill

  2. John Bent

    Hi Bill,

    “Cow shit”. Now there’s a technical term I DO understand 🙂

    Kind regards
    John

  3. delenn13

    WOW! All that techie talk above me..Not sure if I should even post this. So intimidating. 🙂
    Since you are talking about Jeremy Collake, then..oh you aren’t? If you are talking about Process Lasso, you ARE talking about Jeremy Collake’s baby.

    About 5 months ago he started a forum/board to monitor false positives…. and how and if security vendors handle them. Also mis-rating of websites.

    The False Positive Report – Prevention through Accountability and Transparency – Portal

    This is an effort to help slow, and document, the plague of false positives and mis-rated web sites that are harming countless small businesses every year. Some security companies do better than others, but never before has there been a place where false positives and mis-rated sites can be publicly reported. The security companies can then respond, fix the issue, then determine why it happened and work with the vendor to avoid it in the future……

    Here you can:

    Report false positives and mis-rated sites in REAL TIME to a CENTRAL LOCATION. Companies will know where to find false positives and mis-rated sites, if they care to look.
    You can then see which companies care to fix these issues, and how fast. You can also see which companies are interested in AVOIDING them in the future.
    Communicate with security companies to fix these issues, and help avoid these problems from recurring.
    Provide historical stories about damage inflicted to your innocent business and/or family.
    Communicate with other software vendors with similar concerns and troubles.”

    Here is where I inform GOTD about it and Jeremy comes on and talks about what he is trying to do.

    BTW, since I have contacts at almost every security company now (due to me authoring an EXE packer), they have ALL been informed of this. Some have expressed a willingness to participate. Others have not responded. But, they are ALL watching. Point is: NOW is the chance to be heard!!

    Helping to

    prevent false positives and mis-rating of web sites « Giveaway of the Day
    Forums

    It’s a good idea but they need word of mouth to make this work. Since you had written about Process Lasso, I thought you might find this interesting.

    P.S. I did a word search before I posted this..Didn’t find anything.