http://www.securityscraper.com/ The security feed that doesn't loose an appetite. en-us http://www.securityscraper.com/index.php?item=378428 Revision Note: V1.1 (March 10, 2010): Restated the mitigation concerning the e-mail vector. Added a new workaround for disabling the peer factory class in iepeers.dll. Advisory Summary:Microsoft is investigating new, public reports of a vulnerability in Internet Explorer 6 and Internet Explorer 7. Our investigation has shown that the latest version of the browser, Internet Explorer 8, is not affected. The main impact of the vulnerability is remote code execution. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue. http://www.securityscraper.com/index.php?item=378427 The Chinese government is likely behind recent cyberattacks on U.S. government Web sites and on U.S. companies in an apparent effort to quash criticism of the government there, an expert on U.S. and Chinese relations said Wednesday. http://www.securityscraper.com/index.php?item=378426 For high-tech workers, it pays to be certified, according to research conducted by Dice Learning that shows 10 IT certifications stand out for delivering higher salaries. http://www.securityscraper.com/index.php?item=378425 Microsoft in recent months has slowly boosted its share of the search business, but still remains far behind a so-far unbeatable foe in its battle with Google. Hitwise, an online traffic monitor, today reported that Google last month remained firmly at the head of the search pack while its rival's well regarded Microsoft Bing product gradually picks up a little traction. http://www.securityscraper.com/index.php?item=378424 CA said Wednesday it has signed a deal to buy IT performance monitoring vendor Nimsoft for $350 million. The acquisition, which is scheduled to close this month, will strengthen CA's hand in IT management software for what it calls "emerging enterprises," companies with annual revenues between $300 million and $2 billion.[ Stay ahead of the key tech business news with InfoWorld's Today's Headlines: First Look newsletter. ] http://www.securityscraper.com/index.php?item=378423 [Ross] is the proud owner of a 50 MHz Rigol DS1052E oscilloscope. He’d like to have the 100 MHz version but the $400 difference in price puts it out of his reach. After some extensive poking around on the PCB and pouring over datasheets, he managed to reverse engineer the design and upgrade to a [...] http://www.securityscraper.com/index.php?item=378422 We can only imagine how amazing this coffee burning car smells at it speeds down the highway at a maximum of 60mph. Don’t jump out of your seat so quick to get your own, while the idea sounds fantastic, the mileage will bring you back to earth rather quick. At 3 miles per kilo of [...] http://www.securityscraper.com/index.php?item=378421 From DailyTech March 10, 2010 - said by Jason Mick :Apple Tried to Bully Sun With Lawsuit Threats in 2003 Faced with the growing threat of the Android army of smartphones to its best-selling iPhone, Apple unleashed a litany of litigation to try to stop sales of the phones. Google is too powerful to attack head on, so instead Apple is trying to pick off the hardware makers, starting with HTC, makers of the Hero, MyTouch, and Nexus One. There are a lot of questions over whether Apple's barking up the wrong tree, however, given how broad and vague its patents seem. Jonathan I. Schwartz, former CEO of Sun Microsystems, sounded off in a blog in which he recalls a similar incident in which Apple CEO Steven P. Jobs threatened to sue his company. The event occurred back in 2003. Sun Microsystems had just unveiled "Project Looking Glass", a prototype Linux desktop with a rich 3D graphical desktop environment – Apple wasn't happy about that. Jobs contact Schwartz, warning that the Linux project was "stepping all over Apple’s IP" and that if they put it out on the market, "I’ll just sue you." However, Schwartz was wily and knew how to fight back. He had helped found Lighthouse Design, which made software for the short-lived NeXTSTEP operating system, which was acquired by Apple with the purchase of NeXT in 1996. A Lighthouse NeXT product, Concurrency (presentation software -- think PowerPoint), looked eerily similar to Apple's recently unveiled Keynote. So Schwartz fired back at Jobs, "Steve, I was just watching your last presentation, and Keynote looks identical to Concurrence – do you own that IP? And last I checked, MacOS is now built on Unix. I think Sun has a few OS patents, too." Jobs was quiet and never threatened Schwartz about the product again. He notes that Jobs isn't the only litigation bully in the tech industry, though. He recalls an exchange in a later meeting with former Microsoft CEO Bill Gates and current CEO Steve Ballmer, about OpenOffice, a popular Sun product. In th http://www.securityscraper.com/index.php?item=378420 All of our phone calls have been fading in and out almost like the person on the other end is going through a tunnel. It sounds like a cell phone call being disrupted. This is causing a lot of issues within our company with leads not hearing us talk and we are having to repeat ourselves numerous times. Other error messages are showing within our system that have not shown before. I have attached the error log below. Need help ASAP! http://www.securityscraper.com/index.php?item=378419 http://www.securityscraper.com/index.php?item=378418 Applications: xVM VirtualBox 1.6, xVM VirtualBox 2.0, xVM VirtualBox 2.1, xVM VirtualBox 2.2 (11.03.2010) http://www.securityscraper.com/index.php?item=378417 DoS, privilege escalation. Applications: kvm 72 (11.03.2010) http://www.securityscraper.com/index.php?item=378416 Multiple buffer overflows, memory corruptions, code execution. Applications: Office XP, Office 2003, Office 2004 for Mac, Office 2007, Office 2008 for Mac (11.03.2010) http://www.securityscraper.com/index.php?item=378415 PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Applications: WordPress 2.9, Kandidat CMS 1.3, Chaton 1.5, tdiary 2.2, Employee Timeclock 0.99 (11.03.2010) http://www.securityscraper.com/index.php?item=378414 Integer overflow on DICOM images parsing leading to buffer overflow. Applications: XnView 1.97 (11.03.2010) http://www.securityscraper.com/index.php?item=378413 Posted by security on Mar 10 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:059 http://www.mandriva.com/security/ _______________________________________________________________________ Package : virtualbox Date : March 10, 2010 Affected: 2008.0, 2009.0, 2009.1, 2010.0 _______________________________________________________________________ Problem Description: A... http://www.securityscraper.com/index.php?item=378412 Posted by Marc Deslauriers on Mar 10=========================================================== Ubuntu Security Notice USN-908-1 March 10, 2010 apache2 vulnerabilities CVE-2010-0408, CVE-2010-0434 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and... http://www.securityscraper.com/index.php?item=378411 Posted by Adrian P on Mar 10Neat project, and a research topic I've been interested in for several years. However, it's not the first time that the MaxMind GeoLite database has been used to generate lists of IP blocks for a given country (country2ip, rather than ip2country). October 2007: http://www.gnucitizen.org/blog/strategic-hacking-geoip/ http://www.gnucitizen.org/static/blog/2007/10/country2ip.ppt http://www.securityscraper.com/index.php?item=378410 Posted by Luka Milkovic on Mar 10 Title: Multiple vulnerabilities in SUPERAntiSpyware and Super Ad Blocker Date of Discovery: 2 Feb 2010 Contact Date: 4 Feb 2010 Release Date: 10 Mar 2010 Author: Luka Milkovic Mail: milkovic.luka at gmail.com Software Link: SUPERAntiSpyware - http://www.superantispyware.com/index.html... http://www.securityscraper.com/index.php?item=378409 Posted by Kurt Buff on Mar 10See also: http://xkcd.com/195/ Though I don't know where he got his data... Kurt http://www.securityscraper.com/index.php?item=378408 Posted by Moshe Ben Abu on Mar 10Metasploit exploit module now available: http://www.rec-sec.com/2010/03/10/internet-explorer-iepeers-use-after-free-exploit/ On Wed, Mar 10, 2010 at 8:29 PM, Pradip Sharma <sharma.pradip () gmail com>wrote: http://www.securityscraper.com/index.php?item=378407 Posted by security on Mar 10 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:060 http://www.mandriva.com/security/ _______________________________________________________________________ Package : squid Date : March 10, 2010 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0... http://www.securityscraper.com/index.php?item=378406 Posted by doug schmidt on Mar 10http://www.cymru.com/Documents/secure-ios-template.html ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a... http://www.securityscraper.com/index.php?item=378405 Posted by Liquid on Mar 10Dan Pilcheck wrote: Dan, Honestly thats more than enough. I've had client sites that were doing the same and the notifications were more than ample to at least look into it. A nice note to the person should work, we had a couple in the past where the admin was a complete jerk in letting us know. So personally I'd recommend a screenshot of a log and perhaps just listing the IP and what its hammering against. (ssh in this case). Hope this... http://www.securityscraper.com/index.php?item=378404 Posted by Dan Lynch on Mar 10I could swear I once read an "authoritative" source doc on this subject, maybe an RFC (Site Security Handbook?), or something from CERT. But I can't seem to dig it up. Anyone? Here's what I did find: Going to the Source: Reporting Security Incidents to ISPs (2002) http://www.securityfocus.com/infocus/1555 And a most-excellent write up "Composing abuse reports" (2007) http://blog.anta.net/2007/04/18/composing-abuse-reports/... http://www.securityscraper.com/index.php?item=378403 Posted by Dave LaDuke on Mar 10Thanks for telling him, I had planned to have some fun later. -------------------------------------------------- From: "Curt Shaffer" <cshaffer () gmail com> Sent: Tuesday, March 09, 2010 1:49 AM To: <mzcohen2682 () aim com> Cc: <security-basics () securityfocus com> Subject: Re: Help hardening router ------------------------------------------------------------------------ Securing Apache Web Server with thawte... http://www.securityscraper.com/index.php?item=378402 Cryptographer, Taher Elgamal of Axway Inc., the inventor and initial driving force behind SSL, explains how applications may be better adapted to defend against attacks. http://www.securityscraper.com/index.php?item=378401 In my last article I looked at performance loopers for Linux. This week I begin a 2-part review of similar applications called arpeggiators. more>> http://www.securityscraper.com/index.php?item=378400 In a recent US-CERT advisory, clientless SSL VPN vulnerabilities were listed as posing serious threats to Web browser security. In this tip, learn possible actions to take for Web browser protection. http://www.securityscraper.com/index.php?item=378399 One-time passwords and other technologies are effective protection, but midmarket companies have to consider the expense and management overhead. http://www.securityscraper.com/index.php?item=378398 While DLP technologies are becoming more advanced, some organizations still struggle with how to prevent data loss. In this tip, learn how insider threats can present some serious security issues, and how to overcome those threats. http://www.securityscraper.com/index.php?item=378397 When creating Snort rules, it's often difficult to test them before they go live. In this Scapy tutorial, Judy Novak explains how to use Scapy, a tool that simplifies packet crafting, to test new Snort rules. http://www.securityscraper.com/index.php?item=378396 Microsoft and Adobe are working to port Flash Player 10.1 to Internet Explorer Mobile on the Windows Phone 7 Series, according to an Adobe executive, which would allow devices running Microsofts upcoming smartphone operating system to play rich content on a variety of Websites. Reports from February had suggested that Flash would not be supported on the first generation of Windows Phone 7 Series devices. Microsoft's hardware partners, including Hewlett-Packard, have been emphasizing their Adobe Flash support as a differentiator between their mobile products and those produced by Apple, such as the iPad and iPhone. - Microsoft and Adobe are apparently working together to ensure that Windows Phone 7 Series supports Flash Player 10.1, according to a blog posting by an Adobe executive. Enabling that support could possibly counter February reports that the first generation of Microsofts new smartphone operating ... http://www.securityscraper.com/index.php?item=378395 LGs intention to be a top-two smartphone contender by 2012 appears to largely involve Google. Reportedly, half the phones it plans to release this year will run Android, and LG could benefit, too, from Googles new enterprise-geared Apps Marketplace. - LG Electronics plan to gain double-digit market share in the global mobile handset market by 2012 appears to figure largely on hitching its cart to the Google Android mobile operating system. On March 10, LG officials introduced the Android-running LG-KH5200 in South Korea, and after being vagu... http://www.securityscraper.com/index.php?item=378394 There will be an uptick in IT spending in 2010, but those budgets that do grow will increase by only 1 to 5 percent, according to Ovum. The bulk of CIOs in an Ovum survey said they expect their budgets to remain flat after the recession-ravaged 2009. - Dont expect IT spending to increase too much in 2010, according to research firm Ovum. There will be some uptick in IT budgets for the year, but only in the 1 to 5 percent range, Ovum analysts said in a report March 9. In fact, most enterprises will see no change in their IT spending, a survey of ... http://www.securityscraper.com/index.php?item=378393 Twitter has announced it will begin scanning links posted by users to thwart phishing attacks and the spread of malware on the site. - Twitter has announced plans to route all links through a scanner in a bid to boost security and weed out malicious activity. The move follows a partnership announced in November between URL shortening service Bit.ly and security companies VeriSign, Websense and Sophos. “By routing al... http://www.securityscraper.com/index.php?item=378392 A little known company called SmartPhone Technologies files lawsuits against Apple, AT T, Research in Motion, Samsung, Sanyo, LG and Motorola for violating patents owned by the company. - The smartphone patent lawsuit derby continues with a company named SmartPhone Technologies LLC suing Apple, AT amp;T, RIM (Research in Motion), Samsung, Sanyo, LG and Motorola for violating patents owned by the company. Filed in the U.S. District Court in the Eastern District of Texas, SmartPhon... http://www.securityscraper.com/index.php?item=378391 The No. 1 most talked-about product genre at Data Center World 2010 is data center management software. Avocent, Aperture, AccessIT, BMC, EMC, Dell, Methode, nLyte, Aptare, Modius, Rackwise -- those are just some of the companies coming to the fore with interesting products and services. - NASHVILLE, Tenn. -- At Data Center World 2010 here in Music City, it's all about control. We're talking control of data center footprints, carbon emissions, power consumption, equipment cooling, budgets, personnel, and myriad other things. Oh, yes: Control of the data itself also comes into this ... http://www.securityscraper.com/index.php?item=378390 Twitter has announced it will begin scanning links posted by users to thwart phishing attacks and the spread of malware on the site. - Twitter has announced plans to route all links through a scanner in a bid to boost security and weed out malicious activity. The move follows a partnership announced in November between URL shortening service Bit.ly and security companies VeriSign, Websense and Sophos. “By routing al... http://www.securityscraper.com/index.php?item=378389 http://www.securityscraper.com/index.php?item=378388 http://www.securityscraper.com/index.php?item=378387 http://www.securityscraper.com/index.php?item=378386 http://www.securityscraper.com/index.php?item=378385 http://www.securityscraper.com/index.php?item=378384 http://www.securityscraper.com/index.php?item=378383 If you like getting the most use out of your possessions as possible, this guide will help you turn a hooded sweatshirt into a laptop bag, baby carrier, and more. More » http://www.securityscraper.com/index.php?item=378382 Flash has taken quite a beating lately by everyone from Apple (no Flash on iPad or iPhones) to YouTube (transitioning to HTML5 video) to users sick of security exploits and sluggish browsers. Everyone's looking the silver bullet that kills Flash, but is HTML5 it? More » http://www.securityscraper.com/index.php?item=378381 One of the toughest aspects of staying productive is overcoming the ups and downs of motivation. Spending 10 minutes getting organized in the morning, then 15 minutes again in the evening, can help even out your daily go-get-'em energy. More » http://www.securityscraper.com/index.php?item=378380 Windows: Kiwi is a free utility that monitors any application and springs into action when that application meets any user-defined criteria within a set of basic rules—like restarting an application or email you when it's memory use exceeds a pre-defined level. More » http://www.securityscraper.com/index.php?item=378379 If you like calendar reminders but you'd like them a little less in-your-face, you can enable gentle reminders in Google Calendar to replace the reminder pop up. More » http://www.securityscraper.com/index.php?item=378378 If you use Windows 7 Media Center to record TV, you'd probably prefer skipping commercials. After all, a big reason you record programs is to avoid commercials, right? Here's a fairly simple and free way to start skipping commercials in no time. More » http://www.securityscraper.com/index.php?item=378377 Google Reader Play is a new Reader feature that plays a slideshow of cool items from around the web based on the stories you star. It's like a 10-foot viewing experience for your newsreader. More » http://www.securityscraper.com/index.php?item=378376 Social networking risks to enterprises may be outweighed by the benefits, but experts at the 2010 RSA Conference say infrastructure providers must improve security. http://www.securityscraper.com/index.php?item=378375 The latest version of IBM's mainframe OS, z/OS 1.12, includes improvements to EAV support, significant security enhancements, and new Predictive Failure Analysis and Run Time Diagnostics features. http://www.securityscraper.com/index.php?item=378374 Patching is a critical security operation for databases like any other application. The vast majority of security concerns and logic flaws within the database will be addressed by the database vendor. While the security & IT communities are made aware of critical security flaws in databases, and may even understand the exploit, the details of the fix are never made public [unless you are using an open source database]. That means the vendor is your only option for fixes and workarounds. Most of you will not be monitoring CVE notifications or performing pen tests on new versions of the database when they are released. Even if you have the in house expertise do so, you do not have the time to conduct serious investigation. Database vendors have dedicated security teams to analyze attacks against the database, and small firms must leverage the vendor's expertise. Project Quant for Patch Management was designed to break down patch management into essential, discreet functions, and assign cost based metrics to each task to provide a quantitative measurement to the patch management process. In order to achieve that goal, we needed to define a patch management process  on which to build the metrics model. For database patch management, you could choose to follow that process and feel confident that you have all relevant aspects of patching a database system. However, that process is far more encompassing and too much information for a series on database security fundamentals. As this series is designed more at the small and mid-market practitioner, who as a general rule lacks the time and tools necessary for more thorough processes, we are going to avoid the same depth of coverage major enterprises require. I am going to follow that basic Quant model, but suggest a subset of the process defined in the original Project Quant series. Further, I am not going to assume that you have any resources in place http://www.securityscraper.com/index.php?item=378373 Really: Since they are hard to conceal, the study says, noses would work well for identification in covert surveillance. The researchers say noses have been overlooked in the growing field of biometrics, studies into ways of identifying distinguishing traits in people. "Noses are prominent facial features and yet their use as a biometric has been largely unexplored," said the University... http://www.securityscraper.com/index.php?item=378372 Deep down inside, we all wish for a unique solution that will protect our machine or our network completely forever and ever, preferably one that can be activated with a simple flick of a switch and t... http://www.securityscraper.com/index.php?item=378371 AVG Technologies unveiled the results of a research study which shows that – contrary to popular opinion – most malicious websites are hosted on US servers and not in other countries like China. Th... http://www.securityscraper.com/index.php?item=378370 These seven handy tools help you diagnose and cure a wide range of Windows ills, and they're all free for the downloading http://www.securityscraper.com/index.php?item=378369 OCZ today announced a new line of more affordable solid state drives called the Onyx series, which will begin with a sub-$100 model. http://www.securityscraper.com/index.php?item=378368 Google and the Italian Culture Ministry have signed an agreement for the digitization of books held in Italy's two main national libraries, the first such pact between the U.S. company and a national government, the two sides announced Wednesday. http://www.securityscraper.com/index.php?item=378367 Some BlackBerry users in North America and the United Kingdom said they experienced data outages earlier this week on Wi-Fi-equipped BlackBerries when not connected to Wi-Fi. http://www.securityscraper.com/index.php?item=378366 A study by Barracuda Networks found that most Twitter members are still inactive members, though the analysis does find some increased activity at the microblogging service. http://www.securityscraper.com/index.php?item=378365 Google's new Apps Marketplace could give a significant boost to Web-based communication and collaboration software for businesses by creating a wide-ranging yet integrated virtual suite of heterogeneous cloud applications. http://www.securityscraper.com/index.php?item=378364 Hackers are exploiting the just-disclosed unpatched bug in Internet Explorer (IE) to launch drive-by attacks from malicious Web sites, security researchers said today. http://www.securityscraper.com/index.php?item=378363 Intel Corp. showed its first six-core processor for desktops, the Core i7-980X Extreme Edition, which will go into workstations and PCs targeted at gamers. http://www.securityscraper.com/index.php?item=378362 Bug ID: 51927Submitted by: Anita NovelloCategory: Connector/NetStatus: OpenAssigned to: Tonci GrginSeverity: 3OS: Microsoft WindowsVersion: 6.x http://www.securityscraper.com/index.php?item=378361 Bug ID: 51929Submitted by: Martin PirringerCategory: MySQL Workbench: ModelingStatus: OpenSeverity: 3OS: Microsoft Windows (7)Version: 5.2.16 http://www.securityscraper.com/index.php?item=378360 Bug ID: 51930Submitted by: Scott NeborCategory: Server: OptimizerStatus: OpenSeverity: 5OS: Linux (Ubuntu 8.04)Version: 5.1.44 - compiled from source http://www.securityscraper.com/index.php?item=378359 Bug ID: 51931Submitted by: Thomas LyleCategory: Connector/ODBCStatus: OpenSeverity: 1OS: Mac OS X (7 32 bit)Version: 5.2.16 rev 5249 http://www.securityscraper.com/index.php?item=378358 Bug ID: 51932Submitted by: Rob TousainCategory: Server: ClusterStatus: OpenSeverity: 1OS: Linux (RedHat)Version: mysql-5.1.30 ndb-6.3.20-GA http://www.securityscraper.com/index.php?item=378357 Bug ID: 51933Submitted by: daniel raineCategory: MySQL Workbench: ModelingStatus: OpenSeverity: 2OS: AnyVersion: 5.2.16 OSS beta rev. 5249 http://www.securityscraper.com/index.php?item=378356 Bug ID: 51934Submitted by: Alexandre Scheffer Quintela Category: MySQL Workbench: ModelingStatus: OpenSeverity: 3OS: Microsoft Windows (winxpsp3)Version: 5.2.16 http://www.securityscraper.com/index.php?item=378355 http://www.securityscraper.com/index.php?item=378354 http://www.securityscraper.com/index.php?item=378353 http://www.securityscraper.com/index.php?item=378352 Synopsis :The remote Samba server is vulnerable to a security bypass attack.According to its banner, the version of Samba Server on the remote host is potentially affected by a security bypass vulnerability. A flaw exists that causes all smbd processes to inherit CAP_DAC_OVERRIDE capabilities, allowing all file system access to be allowed even when permissions should have denied access. For your information, the observed version of Samba is:%LCVSS Base Score : 6.4CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N See also : http://us1.samba.org/samba/security/CVE-2010-078.html Solution : Upgrade to Samba 3.3.12, 3.4.7, 3.5.1 Risk factor : MEDIUMReferences: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0728 Copyright Tenable Network Security Inc. 2010 http://www.securityscraper.com/index.php?item=378351 Secunia Research: XnView DICOM Parsing Integer Overflow Vulnerability http://www.securityscraper.com/index.php?item=378350 Microsoft Excel EntExU2 Record Remote Code Execution Vulnerability http://www.securityscraper.com/index.php?item=378349 Talks between Google and Chinese government are ongoing, Google's Eric Schmidt says Wednesday, and he expects the matter to be resolved sooner rather than later. http://www.securityscraper.com/index.php?item=378348 Google, Yahoo, eBay, Facebook, Orange, Talk Talk and BT have singed an open letter to the Financial Times condemning a bill in parliament that they say “threatens freedom of speech and the open internet”. http://www.securityscraper.com/index.php?item=378347 Fraud losses due to counterfeit payment cards fell by half in 2009 from the year prior in the U.K., but online banking losses continued to rise, according to new banking industry figures released Wednesday. http://www.securityscraper.com/index.php?item=378346 Scareware or fake antivirus programs that encourage web users to part with their hard-earned cash and download hoax security software, is likely to be the most costly scam of 2010, says McAfee. http://www.securityscraper.com/index.php?item=378345 Users of Adobe PDF Reader should check they are running the latest version of the software after the discovery of an exploit that takes advantage of a serious flaw patched only two weeks ago. http://www.securityscraper.com/index.php?item=378344 Increasing cyberattacks against the online bank accounts of small and mid-size businesses has prompted growing calls for improved online banking security. http://www.securityscraper.com/index.php?item=378343 Google, Facebook and eBay are among the tech giants that have slammed the government's plans to tackle internet piracy, claiming it will "threaten freedom of speech". http://www.securityscraper.com/index.php?item=378342 Europeans differ in their approach to PC backup, a new survey has found. The Germans do it efficiently, the French with enthusiasm, while the British sometimes have trouble taking it seriously at all. http://www.securityscraper.com/index.php?item=378341 Icons have come a long way in the past decade, evolving from tiny, pixelated pictures into glossy, gorgeous artwork. Adding a custom icon to an application, document, or folder has evolved, too. You no longer need to use special utilities to build icons at tiny sizes; instead, you can take just about any photo or illustration and convert it into an icon. http://www.securityscraper.com/index.php?item=378340 Google on Wednesday launched bicycle directions for Google Maps making it easier for cyclists to plan routes in 150 U.S. cities including Boston, Chicago, Los Angeles, New York, San Francisco, Portland and Washington, DC. You can use Google Maps to find cycling-specific directions in urban areas, and by default Google Maps will plan your route to avoid steep hills whenever possible. The new maps feature can also be used as a map layer to get an overall sense of cycling accessibility in a particular city. http://www.securityscraper.com/index.php?item=378339 Facebook and Twitter are preparing to flip the switch on features that will allow you to share your location with your friends at any time. Facebook is reportedly revving up to introduce the feature, while Twitter is ready to enable the changes on its site any moment now. http://www.securityscraper.com/index.php?item=378338 iPad and iPhone developers beware. Apple reserves the right to kill an app at any time with no reason, and Apple's liability in any circumstance is limited to $50. http://www.securityscraper.com/index.php?item=378337 Which security technologies are IT shops putting too much faith in? Some readers weigh in. http://www.securityscraper.com/index.php?item=378336 Trillian Astra (Free version and 30-day trial of $25 Pro as one download), the latest communications program from Cerulean Studios, can pull together a wide variety of instant messenger accounts and Web services like Facebook and Twitter. But it goes a bit far with the information it wants to publicly share. http://www.securityscraper.com/index.php?item=378335 Google is giving web users the ability to edit the locations of businesses that appear in its Street View service. http://www.securityscraper.com/index.php?item=378334 LinuxSecurity.com: Two weeks ago, I essentially claimed that nearly every company I know is hacked -- and in many cases, thoroughly hacked. Although there's a bit of hyperbole in that statement, it isn't that far from reality. That statement, however, has led some readers to believe detecting hackers and preventing attacks is impossible. Nothing could be further from the truth. http://www.securityscraper.com/index.php?item=378333 Users of Adobe PDF Reader should check they are running the latest version of the software after the discovery of an exploit that takes advantage of a serious flaw patched only three weeks ago. http://www.securityscraper.com/index.php?item=378332 http://www.securityscraper.com/index.php?item=378331 [Matt Kemp] remade this super 8 film camera into a synthesizer. Inside you’ll find a light sensor pointed through the lens. This way, zooming, focusing, and pointing the lens elsewhere will change the sound. He also refit the original controls to monkey with the output. Turn your speakers up when you watch this, your co-workers [...] http://www.securityscraper.com/index.php?item=378330 [Jeri Ellsworth] made this silicon inverter at home, by hand. It took her two years to get the process figured out and achieve something we didn’t think was possible. The complexity of manufacture, and the wide range of tools and materials needed seem insurmountable but she did it anyway. Her home chip fab Flickr set [...] http://www.securityscraper.com/index.php?item=378329 I wasn't sure I'd see this Browser Choice update:I set my computer's Regional Options for the United States even though it's physically located in Finland (I'm an American after all).Regional settings might trump my IP address, I thought… but it seems not. I manually ran Microsoft Update and was provided access to KB976002. Cool.If you're located outside of Europe and are wondering what's this is all about, read this from the BBC.Microsoft is offering alternative browser options to European Windows users to settle an anti-trust lawsuit. The update component points users to browserchoice.eu — from where they can select from 12 different web browsers.On a somewhat not completely unrelated note: Microsoft Security Advisory (981374) was published yesterday."Microsoft is investigating new, public reports of a vulnerability in Internet Explorer 6 and Internet Explorer 7."The vulnerability could allow for remote code execution.Once again, that browser choice link is browserchoice.eu. Send it to your friends and family.Signing off,Sean On 10/03/10 At 05:00 PM