TechBlog

The Register: Windows source code tapped, say WikiLeaked docs The Chinese government may have used its access to Microsoft source code to develop attacks that exploited weaknesses in the Windows operating system, according to a US diplomatic memo recently published by WikiLeaks. The June 29, 2009 diplomatic cable claims that a Chinese security firm with close ties to the People’s Republic of China, got access to the Windows source under a 2003 agreement designed to help companies improve the security of the Microsoft operating system. Topsec allegedly worked with a government organization known as CNITSEC, short for the China Information Technology Security Center, which actively worked with “private sector” hackers to develop exploits. ...

Google has upgraded its Priority Inbox, a recently launched Gmail feature that automatically places important mail on top of your inbox, with a couple of improvements based on user feedback. The Priority Inbox now reacts much faster to users’ manual corrections. Furthermore, if you hover the mouse cursor over the importance marker of individual emails, you’ll see a short explanation of why that message is considered important. As far as what kind of impact the Priority Inbox has had on Gmail users, Google claims that typical Priority Inbox users spend 43% more time reading important mail compared to unimportant, and 15% less time reading email overall, when compared to Gmail users who don’t use the Priority Inbox. ...

The latest W32.Yimfoca.B variants can target malicious links in no fewer than 44 countries and nearly 20 different languages. It has also increased the number of instant messaging applications (previously Yahoo! Messenger) to include the following popular IM clients: Msn Messenger Google Talk ICQ Paltalk Skype XFire Here is a code snippet from W32.Yimfoca.B: This picks the desired messages based on a comparison with the full list of countries listed below: ...

The U.S. Federal Trade Commission (FTC) has accepted a preliminary staff report that lays out a framework for Internet privacy and suggests a “do not track” mechanism – possibly a persistent cookie installed on browsers. The agency was careful to point out that the commissioners see privacy measures as a balancing act. The news release quotes FTC chairman Jon Leibowitz: “Technological and business ingenuity have spawned a whole new online culture and vocabulary – email, IMs, apps and blogs – that consumers have come to expect and enjoy. The FTC wants to help ensure that the growing, changing, thriving information marketplace is built on a framework that promotes privacy, transparency, business innovation and consumer choice. We believe that’s what most Americans want as well.” ...

According to The Telegraph, German prosecutors are accusing two local hackers of breaking into the computers of over 50 pop stars, including Lady Gaga, Kelly Clarkson, Justin Timberlake and Ke$ha. (Wouldn’t you have to be pretty brave to blackmail Lady Gaga? She can be, um, scary. ) Ralf Haferkamp, from the Duisburg prosecutor’s office, said in an interview with Deutsche Welle that the hackers, two boys of 17 and 23 from the West of Germany, infected the machines with malware in order to steal all sorts of files. ...

Here’s the latest twist in the “membership” site scam: spam emails that tell potential victims to update their Adobe Reader include links to a web site intended to look like something related to Adobe products, but is selling “memberships.” The REAL way to update your Adobe software is on the help menu: help | check for updates (see the end of this blog piece for details). The spam email: ...

You’ve locked down your computer. Nothing is going to bypass your privacy shielding programs. AdBlock is fully loaded, NoScript is ready to roll and RefControl is sending “Party on, Wayne” as your custom referrer to all and sundry. However, you really want to hide your IP address too and decide to load up one of the many web-based proxy services available. Something humorous I’ve noticed across many web-based proxies recently is that they’re jumping on a marketing strategy that might be slightly at odds with their attempts at privacy for the end-user. In order to keep your private details private, you have to _fill in a survey and hand over a bunch of information to third party marketers. _ Type in a URL, hit the “Go” button on the proxy and you’ll see one of these: ...

You might be seeing something on your Facebook wall today: Sadly, it’s not a fun video. It’s just a phish. The link goes to apps. facebook.com/ lookatuhah, which then redirects to a phishing site: In other words, if you’re absent-minded enough to enter your credentials again, they will be used to then send more of these stupid fake videos posts to others — or do any of a number of other rather nefarious things.

Switzerland has taken new action against WikiLeaks by shutting down founder Julian Assange’s bank account. PostFinance — which is owned by the Swiss Post, itself a public company owned by the Swiss Confederation — said in a statement earlier today that it has closed Julian Assange’s account for failing to provide proof of Swiss citizenship. Here is PostFinance’s statement on its decision: “Finance has ended its business relationship with WikiLeaks founder Julian Paul Assange. The Australian citizen provided false information regarding his place of residence during the account opening process. Assange entered Geneva as his domicile. Upon inspection, this information was found to be incorrect. Assange cannot provide proof of residence in Switzerland and thus does not meet the criteria for a customer relationship with PostFinance. For this reason, PostFinance is entitled to close his account. If there is any indication that the information provided by an account holder may not comply with the detailed valid provisions, PostFinance investigates the circumstances in detail and draws the appropriate conclusions.” ...

Google has finally announced its new phone ‘Nexus S’ manufactured by Samsung and is the first phone powered by the latest Android 2.3 Gingerbread OS. Nexus S is a successor of Nexus One and looks an amazing Android phone with powerful hardware. Nexus S Official Specifications: Connectivity Quad-band GSM: 850, 900, 1800, 1900 Tri-band HSPA: 900, 2100, 1700 HSPA type: HSDPA (7.2Mbps) HSUPA (5.76Mbps) Wi-Fi 802.11 n/b/g Bluetooth 2.1+EDR Near Field Communication (NFC) Assisted GPS (A-GPS) microUSB 2.0 Display 4.0″ WVGA (480×800) Contour Display with curved glass screen Super AMOLED 235 ppi Capacitive touch sensor Anti-fingerprint display coating Size and weight 63mm x 123.9mm x 10.88mm 129g Hardware Haptic feedback vibration Three-axis gyroscope Accelerometer Digital compass Proximity sensor Light sensor Processor and memory 1GHz Cortex A8 (Hummingbird) processor 16GB iNAND flash memory Cameras and multimedia Back-facing: 5 megapixels (2560×1920) 720 x 480 video resolution H.264, H.263 MPEG4 video recording Auto focus Flash Front-facing: VGA (640×480) 3.5mm, 4-conductor headset jack (stereo audio plus microphone) Earpiece and microphone Software noise-cancellation Battery Talk time up to 6.7 hours on 3G (14 hours on 2G) Standby time up to 17.8 days on 3G (29.7 days on 2G) 1500 mAH Lithum Ion Software Android 2.3 (Gingerbread) Android Market Calendar Gmail Google Earth Google Maps with Navigation Google Search Google Talk Google Voice Voice Actions YouTube Official Video – Introducing Nexus S ...