Secure Notepad

Secure Notepad is a Notepad replacement that is (almost) identical to the original, but offers several additional security features. In addition to saving files with the standard .txt extension, you can choose the .etxt format, which allows you to encrypt your file with a password and additional key file. Furthermore, the program includes a handy fade-out feature that automatically fades the content of a text file to plain white if the Notepad window is not active.

Get It Here

The 8.0.2 update fixes the following two issues on both the Macintosh and Windows platforms.

SQL injections in web applications

The update updates server-side code generated by Dreamweaver to protect databases against SQL Injection.

Active content

The update fixes a problem with the code generated by Dreamweaver when it inserts active content such as a Flash file in a web page. In the latest versions of Internet Explorer, the generated code by Dreamweaver does not allow users to interact with the active content unless they click it. The update fixes the code generated by Dreamweaver so that users don’t have to click the active content. The update also provides a way to repair the code of existing pages with active content.

Learn More

ActiveServers, Inc. to Distribute SmarterTools Software

Markus Hahn of Coder's Lagoon offers this bit of freeware. We have put it through its paces and confirm it does a fantasic job. It makes a great free drive wipe tool as well.

One powerful file encryption and security tool for the Windows platform. As the successor of highly successful BFA97, Blowfish Advanced CS offers a bunch of new and improved features which are:

• Blowfish, Twofish, AES, RC4, TDES, Serpent, CAST
• Strong key support, handling and cryptography
• Fast: encrypts megabytes of data per second
• Data compression using LZSS, deflate and BZIP2
• Secure wiping of files and clearing of empty disk space
• Comfortable user interface with built-in file browser
• Easy working with encrypted files
• Complete integration into Windows Explorer
• Automation of daily routines by using job files
• Dozens of options to finetune the application
• Small: fits on half of the space of a floppy disk!
• Trustworthy: the complete source code is available
• Quick language switch (German and English)
• Runs on all Win32 versions, from 95 to Vista
• Personal Edition without any restrictions!

Check out the FAQ page, if you have further questions. You might want to read the change notes to get information about the latest features and fixes. Or just look at a screenshot.

If you want to give it a try, please download the installer:

Blowfish Advanced CS - Installer
(908 kB)

MD5: e1 40 82 3e ec 62 34 0f 1b 5f 3c b4 0e 63 ca 1f

The MPack toolkit has received a fair amount of media attention causing it to become one of the most desired Web browser exploit toolkits in the underground hacker scene. The original author was selling the MPack toolkit for $1000 USD, including a year of free support, and additional exploit modules for around $100 USD. Personally like the quote from the author when asked; Do you feel sorry for the people whose machines are infected by an attack? Well, I feel that we are just a factory producing ammunition. Now there is some logic for you!

However, considering the toolkit is written in a script language, it is easy to redistribute and modify. The toolkit is being sold by others now for as low as $150 USD. That is a whopping 85% off. Talk about clearance sale. The sellers likely didn't even need to buy it themselves, but rather probably found some of the multiple Web sites that did not employ standard Web site protections, allowing them to download the whole kit for free.

How it works is clearly outlined and Trend Micro does at least offer a method of discovery. What is odd with all the press about this organized criminal approach to fraud and thieft is governments, security firms, and anti virus companies of the world are doing very little. Now that the cat is out of the bag the variants will be haunting the world making the internet totally infested with poor ignorant users. As the list of variants grows each with its own twist on the base. What is at the core besides ignorance, is the social engineering part of this type of threat.

More details and articles on the topic. EWeek, Microsoft, BBC, Wikipedia

There are many marketing companies that promote web traffic to different Web pages, software installations, etc. They use what they call  'affiliate programs', paying money for every software installed or traffic generated. This web traffic is very assorted: activex, rogue-antispywares, bundles, banners, fakecodecs, iframes, etc.

Although some of these marketing enterprises can be well-intentioned, other have been specifically created by & for cybercriminals to earn money. Here we can see a gif file that was being used by one of these companies in order to advertise itself in an underground malware forum:

A short time ago, analyzing  a Trj/Sinowal variant (a banking Trojan) to discover where it was sending the information to, it was found one of these websites. It was discovered that this site had 4 different kits to install malware through exploits in the same server the page was hosted in:

There was an IcePack, a Traffic Pro, a Prime Exploit System, and a very basic kit that only used two exploits and had no name. These kits were downloading two Trojans: Trj/Galapoper and Trj/Sinowal. This is not the first time we see something similar. The web sites where they promote themselves use to be very eye-catching, here you can see some examples:

http://fantasticdollars.com/
http://iframe911.com/
http://www.iframebiz.com/
http://loads.cc/

What seems to be the solid theme throughout this whole deal is that most of the Trojan Variants are based on a kit called Mpack.

Growing up in rural Lacrosse, Wash., Robert Moore reached adolescence and discovered he was a high school misfit. Suffering from several ailments, including narcolepsy, Moore skipped playing sports, the normal path to small-town popularity.

He moved to Spokane, graduated from North Central High School and became skilled enough to land several jobs, including a project for one firm needing anti-spam software.

In 2005, a Florida man, Edwin Pena, found Moore's site and asked him to create a tool for detecting certain types of network computers that worked with a new technology, Voice over Internet Protocol, or VoIP.

About a year later, FBI agents showed up at Moore's north Spokane home and arrested him, charging him with federal wire fraud and computer hacking. They also arrested Pena in Miami. Pena, 25, jumped bail and fled the country and is believed to be living in South America.

Moore, now 23, was nabbed because he designed the software tools Pena used to bilk Internet phone companies of more than $1 million in unpaid VoIP phone charges.

Next month, Moore will begin serving two years in a federal prison at a site not yet revealed. The New Jersey federal judge who sentenced him also ordered Moore to pay $152,000 in restitution to victims of the scheme.

The case created international attention. It marked the first large-scale hacking of the VoIP system. Moore used his 12 home computers to find vulnerable network doorways, called ports.

He pleaded guilty to the charges, acknowledging his role but saying he was just a provider of information that Pena misused for personal gain.

"What I did was totally wrong, and I have to pay for it," Moore said. "But Edwin was the guy who stole the minutes and resold them. All I did was find passwords for (network computers) that he wanted to use."

Many who wrote about or discussed the VoIP break-in said Moore's use of fairly unsophisticated tools, coupled with some special software he designed, pointed out major security holes in many corporate networks.

Secure Computing back in June first reported, attackers are using a fake video link on the site to initiate infection with the Trojan, which bombards victims with porn adware, before installing data-stealing code.

To make matters worse, the only defence against such attacks on the popular video-hosting website is the diligence of YouTube's security personnel, who can remove attacks as soon as they find them. However, according to Secure Computing's Paul Henry, this gives the malware distributors a window of opportunity of at least a few hours.

It is a backdoor designed to give the attacker remote control over a compromised computer. It changes essential system settings and modifies certain files. Zlob starts automatically on every Windows startup and stays hidden in background. It waits for remote connections and allows the attacker to download and install additional software, execute certain commands and manage the entire system. Zlob can be very dangerous. Use antivirus and spyware removal tools in order to get rid of this parasite. Some of Zlobs versions pretend to be video codecs to attract people.

Kill processes:
msmsgs.exe pmsngr.exe kdqrn.exe 02.exe kdvhv.exe kdoaf.exe kdkwb.exe kdkat.exe kdlfk.exe kdefp.exe

Delete registry values:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\RegSvr32=%System%\msmsgs.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell=explorer.exe,msmsgs.exe
HKCU\Software\Internet Security\
HKCU\Software\HQvideo

Delete files:
msmsgs.exe isaddon.dll isamini.exe pmsngr.exe Programs\\Media-Codec\\ecodec.exe kdqrn.exe Temp\\02.exe kdvhv.exe Temp\\nsq3.tmp\\modern-header.bmp Temp\\nsq3.tmp\\nsExec.dll kdoaf.exe kdkwb.exe System\\kdkat.exe System\\kdlfk.exe System\\kdefp.exe

Almost 36 hours after a software problem caused widespread outages in eBay Inc.'s Skype service, engineers continue to work to fully restore this extremely popular Internet telephony and instant messaging service, while many business users deal with work disruptions.

Although steady progress was made throughout the day Friday, the problem, which has affected millions of Skype users, hasn't been fully fixed,

At midnight GMT Friday, an official provided the latest update on Skype's Heartbeat blog, saying that the sign-on problems have been resolved, but that the instant messaging presence and chat may take a few more hours to be fully operational for all.

"If you are one of the minority who may still be experiencing problems, please be patient. You do not need to adjust or restart your computer. Skype will start working for you very soon," wrote Villu Arak [cq]. "We will issue a further update when we know that Skype is functioning normally, or if there is further material news."

"The outage has had quite a profound effect on my working day, and has meant spending time setting up other chat clients and networking with colleagues via alternative means," Michael Pick, a freelance blogger and social media consultant, wrote in an e-mail interview Friday.

The partner event registration page of the Microsoft UK events website, has been defaced by a hacker who managed to discover and exploit a web application vulnerability in one of the parameters used by the form on the website, which could previously be accessed at:

http://www.microsoft.co.uk/events/net/eventdetail.aspx?eventid=8399 [taken offline]

The hacker, known by the name "rEmOtEr", managed to deface Microsoft’s page by taking advantage of an SQL Injection vulnerability in one of the parameters used by the form that was embedded in the URL of the page. This particular parameter was not being filtered, thus it allowed the hacker to pass any type of crafted code directly to the database being used by this form.

Full Article

Enable the Display of File Extensions in Vista:

1. Open a folder or open explorer
2. Click the Layout button (to the left of the Views button) as shown in the picture below.

3. Click Folder Options
4. Click the View tab
5. Uncheck Hide extensions for known file types
6. Click OK

Ok Backup just sucks in Vista so let's get a method to get a handle on things for free.

SyncToy 1.4 for Windows Vista is available as a free download from the Microsoft Download Center. The easy to use, customizable application helps you copy, move, rename, and delete files between folders and computers.

There are files from all kinds of sources that we want to store and manage. Files are created by our digital cameras, e-mail, cell phones, portable media players, camcorders, PDAs, and laptops. Increasingly, computer users are using different folders, drives, and even different computers (such as a laptop and a desktop) to store, manage, retrieve and view files. Yet managing hundreds or thousands of files is still largely a manual operation. In some cases it is necessary to regularly get copies of files from another location to add to primary location; in other cases there is a need to keep two storage locations exactly in sync. Some users manage files manually, dragging and dropping from one place to another and keeping track of whether the locations are synchronized in their heads. Other users may use two or more applications to provide this functionality.

Now there is an easier way. SyncToy, a free PowerToy for Microsoft Windows Vista, is an easy to use, highly customizable program that helps users to do the heavy lifting involved with the copying, moving, and synchronization of different directories. Most common operations can be performed with just a few clicks of the mouse, and additional customization is available without additional complexity. SyncToy can manage multiple sets of folders at the same time; it can combine files from two folders in one case, and mimic renames and deletes in another case. Unlike other applications, SyncToy actually keeps track of renames to files and will make sure those changes get carried over to the synchronized folder.

Get it Here:

US federal agents are reaching out to computer hackers for help fighting crime and terrorism as a tug-of-war between privacy and public safety continues on the Web.

The National Security Agency (NSA), the department of defence and the FBI were among the spy, military and police agencies represented at DefCon, an international gathering of hackers in Las Vegas.

Lawyers from the foundation are spearheading litigation accusing the NSA of illegally snooping on e-mail and telephone communications. NSA vulnerability analysis chief Tony Sager gave a talk at DefCon, saying the agency was increasingly sharing information with the public in the hope computer wizards wherever they may be become allies in cyber security.

Hacker Roger Dingledine is working on an "anonymity network" called Tor that bounces Internet traffic off "about a thousand" computer servers to thwart tracking who is doing what online.

"The NSA spent decades trying to do things themselves and that didn't work. I'm happy they realise other people can help," he said.

Dateline NBC associate producer Michelle Madigan was heckled and derided as she ran from DefCon, the world's largest computer hackers conference, and raced away in a car.

"They sent a moderately attractive young lady with a purse cam whose mission was to first capture someone on film admitting to a felony, which is really not cool, and second to catch a fed on film," said DefCon spokesman "Priest."

"She was basically trying to do a slam piece."

Federal agents openly, and covertly, mingle with hackers at the conference, which features a panel discussion titled "Meet the Fed."

"This is the Switzerland of hacking, neutral ground on which hackers and feds meet with a common goal of making computers safer," said Priest.

Dateline did not respond to AFP requests for comment but issued a general statement saying it does not discuss reporting tactics.

Priest and DefCon founder Jeff Moss, whose hacker name is Dark Tangent, lured Madigan to a packed conference room by putting out word they were going to have hackers finger federal agents in a game called "spot the fed."

After she was in the audience, it was announced the game was actually "spot the undercover reporter."

Without naming Madigan, Moss condemned her stealth tactics from a stage. Boos and jeers erupted from hundreds of hackers, one calling for her to be tarred and feathered.

Madigan shoved aside a DefCon "goon," one of the volunteers working at the event, and dashed from the room as the mob called for her to be booted from the premises.

Apple has issued three batches of software updates and fixes for its popular iPhone, Mac OS X operating system and the Safari 3.03 browser beta.

The iPhone fixes address a pair of Safari-related vulnerabilities that came up almost immediately after the phone's release, plus three more that were not disclosed.

A security firm called Independent Security Experts (ISE) first uncovered iPhone vulnerabilities last month and informed Apple of its findings. ISE planned to demonstrate what it found at the Black Hat security conference this week in Las Vegas.

Two of the fixes address cross-site scripting problems, one by preventing JavaScript in remote Web pages from modifying pages outside of their domain, the other by fixing an HTTP injection issue in XMLHttpRequest. Apple credited Richard Moore of Westpoint Ltd. for reporting the issue.

Apple credited the ISE crew for pointing out a heap buffer overflow problem in the Perl Compatible Regular Expressions (PCRE) library, while Apple thanked Tomohito Yoshino, of Business Architects, for reporting an error in the International Domain Name (IDN) that allows for fake URL addresses in fonts that contain look-alike characters.

Once again security researcher Joanna Rutkowska took the stage at Black Hat, and once again she set out to prove in glorious detail how to exploit and attack Microsoft Windows Vista.

This year she brought a new pill and a few more tricks to take Vista to task. "I'm going to talk about Vista kernel protection and why it doesn't work," Rutkowska boldly declared to the overflow crowd.

She then read a quote from Microsoft's Vista documentation that stated that even users with admin privileges cannot load unsigned kernel-mode code on the system. Then she smiled mischievously.

"There are thousands, maybe tens of thousands of third-party drivers that are poorly written and could be a problem," Rutkowska said.

She then displayed two examples, both from video drivers companies, to prove her point. In her view both the ATI Catalyst driver and the NVIDIA nTune Driver are bad in that they could be used as an attack vector to circumvent Vista kernel protection.

With the NVIDIA driver, Rutkowska alleged that the driver was able to read and write registers without any additional checks.

"The whole problem in NVIDIA is that the driver doesn't do the proper checks and can do a write for an arbitrary registry."

To add further insult to injury, the target machine doesn't even need to have the bad driver on the system in order for the attacker to use it as an attack vector.

"The attacker could just include it as part of their own rootkit and then use it to exploit Vista," Rutkowska said. "It doesn't matter whether it's a popular driver or not. We can bring it to the target system and exploit it." Full Article

Root Servers.

The root name server operators do not determine the content of the root zone file. The file is edited by the IANA according to a process described on the IANA web site. The root name server operators publish the file as received from the IANA. See: http://www.iana.org/root-management.htm

No Internet traffic passes through the root name servers at all. They have nothing to do with routing, note the difference in spelling. Name servers just answer queries from other parts of the DNS.

The root name servers do not store all the information in the DNS. Storing all the information in one place would be totally infeasible today. This is exactly why the DNS was developed as a distributed database. So if you register thatnewdomain.org the root zone file will not change and the root name servers will not give different answers. The ORG zone file will be changed.

The root name servers are not queried every time you browse the web or send mail. Information is cached in the DNS. Your computer will query a caching DNS server to resolve domain names. A well behaved DNS server needs to query the root name servers only once every 48 hours for each particular TLD.

In the meantime it can resolve names for that TLD without involvement of the root name servers. Because of this caching almost all DNS queries are answered without involvement of the root name servers.

The Public-Root Servers are strategically deployed around the globe. They support a global network of domain name servers that provide access to all known, non-colliding, and operational Top-Level Domains Some of their locations

In 2005 the current 12 organisations providing root name service at 13 unique IPv4 addresses. They were:

A - VeriSign Global Registry Services
B - University of Southern California - Information Sciences Institute
C - Cogent Communications
D - University of Maryland
E - NASA Ames Research Center
F - Internet Systems Consortium, Inc.
G - U.S. DOD Network Information Center
H - U.S. Army Research Lab
I - Autonomica/NORDUnet
J - VeriSign Global Registry Services
K - RIPE NCC
L - ICANN
M - WIDE Project

IBM Corp. will stop selling the BlackIce PC Protection security suite, a product that came under its wing after buying Internet Security Systems (ISS) a year ago for US$1.3 billion.

The company will stop selling BlackIce on Sept. 19, and end technical support for the product, which is just for PCs running Windows, on Sept. 29, 2008, according to ISS.

IBM said its ISS division would no longer offer desktop or server protection software for the consumer market, but also noted that the company still has security software suitable for small businesses.

After the ISS acquisition users expressed concern about how IBM would continue to sell the company's stand-alone products. ISS focuses on network security products and managed security services, selling intrusion prevention and detection systems and security appliances.

Last year, AOL said it was giving away its e-mail accounts, software and other features to users as it moved to an advertising-focused business model.

Overall revenue at AOL was $1.3 billion in the second quarter of 2007, which ended June 30, down 38% from the same quarter in 2006. Advertising revenue increased 16% to $522 million, up from the $449 million in the same quarter of 2006, but down from the 40% increases the company had reported in the last four quarters, according to the statement. AOL's operating income climbed 9% to $360 million. At the end of June, AOL had 10.9 million U.S. subscribers, a 59% drop from the 26.7 million subscribers it had in September 2002.

In the company's earnings call, Time Warner Chairman and CEO Richard Parsons said the parent company no longer thinks that AOL's advertising business will grow "at or above" the rate of growth of other U.S. Internet companies. AOL is in trouble," said Rob Enderle, an analyst at San Jose-based Enderle Group. "The market they exist in is fairly robust, and they shouldn't be showing the significant declines that they're showing."

However, Enderle said changing AOL's model was probably the right thing to do because if it hadn't, the company would have been out of business by now.

As reported by John Schwartz in today's New York Times (registration required), security firm Independent Security Evaluators has demonstrated an attack that lets a hostile Web page take full control of an iPhone and capture a user's personal data. Although there is no indication that the vulnerability is being exploited in the wild, computer scientist Steven M. Bellovin of Columbia University is quoted as saying "it looks like a very genuine hack." (You can watch a video demonstration of the attack here.)

Bellovin points out that this sort of attack is inevitable as operating systems on phones get more and more computer-like. The iPhone runs a version of Mac's OS X operating system, though Apple has been extremely stingy with details on just which pieces of OS X are included. It's not clear whether the iPhone attack, which exploits a vulnerability in the Safari browser, might also work against Macs.

To date, attacks against phones have been relatively rare and not very damaging. The Symbian operating system, which is little used in the U.S. but is popular on European and Asian handsets from Nokia and Sony Ericsson, has probably been hit the hardest. I have not heard of any successful attacks on Research in Motion's BlackBerrys. And hackers have only struck a couple of glancing blows on Microsoft's Windows Mobile software, though the threat is taken seriously enough that you can now get protective software for your smartphone from Symantec and others.

Apple likely will move to plug the hole with a patch that can be downloaded to iPhones. But this incident is a clear sign that the cat and mouse game between security experts and hackers that has long been a part of life in the world of personal computers is going to become commonplace in phones too.

Finjan, a developer of Web security products, has found what has to be the nastiest of malware yet because it inserts itself into a legitimate online banking transaction that's supposed to be protected by SSL encryption.

The company is calling this new form of thievery "crimeware," as if we needed another term to keep straight, but it's nasty stuff. In just the month of July, Finjan identified 58 criminals using the MPack toolkit to infect over 500,000 unique users.

MPack may be the most dangerous malware development kit seen yet. It is a PHP-based kit produced by Russian hackers for building mostly keylogging software. It's actually sold and supported by the Russians, complete with a service contract for new versions, and is upgraded every two to four weeks. It's not the first time a service contract has been offered for software that supports the spread of malware.
Full Article Here

Barcelona: The code name given to AMD's upcoming Quad-Core Opteron processors, made using a 65-nanometer (nm) process. AMD plans to ship the first Barcelona chips next month, with the first servers based on the processors appearing on the market in September.

Bobcat: Code name for a future low-power CPU architecture for mobile devices such as ultramobile PCs and consumer electronics products. Will consume from 1 watt to 10 watts of power. Due in 2009.

Bulldozer: Code name for a CPU core designed for servers and clients that consumes from 10 watts to 100 watts of power. Set for release in 2009.

Eagle: Code name for an upcoming notebook chip package based on the Falcon processor. To ship in 2009.

Falcon: Code name for the first Fusion chip that will combine a CPU and graphics processor. Designed for laptops, Falcon will offer up to four Bulldozer cores. Due to ship in 2009.

Fusion: The code name for AMD processors that combine multiple components with the aim of lowering power consumption and improving performance. The first Fusion chips, called Falcon, will ship in 2009.

Griffin: Code name for an upcoming dual-core mobile processor. To ship in 2008.

Hardcastle: The code name given to upcoming chip packages designed for business users, including Perseus and Puma.

Leo: Code name for a desktop chip package based on the 45nm Phenom processor, which will offer 6MB of cache. Set for release in 2008.

Perseus: Upcoming desktop chip package designed for business users. To ship in 2008.

Phenom: The brand name for AMD's quad-core desktop processors, which are slated to start shipping during the fourth quarter of 2007.

Puma: Chip package for laptops based on the Griffin processor. To debut in 2008.

Ridgeback: Code name for AMD's 45nm desktop processors. Will include 6MB of cache. To be released in mid-2008.

ComputerWorld's On the Mark: Shift to Web Has Just Begun:

At the bottom of the article is this sub article which seems to have been clipped on as some type of public service announcement. While the concerns about infrastructure are true the questions are more related to Ubuntu.

Ubuntu Live: Dog Pile on Microsoft

While certainly I am not a Linux hater; I honestly question people who think that an operating system can or should be compared to a religon. I have seen these zeolut comments all over the web for years now and it really does little to improve either the OS or its adoption.

Honestly if you talk bad about someone you achieve nothing. If you find a weakness in the MS OS, just make something better and that is all you have to do. It has nothing to do with Catholiclism verses Protestants. If you beat them at their own game that is all that is required. Saying that we have plans for server improvements in the coming year, then going off into that old time religon does nothing.

I suggest that time is better spent finding those areas where you can beat a company at their own game, and just do it. The rest means nothing and is truly a waste of time. Why would you build server OS strickly on the hate for something else. If you have a better mouse trap just build it. Seems that focusing on making Linux drop dead simple, more secure, more rapidly updated, would be more than enough to beat the hated Microsoft and their evil empire. But really likened to the Protestant Reformation?

High-Performance, Low-Power Storage Device for Mobile PCs is Light, Rugged and Reliable
Samsung's Solid-State Drive (SSD) is an advanced NAND flash-based replacement for traditional hard disk drives, leveraging the company's longtime leadership in memory technology. This next-generation solution offers several advantages over rotating magnetic media such as significantly lower power consumption, remarkable ruggedness, high reliability, less weight and outstanding performance.

Why Samsung chose an ATA-66 interface rather than ATA-100 or ATA-133 is rather bizarre, but seeing as there is no cache implemented on the SSD and the total read speed is limited to just under ATA-66, it is likely the two have just been matched together. A SATA version at 150MBit/s probably won’t actually offer any extra performance, just a more common interface. At a current street price of 595.00 the 1 terrabyte disk looks more attractive for the desktop. Though there is something to be said for using this in a laptop.

That being said the performance is almost always better than a 7200RPM hard drive, with certain aspects like boot times significantly so. However, for a few seconds less wait would you shell out six times more money for five times less space? Only those people who desire the latest $1000 CPUs and a couple of 8800 Ultras will be seriously considering an SSD, of which a couple Raid 0 Raptors might offer a more attractive proposition, certainly so from a bragging rights perspective. Though we get closer every year it just is not ready for prime time.

Consider the following scenario. You install Microsoft Windows Server 2003 with Service Pack 2 (SP2). You create an ASP Web application that uses the Session_OnEnd() event. You host the ASP Web application in Microsoft Internet Information Services (IIS) 6.0. You run an ASP Web application that uses the Session_OnEnd() event. In this scenario, the Session_OnEnd() event is not raised in ASP Web applications as expected. Therefore, you may experience slow computer performance or memory leaks.

HotFix Here

Think you're smart at recognizing online scams? Take a quiz to find out. Visit http://tinyurl.com/ytec4u

McAfee Inc.'s SiteAdvisor service has created a 10-question test to see whether you can spot "phishing" attempts to steal passwords and other personal information by mimicking popular Web sites such as eBay Inc.'s PayPal and News Corp.'s MySpace.

If you forward your mail and click the Report as Spam button you are blocking your own mail server.

Instead of blaming your provider for the problem perhaps just do a search. You will find out that now Comcast has gone right to the top with lame email servers they are only matched by AOL.

Due to strict spam policies with Comcast and AOL and blacklisting our mail servers as a result of clients forwarding their email, we have been forced to change our policy with regard to email.

We have been left with no other course of action than to block forwarding to these domains server wide. Mail will no longer be allowed to be forwarded to any ISP that will easily blacklist a server with no way for the end user to whitelist an email address or domain name. This is to prevent issues with companies like AOL or ComCast blacklisting our servers without cause.

Now that Intel has lowered the price of its slowest quad-core processor to around £160 (inc. VAT), AMD has already got a price war on its hands even before its quad-core processors have launched and the chips apparently won’t ship for at least a month after launch. We’re hoping that Phenom’s performance will blow us away and make it worth the wait, but the problem at the moment is that Phenom is essentially an unknown quantity until it’s actually been tested. The question here is whether enthusiasts will be able to resist the lure of Intel’s Core 2 Quad Q6600 until Phenom arrives.

If you are dead set on an Intel CPU, obviously the question that I’m sure is on those people’s minds at the moment is whether you should opt for the Q6600 or the E6850, which are both at similar price points. Personally, I would opt for the quad-core processor every time, but that’s because I’m quite a heavy multi-tasker and I often find myself short of processing time on a dual-core processor. I like to be able to continue what I’m doing when I’m running a processor intensive task and since most applications that you’re likely to use benefit from no more than two cores.

Add this to the fact that there are a slew of games coming out in the future that will benefit from quad-cores – Crysis is the first, and from what we’ve heard there are plenty more too. In recent times, games haven’t really benefited from high processor clock speeds because they’re graphics limited rather than CPU limited. This trend is going to continue, but as games engines get more complex, more will need to be done at any given point in time – that’s where quad-core processors will really come into their own.

Full Article:

The acquisition of the security software outfit bolsters a product suite designed to loosen Microsoft's hold on business customers.

Google has long coveted the pot of gold represented by Microsoft's business customers, those lucrative users of such applications as Outlook e-mail, Excel spreadsheets, and PowerPoint slide presentations.

In recent years, Google has been snapping up companies in hopes of replicating that suite of services, and it finally may be nearing a full quiver.

On July 9, Google said it is paying $625 million for security company Postini, which helps corporations and smaller businesses monitor e-mails and instant messages, encrypt information, and enforce company policies in such areas as the dissemination of confidential information. Google's third-largest purchase after YouTube and DoubleClick, Postini is the market leader in its field, with more than 36,000 companies using its products.

"With this transaction, we're reinforcing our commitment to delivering compelling hosted applications to businesses of all sizes. With the addition of Postini, our apps are not just simple and appealing to users -- they can also streamline the complex information security mandates within these organizations," said Eric Schmidt, Chairman of the Board and Chief Executive Officer of Google.

Hosted services, like Google Apps and Postini solutions, provide organizations with high quality communications tools without the expense and hassle of traditional on-premise solutions. Google Apps, which includes Gmail, Calendar, Talk, Docs & Spreadsheets, and Personal Start Page, has been adopted by more than 100,000 businesses already. Postini solutions include Email Security, IM Security, Web Security, Message Archiving, Message Encryption, and Policy-enforced TLS.