Monday, December 31, 2012

Microsoft Patches Latest Internet Explorer Security Flaw

As reported yesterday an exploit has been discovered impacting three older versions of Microsoft's Internet Explorer web browser. Microsoft released a quick "Fix it" patch that closes the exploit found in IE6, IE7 and IE8.

Microsoft's Security Response Center posted a link to the patch on its website today. The page states:

This easy, one-click Fix it is available to everyone and prevents the vulnerability from being used for code execution without affecting your ability to browse the Web. Additionally, applying the Fix it does not require a reboot. While we have still observed only a few attempts to exploit this issue, we encourage all customers to apply this Fix it to help protect their systems.

Microsoft adds that the company is still working on releasing a full security update that will plug up the exploit once and for all, but there is no word on when this update will be released.

New Laws Ban Employers From Asking For Social Media Passwords

With the new coming new year dozens of new laws will be enacted, many of which provide social media protection for employees prohibiting them from demanding access to workers' password-protected social networking accounts. In all, more than 400 measures were enacted at the state level during 2012 and will become law in the new year, according to the National Conference of State Legislatures (NCSL).



In California and Illinois, laws that take effect at 12:01 a.m. local time will make it illegal for bosses to request social networking passwords or non-public online account information from their employees or job applicants.

Michigan's Republican Governor Rick Snyder signed a similar measure into law earlier this month that took effect immediately. The Michigan law also penalizes educational institutions for dismissing or failing to admit a student who does not provide passwords and other account information used to access private internet and email accounts, including social networks like Facebook and Twitter.

Sunday, December 30, 2012

New Security Flaw Found In Internet Explorer 6, 7 and 8

Microsoft has confirmed the discovery of a new security flaw that affects Internet Explorer versions 6 through 8. The new flaw is considered critical by Microsoft as it is actively being used by attackers to hijack victims' Windows computers.

The vulnerability is a remote code execution vulnerability that exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.

In a security advisory issued Dec. 29, Microsoft acknowledged that attacks are taking place. "Microsoft is aware of targeted attacks that attempt to exploit this vulnerability through Internet Explorer 8," the alert stated. Jonathan Ness and Cristian Craioveanu, engineers on Microsoft's security team, provided some details on the IE flaw in a separate post to the Security Research & Defense blog. "We're working around the clock on the full security update," Ness and Craioveanu wrote.

Ways to block code execution
The best protection against exploits for this vulnerability is for the vulnerable code to not be present. Internet Explorer 9 or 10 do not include the vulnerable code. And the IE team is working around the clock to develop a security update to address this vulnerability for earlier versions of the product. However, until the update is available, customers using Internet Explorer 8 can block the current targeted attacks by introducing changes to disrupt any of the elements of the exploit. Specifically:
    • Disabling Javascript will prevent the vulnerability from being triggered initially.
    • Disabling Flash will prevent the ActionScipt-based heap spray from preparing memory such that the freed object contains exploit code.
    • Disabling the ms-help protocol handler AND ensuring that Java6 is not allowed to run will block the ASLR bypass and the associated ROP chain.
Another alternative - one likely to have less impact on your browsing experience - is to install EMET and enable it to protect Internet Explorer. EMET’s Mandatory ASLR mitigation will block both the Java6-based and hxds.dll-based ASLR bypass. EMET’s Export Address Filtering (EAF) mitigation blocks the shellcode used in the targeted attacks we have analyzed. EMET 3.5’s ROP mitigation blocks both the Java6 and hxds.dll ROP chains used in the exploits we have analyzed.

Thursday, December 27, 2012

Google Voice Free For At Least One More Year

Good news for Google Voice users, Google has confirmed they will be offering the popular internet based phone service for free for at least one more year. "You'll continue to be able to make free domestic calls through 2013," Mayur Kamat, a product manager at the company, said in a blog post on Wednesday.

Google debuted to the public back in 2010, with the company extending the free calling service at the end of every year-- through 2011 and 2012 -- and since then.

The free service offers user a slew of great features including the ability to set up a single phone number that can ring multiple phones. You can also set up personalized greetings per-caller or per-group, screen your calls, listen in on voicemails as they're being left, access your voicemails (and their text transcripts) online, and more. You can also block individual numbers, send free SMSs, make cheap international calls, and even port your existing number if you don't want to sign up for a new one.

If you’ve never tried out Google Voice, and you live in the US or Canada, all you need is a Google Account and an area code to get one setup. Once you have a Google Voice account, you can set it up on an Android or iOS smartphone as a second number that will ring on your existing phone very easily.

Saturday, December 22, 2012

Yahoo Offering Three Months of Flickr Pro For Free

Yahoo's popular photo and video sharing service Flickr is giving both new and current users a great holiday gift, offering everyone three free months of Flickr Pro. Flickr Pro, which normally costs $25 a year, allows users to upload an "unlimited" amount of photos and videos. Viewing for both photos and videos is also unlimited and photos can be placed in 60 different groups.

Here's exactly what you get:
  • Unlimited* uploads (up to 50MB per photo)
  • Unlimited viewing of your entire photo library
  • Post photos in up to 60 groups
  • Download your original, high-resolution photos – whenever you need them
  • Upload and play unlimited HD videos

Flickr is just one of the latest Instagram rivals trying to capitalize on the latter service's major mistake earlier this week, which saw it spark heavy user backlash by changing its terms of service and saying it had the right to sell user photos to advertisers. Flickr's parent company Yahoo is quick to point to a Flickr post titled "At Flickr, your photos are always yours." Instagram has since issued a mea culpa and backtracked on the changes is made but that hasn't stopped many users from seeking alternative sites and services.

For more details see the Flickr Holiday Gift Page



Thursday, December 20, 2012

Steam Holiday Sale Now Through Jan 5th

Steam has kicked off its traditional Steam Holiday Sale offering gamers several popular titles at up to 75 percent off through January 5th.

As per years past the Steam Holiday Sale will feature daily offerings such as those found on the site today which included Mirror's Edge for $5, Wargame: European Escalation at $10 while entries in the Borderlands and Hitman franchises are listed at 50-75 percent off.

Flash sales today included Batman: Arkham City GOTY($7.50), Natural Selection 2 ($10), Fable 3($25) and War of the Roses($15). The Indie Super Mega Pack includes 30 games each discounted up to 75 percent off, bundled for $70. There are a range of publisher packs as well, from Ubisoft, Valve, THQ, 2K Games, Bethesda, Sega and Square Enix.

Check out all the day's deals on the Steam Store.

Monday, December 17, 2012

Security Flaw Could Open Samsung Galaxy S III and Galaxy Note II Devices To Attack

A major vulnerability has been discovered that could allow a would be attacker to remotely gain access to Samsung Galaxy S III and Galaxy Note II smartphones. The vulnerability was first discovered by XDA Developers forum member “alephzain” who uncovered the problem and noted that an attacker could use a relatively harmless looking Play Store app to potentially access information from the phone’s RAM or even inject malicious code directly into its kernel. It has also been reported that the vulnerability could affect all devices that are equipped with a Exynos 4210 or 4412 processor and utilize Samsung’s kernel.

A spokesperson for the company reached out to CNET and confirmed that it is “currently in the process of conducting an internal review” of the issue.

Affected devices include versions of Samsung's S2 and S3 mobile phones, the Galaxy Note and Note II, Galaxy Note Plus and Galaxy Note 10.1, according to the post by Chainfire.

What should I do?

First, make sure your device is on the list of one that could be affected. The company has yet to offer an explanation for this potentially harmful exploit, so meanwhile we’ll just list some of the devices that could be affected, at least in theory, by malicious apps that would target this exploit:
  • Samsung Galaxy S2 GT-I9100
  • Samsung Galaxy S3 GT-I9300
  • Samsung Galaxy S3 LTE GT-I9305
  • Samsung Galaxy Note GT-N7000
  • Samsung Galaxy Note 2 GT-N7100
  • Verizon Galaxy Note 2 SCH-I605 (with locked bootloaders)
  • Samsung Galaxy Note 10.1 GT-N8000
  • Samsung Galaxy Note 10.1 GT-N8010.
If you're using a stock device and it's on the list don't worry, it won't be hacked all on its own. You'll need to be mindful of what you're downloading and installing, especially if you're downloading and installing apps that might not be official. (Which you should be mindful of anyway.) There is no specific app permission to look out for, as any app is able to access the device memory. You'll have to be vigilant -- just like you always should be. It's is note worthy that nobody has seen or heard of any malware that is currently using this bug.

Friday, December 14, 2012

Amazon's Best Selling Books of 2012

For you book geeks out there Amazon has once again compiled their list of the hottest selling books of the year. As today the company released the Amazon Best Selling Books of 2012 list topped by “Fifty Shades Freed: Book Three of the Fifty Shades Trilogy” by E. L. James


“This was truly the year of the billionaire bad boy in romance—Amazon readers just couldn’t get enough of the genre,” said Sara Nelson, Editorial Director of Books and Kindle at Amazon.com. “While E. L. James published the first two books in her Fifty Shades trilogy in 2011, so they aren’t eligible for our 2012 list, the series really took off this year and propelled the third installment and the omnibus edition onto our top 10 list. It’s also interesting to note that four of the five contemporary romance titles in the top 10 list, including the Fifty Shades trilogy, were originally independently published and went on to become huge best sellers.”

The top 10 best-selling books overall are:
  1. “Fifty Shades Freed: Book Three of the Fifty Shades Trilogy” by E. L. James
  2. “Gone Girl: A Novel” by Gillian Flynn
  3. “Fifty Shades Trilogy: Fifty Shades of Grey, Fifty Shades Darker, Fifty Shades Freed 3-volume Boxed Set” by E. L. James
  4. “Bared to You: A Crossfire Novel” by Sylvia Day
  5. “No Easy Day: The Firsthand Account of the Mission That Killed Osama Bin Laden” by Mark Owen
  6. “The Marriage Bargain (Marriage to a Billionaire)” by Jennifer Probst
  7. “Reflected in You: A Crossfire Novel” by Sylvia Day
  8. “The Racketeer” by John Grisham
  9. “Defending Jacob: A Novel” by William Landay
  10. “The Innocent” by David Baldacci

The top 10 best-selling Kids & Teens books are:
  1. “The Mark of Athena (Heroes of Olympus, Book 3)” by Rick Riordan
  2. “The Third Wheel (Diary of a Wimpy Kid, Book 7)” by Jeff Kinney
  3. “Insurgent (Divergent)” by Veronica Roth
  4. “The Serpent’s Shadow (The Kane Chronicles, Book 3)” by Rick Riordan
  5. “The Fault in Our Stars” by John Green
  6. “City of Lost Souls (Mortal Instruments)” by Cassandra Clare
  7. “While it Lasts” by Abbi Glines
  8. “The Rise of Nine (Lorien Legacies, Book 3)” by Pittacus Lore
  9. “Wonder” by R. J. Palacio
  10. “Nevermore: The Final Maximum Ride Adventure (Book 8)” by James Patterson
To see these lists and all of Amazon’s top 100 best-selling print and Kindle books of 2012, go to www.amazon.com/bestsellingbooks2012.

Thursday, December 13, 2012

Google Maps For iOS Now Available, Takes Top Spot In The App Store Almost Immediately

Google Maps has made a glorious return to iOS devices thanks to the release of a standalone application. Once the go to source for all your mapping needs, Google was removed from iOS in favor of Apple's won sub-par offering. On Wednesday Google official released a new standalone app to be found in the Apple App Store.

Within a few hours after going live, Google Maps made its way to the list of the top free apps on the iPhone, showing just how disenfranchised users had become with Apple's offering. The new Google Maps app now includes turn-by-turn navigation, just like its Android counterpart, as well as public transit directions, integrated Street View, and a 3D-like Google Earth view.

The new Google Maps app is available for the iPhone and iPod Touch (4th gen) iOS 5.1 and higher, in more than 40 countries and 29 languages, including Chinese, Dutch, English, French, German, Italian, Japanese and Spanish. Please note some of the features mentioned in this post aren’t available in all countries.

Wednesday, December 12, 2012

Google's Top Trends Of 2012

Google has published its annual Zeitgeist list for 2012, featuring the top search terms for 2012 as well as trending topics. "Trending" means search queries that had the most traffic over a sustained period in 2012 compared to the year before. "Most popular" is simply a measure of search query volume in 2012.

The top trending searches overall in the U.S. reflected current events and popular culture. The top five were: Whitney Houston, boosted when the star died unexpectedly; Hurricane Sandy, which inflicted significant damage along the Mid-Atlantic coast; the 2012 Elections, because the presidency was at stake; Hunger Games, the hit film version of the book series; and Jeremy Lin, a rising basketball star.


For those searching geek related materials the top tech trends were geared towards tablets and smartphones. The top five were: iPad 3, iPad Mini, Samsung Galaxy S3, Kindle Fire and Nexus 7. And number six was Microsoft Surface.

Among U.S. searches for phones, Apple and Samsung dominated. The top five trending searches were: iPhone 5, iPhone 4S, Samsung Galaxy S3, Galaxy Note and Galaxy Note 2. But Microsoft, Nokia and RIM haven't been forgotten, despite being overshadowed by Apple, Google, and Samsung. Their products found places in the top 10: Blackberry Bold and Blackberry Curve ranked sixth and seventh while the Nokia Lumia 900 and Windows 8 Phone ranked eighth and ninth.

For more results checkout the entire Google Zeitgeist list for 2012.

Monday, December 10, 2012

Google Gives Schools $99 Chromebooks For Christmas

Google is giving schools across the nation an early Christmas present announcing today that they will be partnering with DonorsChoose.org to offer discounted Samsung Series 5 Chromebooks for teachers and students.

In an effort to help put technology in the classrooms Google will be teaming with DonorsChoose.org, an online charity that connects donors directly to public school classroom needs to offer public schools the chance to purchase a Samsung Series 5 Chromebook at the discounted price of $99 including hardware, management and support.

If you’re a full-time public school teacher in the U.S., visit DonorsChoose.org and follow the instructions to take advantage of this opportunity by December 21, 2012. Your request will be posted on DonorsChoose.org where anyone can make a donation to support your classroom. When you reach your funding goal, you’ll receive your Chromebooks from Lakeshore Learning, DonorsChoose.org’s exclusive fulfillment partner for this program. 

Sunday, December 09, 2012

Google's Personal Search Assistant Google Now Coming To Desktops Via Chrome

Google’s intelligent personal assistant found on smartphones running Jelly Bean is getting ready to roll out to desktop users in the form of a Google Chrome notifications. The feature was discovered in the latest Chromium beta release after being dissected by developers. Those developers have discovered the top-level structure for showing Google Now cards in Chrome via Chrome notifications.

For those note familiar with Google Now it's a search assistant found within Jelly Bean. The service displays Cards or Snapshots of information that Google thinks you might need to know about. This could be as basic as offering directions to the restaurant you just looked up, or as sophisticated as poping up a reminder for an upcoming flight it found within an email on Gmail.


At present nothing official has been released on the possible implementation and nothing has been activated. But clearly the company has been working on porting its predictive search features over to the desktop for future possibilities.

Friday, December 07, 2012

Google No Longer Accepting Signups For Free Version Of Google Apps

Google has announced that it will no longer be accepting new sign-ups for the free version of Google Apps. The company is instead moving all new business level users to a paid service with more support.

“Businesses quickly outgrow the basic version and want things like 24/7 customer support and larger inboxes,” Google Apps director Clay Bavor wrote on the Google Enterprise blog. Any business that wants to sign up for Google Apps now has to pay $50 per user per year, regardless of the company’s size.

Starting today for all new customers:
  • Individuals wishing to use Google’s web apps like Gmail and Google Drive should create a free personal Google Account, which provides a seamless experience across all of our web services on any device.
  • For Businesses, instead of two versions, there will be one. Companies of all sizes will sign up for our premium version, Google Apps for Business, which includes 24/7 phone support for any issue, a 25GB inbox, and a 99.9% uptime guarantee with no scheduled downtime. Pricing is still $50 per user, per year.
 Existing Google Apps users need not worry as Google says this change has no impact on current customers, including those using the free version. And as before, Google Apps for Education will be available as a free service for schools and universities.

You can learn more about this change in the GoogleHelp Center or on the Google Enterprise Blog.

Wednesday, December 05, 2012

Verizon And AT&T Launch Targeted Ad Services

Wireless providers AT&T and Verizon have announced the launch of two similar services offering customers a free opt-in, location-based text messaging alerting service which target customers with various services, coupons and promotions through online or mobile advertisements. Known as Verizon Selects and AT&T Alerts the two programs will use geo-location technology and consumer preferences to deliver offers, rewards, and coupons without the need of download an application.

AT&T wireless customers can text “JOIN” to ATTAlerts (288253787) to opt-in to the service and begin receiving discounts, rewards and offers via text message when they are near participating retailers and brands such as Gap, Staples, Zales, Last Call by Neiman Marcus, Duracell, Motorola or Discover. Customers can customize offer preferences and settings to receive offers most relevant to them by visiting http://alerts.att.com/join. Text messages to and from AT&T Alerts are free. As an added bonus, customers who sign-up for AT&T Alerts will receive $5 off with a $10 minimum purchase at ATT.com

AT&T wireless customers can visit http://alerts.att.com/join to sign-up and learn more, or text “JOIN” to ATTAlerts (288253787) from their AT&T wireless phones.

Beginning this week select Verizon customers can expect to receive invites to the new Verizon Selects services which the company says customers can opt-in or or out of at any time. Additionally they change their choices at any time at the Verizon Selects site or opt into or out of several other Precision Market Insights solutions that provide customers with an opt-out choice.

“We are asking customers to opt-in to Verizon Selects because of the types of information being used and because the capabilities provided to third-party marketers gives them the ability to reach customers directly,” the company wrote on its website. “It’s important to remember that Verizon DOES NOT share information that identifies customers personally outside of Verizon.”

Source: Verizon | AT&T

Monday, December 03, 2012

Bing It On Holiday Search Challenge Returns With $10k Top Prize

Microsoft has announced the return of its "Bing It On" search challenge with a chance to win a ‘Microsoft Box of Awesome' (Windows Phone 8, Xbox 360 with Kinect, Windows 8 device) or a chance at the grand prize: a $10,000 paid trip to any place in the U.S.

Launched earlier this year, the Bing It On Challenge is an interactive online tool that challenges users to select the best search results from either Bing or Google. The challenge is simple – within the tool you search for five search queries of your choice and compare the two different unbranded results from Bing and Google side-by-side. For each search result, you choose a winner, or declare it a “draw”. After you complete your five search queries and vote for each one, the tool will show you the final score.

Microsoft claims that people chose Bing over Google nearly 2:1 in the blind comparison tests, though my own results would prove otherwise. To enter the sweepstakes or learn more, visit the challenge site at www.bingiton.com, Official rules can be found here.

Android 4.1.1 Jelly Bean Now Available For AT&T Samsung Galaxy S III Owners

Engadget is reporting that Android 4.1.1, better know as Jelly Bean, is now available for AT&T's Samsung Galaxy S III. So far reports have it pegged as only currently being available through KIES and not as an OTA update.


Samsung has said the update will include the following:
  • Camera Enhancements:
    • New live camera and camcorder filters offer a range of new ways to spark your creativity.Warm vintage, cold vintage, black and white, sepia, color highlights(blue, green, red/yellow), and many more are selectable from the main camera screen.
    • Pause and resume while recording videoallows users to string together multiple captured video clips from a party, birthday or sporting event into a single file with no post editing required.
    • Low light photo modetakes advantage of Galaxy S III’s best-in-class High Dynamic Range (HDR) capabilities and offers an optimized mode for low light and indoor photos.
  • Pop Up Play Update: Users can now easily resize or pausethe Pop Up Playpicture-in-picture videowindow, taking full advantage of the Galaxy S III’s powerful processor and large 4.8-inch screen.
  • Easy Mode:Easy Mode is a simplified user experience option for first-time smartphone owners, providing large home screen widgets that focus on the device essentials. The Easy widgets include both 4x2 and 4x4 arrangements of favorite contacts, favorite apps, favorite settings, clock and alarm.
  • Blocking Mode:Galaxy S III owners can disable incoming calls, notifications, alarms and LED indicators for a designated period of time.
  • Improved Usability: Users now have multiple keyboard options with the addition of the Swype® keyboard.


    Android 4.1 Jelly Bean offers users a smoother, faster and more fluid experience with expanded feature functionality, including:
    • Google Now:Google Now givesusers the right information at the right time, like how much traffic to expect before leaving work, when the next train is scheduled toarrive at the subway station or the score of a favorite team’s current game –conveniently delivered as notifications. Additionally, Google Now provides powerful voice assistant functionality across a range of domains, including weather, maps, navigation, search, image search, flight status and more. Google Now can conveniently be launched from the lock screen shortcut or by a long press on the menu button from any screen.
    • Rich Notifications:Notifications can now expand and shrink with a pinch to showthe right amount of information a user needs. Notifications have been enhancedso action can be taken without having to launch the app first – like sharing a screenshot directly from the notification.
    • Automatic Widget Adjustment:Customizing the home screen is easier than ever before. Users can simply place anew icon or widget on the screen, and existingicons will move out of the way to make space.When widgets are too big, they automatically resize to fit on the screen.
More Coverage via: xda-developers and Endgadget