Google Inc. has begun alerting users whenever they click on a search result that may take them to a dangerous Web site.

The new feature, which had been spotted earlier this week, goes live officially Friday, according to an announcement from The Stop Badware Coalition, which is collaborating with Google on this effort.

When users attempt to click over to a Web site considered to be potentially dangerous, Google shows users an alert page that informs them of the possible risk and gives them the option to click back to the results page or continue on to the questionable Web site.

The flagged Web sites have been reported as dangerous to The Stop Badware Coalition. Google will progressively replace the generic alert page with pages containing specific reports about the Web sites. The Stop Badware Coalition will provide these individual reports as well.

The Stop Badware Coalition is a nonprofit organization led by Harvard University and the University of Oxford and backed by Google, Lenovo Group Ltd. and Sun Microsystems Inc.

This new Google feature attempts to address a real problem: Search engines routinely display links to Web sites that download spyware and adware to visitors' PCs, exploit security vulnerabilities and attempt to scam users and include them in spam lists.

In the U.S., people land on malicious Web sites about 285 million times per month by clicking on search results from the five major search engines, according to a recent study conducted by McAfee Inc.'s SiteAdvisor unit.

Black Hat Briefings: Microsoft security chief Ben Fathi responds to a standing-room-only demo of a new technique used to plant an offensive rootkit in Windows Vista. LAS VEGAS—Ben Fathi slipped into the darkened, standing-room-only conference room and took a seat on the carpeted floor.

On the Black Hat stage, malware researcher Joanna Rutkowska, of COSEINC, was discussing a new technique that could plant an offensive rootkit in Windows Vista, Microsoft's "most secure ever" operating system.

As corporate vice president for Microsoft's STU (Security Technology Unit), it is Fathi's responsibility to deliver on Vista's security promise, and Rutkowska's claim—complete with live demo—that a key anti-rootkit feature can be easily defeated could be a public relations nightmare. But Fathi was unperturbed. Almost unnoticed in the crowd, he paid close attention to Rutkowska's slides and didn't even flinch when the room erupted in applause as the demo succeeded in loading unsigned code into Vista Beta 2 kernel (x64), without requiring a reboot.

During her talk, she described how scripts can be used to allocate excess amounts of memory to a process, forcing the target system to page out unused code and drivers. At this stage, Rutkowska showed how shell code could be executed inside one of the unused drivers, completely defeating the new device driver signing policy being implemented in Vista to only allow digitally signed drivers to load into the kernel.

Rutkowska created a one-click tool to plant the rootkit and used special heuristics to automatically find out how much memory should be allocated to "knock the unused driver." The shell code used in the demo successfully disabled signature checking in the rooted machine, rendering the system vulnerable to the loading of unsigned drivers.

Even as she basked in the success of the theoretical attack, Rutkowska offered Microsoft a pat on the back for its decision to block unsigned drivers. "The fact that this mechanism was bypassed does not mean that Vista is completely insecure," she said. "It's just not as secure as advertised."

Fathi did not say how Microsoft had fixed the issue in later Vista builds, but he received lots of advice and recommendations from Rutkowska.

Rutkowska said Microsoft should consider forbidding raw disk access from user mode, or encrypting pagefile to keep it in kernel non-paged memory. Though this may cause some performance impact.

On 8 August 2006 Microsoft is planning to release:

Security Updates

   Ten Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These
updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. Some of these updates will
require a restart.

   Two Microsoft Security Bulletins affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These
updates will be detectable using the Microsoft Baseline Security Analyzer. These updates may require a restart.

Microsoft Windows Malicious Software Removal Tool

   Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft
Update, Windows Server Update Services and the Download Center. Note that this tool will NOT be distributed using Software Update
Services (SUS).

To increase areal densities in longitudinal recording and boost overall storage capacity, the data bits must be shrunk and packed more closely together. However, if the bit becomes too small, the magnetic energy holding the bit in place may also become so small that thermal energy can cause it to demagnetize, a phenomenon known as superparamagnetism. To avoid superparamagnetism, disc media manufacturers have been increasing the coercivity (the field required to write a bit) of the media. However, the fields that can be applied are limited by the magnetic materials making up the write head.

In perpendicular recording, the magnetization of the disc, instead of lying in the disc’s plane as it does in longitudinal recording, stands on end, perpendicular to the plane of the disc. The bits are then represented as regions of upward or downward directed magnetization. (In longitudinal recording, the bit magnetization lies in the plane of the disc and flips between pointing in the same and opposite directions of the head movement.) The media is deposited on a soft magnetic under-layer that functions as part of the write field return path and effectively produces an image of the recording head that doubles the recording field, enabling higher recording density than with longitudinal recording.
Seagate has demonstrated a recording areal density with perpendicular recording of 245 Gbpsi (Gigabits per square inch) with a data rate of 480 Mbits per second – more than double the 110 Gbpsi used in today’s highest areal density disc drives – and 500 Gbpsi, which will increase the capacity of today’s drives 5-fold, is possible with the new technology.
At 500 Gbpsi, a 3.5-inch disc drive could store two terabytes of information, a 2.5-inch drive in a laptop could hold 500GB and a 1-inch drive, such as those in MP3 players, could store as much as 50GB of data.

Have you ever wondered why phone companies don't seem interested in trying to prevent the theft of mobile phones? If you have ever lost, or had one stolen, and if you are on a plan, you still have to pay the plan approximately up to 24 months, and you have to buy another handset and enter into another contract. This is more revenue for the phone company.

There is a simple way of making lost or stolen mobiles useless to thieves and the phone companies know about it, but keep it quiet.

To check your mobile phone's serial number, key in the following on your phone:

star-hash-zero-six-hash ( * # 0 6 # )

and a fifteen digit code will appear on the screen. This is unique to your handset. Write it down and keep it safe. Should your mobile phone get stolen, you can phone your service provider and give them this code. They will then be able to block your handset, so even if the thief changes the sim card, your phone will be totally useless.

You probably won't get your phone back, but at lease you know that whomever stole it can't use / sell it either.

If everybody did this, there would be no point in stealing mobile phones.

I ran across this SP to do this very easy and thought I would post it.

Exec sp_change_users_login 'Auto_Fix', 'Corrupt_Username'

The best way of finding out your optimum MTU is by pinging your ISP with packets of data to see what size you can send without the data being fragmented.

The ping command you will need to use is: ping -f -l [packet size] [www.Domainname.com]
where [packet size] is the size of the packet
start at say 1472, and work your way down until you get a responsive ping from the highest number you can.

"Packet needs to be fragmented but DF not set" indicates that the packet size is too large.
In the example above it shows that my highest responsive ping is 1402.
From this we need to add on 28 to get the maximum MTU figure.
(28 being the header size for IP + ICMP)

Do not go above 1472. (1472 + 28 = 1500 MTU) since 1500 is the maximum MTU.

syntax  PING [options] destination_host

Learn More Here.

AMD agreed to acquire graphics powerhouse ATI Technologies in a surprise $5.4 billion deal that will radically alter the landscape of the PC component industry. The deal sets the stage for combined CPU and graphics cores in 2008, the two companies said.

ATI will become "the ATI business division," within AMD, and its chief executive and president, Dave Orton, will become an executive vice president reporting to both AMD president and chief operating officer Dirk Meyer and AMD's chief executive, Hector Ruiz. The deal, if agreed to by shareholders, will total $4.2 billion in cash and 57 million shares of AMD common stock, which the company is valuing at $18.26 per share.

The combination would create a company with an estimated $7.3 billion in sales. ATI said it has received an opinion from its financial advisers that the transaction from a financial point of view is fair to its shareholders. Meanwhile, AMD said it expects that the transaction will be slightly accretive to earnings in 2007, and "meaningfully accretive" in 2008. Shareholders from both companies must still approve the transaction, which would then most likely be finalized during the fourth quarter of 2006, AMD said.

In a statement released ahead of a conference call with reporters scheduled for 8 AM EDT, AMD said that in 2007 the two companies would deliver "customer-centric platforms", specifically in the commercial and mobile computing segments and the growing consumer-electronic market.

The deal will combine ATI's established core logic and graphics expertise with AMD's microprocessors. Both ATI and AMD trail Intel in their respective segments, although the graphics market can be assessed in different ways; while Intel still holds a significant lead over ATI and rival Nvidia in total graphics chips shipped, Intel's edge disappears if integrated graphics/core logic chips are factored out of the equation. What the future will hold, however, is still somewhat vague.

"In 2008 and beyond, AMD aims to move beyond current technological configurations to transform processing technologies, with silicon-specific platforms that integrate microprocessors and graphics processors to address the growing need for general-purpose, media-centric, data-centric and graphic-centric performance," AMD said in a statement.

The deal was not expected, primarily because AMD had always positioned itself as a vendor that allowed its customers a choice of components. Intel's Centrino platform combines a processor, chipset, and communications chip.

That would seem to indicate that either ATI or AMD will see to develop communications processors, or else put a number of communications chip companies in play. AMD has traditionally encouraged its OEM vendors to buy components from both Atheros and Broadcom.

AMD has also historically struggled with debt as it struggled to build new fabs to compete with Intel, which has traditionally held more than five times the market share of AMD in the PC microprocessor space, and has sold core logic and communications chips to boot.

Abit is recalling an undisclosed number of its Fatal1ty and AN9 32X motherboards because of stability problems.

In a statement, Universal Abit said that testing had revealed a hardware issue "that eventually might affect the performance and general stability of these particular motherboards". Only a "small number" of units are affected, the company said.

The affected boards will be recalled at Abit's expense, through either its corporate headquarters or its branch offices.

The recalled boards include: the Fatal1ty AN9 32X, with serial numbers between FAN93UDC000001 and FAN93UDC002713, plus FAN93UDD000001 to FAN93UDD001648; as well as the generic AN9 32X boards, with serial numbers AN932UDC000001 to AN932UDC001407, and AN932UDD000001 to AN932UDD001000.

Both boards use the Nvidia nForce 590 chipset and an AMD AM2-socketed microprocessor.

Abit also said that boards with the following serial numbers were confirmed to be in good working order: Fatal1ty AN9 32X boards with serial numbers between FAN93UDC002714 to FAN93UDC005422; and the generic AN9 32X boards, with serial numbers between AN932UDC001408 to AN932UDC002612. The affected products are from an early batch of boards.

Outside the server business, Freescale Semiconductor (FSL) has placed a big bet on the future of a new type of memory chip known as magnetoresistive random access memory, or MRAM. This type of memory brings the best two other types of widely used memory chips, dynamic random access memory—or DRAM—typical in PCs, and NAND-type flash memory common in digital cameras and digital music players, and combines their best attributes into a single chip.

NAND flash is great for storing data over the long term, because it retains that data when the power is cut off. But when saving and retrieving data, it's slow. For its part, DRAM is fast at reading and writing data, but it loses everything when power is cut off. Freescale's MRAM chip represents what Forward Concepts analyst Will Strauss describes as "the perfect memory chip."

The only problem with MRAM chips? They don't hold much data yet. Freescale's chip holds only 4 megabits. "We'll see 16- and 64-megabit capacity out there two or three years in the future," Strauss says. He says MRAM chips will most likely be paired with other chips inside wireless phones in the coming years. As prices come down and data density rises, MRAM chips will become competitive with flash memory chips offered by companies such as Samsung and SanDisk, but not for several years.

Despite the inherent advantages of intelligent RAID, the ICH7R managed to come out on top in a number of benchmarks. With very little or no load on the CPU, I/O bus, and memory bandwidth, it's not a huge surprise that it fared so well in our tests. With heavy traffic and processor loads, the limitations of the shared bus and the benefits of intelligent RAID's integrated IOP and memory cache have a more significant impact.

Still, many users will find the RAID support from motherboards featuring the ICH7R fully adequate for typical desktop applications. If you're going above and beyond the call of normal desktop duty, look to intelligent RAID cards like the LSI Logic MegaRAID 150-4 and the Adaptec 2420SA. For many, the 2420SA's PCI-X interface is a nonstarter. But if you have a motherboard that supports it and you can stomach the price, the 2420SA delivers the goods. For the rest of us, the MegaRAID 150-4 is a fine alternative. If you're using SATA 150MB/sec drives, it's the logical choice.

If your motherboard doesn't support RAID and you'd like to include a controller, the Promise FastTrak TX4310 does it affordably. With the Promise controller, adding RAID0/1/5/10 capability to your desktop system, file server, HTPC, or bit bucket can increase the flexibility and dependability of your hard drives without the unnecessary server-class hardware and performance you don't necessarily need or want. Full Article here

Power usage at fast-growing server farms became an issue for Congress last week. The U.S. House of Representatives overwhelmingly approved a bill requiring a federal study of ways to improve the energy efficiency of servers and data centers.

The legislation, backed by IT vendors and approved by a 414-4 House vote, now goes to the Senate. If enacted, it would require the U.S. Environmental Protection Agency to recommend incentives and voluntary programs to cut power consumption at data centers in the federal government and the private sector.

Rep. Michael J. Rogers (R-Mich.), the bill's sponsor, said that he hopes the EPA study will build support for energy efficiency ratings for servers modeled on the Energy Star ratings for home appliances. It may also lead to incentives for users who buy energy-efficient servers and to rules governing servers bought by federal agencies, Rogers said.

Major IT vendors are already working on a specification for measuring the energy efficiency of servers at different performance levels so buyers can comparison-shop. In May, Standard Performance Evaluation Corp., a nonprofit standards group in Warrenton, Va., set up a committee to prepare a standard for ratification sometime next year.

"There needs to be a standard way of measuring so customers can compare efficiency between servers," said Andrew Fanara, a team leader for the EPA's Energy Star program. "Right now, they can't do that in any standardized way."

But it remains to be seen whether energy ratings will alter the buying habits of IT managers, who may be constrained by business requirements for processing speed.

YouTube, the leader in Internet video search, said on Sunday viewers are now watching more than 100 million videos per day on its site, marking the surge in demand for its "snack-sized" video fare.

Since springing from out of nowhere late last year, YouTube has come to hold the leading position in online video with 29 percent of the U.S. multimedia entertainment market, according to the latest weekly data from Web measurement site Hitwise.

YouTube videos account for 60 percent of all videos watched online, the company said. Videos are delivered free on YouTube and the company is still working on developing advertising and other means of generating revenue to support the business.

In June, 2.5 billion videos were watched on YouTube, which is based in San Mateo, California and has just over 30 employees. More than 65,000 videos are now uploaded daily to YouTube, up from around 50,000 in May, the company said.

DNK Amazon web store  is an ASP.NET 2.0 application which enables Amazon associates to make commissions on sales originated from their stores. You can start making money immediately with DNK Amazon web store; all you need is a web service key and an associate tag. DotNetKuwait.com is very proud to offer you this product absolutely free of charge. This is a feature rich application which offers you everything you need to start making money with Amazon.com.!

More details

DNK USPS Ship n Track  is a simple application which enables you to instantly integrate USPS shipping rates and shipment tracking onto your website.

More details

DNK Google Search  is an application that makes use of Google's Search Webservice. The application is written in 100% managed C# code. The application look and feel is very similar to that of Google, but can be very easily customized to fit your needs

More details

Last month, Blue Frog, the anti-spam service offered by Blue Security, was forced to roll over and accept defeat after suffering a retaliatory attack from a spammer.

Blue Security championed a DIY-style anti-spam campaign in which the company's half a million customers were encouraged to send replies to the spam they received. The idea was that the resulting traffic would overload the spammers' servers and hamper their email-sending activity severely. Indeed, some spam companies did agree to stop mailing Blue Security's customers.

Last month, however, the company's website, along with those of many of its partners, was hit by a denial-of-service attack, which is believed to have originated from a particular Russian spammer. In addition to the DoS attack the company was threatened with a second attack that the attacker claimed would include a computer virus unless the company ceased its activity. The company felt that it had no choice than to close its anti-spam operations.

Now, however, two software developers are attempting to recreate a more robust, open source version of Blue Security's anti-spam service. The developers announced their intentions in a CastleCops forum, and are searching for interested parties to participate in the project and lend support.

The project is named the Okopipi Project, Okopipi being the Amazon Indian name for the blue poison dart frog found in Suriname, South America.

According to the project's founders, 'The rules of engagement would be the same as Blue Frog. One spam equals one opt-out request. No DDoS. We [will] use bandwidth throttling [that is] sufficiently low to not overwhelm the site. It proved effective before. We see no need to change this. All actions will be approved by a steering committee.'

Comments and suggestions have been invited on the fledgling project - for full details, or to sign up to development and general discussion mailing lists, see http://www.okopipi.org/.

A core server of the popular Debian GNU/Linux distribution was compromised recently, prompting swift response from the developer team.

A mailing list post alerted users about the compromise, which affected a number of services available to developers. A followup message on debian.org indicated the compromised server has already been restored, and that a local root vulnerability in the Linux kernel was used from a compromised developer's account. The local exploit, BID 18874 (CVE-2006-2451) allows a local user to cause a DoS (denial of service) and gain privilege escalation to root.

The report indicated that even with root access, the attacker was not able to reach restricted Debian servers containing its regular and security archives. In response to the server compromise, a password audit performed by the Debian team has apparently revealed various developer accounts with weak passwords (without public key authentication) that have since been locked.

Stevens, the chairman of the Senate Commerce, Science and Transportation Committee, was speaking perhaps metaphorically during a rambling argument against a net neutrality amendment to a broadband bill. Stevens' apparent point: The Internet could be easily clogged with junk, and broadband providers should be able to separate their own content from streaming video and huge personal e-mail files.

In part, Stevens, an Alaska Republican, said, "The Internet is not something that you just dump something on. It's not a big truck. It's a series of tubes." Stevens continued: "And if you don't understand that those tubes can be filled, and if they're filled when you put your message in it, it gets in line, it's gonna be delayed by anyone who puts into that tube enormous amounts of material." Stevens went on to say that his staff sent him an "Internet" that was apparently delayed by Net congestion. (He may have meant that his staff sent him an e-mail.)

On an 11-11 vote, the committee rejected the amendment, which would have prevented broadband providers such as AT&T Inc. and Comcast Corp. from charging extra based on the type of content transmitted by Internet-based companies.

Stewart's riff on net neutrality is currently on YouTube.com. (Warning: Stewart uses a bit of off-color humor, as usual for him.) Stevens is also parodied in a techno dance mix making the rounds on the Internet.

A bit of controversy erupted this week when the blog and community Web site MySpace.com, owned by conservative businessman Rupert Murdoch, pulled another song parody, but the song was back on the site as of Thursday.

Data center managers, is there a flywheel in your future? Pentadyne Power, company is introducing a new upgrade to its flywheel-based power backup system for data centers.

Flywheels? You mean those things whizzing at about 50,000 rpm that were supposed to power automobiles? And you want to put one of those things in my data center? Do they really work? What happens if that flywheel breaks free of its housing and starts shooting around the data center carving holes in my servers?

The Electric Power Research Institute estimates that in the United States alone, electric power problems costs over $50 billion annually. At the same time, nearly 98 percent of the power grid interruptions last less than 10 seconds. The traditional way to deal with those interruptions has been using banks of lead acid batteries capable of providing an hour or two of backup. However, those batteries are heavy, have a limited lifespan and contain materials the Environmental Protection Agency would like to keep out of landfills.

Pentadyne addresses this issue with a carbon-fiber flywheel, which, in the model being introduced on July 14, has a design life of 20 years, weighs 1,300 pounds and delivers up to 190 of power for up to 2,700 kW per second of energy. The systems cost about $40,000 which is about one-third greater than the upfront cost of lead acid, but the company contends that the much longer life cycle of the product over lead acid systems and the environmental benefits tilt the equation in Pentadyne's favor over the product's life.

By using carbon fiber, the company negates the errant flywheel problem. If there is a failure, the flywheel disintegrates into thin, light, spaghetti-like fibers that stay within the containment cylinder. The company is marketing the product as an environmentally safe and responsible alternative, which can either replace lead acid backup or be used in conjunction with the lead acid backup now in operation.

Intel Corp. will launch its next-generation "Conroe" chip for desktop PCs on July 27, part of the company's efforts to recover from slumping sales by offering new products.

Intel also plans to launch its dual-core Itanium chip for high-end servers, code-named "Montecito" on July 18, and has already begun shipping them to computer vendors.

"We plan to introduce multiple chips, more than 10, over the next 30 to 60 days," said company spokesman Bill Kircos. The chips will include a standard desktop version of Conroe -- officially the Core 2 Duo -- as well as an extreme edition for gamers and other options with various combinations of features and prices.

The Conroe chip will be available to consumers almost immediately, since Intel has already begun shipping the processor to certain channels and manufacturers, Kircos said. Intel will reach full production within 30 days.

The timing is crucial for Intel, he said, because the company plans to sell Conroe during the looming back-to-school and holiday seasons; it also wants the chip to be available for corporate upgrades planned by many IT departments for the end of the fourth quarter.

Sales of Conroe will also mark the official launch of Intel's VPro platform, the bundle of features for business desktops announced in April.

Intel has generated strong profits by selling bundles of hardware and software in platforms like Centrino for mobile desktops and Viiv for home entertainment. VPro will extend the idea to business desktops.

While the once highly-feared Windows Metafile software code exploit has finally lost some of its steam, another Russia-born threat, WebAttacker, became the most widely used malware attack format in June.

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have discovered a Russian website that sells spyware kits, called WebAttacker, for fifteen US dollars (about ten UK pounds). The website, which refers to its creators as spyware and adware developers, markets the strengths of its kits, makes the kits available for online purchase and offers technical support to its buyers.

Included in the kits are scripts designed to simplify the task of infecting computers - the buyer spams out a message to email addresses, inviting recipients to visit a compromised website.

Samples found by Sophos's global network of monitoring stations used newsworthy topics to lure unwary users. One presented itself as a warning of the deadly H5N1 bird flu virus, providing links to a bogus website, which purported to contain advice on how to protect "you and your family". The other claims that Slobodan Milosevic was murdered and invites users to visit the site for more information. These websites then attempt to download the malicious code remotely onto the user's PC by taking advantage of known web browser and operating system vulnerabilities.

The new “feature” in this latest WebAttacker release appears to be the addition of an exploit for MS06-014 (MDAC vulnerability ....
http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx.) It seems Microsoft patched this in the April release, so if you're patched, you're probably safe.

It looks as if the WebAttacker folks also pulled out some of the poorer-performing exploits that were evidently not getting enough victims to make it worthwhile. But this version does still include a exploit for a slightly old Firefox.

Many clients have asked me to tell them quickly why one should select Opteron over Xeon. Well like with anything in life when you say quickly there is little ability to show all the differences and it is really unfair to all.

One of the biggest single advantages is quite clear even at a glance. Direct Connect memory access of the Opteron Processor clearly gives an edge that cannot be ignored. The lack of northbrige front side bus kicks. From the moment you touch one of these systems you can feel the power.

See the head to head comparison here.

New York State Attorney General, Direct Revenue makes "spyware." These programs track where you go on the Internet and clutter your screen with annoying pop-up advertisements for everything from pornography to wireless phone plans. Spyware can get stuck in your computer's hard drive as you shop, chat, or download a song. It might arrive attached to that clever video you just nabbed at no charge.

A must read article and Podcast if you have no time to read. Business Week! So what happens when the wicked witch is dead? They move overseas that is what happens. Without protection or at least threat of action when caught there is little any single user can do accept protect themself.

BitDefender has joined a growing list of security vendors testing tools for rootkit detection and cleanup.

The anti-virus vendor, based in Bucharest, Romania, on July 7 lifted the wraps off a new anti-rootkit utility that promises to spot and delete stealthy software programs that are used by malicious hackers to hide malware. BitDefender's rootkit cleaner will be available as a free stand-alone utility for registered beta testers.

The company's immediate plan is to add rootkit-detection features to its product suite, starting with the next iteration of its consumer Internet security suite. According to data gleaned from Microsoft's MSRT (malicious software removal tool), rootkits on Windows machines are a "potential emerging threat." Of the 5.7 million machines cleaned by the tool since January 2005, 14 percent were infected with a rootkit.

In 20 percent of the cases when a rootkit was found and removed, at least one back-door Trojan was also found, confirming suspicions that rootkits are being used to hide other pieces of malicious software from anti-virus scanners.

Microsoft has added detections for some types of rootkits to its Windows Defender desktop product, and several other security vendors—most notably F-Secure and Winternals—have shipped highly rated anti-rootkit utilities.

Simply stated, a ClickOnce application is any Windows Forms or console application published using ClickOnce technology. You can publish a ClickOnce application in three different ways: from a Web page, from a network file share, or from media such as a CD-ROM. A ClickOnce application can be installed on an end user's computer and run locally even when the computer is offline, or it can be run in an online-only mode without permanently installing anything on the end user's computer. For more information, see Choosing a ClickOnce Deployment Strategy.

ClickOnce applications can be self-updating; they can check for newer versions as they become available and automatically replace any updated files. The developer can specify the update behavior; a network administrator can also control update strategies, for example, marking an update as mandatory. Updates can also be rolled back to a previous version by the end user or by an administrator. For more information, see Choosing a ClickOnce Update Strategy.  For more information on ClickOnce

Because ClickOnce applications are inherently isolated, installing or running a ClickOnce application cannot break existing applications. ClickOnce applications are completely self-contained; each ClickOnce application is installed to and run from a secure per-user, per-application cache. By default, ClickOnce applications run in the Internet or intranet security zones. If necessary, the application can request elevated security permissions. For more information, see ClickOnce Deployment and Security.    "Full Article here"

We want offer a special thanks to Tom Childers AKA Otis Mukinfus for the little address book clickonce application he has presented to everyone as a demo. You can install the application and see how easy this type of deployment can be.  http://www.arltex.com/AddressBook/publish.htm Note: This install does not appear to work with firefox, sorry use IE.

He also offers some other code samples as well. http://www.arltex.com/ and at. http://otismukinfus.com/vault/vault.htm

CSS Tab Designer v2 (New!)

Create great-looking css-based tabs/menus effortlessly!

CSS Tab Designer is a unique and easy to use software to help you design css-based lists and tabs visually and without any programming knowledge required!

With the CSS Tab Designer, you can :

• Quickly design your list visually
• Choose from a variety of styles/colors (60+ different designs/colors supported). [ Styles Authors / Credits ]
• Generate strict xhtml compliant code

The Phalanger is a complex solution giving web-application developers the ability to benefit from both the ease-of-use and effectiveness of the PHP language and the power and richness of the .NET platform. This solution enables developers to painlessly deploy and run existing PHP code on an ASP.NET web server and develop cross-platform extensions to such code taking profit from the best from both sides. Compatible with PHP 5.0, the object model in Phalanger enables to combine PHP objects with the .NET ones. It is possible to use a class written in PHP from a .NET application or even to import a .NET class (written for example in C# or Visual Basic .NET) into PHP scripts provided that this class respects the PHP object model implemented in the Phalanger. The Phalanger is the only existing PHP compiler which produces .NET Framework MSIL bytecode.

From another point of view, Phalanger provides the .NET programmers with the giant amount of practical PHP functions and data structures - many of them reimplemented in the managed environment of the .NET Framework. The whole Phalanger class library (including functions implemented in the PHP extensions) is accessible to a .NET programmer regardless to her favorite programming language together with type information and in-library debugging.  Learn More Here   "Migrating MS Article"

MSR Strider URL Tracer is a project from Microsoft Research that enables you to scan a domain name to see the third party domains that it serves content from and/or whether the site is being redirected. In addition, the tool includes a feature that lets you generate a list of common typos based on the domain name and allows you to scan and browse the list of generate names in order to spot domains that capitalize on inadvertent URL misspellings (typo-squatting). The tool was originally developed as a way for parents to spot domains that hijack popular children sites, and often serve adult content or intrusive ads to kids that are mistyping the domain name. It offers a detailed WHOIS lookup as well as an option to block the sites, so they can no longer be accessed with Internet Explorer. Strider URL Tracer can also be very useful for webmasters or site owners that want to track down typo-squatting violations. (Please note that this a research project and should be considered a work in progress) Download it   Learn More

AMD's and Intel's microprocessors are entirely different. AMD places emphasis on SOI manufacturing (Silicon on insulator) in 90 nm and it relocates the memory controller from the chipset into the processor core. Both helps to increase energy efficiency: SOI reduces leakage currents that cause thermal resistance; the integrated memory logic shortens data paths between the CPU and the memory, while running at the processor's clock speed. Also, each AMD processor in SMP environments (symmetric multi-processing) has its own memory controller. Hence the memory bandwidth scales beautifully if you add processors, which results in great performance.

Intel pairs a classic processor design with high manufacturing efficiency: Most processors are produced using 65 nm technology and will be using 45 nm probably by the end of 2007. Small transistor structures allow the firm to add more cache to processors, or to increase the core count, or even both. Strained silicon technology, which applies silicon germanium layers in order to stretch the atomic structure, eases electron migration, which is beneficial for reaching high clock speeds. To control leakage current Intel pays close attention to maintaining the distances that separate the eight layers of today's processors.

AMD Opteron:

• It has been the faster processor, especially for floating point operations
• HyperTransport interconnects processors and core logic. This point-to-point interconnect scales much better than bus interfaces.
• Power consumption is acceptable even when under load
• Socket 940 is the basis for all Opteron models that have been released. Usually you can upgrade to one of the dual core models.
• Each processor has its own memory controller.
• No FB-DIMM memory is required. Registered DDR400 memory is enough.
• Quad core Opterons will require a Socket F platform.

Intel Xeon:

• The Front Side Bus is the interface and a potential bottleneck between the processor(s) and the chipset northbridge. The 5000 chipset widens this bottleneck by implementing separate Front Side Busser per processor (DIB).
• Dual core Xeon Paxville DP has high to very high power requirements.
• Dual Core Xeon Dempsey 5000 has high power requirements.
• Less flexible platform design: A Xeon Nocona or Irwindale (socket 604) can only be upgraded with a dual core Xeon Paxville DP. If you want a Xeon 5000 (Dempsey) or Xeon 5100 (Woodcrest) you need the 5000 chipset platform for socket 771 (Bensley).
• Quad channel DDR2 memory controller offers more bandwidth, but requires FB-DIM modules
• Intel's chipset and FB-DIMM components require more energy than the Opteron equivalents
• Quad core Xeons are technically feasible for socket 771.

The first benchmarks left very little doubt on Woodcrest's superiority at 3 GHz when compared to the fastest dual core Opteron 285 (2.6 GHz). However, we decided to provide the results at a later point as we prefer to add disciplines to the lineup that reflect various server scenarios. The benchmark section includes synthetical memory bandwidth benchmark results, showing that the quad channel solution offers an improvement, and power consumption measurements. We consider these very impressive, because they make very clear that Intel is likely to become the performance per Watt leader given the high performance in our first benchmark runs, while AMD still has the chance to remain more efficient per se.

It is pretty safe to say that Woodcrest will now be the best choice for 2P servers - as long as AMD doesn't answer with faster models and Socket F. Intel's FSB1333 interface at 333 MHz should be fast enough, and DIB makes sure that each processor receives the full bus bandwidth. While this may sound like an ample headroom for the future it actually is not: As soon as Intel's quad core Clovertown hits the market in early 2007, the Front Side Bus could easily be saturated.

However, we do not see Woodcrest knocking out AMD, since the HyperTransport architecture remains the best choice for 4P solutions thanks to its point-to-point layout and dedicated memory controller per processor. Also, socket F will accelerate HyperTransport links to make sure that multi-core processors don't suddenly saturate the interface.

Finally, Intel might have to convince SMB customers of the benefits of fully buffered memory, because a 2P Opteron system does still provide a very good value - especially if you can live with 4-8 GB of memory. FB-DIMMs will only have a serious benefit if multiple modules are deployed.
Full Article

It's not every day that a potential security risk emerges that could affect both Microsoft's Internet Explorer and Mozilla Firefox Web browsers. But it is today. Reports abound of a flaw that exists in both browsers that could allow for unintended information disclosure that could put users at risk.

Security researcher Plebo Aesdi Nael first reported a pair of vulnerabilities on a public security mailing list. Only one of the flaws affects both IE and Mozilla browsers. Security firm Secunia has rated the flaws "less critical," but the SANS Internet Storm Center noted that the risk has, "raised some of our neck hairs."

The first flaw involves HTML applications (HTAs), which, according to Microsoft, are full-fledged applications that are trusted and display only the menus, icons, toolbars, and title information that the Web developer creates. The alleged vulnerability requires a user to click on an icon which then takes advantage of the software flaw to disclose potentially confidential user information.

The second flaw involves the exploitation of the "object.documentElement.outerHTML" property. "The abuse of this property will allow an attacker to retrieve remote content in the context of the web page which is being currently viewed by the user," according to the SANS Internet Storm Center (ISC).

So an attacker could rip the data that a user has entered for other Web sites that they may be logged into and steal their user credentials for whatever malicious purpose they desire. Though Nael's original mailing list posting just identifies IE as being at risk, independent analysis by SANS ISC has shown that Firefox is vulnerable to the "object.documentElement.outerHTML" property flaw, as well.

Both Nael and Secunia have posted public proof of concept (PoC) code that demonstrates the flaw in action. Microsoft Security Response Center (MSRC) staffer Adrian Stone indicated on the MSRC blog that Microsoft was aware of the issue and is investigating. Microsoft is currently unaware of any attacks that take advantage of the flaw.

Nanosys announced that it has expanded its nanotechnology-enabled memory collaboration with Intel Corporation and Micron Technology, Inc. The collaboration utilizes Nanosys' proprietary nanostructures to address high density NAND flash memory opportunities in areas such as consumer electronics, portable storage, and personal communications .

"Our collaboration with Nanosys is part of our extensive R&D efforts to extend the technology roadmap for non-volatile memory,” said Ed So, vice president, Intel Corporation and director of California Technology and Manufacturing. "This collaboration, along with our strategic relationship with Micron, further underscores our technology leadership and commitment in non-volatile memory.”

“We are excited to be a part of this collaboration” said  Frankie Roohparvar,  vice president of NAND Development at Micron.  “Micron has taken on a leadership role in NAND technology and Nanosys' technology offers a very practical and promising approach towards addressing the continued scaling needs of the fast-growing non-volatile memory market.”

About Intel

Intel, the world leader in silicon innovation, develops technologies, products and initiatives to continually advance how people work and live. Additional information about Intel is available at www.intel.com/pressroom .

About Micron

Micron Technology, Inc. is one of the world's leading providers of advanced semiconductor solutions. Through its worldwide operations, Micron manufactures and markets DRAMs, NAND Flash memory, CMOS image sensors, other semiconductor components, and memory modules for use in leading-edge computing, consumer, networking, and mobile products. Micron's common stock is traded on the New York Stock Exchange (NYSE) under the MU symbol. To learn more about Micron Technology, Inc., visit its Web site at www.micron.com