California passes law to make RFID skimming illegal

Paul Mah — Fri, 03 Oct 2008 12:33:40 -0400

California this week passed a law that makes it illegal to skim data from RFID cards. Some exceptions are made, such as in the case of a healthcare worker who might need to scan an RFID-enabled health card in order to render aid, or by the police with a warrant. RFID technology is specifically vulnerable to attacks where the victim is left completely unaware, since an attacker armed with a portable reader only need to walk near to his victim in order to wirelessly access the targeted RFID card--an easy task in a crowded subway or city. It remains to be seen whether other states or countries will follow with similar laws specifically targeting this new vector.

To find out more this law:
- check out this article from PC World

Vendors scramble to fix bug that could crash Internet systems

Paul Mah — Fri, 03 Oct 2008 12:23:55 -0400

The security community is abuzz about critical vulnerabilities discovered in the TCP/IP protocol that underly the Internet. This comes on the heels of a blog posting by security researcher Robert Hansen in which he outlines some dire consequences of these flaws. Technical details have not been released to the public at this point, though the experts who discovered the problem--Robert Lee and Jack Louis from security vendor Outpost 2--say that they were able to knock-out Windows, Linux, embedded systems and even firewalls. Indeed, targeted machines could remain disabled even after the cessation of the denial of service (DOS) attack. As a result, even taking out an entire data center is a plausibility, given that the issue allows a system to mount a successful DOS attack with very little bandwidth.

For more on this issue:
- check out this article from PC World

Ballmer: Intel rubbish at making chips

Paul Mah — Fri, 03 Oct 2008 12:17:33 -0400

The Inquirer recently published a piece in which Microsoft's Steve Ballmer was reported to have made some decidedly uncomplimentary remarks about Intel at an event in London-- an event that, coincidentally or not so coincidentally, has Intel as one of its sponsors. Interviewed on stage at the "Technologies to Change your Business" event, Ballmer said that while Intel can double the number of transistors on a chip every 18 months, the microprocessor company has no way of using the traditional transistors to "make the chips run faster." What I found interesting is that Ballmer went on to lament Intel's shift from making faster processors to more processors, referring to Intel's extensive work on multi-core technology. The downside here, according to Ballmer, would be that this one change alone "mandates and necessitates ongoing OS innovation."

To read more about what Steve Ballmer said:
- check out this The Inquirer article

Skype caught in privacy snafus in China

Paul Mah — Fri, 03 Oct 2008 12:14:01 -0400

Skype has admitted that surveillance was carried out on instant messages sent from China, saying that local partner TOM Online was guilty of the eavesdropping. Apparently, a publicly acknowledged text-filter developed to block conversations with sensitive keywords was modified without the eBay subsidiary's knowledge to store and log conversations instead. The issue came to light when the eight insecure and publicly-accessible servers used to archive the millions of censored messages was discovered. Citizen Lab was able to read the messages and expose the eavesdropping (pdf). The revelation cast further doubts on the global firm's commitment to privacy, which had been promoting its Skype platform as a solution offering end-to-end encryption.

To read up more about this story:
- check out this Computerworld article

Microsoft gives OEMs an additional six months to peddle Windows XP

Paul Mah — Fri, 03 Oct 2008 12:10:43 -0400

In yet another extension to the long, long death of Windows XP, OEMs were given an additional six months in which they can sell new PCs bundled with an accompanying Windows XP recovery disc. This "downgrade" technique is an open secret that essentially allows OEMs to continue selling Windows XP while allowing Microsoft to count it as a sale in favor of Windows Vista. OEMs are eager to offer this option because they say Windows XP is what their customers are asking for. The most recent deadline for this to stop was originally January 31, 2009. It is understood that Microsoft's hardware partners are working to have this new deadline extended even further. Well, we will report on it again when that happens.

For more on Windows XP's long death:
- check out this The Register article

Microsoft to unveil its 'Windows Cloud' OS within a month

Paul Mah — Fri, 03 Oct 2008 12:08:26 -0400

Microsoft's Steve Ballmer revealed mid-week that his company will unveil what he deems "Windows Cloud" within a month. Ballmer was deliberately short on details, though it is understood that this forthcoming operating system will help developers write Internet-based applications. Article

Richard Stallman: Cloud computing is a trap

Paul Mah — Tue, 30 Sep 2008 01:23:48 -0400

Cloud computing is a term even non-IT folks would have heard about at least once by now. Indeed, the keyword has been gaining momentum over the last few years, fueled by the concept of Software-as-a-Service (SaaS) and virtualization. The idea is that IT services and processing capabilities could be more efficiently housed in a datacenter and delivered over the Internet based on demand. However, Richard Stallman, founder of the Free Software Foundation, sees cloud computing as a trap that will result in people being forced to buy into locked and proprietary systems that will only cost more over time. He minces no words when he tells The Guardian: "It's stupidity. It's worse than stupidity: it's a marketing hype campaign."

To find out more Richard Stallman's opinion of cloud computing:
- check out this article from The Guardian

Rejection of $700B Wall Street bailout slows house server to a crawl

Paul Mah — Tue, 30 Sep 2008 01:23:11 -0400

As the House of Representative narrowly rejected the $700 billion Wall Street bailout bill on Monday, another kind of carnage occurred amid the ensuing stock market plunges around the world; millions of visitors seeking pertinent information slowed the 10 servers running the House's official website to a crawl. A spokesman for these servers noted that technicians will be working through the night to handle the massive increase in traffic. Indeed, some other sites that monitor U.S. legislation, such as GovTrack.us, have taken such a beating that they were shut down temporarily. Other sites, such as those for the New York Times and the Wall Street Journal, also saw traffic surge immediately following the rejection of the bailout bill.

To read up more about this story:
- check out this article from The Register

Microsoft announces Visual Studio 2010 and .NET Framework 4.0

Paul Mah — Tue, 30 Sep 2008 01:21:02 -0400

Microsoft has announced the next version of its flagship Visual Studio tools as Visual Studio 2010. It will be tied to the next iteration of the .NET Framework, or version 4.0. The new roundup will focus on developer experience and core architecture improvements, as well as what Microsoft calls targeted experiences for specific application types. Essentially, the suite will support the latest platforms spanning clients, servers, devices and services. No actual date was given for the new technologies planned by Microsoft, except a confirmation that its name does imply the time frame of its availability. Microsoft has been known to release products well before the year in the product names.

For more about Microsoft's Visual Studio 2010:
- check out this article from eWeek

No rush to move to Chrome in the enterprise

Paul Mah — Tue, 30 Sep 2008 01:19:23 -0400

Beyond the initial fanfare, it appears that few in the enterprise are actually taking to Google's new Chrome browser at this point in time. The results from Silicon.com's "CIO Jury" poll of 12 CIOs saw a majority of executives saying that teams are not testing Chrome at all. One key sentiment appears to be that there are simply too many business applications certified for Internet Explorer to consider alternatives so soon. I suppose this should come as no surprise, given that competing browsers such as Firefox and Opera never did see many corporations switch over. More interestingly, at least one respondent hoped that the entrance of Chrome would at least force Microsoft to improve its own browser.

To read more about this survey on Chrome:
- check out this Silicon.com article

Samsung doubles the density of DDR3 modules

Paul Mah — Tue, 30 Sep 2008 01:17:58 -0400

Samsung says it has begun sampling memory modules with a density twice that of existing 1Gb chips. The 50 nm samples will result in savings of more than 40 percent in terms of power when compared to other alternatives. Article

Saudi Arabia to build fastest supercomputer in the Middle East

Paul Mah — Fri, 26 Sep 2008 10:01:00 -0400

It appears that Saudi Arabia is building a supercomputer set to rank among the top 10 supercomputers in the world--or the most powerful one in the entire Middle East region. Called "Shaheen"--which means peregrine falcon in Arabic--the supercomputer will be housed at the King Abdullah University of Science and Technology (KAUST), and is being put together by IBM. Boasting 16 racks with 65,536 processor cores, it will be able to crunch through 222 trillion floating-point operations per second. Though interim CIO, Majid Al-Ghaslan spoke about various possible uses for Shaheen, I thought it was interesting that no explicit role was actually defined.

For more about this story:
- check out this article from ZDNet Blogs

Comcast unveils new broadband policy

Paul Mah — Fri, 26 Sep 2008 10:00:22 -0400

Comcast has revealed the details of its new plan to shift from a protocol-oriented approach to a scheme based on aggregate use of bandwidth instead. This comes on the heels of an FCC decision that Comcast's earlier approach violates net neutrality. The new plan works by de-prioritizing heavy users located in a physical section of the network in which a predetermined threshold of traffic is exceeded. A user's priority is reset upon a sufficient period of time. At the moment, this threshold is set at 70 percent of either upstream or downstream traffic. The timer for re-prioritization has been pegged at 15 minutes. Obviously, actual settings might change pending tweaking by Comcast.

To read more about Comcast's new broadband policy:
- check out this ChannelWeb article

Critical vulnerability opens electrical grids to attack

Paul Mah — Fri, 26 Sep 2008 09:59:52 -0400

A critical buffer overflow bug has been found in yet another computerized control system that is used to run vital national infrastructure, such as electrical grids. Researchers from specialist firm C4 discovered the vulnerability in ABB Group's Process Communication Unit 400 (PCU400), a system that runs in varying configurations within its SCADA system. SCADA stands for supervisory control and data acquisition, a category of software applications typically used for long-range communications in power plants, telecommunications and transportation, among other things. In the case of this flaw, an attacker can compromise the server, which runs PCU400 to insert a generic electric grid malware that will result to harm to the grid. While a patch has already been issued by ABB, this advisory comes amid mounting concerns over the security risks posed to such infrastructure by terrorists and saboteurs.

For more on this story:
- check out this The Register article

Hardware dongle aids transformation of PC to Mac

Paul Mah — Fri, 26 Sep 2008 09:59:08 -0400

The EFiX is a simple USB device that allows a PC to install Apple's Leopard operating system onto a PC, assuming you are running from a short list of supported hardware. Check out this short review over at Gizmodo. Article