TweakTown NewsRefine News by Category:
Microsoft have released a rare out-of-band update to fix a vulnerability in the .NET Framework. The update comes weeks before the next regularly scheduled "Patch Tuesday" in mid-January, and addresses a flaw that could allow attackers to exploit hash tables to perform a denial-of-service (DoS) attack against a website built with Microsoft's ASP.NET application framework.
DoS attacks usually require thousands of malware-controlled systems in a botnet to overwhelm a site with requests. This opening would allow an attacker to cripple a vulnerable site by sending a certain type of HTTP request. Each of these requests would consume 100-percent of one CPU core. As you can imagine, the more of these requests, the more CPU power that is zapped away.
Microsoft says "Attacks targeting this type of vulnerability are generically known as hash collision attacks." They also added that the problem is not specific to Microsoft's Web services as it affects PHP 5, Java, .NET, v8 and even PHP 4, Ruby and Python. The people behind these platforms will release updates soon, but the holidays will dampen these efforts.
Microsoft is preparing a new way to log into tablet PCs with Windows 8, by allowing a user to perform gestures on a screen instead of typing in letters or numbers. For example, you can use a photo with some personal meaning to you, create a sequence of taps, lines, and circles that must be performed in the right order, in order to unlock the computer.
It is a new form of an unlock procedure, and will have three paths chosen for it: people will love it, people will hate it, or Apple will sue Microsoft for some form of patent rip-off. Microsoft does acknowledge that the new gesture unlock puts smudges on the screen, and recording devices could theoretically allow the gesture password to be compromised, but says the risks are very low.
Not everyone agrees with Microsoft, though. Kenneth Weiss, inventor of RSA's SecurID token who now runs a three-factor authentication business called Universal Secure Registry, told Network World that it's not "serious security," that the gestures someone makes upon a screen can easily be recorded from a distance.
Google last week announced Android 4.0.3 as the next incremental update to arrive for Ice Cream Sandwich. The update includes the usual bug fixes, optimizations and a handful of new APIs for developers, some of the new things included are:
A "Social stream API in Contacts provider" which leverages social networking for developers, allowing them to show users what their friends are doing while tying in photos and contact information.
Improvements for calendar providers: Apps can now color calendar events and utilize ne attendee types and states.
Add camera capabilities: Apps can now manage and check for video stabilization. They may also use QVGA resolution profiles.
Improved accessibility: Screen readers can access more content and will enjoy text-to-speech status and error reporting.
Improve user experience: Small improvements and bug fixes for graphics, database, spell-checking, Bluetooth, and more.
Password management and security is something that confuses a lot of people, and Microsoft are hoping to change that. A new feature that will be included in their next OS will allow users to put an unlimited number of individual passwords behind one master password, and then sync them across all other Windows 8-based machines they use.
The Live ID password is all you'll need, so for the multiple websites you use, you can set very complicated passwords for them, in the case you get hacked and your credentials are stolen, your entire digital life isn't ripped away from you. Windows 8 will automatically enter your login information when visiting a saved website.
On Monday, Steve Ballmer made some interesting changes of leadership over at Microsoft. First up, leadership of the Windows Phone 7 team has been taken away from Andy Lees, who has been steering the WP7 ship for three years now.
Terry Myerson, vice president and lead engineer will take his place. Lees has been moved to yield "maximum impact" of Windows Phone 7 and Windows 8 in 2012. "Maximum impact" is not clearly defined, so we don't know what Microsoft are hinting at here. It could be tighter integration between Windows Phone 7 and Windows 8, which is something I'm sure Microsoft are aiming at.
AllThingsD have some live coverage from a just-held Microsoft event, where they talked about their upcoming Windows Store that features in their next OS, Windows 8. Windows President Steven Sinofsky was on hand, as well as Windows Web Services VP Antoine Leblond.
Both took the stage and talked up the Windows Store, where a fair amount of information was unleashed onto the public. First off, Microsoft are promising the best economics of any app store by saying "we're going to give you a bigger bite of the apple". I don't know if that could be put in better words, but I love it.
Leblond recapped that Microsoft is proud to have Windows 8 working on ARM and x86 chips, small and big computers, with "it's the biggest and most significant developer opportunity ever", he promised. Windows Store is set to offer some differences to what the Apple App Store and Google Android Market offer, by giving free trial versions of apps, Leblond says "the best advertisement for your app will be the app itself," and I totally agree.
The Next Web claims that sources close to Microsoft have said that we should expect the pubic Windows 8 beta sometime in late February 2012. Windows 8 is expected in 2H 2012, but an exact date for release is currently unknown.
But, knowing the release date of the public beta paints a better picture of when to expect the RTM copy of Windows 8. If we use Windows 7's release milestones, we should expect Windows 8 hit the released to manufacturers (RTM) release in June. If this happens, Microsoft could enjoy a very, very good 2H of 2012, by selling its new OS, pushing tablets powered with the OS and pre-built systems with Windows 8 baked in.
What is unknown about the Windows 8 beta is what exactly will be included in the beta itself. No feature set is known, but we should find some information closer to release. I'm incredibly excited myself.
Google's Android dev team have just released Android 4.0.1/Ice Cream Sandwich for x86 chipsets, which has been a promise of theirs to open Android up to both Intel and AMD-based systems.
Of course, with any new release, its not fully stable with many bits missing such as sound, camera, ethernet, and hardware acceleration for Intel chips. Included and working however is, Wi-Fi, sound, and hardware acceleration for AMD chipsets. If you'd like the instructions on how to download the source code, check below [or over the page]:
As always, the MSDN blog has a long, but interesting read on large disks and large sectors in Windows 8 and goes into lengthy detail of how the upcoming OS will handle such things.
I will note, that in the article, they state that from a recent IDC market research report, that they estimate the maximum capacity of a single hard disk will reach 8TB in 2015. But, does this take into consideration the flooding in Thailand? I don't know. Impressive to think though, 8TB in a single disk. Imagine losing all that data. Eep.
There is a huge post on the MSDN blog about Windows 8, and how they are improving the setup experience. Microsoft are really working hard on perfecting Windows 8 and after reading the blog I'm 100-percent confident they are on the road to success.
They've got some big challenges ahead of them, and are committed to get more PCs working with Windows 8 than any previous version of Windows was capable of. With more than 450 millin PCs that will be Windows 8-capable, Microsoft expect that many systems that are currently rocking along with Windows Vista and even Windows XP will be eligible.
Windows 8 will also now be offered through an online installation, with a "pre-key" inside the setup image that is downloaded to a unique user, this means that you won't even need to enter the 25-digit product key during installation. In pre-installation, Windows 8 will scan your PC to determine compatibility, resulting in a summary report that shows what programs and devices on your system will/won't work, and what items require your attention.