TweakTown NewsRefine News by Category:
Those that were dragging their feet on downloading Microsoft Security Essentials will be disappointed to know that they are no longer able to obtain the download.
Less than 48 hours after making the beta program available, Microsoft has decided that they have enough participants and have closed it. Those trying to get in the beta now will receive this message: "Thank you for your interest in joining the Microsoft® Security Essentials Beta. We are not accepting additional participants at this time. Please check back at later a date for possible additional availability."
Those that were lucky enough to get in before Microsoft shut it down are providing some promising feedback for others. Not only is Security Essentials quite quick, but it is very easy on system resources. Reports are saying that it only uses about 4MB of RAM and processor utilization is also minimal.
Those in regions that Microsoft has not opened the beta for would do well to remember this. If you are looking to give Security Essentails a whirl, get your download ASAP before Microsoft decides it is full again.
Those that have been following the progress of Microsoft Security Essentials will be pleased to know that they have launched the beta for the application.
If you wish to try it out you can do so for free, however Hexus reports that it is only available for those that are in the US, Brazil, and Israel. China is expected to get the beta within a month however there are now availability dates for those living in other regions.
The beta will be functional until the final release of Security Essentials, at which point you will be able to install the finalized version and utilize it for free as well. Check out the Microsoft Security Essentials website for download instructions and more information.
Apple has released a round of patches for OSX and other software.
The patch for OSX includes covers more than 24 issues including one in Safari's RSS feed that can allow for arbitrary code execution. Another patch corrects a problem in Apple's remote events that could allow access to sensitive information. One interesting one was a flaw in the printing system that could allow a user to gain system level access and one in DS tools that could expose passwords.
If you own a Mac or run Safari for Windows you might want to head over to Apple's update site and grab these.
A significant portion of Intel's Core 2 lineup will be dropped by Q3 of this year. Intel will first begin the phase-out by issuing a PDN (product discontinuation notice) to all channel vendors and distributors for its Core 2 Quad Q6700 and Core 2 Duo E4700 processors later this month; these CPUs will soon after reach EOL (end of life).
The same process will occur during Q2'09 where some beloved models like the good ole' Q6600 will say goodbye. The full phase-out during this period will include the Core 2 Extreme QX9770 and QX9650, Core 2 Duo E8300, Pentium E2200 and E2180 as well as the Celeron E1200.
Come Q3, even more will be stripped from the quickly diminishing lineup with one definitive being the Core 2 Duo E7200.
More details here.
A piece on internet/data security has been published using Google Docs and it certainly makes for some interesting reading. Entitled "Data Security - A Balance Between Convenience, Privacy, Stupidity", this could be quite the eye opener for many who often sweep the issue under the carpet and say "naaah, won't happen to me" whilst adding some fitting humour and sarcasm into the mix.
Software and hardware manufacturers have introduced and continued to develop some of the best computing and online security solutions to protect you and your content from being not just compromised, but stolen and used.
Lose your hardware and yes it is a pain, but it can be replaced. Lose your data and your identity can be used in the blink of an eye.
The best and most expensive security solutions in the industry seem to be useless against relentless thieves and your own stupidity or careless action. Every week there is another report of a "responsible" firm that had thousands, sometimes millions of customer data files stolen.
On the one hand the thieves are getting smarter and more dangerous. On the other hand the files are usually stolen because someone got careless. And you wonder why we don't like netbooks and working in the cloud? You can't protect folks from themselves but this Insider piece may scare a few people straight.
You can read the full piece here.
The GPGPU has become the ultimate hacking tool. At least that is what Theo Valich is saying.
In his blog he shows off a new piece of software from ElcomSoft a Russian company that is usually associated with security. Previously they have released software that is designed to recover passwords from files and systems that was Cuda Enabled. But now they have extended their support to ATi with their new Wireless Secutiy Auditor 1.0.
This handy little tool uses the parallel processing power of a GPU to attempt to recover wireless encryption passwords. Considering the number of Cuda enabled notebooks out this handy little tool is sure to make wireless networks everywhere a little less secure.
Read more here
Today, ElcomSoft announced that the company expanded its support from Nvidia-only to support both ATI and Nvidia with its Wireless Security Auditor 1.0. This application is intended to audit wireless network security by "attempting to recover the original WPA/WPA2 PSK password protecting Wi-Fi Communications".
Using ATI HD2000 and above or GeForce 8 and above cards, ElcomSoft WSA is currently the fastest Wi-Fi password recovery tool on the market. In order to support both GPU manufacturers, ElcomSoft developed its own patent-pending technologies which expanded on the original CUDA-powered algorithms.
Cooler Master invited us to their suite in the Palms Hotel and Casino along with 200 or so of their closest friends. Among the products on display were the new V10 peltier assisted CPU cooler and various pieces from the new Sniper Collection.
Chad Sebring is anxiously waiting on the first V10 sample to arrive at the TweakTown Lab and a preview should be ready by the middle of next week. The cooler was so impressive that our pictures didn't turn out so you will just have to wait on Chad's exclusive preview.
Here we see the new Cooler Master Sniper.
One thing we noticed right away is the side panel. This one sports a mesh grill.
The second Sniper at the showing had a clear acrylic cover.
The Cooler Master Storm was also on display and also looks very attractive. Notice the handle at the top making this case perfect for LAN parties.
The Chinese government is going to finally try to crack down on the rampant data and ID Theft that goes on behind the Great FireWall.
In a draft amendment that the Chinese State Media service announced hackers could face up to seven year behind bars making little cardboard boxes if caught.
The existing law only prohibits entry into government or state controlled systems.
ReaThe Sydney Morning Herald has more here.
If passed, the clauses will be the first legal tools to crack down on increasing data theft from non-official computers in China, the report said.
The existing Criminal Law stipulates punishment only for intruding into networks of governments, national defence or advanced science sectors, or altering the functions of personal computer systems, it said.
The public security ministry first raised the request to make the amendment due to rampant stealing of account numbers and passwords, especially those of games and banks, and hacking of computers to remotely control them, it added.
I have been following the Australian ISP filtering issue (as have many of you) with interest. I personally do not like the idea and feel that it is dangerous in many ways.
To understand why filters on this scale are so dangerous it is important to know that all traffic would have to pass through them. This gives a hacker the chance to intercept all internet traffic from a single location.
BanThisURL.com recently sat down with Matthew Strahan, a security expert at Securus Global and asked them about these new filters. In his opinion the filters are extremely dangerous and provide (as I mentioned) a single point of attack and a single point of failure.
Read the full interview here.
BanThisURL: What worries you most about the filters from a security standpoint?
Matthew Strahan: From a security standpoint it's that somebody would take over the box. Especially if they standardize the filter. Depending on how they set it up, an attacker could become the man in the middle of every single Australian home connection. Which is a huge thing.
BTURL: Can you explain man in the middle attacks quickly?
MS: Man in the middle attacks are when someone can intercept your
connection to some server. So you've sent a HTTP connection to Gmail. If someone's in the middle of that connection, then they can read your email. They can also prevent you from going on Gmail. They can modify what gets sent back from Gmail and pretend that you've got email that you haven't really received.
Last week Google's Chrome crawled out of Beta Status and into the realm of final software. But is this really a good thing?
Prior to its release Chrome can under scrutiny for caching and saving all browsed pages, sending search data to Google and for having very poor security.
Now we can add a lack of good password security to the list of issues with Chrome. According to a report from Chapin Information Services Chrome tied with Safari for last place in terms of password security.
Read the full report here.
Among the problems are three in particular that, when combined, allow password thieves to take passwords without the user's knowledge.
1 - The destination where passwords are sent is not checked.
2 - The location where passwords are requested is not checked.
3 - Invisible form elements can trigger password management.
A technique described and demonstrated by CIS two years ago leveraged such vulnerabilities without using client-side scripting. The implication was that an attacker need not have full control over a target server or a victim's computer to obtain a password from their web browser.