Wednesday, December 12, 2012

INTERNET - Child Protection From Apps Gathering Data

"How to Protect Against the Dangers of Mobile Apps That Gather Kids' Data" PBS Newshour 12/11/2012


RAY SUAREZ (Newshour): ...... new worries over the mobile apps kids are using, and what the apps disclose about their users.

It seems like everyone has them, the ubiquitous applications, apps, for short, on smartphones and tablets, including everything from instructive or educational materials to games.

Children of all ages, armed with these devices, are using apps and raising concerns over privacy.

The Federal Trade Commission is now investigating whether companies that make apps are violating the privacy rights of children by collecting personal data from mobile devices and sharing it with advertisers and databanks. These types of apps can detail a child's physical location or phone numbers of their friends, along with other information.

Yesterday, the FTC issued a new report documenting those concerns. It found, among 400 apps designed for kids, most failed to inform parents about the types of data that could be gathered and who would access it.

Thursday, November 15, 2012

SECURITY - NASA Security Breach

"Stolen NASA Laptop Had Unencrypted Employee Data" by Mathew J. Schwartz, Information Week 11/15/2012

NASA is warning all employees and contractors that their personal information may have been compromised after a thief stole a NASA laptop and documents from an agency employee's locked car.

"On October 31, 2012, a NASA laptop and official NASA documents issued to a headquarters employee were stolen from the employee's locked vehicle. The laptop contained records of sensitive personally identifiable information (PII) for a large number of NASA employees, contractors and others," said Richard J. Keegan Jr., associate deputy administrator of NASA, in a notice sent to all employees.

The data on the laptop wasn't encrypted. "Although the laptop was password protected, it did not have whole disk encryption software, which means the information on the laptop could be accessible to unauthorized individuals," he said.

NASA doesn't yet know the full extent of the breach, presumably because the agency is still attempting to reconstruct and study everything that was on the stolen laptop. "Because of the amount of information that must be reviewed and validated electronically and manually, it may take up to 60 days for all individuals impacted by this breach to be identified and contacted," said Keegan.

In addition to now implementing full-disk encryption software for NASA laptops, Keegan said NASA will pay ID Experts to notify people who've been affected by the breach, and to provide identity theft and credit monitoring services. Anyone affected will be notified about the breach via a written, mailed letter -- but not by email or phone, he said.

Given the continuing increase in the number of data breaches affecting organizations, and the accompanying costs of notifying affected people and cleaning up the mess, surely technology-savvy NASA would have already required that all agency laptops be secured using full-disk encryption software?

In fact, that hasn't been the case, apparently owing to user resistance. An IT executive at Goddard Space Flight Center, for example, said that the facility recently implemented data-at-rest encryption on PCs. But some users aren't fans of the software, which they said interfered with some of the tools on their PCs.

In the wake of this breach, however, NASA administrator Charles F. Bolden Jr. and CIO Linda Cureton have ordered that "no NASA-issued laptops containing sensitive information can be removed from a NASA facility unless whole disk encryption software is enabled or the sensitive files are individually encrypted," said Keegan. "This applies to laptops containing PII, international traffic in arms regulations (ITAR) and export administration regulations (EAR) data, procurement and human resources information, and other sensitive but unclassified (SBU) data."

NASA facility CIOs have been ordered to add or enable encryption capabilities for the maximum number of laptops by November 21, 2012. By December 21, 2012, all laptops that leave NASA facilities must have encryption capabilities. In the meantime, employees who are telecommunicating or traveling "should use loaner laptops if their NASA-issued laptop contains unencrypted sensitive information," according to Keegan's communication.

Cureton's office will also review whether any further agency security policies need to be revised to help prevent future data breaches stemming from lost or stolen laptops.

A NASA spokeswoman didn't immediately respond to an emailed request for comment about what type of full-disk or file encryption technology the agency would be using, whether it planned to train all employees to determine what qualifies as "sensitive information" that must be encrypted -- or whether employees' compliance with the new policies would be monitored and enforced.

Monday, November 12, 2012

CYBERSECURITY - Chevron Infected by Stuxnet

"'The Worm Turns' As Chevron 'Infected' By Stuxnet Collateral Damage" by Tyler Durden, Zero Hedge 11/10/2012

"I don't think the US government even realized how far it had spread" is how the collateral damage from the Iran-attacking Stuxnet computer virus is described by Chevron. The sleep San-Ramon-based oil giant admitted this week that from 2010 on "we're finding it in our systems and so are other companies... so now we have to deal with it." It would seem that little consideration for just how viral this cyber warfare tactic has become and this news (reported by Russia Today) is the first time a US company has come clean about the accidental infection. Discovered in 2010, the Stuxnet worm was reported with all but certainty to be the creation of the United States, perhaps with the assistance of Israel, to set back Iran’s nuclear enrichment program as a preemptive measure against an eventual war. In a June 2012 article published by The New York Times, government agents with direct knowledge of Stuxnet claimed that first President George W. Bush, then Barack Obama, oversaw the deployment of the worm as part of a well-crafted cyberassault on Iran. On the record, the federal government maintains ignorance on the subject of Stuxnet, but perhaps Chevron sums up the impact of Stuxnet best (given the escalating Iranian enrichment program): "I think the downside of what they did is going to be far worse than what they actually accomplished."

Via Russia Today:

America’s cyberwar is already seeing collateral damage, and it’s hitting the country’s own billion-dollar companies. Oil giants Chevron say the Stuxnet computer virus made by the US to target Iran infected their systems as well.

California-based Chevron, a Fortune 500 company that’s among the biggest corporations in the world, admits this week that they discovered the Stuxnet worm on their systems back in 2010. Up until now, Chevron managed to make their finding a well-kept secret, and their disclosure published by the Wall Street Journal on Thursday marks the first time a US company has come clean about being infected by the virus intended for Iran’s nuclear enrichment program. Mark Koelmel of the company’s earth sciences department says that they are likely to not be the last, though.

“We’re finding it in our systems and so are other companies,” says Koelmel. “So now we have to deal with this.”

Koelmel claims that the virus did not have any adverse effects on his company, which generated a quarter of a trillion dollars in revenue during 2011. As soon as Chevron identified the infection, it was taken care of immediately, he says. Other accidental targets might not be so lucky though, and the computer worm’s complex coding means it might be a while before anyone else becomes aware of the damage.

“I don’t think the US government even realized how far it had spread,” Koelmel adds.

Discovered in 2010, the Stuxnet worm was reported with all but certainty to be the creation of the United States, perhaps with the assistance of Israel, to set back Iran’s nuclear enrichment program as a preemptive measure against an eventual war. Only as recently as this June, however, American officials with direct knowledge of the worm went public with Uncle Sam’s involvement.

In a June 2012 article published by The New York Times, government agents with direct knowledge of Stuxnet claimed that first President George W. Bush, then Barack Obama, oversaw the deployment of the worm as part of a well-crafted cyberassault on Iran. Coupled with another malicious program named Flame and perhaps many more, Stuxnet was waged against Iran as part of an initiative given the codename “Olympic Games.” Rather than solely stealing intelligence through use of computer coding, the endeavor was believed to be the first cyberattack that intended to cause actual hard damage.

“Previous cyberattacks had effects limited to other computers,” Michael Hayden, the former chief of the CIA, explained to the Times earlier this year. “This is the first attack of a major nature in which a cyberattack was used to effect physical destruction.”

On the record, the federal government maintains ignorance on the subject of Stuxnet. With American companies perhaps soon coming out of the woodwork to discuss how they were hit, though, the White House may have to finally admit that they’ve had direct involvement.

After the Times published their expose in June, Senator Dianne Feinstein, chairwoman of Intelligence Committee, called for an investigation to track down how the media was first made aware of America’s involvement in Olympic Games.

"I am deeply disturbed by the continuing leaks of classified information to the media, most recently regarding alleged cyber efforts targeting Iran's nuclear program,” Feinstein said through a statement at the time. “I made it clear that disclosures of this type endanger American lives and undermine America's national security."

When Feinstein spoke to DC’s The Hill newspaper, she said, "the leak about the attack on Iran's nuclear program could 'to some extent' provide justification for copycat attacks against the United States." According to the chairwoman, "This is like an avalanche. It is very detrimental and, candidly, I found it very concerning. There's no question that this kind of thing hurts our country."

Just last month, a shadowy Iranian-based hacking group called The Qassam Cyber Fighters took credit for launching a cyberattack on the servers of Capital One Financial Corp. and BB&T Corp., two of the biggest names in the American banking industry. Days earlier, Google informed some of its American users that they may be targeted in a state-sponsored cyberattack from abroad, and computer experts insist that these assaults will only intensify over time.

“We absolutely have seen more activity from the Middle East, and in particular Iran has been increasingly active as they build up their cyber capabilities,” CrowdStrike Security President George Kurtz told the Times.

Speaking of the accidental impact Stuxnet could soon have in the US, Chevron’s Koelmel tells the Journal, "I think the downside of what they did is going to be far worse than what they actually accomplished.”

Monday, October 29, 2012

WINDOWS - Microsoft's Shift Towards Tablets

"With Windows 8, Microsoft Makes Big Shift Away From PCs Towards Tablets" PBS Newshour 10/26/2012


SUMMARY: Microsoft has revealed its biggest makeover so far to the operating system found on nine out of every 10 computers in the world. Ray Suarez talks to Forrester Research's Charles Golvin about how Microsoft's decision to focus on tablet-style computers will impact consumers and the greater tech industry.

JUDY WOODRUFF (Newshour): For more than two decades, Microsoft has been a dominant force in the worlds of business and technology. But its position has been challenged and, in some ways, surpassed by Apple, Google and others in recent years. Some question its ability to innovate.

Now Microsoft is facing a pivotal moment and a crucial test, as Ray Suarez reports.

Friday, October 19, 2012

CYBER SECURITY - Attacks on U.S. Banks

"Could the U.S. Face 'Cyber Pearl Harbor'? Protecting Banks from Hacker Attacks" PBS Newshour 10/18/2012


MARGARET WARNER (Newshour): We turn to a new cyber campaign against American banking giants and growing worries about what they might foreshadow. It began late last month and continues to this day.

Two more U.S. banks are the latest targets in the spate of cyber-hits on American financial institutions. This week, Capital One and BB&T suffered disruptions on their websites, leaving customers without access to their accounts.

A group calling itself the Qassam Cyber Fighters claimed responsibility and said the attacks are retaliation for an anti-Muslim video. But some U.S. officials, like Connecticut Senator Joe Lieberman, blame the recent uptick of attacks on Iran and its elite security force.

He spoke last month on C-SPAN.

SEN. JOSEPH LIEBERMAN, I-Conn.: I think that this was done by Iran and the Quds Force, which has its own developing cyber-attack capacity, and I believe it was a response to the increasingly strong economic sanctions.

MARGARET WARNER: Also blamed on Iran, recent hits on Saudi Arabia's state oil company, Aramco and Qatar's natural gas producer, RasGas, that disabled 30,000 computers entirely.

And Defense Secretary Leon Panetta warned last week that the threat to America's vital infrastructure throughout is rising.

Monday, September 17, 2012

WINDOWS - A Better Start Menu

This post is about my suggestion on a way for users to have a better Start Menu in Windows.

To summarize, instead of having all applications listed under [Programs] in the Start Menu (WinXP), have categories of applications. Here's my Start Menu:

As you can see, I have expanded to my [Games], [Adventure & RPG] category.

How did I do this? Edit the Start Menu folder:

In my opinion, this type of Start Menu is much simpler to navigate that dumping everything under [Programs].

Also, the shortcuts in this scheme are only those needed to run the app, or those related and used regularly. (how may times are you actually going to use the "Uninstall" shortcut, so why have it?)

Also, after installing applications and coping the needed shortcuts to my scheme, I move its [Programs] entry to a [Smenu] folder I create in the home-folder of the app so I do not loose what the install created.

You can do this in Windows 7 where Start Menu folder paths are:
  • Win7 User Start Menu:
    C:\Users\profile-name\AppData\Roaming\Microsoft\Windows\Start Menu\
  • Win7 All Users Start Menu:
    C:\ProgramData\Microsoft\Windows\Start Menu\ (normally this is a hidden folder)

Give it a try.

Wednesday, August 15, 2012

INTERNET - Guarding Personal Information

"A Perilous Cyber World: Guarding Personal Information from Hackers and Thieves" PBS Newshour 8/14/2012


JEFFREY BROWN (Newshour): And we begin an occasional series about the way we live ever more of our lives online in the digital age, and some of the risks and rewards connected with this evolution.

In coming segments, we will discuss the connections and disconnections of online life, the differences between engaging online and in the physical world, and what does it mean exactly when a video go viral.

We begin with a look at just how much of us, our identities, are online, and how vulnerable that can make us.

Mat Honan learned this firsthand recently when he was hacked and lost control of his phone, email and personal computer. He told the tale in "Wired" magazine, where he's a technology writer.

Also joining us is Peter Pachal, who watches this world closely as the technology editor for the Web site Mashable.

As a long-time computer & IT professional, my advice for Laptop and Desktop PCs:

  • The HIGHEST security is NOT to be online unless you need to be, this includes turning off your system when you are not using it
  • Passwords - The old advice about NOT using any part of your name or your wife's or children's, even your pets', applies
  • Passwords - Do NOT use any part of an address where you have lived, worked, or gone to school
  • Passwords - Do NOT use your nickname(s)
  • Passwords - Do NOT use birthday dates; yours nor your family's (not even if you reverse or scramble, more later)
  • Passwords - DO have one Master Password that is for very limited use, examples: system Administrator Account (NEVER have a blank password for Administrator), access to a password management tool you use, access to your ISP or eMail providers
  • ALWAYS, always run a good Antivirus Utility (and "free" antivirus utilities are NOT good), one that includes protection against Root-Tool-Kit, Trojans, etc, and KEEP THE DEFINITIONS UP-TO-DATE
Here's the 'more later': If you've seen the move "True Lies" with Arnold Schwarzenegger, there is a scene where one member of the 3-man team (the computer geek) has to hack into information stolen from a target's hard drive. Arny and the other member walk away making a comment that they will come back much later. They are only 5 paces away when the geek says he's in. The password was the target's wife's birth-month, the son's birth-year in reverse, and the daughter's birth-day (or something like that). This is what hackers can do with information that is just out there on record.

Sunday, July 29, 2012

LINUX - Ubuntu 12.04 LTS

Well, back to Ubuntu, specifically Ubuntu 12.04 LTS and I installed the GNOME Desktop.

Back when, I started with Ubuntu, my laptop came with it pre-installed. I left Ubuntu because they went to the UNITY Desktop.

Well UNITY Desktop sucks, really. Talk about making things hard to find.

Of course Ubuntu 12.04 LTS installs with the UNITY Desktop, but it was very easy to install the GNOME Desktop after I was sure Ubuntu worked.

Ubuntu 12.04 with GNOME Classic Desktop
  1. Got Ubuntu working the first time after install
  2. Got folder sharing working in just a few clicks (incl prompt for SAMBA install and auto setup)
  3. After sharing worked, got my shared-printer (via my WinXP desktop system) in just 3 steps
  4. Installed GNOME Desktop (via Terminal commands) and chose the environment after reboot (at the logon dialog)
  5. Almost forgot, Ubuntu recognized my laptop's camera, the other distributions I tried did not
  6. The other reason for Ubuntu is that it includes built-in Upgrade, you do not have to do a full install 
  7. Found the Synaptiks Touchpad Management utility in the Ubuntu Software Center, which allows you to disable the touchpad when your mouse is connected !!!
So, my laptop is working (so far) flawlessly.

PS - Live and Learn:

There is a warning about installing the GNOME Shell (aka Desktop). Use only one method.

There are many souces to do this, which is the too-many-chefs symptom of OpenSouce software.

  • You CAN install the shell from Ubuntu's Software Center, just search "gnome."
  • Alternate method is go to the source, GNOME. At the bottom of this page is the "click away" link to install GNOME on Ubuntu. 
  • Alternate method (which I used) is to use Termainal commands. The one I recommend is "Installing Gnome 3 on Ubuntu 12.04" article, which uses the GNOME3-Team Repositories. Make sure in get the GNOME Tweak Tool. This method gives you the Enviroment Select Menu (upper-right icon in logon) shown below. Of course I selcected GNOME Classic.

Tuesday, July 17, 2012

LINUX - openSUSE 12.1

Time for an update.

As I have said in previous articles, I have a laptop that I got for the purpose of leaning Linux OS.

It came with Ubuntu installed, I loaded Linux Mint 10 next.  I just loaded openSUSE 12.1 with the KDE desktop. This is an OpenSource version of  Novell SUSE.

This version, or distribution, comes with GNOME and KDE (default) desktops, so you can choose which to install.  I choose the KDE desktop because it looks more Windows-like.

GNOME Desktop
My KDE Desktop

Although I am still experimenting with my installation, I have already found some nice features:
  • It can be upgraded without doing a full-install (Linux Mint 10 does not have this feature built-in)
  • Right-click the [Application Launcher] icon (far left, Gecko icon) and it has a Menu Editor option
  • Note ALL icons you see, including those in the Taskbar, are Widgets in this distribution, and I found out that you have to Lock Widgets if you don't want a screw-up
  • It includes a Touch Pad utility that has the option to disable the touch pad if an USB Mouse is connected (nice, very nice)
  • Note that the Taskbar is made up of Panels and Widgets, which you can add Widgets and move components IF you Unlock Widgets

My KDE Desktop with Application Launcher open

Note I had to change the launcher configuration (right-click Gecko icon to see option) to Disable Hover to make it easier to use.

My Taskbar close up
I am still playing around with openSUSE, but here's some things I've already found NOT-up-to-muster:
  • The included version of System Information (sysinfo) does not work like the one Linux Mint 10 had which could generate a full report on everything on my system that I could print
  • Finding some apps in the Application Launcher can be difficult, but it does have a Search Bar which occasionally shows an app that I could NOT navigate to (the search-result does not show location)
  • I am still trying to get the [SHARE] folder to actually share with my WinXP Desktop (getting help from forum experts), it was much easier in Linux Mint 10
Well, that all for now. I'll likely be updating this post.

UPDATE (as promised):

 My run of openSUSE failed...
  • Had 3  crashes that cause me to do a full reinstall
  • Never got SAMBA sharing to work properly (caused one of the crashes)
  • Since sharing did not work, of course I couldn't connect to my shared pringer
So, on to something else....

Thursday, June 7, 2012

INTERNET - Google Warning for GMail Users

"Google to warn users targeted by state-sponsored attacks" by Josh Rogin, Foreign Policy 6/5/2012

UPDATE: A senior Senate aide confirmed that this evening he received a warning on his Gmail account that Google suspected he had been the target of a state-sponsored cyber attack.

Web giant Google is about to announce a new warning informing Gmail users when a specific type of attacker is trying to hijack their accounts -- governments and their proxies.

Later today, the company will announce a new warning system that will alert Gmail users when Google believes their accounts are being targeted by state-sponsored attacks. The new system isn't a response to a specific event or directed at any one country, but is part and parcel of Google's recent set of policy changes meant to allow users to protect themselves from malicious activity brought on by state actors. It also has the effect of making it more difficult for authoritarian regimes to target political and social activists by hacking their private communications.

"We are constantly on the lookout for malicious activity on our systems, in particular attempts by third parties to log into users' accounts unauthorized. When we have specific intelligence-either directly from users or from our own monitoring efforts-we show clear warning signs and put in place extra roadblocks to thwart these bad actors," reads a note to users by Eric Grosse, Google's vice president for security engineering, to be posted later today on Google's Online Security blog, obtained in advance by The Cable. "Today, we're taking that a step further for a subset of our users, who we believe may be the target of state-sponsored attacks."

When Google's internal systems monitoring suspicious internet activity, such as suspicious log-in attempts, conclude that such activities include the involvement of states or state-backed initiatives, the user will now receive the specialized, more prominent warning pictured above. The warning doesn't necessarily mean that a user's account has been hijacked, but is meant to alert users that Google believes a state sponsored attack has been attempted so they can increase their security vigilance.

Google wants to be clear they are not singling out any one government for criticism and that the effort is about giving users transparency about what is going on with their accounts, not about highlighting the malicious actions of foreign states.

"If you see this warning it does not necessarily mean that your account has been hijacked. It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account," Grosse writes. "You might ask how we know this activity is state-sponsored. We can't go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis-as well as victim reports-strongly suggest the involvement of states or groups that are state-sponsored."

Google insiders told The Cable that Google will not be giving out information on which governments it sees as the most egregious violators of web privacy. For Google, the new initiative is not an effort against governments but a way to help its users help defend and protect themselves.

Users who click through the new warning message will be directed to a page that outlines commonly seen security threats and suggests ways users can immediately raise their level of security on Gmail.

"We're constantly working to prevent harmful activity on our services, especially attempts to compromise our users' information," the insider said. "The primary message is: we believe that you're a target so you should take immediate steps to protect your account."

The new announcement comes only days after the company said they would alert users in mainland China when they use search terms that are likely to be censored by the Chinese government. According to another of Google's official blogs, that move was meant to improve the search experience for Chinese users by allowing them to avoid terms that would result in stalls or breaks in their search experience due to government filters.

For example, Google said that Chinese users searching the character for "river," which is "jiang" in Chinese, causes technical problems. The same character is also used in the search for former Chinese President Jiang Zemin.

Google didn't specifically mention Chinese censorship in its notice about Chinese search terms, apparently in an effort not to antagonize the Chinese government any more than necessary. Google and Beijing have been at odds since 2010, when the company announced it would no longer censor search terms on the and moved the bulk of its Chinese operations to Hong Kong.

That move followed a series of Gmail attacks in 2010, directed at Chinese human rights activists, which were widely suspected to be linked to the Chinese government. Following those attacks, the government-controlled People's Daily publicly accused Google of being an agent for U.S. intelligence agencies.

While last week's announcement and this week's announcement are both being presented by Google as user based initiatives not directed at foreign governments, Google CEO Eric Schmidt has been speaking out publicly and forcefully in recent months about the potential negative role governments can play in circumventing internet freedom.

"While threats come from individuals and even groups of people, the biggest problem will be activities stemming from nations that seek to do harm," he said in London last month.

Wednesday, May 30, 2012

CYBERSECURITY - Cyber Wars' Latest

"Sophisticated Virus Infects Computers in Iran, Mideast" by FARNAZ FASSIHI And PAUL SONNE, Wall Street Journal 5/29/2012

Thousands of computers in Iran belonging to government agencies and private companies have been infected with a highly sophisticated virus, dubbed Flame, in the latest cyberstrike against the Islamic Republic, said cybersecurity experts and Iran's telecommunications ministry.

The malware was widely detected across the Middle East in Syria, Israel and the Palestinian Authority, as well as in other parts of the world, but Iran has the largest number of infected computers, experts said.

At least three times since 2010, Iran has been targeted with sophisticated computer viruses such as Stuxnet, Duqu and Wiper. These viruses have disabled centrifuges for enriching uranium, stolen data from nuclear facilities and erased computers at the oil ministry.

The aim of Flame, said experts at Kaspersky Lab, a Russian information-technology security firm that reported the virus on Monday, was espionage, not physical damage or system interruption.

Flame, which Kaspersky said has been in operation since March 2010, was still active as of Monday morning, Alexander Gostev of Kaspersky Lab said. But after Kaspersky reported the existence of the virus publicly, Flame's operators immediately set about shutting the servers, an effort to protect the stolen data and hide the source of the virus. By Tuesday, Flame had become inactive, he said. "They are trying to hide."

The creation and operation of the Flame virus must have required a large staff, Mr. Gostev said. He estimated that at least 20 specialists would have been required to create and maintain the cyberweapon, similar to estimates of how many people invented and worked on Stuxnet.

Independent security experts said the scope of its complexity and method of operation suggests Flame was sponsored by a nation-state. It wouldn't be economically feasible, they argued, for a private corporation to run such a large-scale international cyberattack. Another reason a state is suspected is that the virus is designed to gather information but has no clear monetizing function.

Iran on Tuesday said it was a victim of cyberwarfare by Israel and the U.S., the semiofficial Fars news agency reported.

"It's in the nature of some countries and illegitimate regimes to spread viruses and harm other countries. We hope these viruses dry out," Ramin Mehmanparast, Iran's Foreign Ministry spokesman, said on Tuesday.

Iran's computer emergency response team, known as Maher, a branch of the telecommunication ministry, said on Tuesday that it was sharing research information on the virus for the first time ever on its website. Maher posted a link to antivirus software developed by its researchers to remove Flame and offered assistance to any infected organization.

Maher also said Flame was linked to an earlier cyberattack that erased data. In March, Wiper disrupted internal Internet communications at Iran's oil ministry and stole massive amounts of data.

Flame is the biggest and most high-functioning cyberweapon ever discovered, various cybersecurity experts said. It is comprised of multiple files that are 20 times larger than Stuxnet and carry about 100 times more code than a basic virus, experts said.

The most alarming feature, experts said, is that Flame can be highly versatile, depending on instructions by its controller. The malware can steal data and social-network conversations, take snapshots of computer screens, penetrate across networks, turn on a computer's microphone to record audio and scan for Bluetooth-active devices.

The cyber espionage activities described by the researchers are cyberspying techniques employed by the U.S., Israel and a number of other countries, cybersecurity specialists said. Cybersecurity researchers said the complexity of Flame's coding and comprehensiveness of its spy capabilities could suggest it was the work of a government.

Experts said they believe Flame reports back the information to a central command-and-control network that has constantly changed location. Analysts found servers in Germany, Vietnam, Turkey, Italy and elsewhere, but haven't located the main server.

White House National Security Council spokeswoman Caitlin Hayden declined to comment on Iranian accusations of U.S. involvement.

Analysts suspected Israel and the U.S. to be behind Stuxnet, but the link hasn't been confirmed. U.S. officials have declined to comment on Stuxnet's origins, but former U.S. officials said they regard it as a joint effort between the U.S. and Israel. That virus infected computers in several countries but was written to only sabotage specific systems in Iran, they said.

Stuxnet's purpose differed considerably from the apparent aim of Flame. Stuxnet was designed to damage computerized control systems running nuclear centrifuges, while Flame appears to have been designed for high-end targeted espionage. Researchers haven't found evidence of any damage to systems caused by Flame.

Israel has neither confirmed nor denied being involved with Stuxnet.

On Tuesday, Deputy Prime Minister Moshe Ya'Alon hinted that the country may be involved in Flame, saying in an interview with Army Radio, "Anyone who sees the Iranian threat as a significant threat—it's reasonable [to assume] that he will take various steps, including these, to harm it."

U.S. officials draw a distinction between cyber espionage and cyberattacks, which have a destructive or manipulative purpose and could be considered an act of war.

"We have strong beliefs that there are nations behind this malware. We assume it's related to the regimes and political situation in the Middle East," said Vitaly Kamluk, the chief malware expert for Kaspersky Lab.

Independent experts have been on the virus's trail for about a month. The International Telecommunications Union, the special agency at the United Nations that coordinates cybersecurity efforts, approached Kaspersky Lab in late April to investigate a series of incidents tied to a malware program known as Wiper. In the process of that investigation, the experts discovered Flame.

Iran's Supreme Leader Ayatollah Ali Khamenei has called the Internet a threat to national security and a dangerous double-edged knife that has benefits as well as risks.

Since 2009, Mr. Khamenei has instructed security forces to train and form units to battle cyberattacks to curb the influence of social-media websites.

In March, Mr. Khamenei issued a decree ordering the creation of the Supreme Council of Cyberspace, a committee consisting of high-level military and intelligence officials tasked with supervising cyber activity and warfare.

Monday, May 28, 2012

WINDOWS - Backups Revisited

I am re-posting this subject because of several queries via Usenet.

Having a good backup utility is the absolutely best way for restoring your system. And by "good" I mean an image backup utility, NOT a file backup.

An image backup utility takes a "snap shot" of sectors on your hard drive (not just files) which means you have your boot sector and everything else. The most efficient will image only used sectors, not the entire drive (used and blank).

I use "O&O DiskImage Pro" (compatible with all versions of Windows)

It has saved my WinXP SP3 desktop 2 times in the years I've use it.

I also use it to load a new hard drive (I needed a bigger one), connected the new drive (IDE HD0) jumpered just like the old one, booted to the DiskImage CD, recovered my backup to the new blank drive (DiskImage asked if I wanted it bootable, yes of course) booted to the drive with absolutely no problems. Already had a partition tool (link follows, Windows Disk Management cannot do this without loosing data) installed and use it to expand the used space to include the entire (now bigger) drive.

EaseUS Partition Master Professional Edition

Purchase of "O&O DiskImage Pro" includes a Boot ISO image you can write to a CD/DVD. Boot to the CD and it runs the ENTIRE DiskImage utility (Backup AND Recovery). I use this method to create backups to an external USB hard drive.

The Windows installed DiskImage (and you must install in on your system) allows you to mount your image backups as another drive, thereby you can recover individual files.

"O&O DiskImage Pro" is worth every dime ($30 for 1 copy, $50 for 3), from a very satisfied user not affiliated with O&O.

CAUTION: You should NEVER create backups WITHOUT running a virus scan FIRST!

Saturday, May 12, 2012

HARDWARE - My Home Computer Systems

OK, time for more bragging about my computers.


(click for better view)


  • Model: MS-7222

  • North Bridge: VIA P4M800 Pro/P4M800 CE/VN800/CN700 Revision 00

  • South Bridge: VIA VT8237 Revision 00

  • CPU Name: Intel(R) Pentium(R) 4CPU 3.00GHz Hyper-Threading

  • CPU Socket: Socket 775 LGA

  • Max CPU Speed: 1500 MHz

  • Maximum Memory Capacity: 1024 MBytes

  • Maximum Memory Module Size: 32 MBytes

  • Memory Slots: 2 (= 2gb memory)

  • Memory Type: DDR2

  • Disk C: 55 GB Available, 80 GB Total, 55 GB Free (Internal IDE HD0)

  • Disk D: 166 GB Available, 217 GB Total, 166 GB Free (Internal IDE HD0)

  • Disk E: 2718 MB Available, 19077 MB Total, 2718 MB Free (Internal IDE HD1)

  • Disk F: 4 GB Available, 18 GB Total, 4 GB Free (Internal IDE HD1)

  • Disk H: 51 GB Available, 149 GB Total, 51 GB Free (External Firewire)

  • Disk J: 321 GB Available, 485 GB Total, 321 GB Free (External Firewire partition)

  • Disk K: 398 GB Available, 445 GB Total, 398 GB Free (External Firewire partition)

  • Video Card: nVidia Corporation GeForce 7900 GS 512mb AGP

  • HP DVD Writer 1035r (Internal IDE)

  • Memorex Recorder 1394/USB20 Drive IEEE 1394 SBP2 Device (External Firewire)


(click for better view)

  • CPU: 2x Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz

  • Memory: 2021MB (278MB used)

  • Operating System: Linux Mint 10 Julia

  • Kernel: Linux 2.6.35-32-generic (i686)

  • Compiled: #67-Ubuntu SMP Mon Mar 5 19:35:26 UTC 2012

  • C Library: GNU C Library version 2.12.1 (stable)

  • Default C Compiler: GNU C Compiler version 4.4.5 (Ubuntu/Linaro 4.4.4-14ubuntu5.1)

  • Display Resolution: 1280x800 pixels

  • OpenGL Renderer: Mesa DRI Mobile Intel® GM45 Express Chipset GEM 20100330


  • X11 Vendor: The X.Org Foundation
  • Monday, April 23, 2012

    HARDWARE - Intel 13 Quad-Core!!!!

    "13 Quad-Core Intel Ivy Bridge Chips Expected" by Ian Paul, PC World 4/23/2012

    Intel's new Ivy Bridge chips are expected Monday, promising significant improvements in speed and power usage plus built-in USB 3.0 support all wrapped in a smaller package compared to Intel's current Sandy Bridge chips.

    The first wave of Ivy Bridge chips will reportedly include 13 quad-core processors designed primarily for desktops. Dual-core processors meant for Ultrabooks, such as Intel's Cove Point concept device, and other hardware will roll out "later this spring," according to a BBC report.
    Tri-gate Transistors

    The BBC forecast is in line with Intel announcements such as one last Wednesday that the first round of Ivy Bridge chips aren't for Ultrabooks. The new chips are also the first to use Intel's new 22-nanometer manufacturing process as opposed to Sandy Bridge's bulkier 32nm design. To give you an idea of how small 22nm ,is Intel says you could fit 100 million 22-nanometer transistors on the head of a pin (about 0.05 inches in diameter).

    Ivy Bridge transistors are also different from those on previous chips thanks to Intel's new tri-gate technology. Instead of cramming flat, two-dimensional transistors onto each processor, Ivy Bridge chips have 3D transistors that use a small fin rising up from the silicon surface. Intel previously said the new transistors will allow its chips to be up to 37 percent faster than previous processors. However, the BBC quotes Intel Vice President Kirk Saugen claiming the first round of Ivy Bridge chips will improve performance and power efficiency by 20 percent compared to Sandy Bridge.

    Intel's hardware partners are reportedly working on more than 300 mobile products, according to Saugen, and more than 270 different desktop devices (including many all-in-ones) using Intel's Ivy Bridge microarchitecture. That may be good news for Mac ,fans who are hoping to see new Ivy Bridge chips in upcoming all-in-one iMacs since the new processors may not be coming to MacBooks right away. Servers packed with Ivy Bridge-based Xeon chips are also expected before the summer. Details about upcoming Windows desktops packed with Ivy Bridge processors could come Monday or later in the week.

    Intel's Ivy Bridge launch in late April comes after reports that a manufacturing delay would set the launch back to as late as June.

    Cute video

    Thursday, April 19, 2012

    WINXP - Corrupted Icon-Cache UPDATED

    At work there was a WinXP Pro SP3 system that had the wrong icon for C:

    After much hair-pulling I found the cause was the user had placed Setup.exe AND an Autorun.inf file in the root. This caused the C: icon to change to the icon for Setup. Deleting both files from the root was the main fix, but had to also fix the Icon-Cache file.

    Also, the Icon cache can be corrupted by other causes that the one above.

    IMPORTANT: The Icon-Cache is NOT actually needed! My home and work WinXP desktops to not have one and they work just fine.

    Here's how to get rid of the need for the Icon-Cache:

    You disable the offline file replication in Windows XP

    Open My Computer, select [Tools], [Folder Options], [Offline Files] tab, then UNCHECK the Enable Offline Files check box.

    (click for better view)

    Here's how to rebuild your Icon-Cache if you have wrong desktop/Favorites icons:

    Rebuild the Icon-Cache file by deleting it
    1. Delete the hidden file Iconcache.db

    2. WinXP each user has their own file
      C:\Documents and Settings\User-Name\Local Settings\Application Data\Iconcache.db

      Win7 and Vista, see

    3. IMPORTANT - Close down all explorer.exe processes using the Task Manager
    4. (Or else it will create a faulty file during logoff/restart)

    5. Use the Task Manager (CTRL+SHIFT+ESC) to launch the explorer.exe again
    6. (Or press CTRL+ALT+DEL to perform a restart/logoff)

    7. When the Windows Explorer (explorer.exe) starts again, it will recreate a correct Icon-Cache file

    Also note that Icon Phile, mentioned in previous article, will work for changing individual Desktop Icons. It also includes a tool to rebuild the Icon-Cache.

    Tuesday, April 17, 2012

    COMPUTERS - Data Privacy and Cyber Security

    "How Will FCC's Google Street View Fine Shape Data Privacy Rules?" (1 of 2) PBS Newshour 4/16/2012


    RAY SUAREZ (Newshour): And to two stories about Internet privacy.

    First: the latest on a government investigation of Google's collection of personal data that started with taking pictures and ended up gathering a lot more.

    Google's Street View, launched in 2007, was part of the company's ambitious plan to photograph and map the entire world right down to street level. But it turned out that Street View vehicles were collecting more than just visual images. Their antennas also picked up personal information from local Wi-Fi networks, including Internet usage history and passwords.

    In May 2010, Google publicly acknowledged it had done so, but insisted that any such data collection was accidental. The Federal Communications Commission began investigating. And, on Friday, it fined the company $25,000, the maximum penalty available, for obstructing the investigation.

    In its report, the FCC said, "Although a world leader in digital search capability, Google took the position that searching its employees' e-mail would be a time-consuming and burdensome task." The FCC found Google did indeed collect personal data, but it cleared the company of charges that it had acted illegally.

    The search engine giant challenged the finding that it failed to cooperate. Instead, it issued a statement that said, "We provided all the materials the regulators felt they needed." European regulators have also investigated the company for similar reasons. Last year, the French government fined Google about $140,000.

    MAN: You're now exploring a neighborhood in our full-screen mode.

    RAY SUAREZ: In the meantime, those who would rather not see their homes on Street View do have an alternative. The company provides users the option of graying out images to meet privacy concerns.

    The FCC report generated plenty of questions over the past 48 hours about what Google did.

    We ask some of those now with two people watching this case, Jeffrey Rosen, a professor of law at the George Washington University and legal affairs editor for The New Republic, and David Bennahum, the chief executive of Punch Media, a news and entertainment network for iPads.

    "Preventing a 'Cyber-Pearl Harbor'" (2 of 2) PBS Newshour 4/16/2012


    JEFFREY BROWN (Newshour): And now to our second look at privacy online and a story about protecting computers from cyber-attacks.

    NewsHour correspondent Tom Bearden reports.

    MAN: Utahans' Social Security numbers, names, addresses, birth dates.

    TOM BEARDEN: Nine hundred thousand people had their names, addresses, and Social Security numbers stolen when the Utah Health Department's server was hacked. This kind of thing happens more often than most people realize: Web sites taken down, high-tech secrets stolen, intellectual property rights violated, and individuals swindled.

    But Douglas Maughan says there's much more at stake than just crime. He heads the Department of Homeland Security's Cyber Security Division.

    Thursday, April 5, 2012

    GAMES - Video Games As Art

    "'The Art of Video Games' at the Smithsonian American Art Museum" PBS Newshour 4/4/2012

    "The Art of Video Games" at the Smithsonian American Art Museum is one of the first exhibitions to explore the 40-year evolution of video games as an artistic medium. Featuring 80 games and 20 video games systems, starting with the Atari VCS in 1976 and ending with today's Sony PlayStation 3, the exhibit walks through the tremendous advances in design, technology and storytelling.

    Last year, the museum invited the public to help select the video games to be included in the exhibition. From a list of 240 games chosen by guest curator Chris Melissinos, who worked with the museum, game developers, designers, industry pioneers and journalists, more than 3.7 million votes were cast (by 119,000 people in 175 countries) to choose the 80 games.

    Art Beat talked to Melissinos about the exhibit, which runs through Sept. 30.

    So why exactly are there are video games in an art museum?

    Chris Melissinos: The answer in my opinion is very simple. Video games are an amalgam of what we consider to be traditional art. Within video games we see illustration, narrative, sculpture, painting, music, poetry, and all of these things conspire to create a form of art whose output is greater than the individuals parts. It is has never been a question that video games would be in art museum; it was at what point would we see them. And here we are today.

    Who then are the artists? What kinds of skills or talents go into making this art form?

    Chris Melissinos: When we look at video games, depending on the era, the term artist could be defined in different ways. In the earliest form of video games, the programmer was typically not only the programmer but the artist and the designer and the musician and the coder, and would even do the artwork on the boxes of these particular games. Today, video games, because of their complexity, because of their ability to tell very large, grand stories, we may see teams of artists and designers and developers of 200 or more working toward the goal of a single vision. So much like you would see a very large movie by Steven Spielberg -- it was not just Steven Spielberg who created the movie. There are other artists and people with vision who were in concert with Steven to bring those forward. It is not that different for the largest and most expansive video games that we see today.

    So many of the people that are creating video games today are just like you and me. They are everyone. They are everywhere. I think the democratization of tools have allowed for the platforms for game development to exist at the hands of just about anyone. And while many game developers may not be a household name yet, there certainly some who are. So designers like Shigeru Miyamoto, anybody who grew up playing Mario in any of its forms could probably tell you who Shigeru Miyamoto is. So, again, while we do not have necessarily the artists as front and center of the experience that people have in their home, they are certainly present and there many more than people believe.

    In an art museum you see different kinds of art. There is realism, expressionism, abstract art, surrealism and on so. Within the genre of video games, are there different kinds of art that you see?

    Chris Melissinos: Within video games one may discover many different types of traditional art. From surrealism in games like "Myst," to woodcarving and painting such as in "Okami," to abstract art to photo realism. You can take a look at the earliest games, because the technology was so limited and the power of those platforms were so anemic, that the developer had to work in very abstract terms to convey the mystery of the story that they wanted to impart. Which meant that the player had to go ahead and bring their imagination to fill in the void, to fill in the gaps the technology did not provide for the narrative to occur. You can find just about every form of traditional art reflected in video games today.

    What is the relationship between the artwork, or the video game, and the person who plays the game?

    Chris Melissinos: Video games become art through distinct voices. The first voice of a video game is that of the author, the artist or the designer. They have a story that they want to tell the world. The second voice in games is that of the game itself. How it presents itself to the player, the mechanics of that game, the possibility of space that the game provides to the player. But it becomes art in the playing of the game and that's where the third voice, the voice of the player comes in. Because what video games allow to occur is a narrative arc that retains the authority of an author or a storyteller, but allows us as players to laterally explore the environment, to pull bits of the game out that are personal to us, that are important to us and thereby creating a unique form of art for each individual person who plays.

    What makes one game more artistic than another? What are the qualities that stand out?

    Chris Melissinos: In my opinion, the term art is a very subjective term. It means something very different to anyone that tries to apply it to works of beauty and in their life. My definition is quite serviceable for myself, which is quiet simply to say if you can discover an author's intent in the work that you are observing and find personal resonance with that message, then it transcends the medium to become art. So it's very difficult to say which games are art, which games are not art. It will be different for everyone that observes it. This exhibition does not attempt to draw a line in the sand and say video games are art. I leave that for you to decide whether or not you believe video games to be art in your life.

    One of the main differences of having video games in an art museum is the interactive aspect. You can't touch a painting, but you can play a video game.

    Chris Melissinos: One of the things that you can expect in visiting an exhibition like this is to be fully engaged in the experience. The art is in the playing. That is when video games transcend just the medium to become art. It was important to engage the visitors in this exhibition and allow them to go ahead and project themselves into the games that they've enjoyed playing. So we have games that allow you to sample an era, that did something different to propel video games forward, to propel design change, to make people think differently about video games within their era. We also provide materials that help to illuminate the artists' intent, to illuminate the story that may be behind the veneer that may not be so apparent when you first played it at home.

    How did you pick the games and the game systems?

    Chris Melissinos: What I wanted to do was illustrate the impact that video games have had as an art form in American culture over its 40 year existence. I couldn't create an entire historical compendium of every machine and every game that spans those 40 years, so what instead we picked 20 systems that really stood as anchors within their respective generations, ones that the public would most identify with. Through those 20 systems we demonstrated four games of particular genres that then showed the evolution of the form of art over time. Instead of just picking 80 games, which would have been my favorite 80 picks over 40 years, I decided to make sure that we had the voice of the public represented. This is not just about my love of gaming and the art form, but about the United States' and the world's love for the form as well.

    Thursday, March 8, 2012

    COMPUTERS- Performance-Capture

    "‘Heavy Rain’ video game creator David Cage innovates with high-tech ‘Kara’ performance" by Associated Press, Washington Post 3/8/2012

    The future of performance-capture technology is right around the corner, and its name just might be “Kara.”

    David Cage of video game developer Quantic Dream unveiled a new way to simultaneously capture and digitize an actor’s performance — including voice, face and body — during a presentation Wednesday at the Game Developers Conference in San Francisco. The innovation came in the form of a 7-minute non-interactive demonstration titled “Kara.”

    In the footage, which Cage said could be entirely run on a PlayStation 3, actress Valorie Curry portrays an android named Kara who gains self-awareness as she’s being assembled by a squad of robotic arms. The virtual Kara emotively speaks in English, French and German, as well as sings in Japanese, as she converses with an operator who is heard but never seen.

    “I think the most interesting future feature in the next-gen platforms should be meaningful content,” said Cage. “Yes, technology is great and is going to be better and better, and we’ll have more power until you won’t be able to tell the difference between reality and virtual, but what are you going to use this technology for and what do you have to say?”

    Cage, who wrote and directed the 2010 thriller game “Heavy Rain,” noted that “Kara” is a demo, not Quantic Dream’s next project. He said the new technology from the French studio could be used for full performance capture, a technique where all aspects of a portrayal are recorded at once, rather than the common practice of separately capturing them.

    Unlike the methods used to capture actors’ performances in “Avatar,” Cage said the performance capture technology developed by Quantic Dream used about 90 sensors placed on an actor’s face instead of a small camera mounted in front of the actor’s noggin. It’s also faster, less expensive and requires quiet because the audio and movement are captured together.


    Friday, March 2, 2012

    INTERNET - Google's New Privacy Policy

    "Google's New Privacy Policy: Invasive, Innovative or Both?" PBS Newshour 3/1/2012


    JEFFREY BROWN (Newshour): And we turn to a big change for one of the tech industry's giants in the debate over online privacy.

    In recent weeks, Google has been alerting its more than one billion users around the world that, beginning today, the company is consolidating some 60 privacy policies of its different services into one and more closely coordinating those services into one large database.

    Here's part of how the company explains it.

    WOMAN: So, instead of over 60 policies for different Google products and features, we're introducing just one, with fewer words, simpler explanations and less legal goop to wade through. That means that when you use Google, from Gmail and search, to YouTube and calendar, you can count on one simplified policy that explains our privacy commitment to you.

    JEFFREY BROWN: Google says the move will also allow it to better serve customers by pulling together personalized information across a variety of different sites.

    COMMENT: As an IT Technician and internet user this is what I see.

    First, the personal data IS collected by Google servers, so consolidating the data from all the servers makes no difference.

    Second, I run Firefox browser with an Add-Blocker add-on, I can CHOOSE block any add, including Google adds. There are 3rd-party add-block utilities for your system and IE.

    Then there are utilities like SUPERAntiSpyware that includes the option to remove Adware.Tracking Cookies.

    You cannot protect people who leave the back door unlocked from getting robbed, the same applies to people who use the internet WITHOUT paying close attention to privacy issues involved.

    Monday, February 27, 2012

    UTILITY - MozBakcup

    MozBackup (Mozilla Backup) is a utility to backup profile files for Firefox browser or Thunderbird eMail client.

    (click for better view)

    Tested at work to import Thunderbird from a WinXP desktop to Win7 desktop, which I had to use because Easy Transfer did NOT import the Thunderbird profile.

    IMPORTANT: The reason Win7's Easy Transfer did NOT import the Thunderbird was because I did the transfer when logged on as Administrator. Turns out that Thunderbird restricts access to the user account, even by the Administrator.

    This restriction ALSO applies to MozBackup, you must be logged on to the user account for it to work.

    MozBackup exported/imported Thunderbird eMails, settings, Thunderbird saved passwords, etc., without a hitch.

    Those doing a WinXP to Win7 migration should try MozBackup.

    Note that restricted access to a folder like Thunderbird uses is similar to what the better Antivirus Utilities do to protect the utilities' home folder.

    Wednesday, February 15, 2012

    WIN8 - "Borrowing" From Linux?

    "Eight features Windows 8 borrowed from Linux" by Sandro Villinger, IT World 2/9/2012

    Linux got there first, but does Windows do it better?

    "Good artists borrow, great artists steal!" -- Pablo Picasso said it. So did T.S. Eliot. And, more recently, Steve Jobs. Let's face it: If something makes sense and succeeds, it gets imitated.

    Though Windows 8 and Linux distributions differ greatly from each other in design, ideology and -- last but not least -- their primary audience, they're all built on the same basic principles of OS design so there's bound to be some overlap. And while Microsoft has long been accused of stealing from the open source community, according to some Linux fans, it's getting to the point where Microsoft simply appropriates good Linux features.

    I've been following the Windows 8 development very closely and noticed some hefty backlash on some of the features of Windows 8. This was especially true in some Linux/Windows forums and the Building 8 blog, where Sinofsky and friends write extensively about the new upcoming Windows iteration.

    All this fingerpointing made me curious about where some of the best new-to-Windows features in Windows 8 really came from and how Microsoft put its own spin on them (or not).

    1. File copy dialogue

      In an effort to create more transparency, Microsoft implemented an improved copy, move, rename and delete dialog that doesn't just show the progress of each operation, but also a throughput graph and the ability to actually pause individual copy operations.

      Oh, did that cause a firestorm in the open source community! Pretty much the same dialogue has been part of Linux's Dolphin and Nautilus file managers -- the file transfer dialogue also lets users pause operations and view multiple copy jobs in one window. We've even got the gimmicky bandwidth graph that appears once the user hits "More details".

      The Microsoft twist: When there's a problem with a file operation, Windows 8 doesn't just stop the entire process but keeps these problems in the error queue. However, it's quite obvious that Microsoft took a good, hard look at the open source world here.

      What neither Linux nor Windows 8 have is a queue feature. Of course, you could manually pause and resume individual copy operations, but that's not helping you on a massive copy job. Users of both Windows (see the comments on this post) and Linux have been waiting for this for quite a while.

    2. ISO mounting

      In Windows 8, Microsoft finally introduces mount ISO files. Once mounted, a new drive letter appears in Windows Explorer that represents the virtual CD/DVD ROM. And while it's a nice addition that lets users finally get rid of annoying third-party tools such as Daemon Tools, Power ISO or Virtual CloneDrive, both Linux and Mac have had this ability for quite a while.

      The Microsoft twist: No Linux distro does ISO mounting as easily as Windows 8, as it requires some command line trickery (or, again, third-party tools). Thanks to all commenters for chipping in: Of course, easy ISO mounting is part of various Linux distributions – both via the GUI and command line.

    3. Windows To Go

      Windows To Go allows (enterprise) users to create a bootable Windows 8 environment on a USB 2.0/3.0 flash drive. It even supports unplugging the drive, which causes the OS to freeze momentarily until you plug the Windows To Go stick back in. Awesome.

      The Microsoft twist: Obviously, such "live environments" have been around for quite a while in the Linux world, but their performance was never quite up to par with a natively running OS. Since Microsoft optimized their NTFS file system for such a scenario, Windows 8 runs fluently even on USB 2.0. Upon testing Windows To Go, I found that both boot and overall speed were far superior to any Linux live distribution I have ever tested.

    4. The Metro UI

      The basic idea for the Metro UI appeared in Media Center and Zune hardware more than 5 years ago. When you use the Metro UI for the first time, you'll see that it's a very unique way of working with a device. But Microsoft didn't pioneer the idea.

      Various Linux distros, such as Ubuntu, and the GNOME desktop environment, have tried to overhaul the user interface to fit the "one UI to rule them all" approach before Microsoft did. There's no denying that updates to the UI of Linux, especially Ubuntu, were made specifically with tablets in mind. But even the most ardent Linux users admit that touch support could by no means be called anything other than half-baked.

      The Microsoft twist: Microsoft is taking a very risky step in making the new Metro UI the default view of the new OS, but it's also much more comfortable to use either with touch or a pen.

    5. Social integration

      Linux distributions -- notably Ubuntu -- have, for a long time now, included social media integration by default. The "Me" menu, which first appeared in early alpha versions of Ubuntu 10.04, allows you to update your status to all your accounts and get important feeds directly to your desktop. And when Microsoft finally added its Tweet@Rama, Photo Picker and Socialite app to the developer preview, loyal Linux users again pointed out that this has been done before.

      The Microsoft twist: No twist here. Microsoft was simply late to catch on to the trend.

    6. Native support for USB 3.0

      In their very first blog post, the Building 8 folks explained their new native USB 3.0 stack and, of course, that news was greeted with comments of the "Linux has been doing that for three years" variety.

      The Microsoft twist: Move along. Nothing to see here. USB 3.0 devices work pretty well with Windows 7 already since hardware manufacturers provide their own drivers. Microsoft just finally implemented an industry standard.

    7. Cloud integration

      Both Windows 8 and Linux sport features that let you sync data with the cloud. In Ubuntu 11, the Ubuntu One service offers a free online backup service with 5 GB. If you want more storage space, there's always the option of purchasing an additional 20 GB for $2.99 a month.

      The Microsoft twist: Windows 8 is going to tightly integrate with SkyDrive's 25 GB online storage, which is not just for photos or music, but also allows for hosting your user account (personal settings, backgrounds, some data...) for you to log in from anywhere.

      Ubuntu, however, counters with their new Music Streaming service.

    8. ReFS

      The newly introduced ReFS (Resilient File System, codenamed Protogon) is Microsoft's next-generation file system. It will first debut in Windows Server 8, but client adoption is well underway.

      The system itself is strikingly similar to ZFS (the Z File System) and the Linux-derived Btrfs (B-tree file system) as it also supports copy-on-write snapshots when coupled with Microsoft Storage Spaces. For further security, it also provides integrity checksums and B+ Trees. Also, the increased file/volume/directory sizes are also strikingly similar to Btrfs.

      The Microsoft twist: Let's just say that Microsoft didn't do anything from scratch. While I did not dive deep into the file system drivers, I suspect that Microsoft looked very hard at some of the principles that worked years ago in both ZFS and then Btrfs and got the "inspiration" to develop something very similar.

    Stealing or innovating?

    While I won't deny that Microsoft has "borrowed" many ideas from the open source world, overall they're trying to find their own game in Windows 8.

    Friday, February 10, 2012

    SECURITY - Another Fine Anti-Spyware Utility

    (Click any screenshot for better view)

    This is about SUPERAntiSpyware that is used by corporate IT for which I work part-time in their West Coast Operations office.

    Note that is is NOT an antivirus utility. It is just what its name says, anti-spyware. You should use SUPERAntiSpyware in ADDITION to a good anti-virus utility.

    I suggest that all you need is the freeware version, which is what my company uses, then run it occasionally.

    Screenshot-1, results of the first Quick Scan of my home WinXP Desktop

    CAUTION: Note the Disabled.SecurityCenterOption threat listed. This MAY NOT be a threat since many anti-virus utilities automatically disable this option. Especially those that have their own inbuilt-firewall and disables the Windows Firewall.

    In addition, note the Adware.Tracking Cookie listed. You MAY want to consider ignoring this "family" (aka all Adware Tracking) if you shop online and want to use features provided by these cookies. Adware Cookies is listed as a threat for those who do not want their shopping preferences tracked, that consider that as a privacy issue.

    When the final results are displayed (Screenshot-1) you can click on an entry to set it to [Trust/Allow Items]. This includes the "family" = the tree-title.

    Example, in my case I set Disabled.SecurityCenterOption and Adware.Tracking Cookie as a Trusted items. (Especially since I use Blogger Adds on this blog)

    Screenshot-2, example dialog where you can set which items to [Trust/Allow] (aka ignore)

    When you right-click on SUPERAntiSpyware's Taskbar Tray icon you get the menu shown in Screenshot-3. Note that this is the only way to get to View Control Center (at least that I could find).

    Screenshot-3, Taskbar Tray icon menu (right click)

    Suggest you may want to give the free version a try.

    Friday, February 3, 2012

    INTERNET - Online Protests Win the Day!

    I'm a bit late with this news....

    "After an Online Firestorm, Congress Shelves Antipiracy Bills" by JONATHAN WEISMAN, New York Times 1/20/2012


    Congressional leaders on Friday indefinitely shelved two antipiracy bills that had rallied the Internet and rocked Capitol Hill, dealing a major defeat to the traditional media industry while emboldening a new breed of online political activists.

    Using a medium that helped organize protests against the legislation, Senator Harry Reid, the majority leader, announced via Twitter that the vote would be delayed. But he indicated that the issue, which had been scheduled for a vote Tuesday, had not died.

    “There’s no reason that legitimate issues raised about PROTECT IP can’t be resolved,” he wrote, referring to the Senate bill by its shorthand name. “Counterfeiting & piracy cost 1000s of #jobs yearly. Americans rightfully expect to be fairly compensated 4 their work. I’m optimistic that we can reach compromise on PROTECT IP in coming week.”

    In the House, Representative Lamar Smith, the Texas Republican who is chairman of the Judiciary Committee, called off plans to formally draft his version of the antipiracy bill next month.

    After vowing two days ago to move forward, Mr. Smith said in a statement on Friday: “The committee remains committed to finding a solution to the problem of online piracy that protects American intellectual property and innovation.” But he added, “The House Judiciary Committee will postpone consideration of the legislation until there is wider agreement on a solution.”

    Speaker John A. Boehner, talking with reporters Friday in Baltimore, where House Republicans held their annual retreat, called the bill “well meaning,” but said it needed “more consensus.”

    Supporters of the shelved bills as well as opponents pushing an alternative backed by the Internet giants Google and Facebook said differences could be bridged. But privately, Congressional aides and lobbyists say the pressures of an election year make action this year unlikely. Lawmakers will not be eager to brave another firestorm incited by Google, Facebook, Twitter, Wikipedia and other popular Web sites.

    Senator Ron Wyden, Democrat of Oregon and a key opponent of the bills, said lawmakers had collected more than 14 million names — more than 10 million of them voters — who contacted them to protest the once-obscure legislation.


    Debating SOPA. UP with Chris Hayes
    MSNBC (18:44)

    Monday, January 23, 2012

    INTERNET - Online Piracy Fight, Push-Back

    "Hackers Retaliate Against DOJ in Raging Online Piracy Fight" PBS Newshour 1/20/2012


    MARGARET WARNER (Newshour): It's one of the largest criminal copyright cases ever brought. The target is a website based in Hong Kong that's been used to share large files, including movies, videos, television shows, e-books, games, and music.

    It's called Megaupload, and the heavily visited site is said to have 150 million registered users and 50 million visits a day. Now it stands charged with storing and distributing pirated material, and thus robbing copyright holders of more than $500,000.

    Yesterday, the Justice Department shut it down and released indictments against seven executives. Four were arrested at the New Zealand mansion of its founder, who goes by the name Kim Dotcom.

    Within hours, the hacker collective called Anonymous retaliated, shutting down the websites of the Justice Department and major media groups, including Universal Music and the Motion Picture Association of America. The government's crackdown came one day after this week's online protests against anti-piracy bills in Congress.

    Another excerpt

    CECILIA KANG, The Washington Post: So there's a lot of -- there's a lot of suspicion around the timing of this. But these are two -- one should keep in mind that these are two discreet issues. There's the federal indictment of a criminal case, and then there are the two bills right now that are being proposed on the Hill that I should say actually have been on hold, today were put on hold because of all the controversy around them.

    Friday, January 13, 2012

    INTERNET - Domain Names Controversy

    "Domain Names: Debating the Effects of a Dot-Anything World" PBS Newshour 1/12/2012


    RAY SUAREZ (Newshour): Since the earliest days of the Internet, Americans have gone to Web addresses with familiar names to the right of the dot, as in dot-com or dot-org.

    Starting today, the company that assigns what are called domain names is making a big change. It's rolling out a program meant to dramatically increase the number and kind of names. So, instead of a company like let's say Marriott being called, it might now choose to be called simply .Marriott.

    But it is going to cost plenty, up to $185,000 just to apply for the new name. And the total economic stakes could add up to hundreds of millions of dollars. Some businesses and lawmakers are upset with what this could mean for commerce and the future of the Web.

    We look at this now with Rod Beckstrom, the president and CEO of ICANN, the Internet Corporation for Assigned Names and Numbers. And Dan Jaffe is with the Association of National Advertisers, which is part of a coalition opposed to the rollout of the program.