CertForums
CertForums.com hosts free IT computer certification forums with help and advice for Microsoft, Cisco, VMware, & CompTIA exams.
Analyst: Beware of the Google Gadgets
Analyst: Beware of the Google Gadgets
One fun thing about the interactive world of Web 2.0 is the online applications you can take advantage of, such as Google Gadgets.
Google describes Gadgets as "miniature objects that offer cool and dynamic content that can be placed on any page on the Web. They're free and available for you to add to any Webpage that you own," including personalized Google properties such as iGoogle and Google Desktop.
However, one person's cool functionality can be another's security vulnerability.
"The architecture right now is highly insecure," said Tom Stracener, a senior analyst with the application security company Cenzic Inc. of Santa Clara, Calif. "It is not clear to me that Google Gadgets have been adopted in a widespread fashion," but they are being used by people without a lot of security awareness or expertise. "The current environment is high-risk," Stracener added.
Read the whole story...
DNS flaw is much worse than first thought
DNS flaw is much worse than first thought
IN A TALK at the Black Hat conference in Las Vega on Wednesday, security researcher Dan Kaminsky said that the systemic Internet Domain Name System (DNS) vulnerability he discovered some months ago is much more dangerous than most have appreciated.
"Every network is at risk," Kaminsky told the overflow crowd gathered for his presentation. "That's what this flaw has shown." He said that what little he'd initially revealed about the DNS vulnerability, and the later leak of more details about it, was only the tip of an iceberg that he called the worst Internet security risk to surface since 1997.
The initial worry has been the danger that hackers could exploit the DNS cache poisoning vulnerability that Kaminsky found to hijack web browsers and route unsuspecting wibblers to malicious websites harboring phishing or malware attacks.
To read the whole read, see...
Citrix is pleased to bring you the release preview of Citrix XenApp
Citrix is pleased to bring you the release preview of Citrix XenApp
Citrix is pleased to bring you the release preview of Citrix XenApp (the new name for Citrix Presentation Server™) on the Windows® Server 2008 platform.
XenApp leverages the enhancements built into Windows Server 2008 while adding increased flexibility, manageability, security and performance to offer the most complete Application Delivery solution.
XenApp supports both Windows Server 2003 and 2008 as well as 32 and 64 bit architecture in mixed server farms. This functionality enables you to migrate gradually while maintaining support for your legacy systems. And that’s just for starters.
Don't delay. Start experiencing XenApp on Windows Server 2008 today.
Download the XenApp Release Preview now.
-Ken
Microsoft Releases SQL Server 2008 to Manufacturing, IT Pros
Microsoft Releases SQL Server 2008 to Manufacturing, IT Pros
Microsoft has released SQL Server 2008 to manufacturing (RTM) and, as an evaluation edition, to subscribers of its Microsoft Development Network and TechNet services, the company announced today. Redmond is expected to open the software to general release by the end of September, according to earlier reports.
This version of SQL Server will offer wide swath of new capabilities, making it a formidable rival to Oracle's enterprise database offering.
One of the chief new features will be something called Policy-Based Management, which will allow administrators to set an organizational-wide configurations for all running instances of SQL Server, according to Microsoft Federal development consultant Jack Bradham.
SQL Server 2008 will also collect performance data of the database itself, through its Performance Data Collector (PDC). Administrators will also be able to allocate...
Massive faux-CNN spam blitz uses legit sites to deliver fake Flash
Massive faux-CNN spam blitz uses legit sites to deliver fake Flash
More than 1,000 hacked sites serving up phony update; Adobe issues warning
August 6, 2008 (Computerworld) More than a thousand hacked Web sites are serving up fake Flash Player software to users duped into clicking on links in mail that's part of a massive spam attack masquerading as CNN.com news notifications, security researchers said today.
The bogus messages, which claim to be from the CNN.com news Web site, include links to what are supposedly the day's Top 10 news stories and Top 10 news video clips from the cable network. Clicking on any of those links, however, brings up a dialog that says an incorrect version of Flash Player has been detected and that tells users they needed to update to a newer edition, said Sam Masiello, vice president of information security at Denver-based security company MX Logic Inc.
Read the whole story...
California state computers can't handle pay cut, controller says
California state computers can't handle pay cut, controller says
If Gov. Arnold Schwarzenegger wants to issue minimum-wage checks to 200,000 state workers in less than a month, he may want to rehire any semi-retired computer programmers he terminated last week.
The massive pay cut would exhaust the state's antiquated payroll system, which is built on a Vietnam-era computer language so outdated that many college students don't even bother to learn it anymore.
Democratic state Controller John Chiang said Monday it would take at least six months to reconfigure the state's payroll system to issue blanket checks at the federal minimum wage of $6.55 per hour, though Schwarzenegger insists such a change should occur this month.
Experts say Chiang isn't joking when he describes the state's payroll system as a computing relic on par with vacuum tubes and floppy disks.
Read the whole story here, if...
UK questioned on online ad system
UK questioned on online ad system
The UK government has until the end of August to respond to a letter from the European Union about a controversial system which monitors web traffic.
EU commissioner Viviane Reding has asked the UK government to clarify whether the Phorm system is in breach of European data laws.
Phorm tracks users' web habits in order to better target ads at them and three UK ISPs are so far signed up to it.
BT is due to begin a widescale trial of the service imminently.
Read the whole story here, compliments to Arroryn for the find
-Ken
Microsoft sending mixed messages about Windows futures with Fiji?
Microsoft sending mixed messages about Windows futures with Fiji?
After a brief blip of news following the mid-July release to manufacturing of Microsoft Fiji, its back to radio silence again. But the quiet shouldnt be interpreted as all is well.
In fact, a number of Fiji testers who asked not to be named and with whom Ive communicated are not happy with how the test process for Windows Media Center TV Pack (Fiji) was conducted or the product that resulted.
In fact, one tester made a convincing argument that Microsoft is doing more harm than good with Fiji, by sending mixed messages around whether users should wait for Windows 7 or upgrade now to Windows Vista coupled with Fiji.
Microsoft execs have been encouraging users against waiting for Windows 7 and grab the compatibility bull by the horns now in order to avoid having to do so with Windows 7 when it arrives around late 2009. Microsofts claim: Because there will be no deep-level...
AMD Fusion details leaked: 40/32 nm, dual-core CPU, RV800 graphics
AMD Fusion details leaked: 40/32 nm, dual-core CPU, RV800 graphics
Taipei (Taiwan) AMD pushed Fusion as one of the main reasons to justify its acquisition of ATI. Since then, AMDs finances have changed colors and are now deep in the red, the top management has changed, and Fusion still isnt anything AMD wants to discuss in detail. But there are always industry sources and these sources have told us that Fusion is likely to be introduced as a half-node chip.
It appears that AMDs engineers in Dresden, Markham and Sunnyvale have been making lots of trips to little island of Formosa lately - the home of contract manufacturer TSMC, which will be producing Fusion CPUs. Our sources indicated that both companies are quite busy laying out the productions scenarios of AMDs first CPU+GPU chip.
The first Fusion processor is code-named Shrike, which will, if our sources are right, consist of a dual-core Phenom CPU and an ATI RV800 GPU core. This...
Microsoft makes daring vulnerability sharing move
Microsoft makes daring vulnerability sharing move
LAS VEGAS Starting in October, Microsoft will start sharing details on software vulnerabilities with security vendors ahead of Patch Tuesday under a daring new program aimed at reducing the window of exposure to hacker attacks.
The new Microsoft Active Protections Program (MAPP), which will be formally announced at Black Hat USA 2008 here, will give anti-virus, intrusion prevention/detection and corporate network security vendors a headstart to add signatures and filters to protect against Microsoft software vulnerabilities.
The idea is to provide detection guidance ahead of time to help security vendors reproduce the vulnerabilities being patched and ship signatures and detection capabilities without false positives.
Read the whole story here.
-ken
Page 63 of 171
