GrayHats Reloaded

Mac OS X v10.5 Leopard

2007-11-08T17:28:00.000-08:00

Top New Features and Improvements in Leopard

Desktop

A neat place to work.

Leopard brings a stunning new look to the desktop, and stacks provides a great new way to keep it clean.

Finder

Give your files the rock star treatment.

See your files right in the Finder and browse through them with Cover Flow. And make distant machines look like they're nearby with the new sidebar and Back to My Mac.

Quick Look

Look before you launch.

Instantly view full-size previews of your files without opening an application.

Time Machine

A giant leap backward.

Automatic backup is now built right into your Mac. With a simple one-click setup, Time Machine keeps an up-to-date copy of everything on your computer — and if you ever need to recover a lost file, Time Machine will virtually take you back in time to find it.

http://store.apple.com/1-800-MY-APPLE/WebObjects/AppleStore?productLearnMore=MB021Z/A

VIDEO: Nintendo DS 1Seg TV Tuner

2007-11-08T17:03:00.000-08:00

Slated for release on November 23rd in Japan is Nintendo's 1Seg TV
tuner for the DS, which lets users "take screenshots whenever the
closed captioning changes." Video after the break.

Adobe Hackers: We're Immune

2007-11-08T16:58:00.000-08:00

SAN JOSE -- The Russian company that created software to circumvent Adobe's e-book format argued on Monday that its conduct -- which caused the arrest and detainment of programmer Dmitri Sklyarov in a high-profile case last summer -- was not illegal.

Elcomsoft, the Moscow-based software firm, claimed that because it offered the encryption-breaking software on the Internet, the company was not subject to U.S. copyright law.

Joseph Burton, Elcomsoft's attorney, told U.S. District Judge Ronald Whyte that Elcomsoft's actions "occurred in Russia or on the Internet, and we take the position that the Internet is a place" outside of U.S. jurisdiction.

Burton said the company was not specifically "targeting" the software to Americans, but that the software was instead available to anyone on the Internet, regardless of residence.

But Assistant U.S. Attorney Scott Frewing dismissed those claims, arguing that the Internet is a "physical presence" made up of many computers in America, and that "the U.S. has every right to stop contraband" on those machines.

He added that Elcomsoft maintained a Web server in Chicago, that it hired a U.S. billing service, that it made no effort to prevent Americans from accessing its site, and that it sent e-mail messages to customers it knew were Americans.

After the 40 minutes of arguments, Judge Whyte issued no immediate decision, and both sides said that they could not predict when a decision would come.

The Elcomsoft case began with the arrest Sklyarov on July 19 at a hacking conference in Las Vegas. In the first criminal prosecution of the DMCA, the government charged him with violating Adobe's copy-protection scheme. The case generated worldwide protests, and eventually the charges against Sklyarov were dismissed in favor of a case against Elcomsoft.

ElcomSoft is charged with violating the DMCA with its "Advanced eBook Processor," a program that allowed owners of Adobe e-books to convert their e-books from the supposedly secure Adobe e-book reader format to a less-restrictive format.

ElcomSoft CEO Alexander Katalov appeared at the hearing on Monday but was not called on to speak in court.

Katalov is concerned that public and media interest in his company's legal saga has seemingly dwindled since the court allowed Sklyarov to return to Russia in December. Katalov hopes that people are still paying attention to the case, which he believes has frightening implications for anyone who creates or uses digital technology.

"Dmitri's freedom and safe return to his family and home in Moscow are so much more important for me than any kind of attention from the press," Katalov said. "But if people think that this case has been resolved, then we should all be concerned. The DMCA is an unclear and vague law that may put legitimate businesses, technological innovations and innocent people in jeopardy."

If the motion to dismiss is not granted, Katalov's lawyers intend to argue that the DMCA is "overly broad and vague in violation of the Due Process Clause of the U.S. Constitution." Pending the results of Monday's ruling, that hearing is set for April 1.

"People who know about the case smile when they learn about this date. Russians also celebrate April's Fool Day," Katalov said. "The matter, however, is far from being a joke."

Katalov's problems began when his company offered downloadable copies of the Advanced eBook Processor (AEBP) on ElcomSoft's website for $99. The program, which is legal under Russian law, was coded in part by Sklyarov.

Adobe sent ElcomSoft a cease and desist notice five days after the AEBP was released. The program was removed from the site a week later, on or around July 3, according to Katalov.

After Sklyarov's arrest, Adobe released a statement that read, in part: "The prosecution of this individual in this particular case is not conducive to the best interests of any of the parties involved or the industry."

Osama 2

2007-11-07T21:24:00.001-08:00

osama

Add to My Profile | More Videos

OSAMA SCANDAL

2007-11-07T21:13:00.001-08:00

Osama Shake

Add to My Profile | More Videos

Microsoft pits its Silverlight against all Adobe's Flash

2007-11-05T04:47:00.000-08:00

Silverlight is the new name for Windows Presentation Foundation Everywhere (WPF/E), not Windows Programming Foundation Everywhere as we said in error below. This has been corrected.

Microsoft is presenting Silverlight as a browser plug-in that can show high definition video on both PCs and Macs using VC-1, a version of Microsoft's WMV technology standardised for HD DVD and Blu-ray discs. But this is simply the thin end of a very ambitious wedge. It could also transform website development and enable a new generation of rich internet applications (RIAs) that work both online and on the desktop.

In many respects, Silverlight puts Microsoft on a collision course with Adobe, which has similar ambitions. Adobe's strategy is based on Flash and Apollo, a program in its infancy.

Silverlight enables programmers to deploy a desktop application on the web, as an RIA, using the same XML user interface code. Apollo is a run-time module that will enable programmers to run a web application (developed using Flash, Flex, HTML, JavaScript and Ajax) on the desktop. Which you choose depends on where you start and where you want to go. Users benefit either way.

But Silverlight is just the new name for WPF/E, or Windows Presentation Foundation Everywhere. WPF is the new way of developing user interfaces in Windows Vista, and is supported in XP via the Net 3.0 Framework. WPF/E provides a way of deploying powerful Vista-style programs across a network via Internet Explorer, Firefox and Apple Safari browsers. These RIAs can be deployed on Linux servers, says Microsoft.

WPF also provides a better way for web designers and developers to work together. Instead of just producing artwork, designers can create real interfaces with buttons and other controls. The designer can then give the programmer the XML (or XAML) code for use in Microsoft's development system, Visual Studio.

To generate XAML from graphics, Microsoft has launched its own range of creative tools in the Expression Suite, based on its takeover of a Hong Kong software developer, Creature House, in 2003.

Adobe owns the creative market with PhotoShop, Illustrator, Dreamweaver etc, the way Microsoft owns the business desktop with Office. But Microsoft hopes to get a toehold by offering a more powerful way of working and by leveraging its Windows-based programming system.

The move to WPF and XAML should benefit the Windows programming world, especially inside large companies with intranets. Whether it will be adopted elsewhere is open to considerable doubt. But it could nonetheless put Adobe under added pressure, especially if it's forced to reduce its high prices.

http://www.guardian.co.uk/technology/2007/apr/26/insideit.guardianweeklytechnologysection

Google Signs MySpace to OpenSocial Platform

2007-11-04T18:40:00.000-08:00

by Reuters

SAN FRANCISCO (Reuters) - Web search leader Google Inc has signed on MySpace, the world's largest social network, to its platform for allowing outside developers to write programs for social Web sites.

The addition of MySpace gives the Google platform greater strength against fast-growing Facebook, which opened up its site to developers in May and has since seen its user base grow to more than 48 million people.

Google and MySpace said on Thursday they had been working together on the project for more than a year. News Corp.-owned MySpace has some 110 million users worldwide.

Google unveiled its OpenSocial platform earlier this week, saying it would give outside developers tools to write programs for any of its social network partners.

Google had already disclosed that social networks such as LinkedIn and Friendster had joined the program, as well as some of the biggest independent developers on Facebook.

(Reporting by Amanda Beck)

Copyright Reuters 2007. All rights reserved. Users may download and print extracts of content from this website for their own personal and non-commercial use only. Republication or redistribution of Reuters content, including by framing or similar means, is expressly prohibited without the prior written consent of Reuters. Reuters and the Reuters sphere logo are registered trademarks or trademarks of the Reuters group of companies around the world.

Teen accused of hacking emergency 911 system

2007-11-04T18:38:00.001-08:00

A 19-year-old Washington state man is due in court on Monday to face accusations he hacked into emergency 911 systems and faked a call that a sent SWAT team to the home of a sleeping family 750 miles away.

Police allege Randall Ellis of Mukilteo, Washington, illegally accessed a phone system in Orange County, California and placed a bogus emergency call that appeared to come from a residence he picked at random. The caller reported as a teenaged drug user who had been shot in the shoulder and that attackers were going to shoot and kill his sister.

Shortly after the 11:30 p.m. call, SWAT officers armed with assault rifles, dogs and a helicopter descended on Lake Forrest, California, according to this article in The Orange County Register. The commotion woke one of the residents, who armed himself with a kitchen knife and slipped outside.

Officers eventually cuffed the resident and his wife as their two toddlers slept.

Ellis is scheduled to appear in an Orange County courtroom to answer to charges of computer access and fraud, false imprisonment by violence, falsely reporting a crime and assault with an assault weapon by proxy, according to the paper. Authorities believe the teen has falsified other 911 calls that created similar SWAT responses in Bullhead, Arizona; Millcreek Township, Pennsylvania and in his hometown.

Authorities call the practice “SWATting” and say it’s on the rise.

Skype Trojan steals login credentials

2007-11-04T18:26:00.000-08:00

Skype users, Beware a new Trojan that uses subtle social engineering tricks to try to steal your login credentials

The malware, which calls itself ‘Skype Defender’, poses as a security plug-in. Infected users are prompted to log-into their Skype accounts. Cleverly the Trojan displays what looks like a Skype login screen, the internet telephony company warns.

If a user enters his Skype username and password, the Trojan displays a message saying that the name and password are unrecognized.

Behind the scenes, this information - as well as all usernames and passwords saved in Internet Explorer - is sent to a hacker-controlled website. By compromising user Skype accounts, hackers gain access to SkypeOut credits, which might be resold, and a possible means to access the PayPal accounts used to pay for those credits.

F-Secure, TrendMicro, Symantec, WebSense, and FaceTime Security Labs have added detection for the Trojan. F-Secure, for example, describes it as the Skyper-B Trojan.

In recent months Skype’s Instant messaging client has occasionally been misused as a vector to spread malware. None have been particularly effective. The Skyper-B Trojan is a more serious threat because it is capable of causing victims direct financial loss, a factor that fits in with the wider shift towards malware for profit as an engine for virus creation.

Mackanapes can now can feel the pain of the fake media codec

2007-11-04T18:04:00.000-08:00

Mackanapes (sorry, my coined word) have always acted more than slightly superior to PC users.
Well, consider the fake media codec — a plague on on Windows PCs these days. Almost always on porn sites, it lures you with something that looks like this:

or this:

And so on.

Well, it’s come to the Mac. One variant of the fake Codec, DNSChanger, is now being seen on Mac porn. From Intego:

A malicious Trojan Horse has been found on several pornography web sites, claiming to install a video codec necessary to view free pornographic videos on Macs. A great deal of spam has been posted to many Mac forums, in an attempt to lead users to these sites. When the users arrive on one of the web sites, they see still photos from reputed porn videos, and if they click on the stills, thinking they can view the videos, they arrive on a web page that says the following:
Quicktime Player is unable to play movie file.
Please click here to download new version of codec.
After the page loads, a disk image (.dmg) file automatically downloads to the user’s Mac. If the user has checked Open “Safe” Files After Downloading in Safari’s General preferences (or similar settings in other browsers), the disk image will mount, and the installer package it contains will launch Installer. If not, and the user wishes to install this codec, they double-click the disk image to mount it, then double-click the package file, named install.pkg.
If the user then proceeds with installation, the Trojan horse installs; installation requires an administrator’s password, which grants the Trojan horse full root privileges. No video codec is installed, and if the user returns to the web site, they will simply come to the same page and receive a new download.

Is this just childlike schadenfreude on my part? You tell me. For years, we’ve heard snorts of derision from Mac users about the poor security of PCs. Yet that supercilious attitude (as we know from our history books) is patently dangerous, because it creates a false sense of security. Now, Mac users will need to be a bit more careful out there (‘cause when Joey wants his pr0n, he wants it now!). On the heels of the poorly-secured release of Leopard, we now find that there is no perfect protection against ~~human stupidity~~ social engineering, even for a Mac user.

(Disclaimer: We have a Mac at the house among our many computers. I like Macs. I just don’t care much for an attitude of high self-importance.)