Smart Office

Menu

The Inquirer

Hackers Target The Home

by

Consumers are now the main target of malicious hackers intent on enriching themselves through the misery of others.

 Vulnerabilities in desktop applications and the increased use of stealth techniques are on the rise among members of the digital underground, according to the latest edition of Symantec’s Internet Security Threat Report.

The report, which covers the first half of 2006, suggests that consumer security protection is weak, leaving Joe Public easy prey to identity thieves, botnet herders and other financially motivated criminals. Crackers are using a variety of techniques to escape detection and remain on infected systems for longer. Symantec reckons assaults against consumers account for 86 per cent of all targeted attacks. Banks and other financial sector organisations are the second most prevalent target for internet attacks. Phishing attacks almost doubled during the reporting period.

Free whitepaper – Improved J2EE Performance and User Experience with Pre-production Testing
The first six months of 2006 saw a continuation of the trend of large, widespread internet worms giving way to smaller, more targeted attacks focusing on fraud, data theft, and criminal activity. Client-side applications such as web browsers and email clients are popular attack targets.

Vulnerabilities affecting Web applications accounted for 69 per cent of all vulnerabilities documented by Symantec in the first half of 2006. Flaws in web browsers were particularly prominent in this mix with 47 vulnerabilities documented in Mozilla browsers (compared to 17 in the last reporting period), 38 in Microsoft Internet Explorer (compared to 25 in 2H05), and 12 in Apple Safari (compared to six in 2H05). Symantec fails to say how many of these vulnerabilities are serious, so direct comparisons may be misleading.

 

Ollie Whitehouse, Symantec research scientist and one of the authors of the report, told El Reg that the company didn’t classify in the report how many of these vulnerabilities might be used to inject hostile code, as opposed to simply crashing browsers.

Hide and seek
In the first half of 2006, 18 per cent of all malicious code samples detected by Symantec had not been seen before, indicating that hackers are trying harder to evade detection by signature-based anti virus and intrusion prevention systems.

Phishers are also attempting to bypass filtering technologies by creating multiple randomised messages. In H1 2006, 157,477 unique phishing messages were detected, 81 per cent more than the previous six months. The financial services sector was the most heavily phished, accounting for 84 per cent of phishing sites tracked by the Symantec.

Spam accounted for just over half (54 per cent) of monitored email traffic, slightly up from 50 per cent in 2H05. Malware authors are increasingly trying to tempt users into web sites hosting malicious code as opposed to burying viruses within infectious attachments, where hostile code is more likely to be blocked.

Networks of compromised PCs remain a lucrative resource for hackers. These bot networks can be used not only to spread malicious code, but to send spam or phishing messages, download adware and spyware, launch denial of service attacks, or harvest confidential user information.

Symantec identified more than 4.6m active bot network computers and observed an average of 57,717 active bot network computers per day during the first half of 2006. During the reporting period, the IT security firm observed an average of 6,110 denial of service attacks per day, a big increase from the 1,402 DoS attacks per day it recorded in the last six months of 2005. Just over half (54 per cent) of these attacks were thrown at US-based systems. ISPs bore the brunt of the onslaught.

 

Future imperfect
Other financially motivated attacks use modular malicious code, malware that updates itself or downloads more aggressive threat components onto compromised PCs once it gains a foothold. During the first half of 2006, modular malicious code accounted for 79 percent of the top 50 malicious code samples reported to Symantec. Malicious code samples capable of exposing confidential data represented 30 of the top 50 samples seen be the security firm.

Symantec predicts that virus writers will resurrect polymorphic virus techniques in a bid to escape detection by anti-virus filters. It also reckons hackers will apply “Web 2.0” concepts such as user-based publishing and technologies like AJAX in internet attacks.

Symantec documented 2,249 new vulnerabilities in the first half of 2006, an increase of 18 per cent over 2H05 and the highest volume of vulnerabilities recorded for any reporting period so far. Fuzzers, programs or scripts designed to find vulnerabilities in software code, will raise the vulnerability count even further.

On a more positive note, vendors are releasing software patches more quickly. The window of exposure for enterprise vendors and web browsers was 28 days, down from 50 days in the previous period. Microsoft Internet Explorer had an average window of exposure of nine days (down from 25), Apple Safari at five days (up from zero), Opera at two days (down from 18), and Mozilla at one day. These figures down take into account the effect of the latest, unpatched IE exploits might have on statistics.

For the first time, Symantec also looked at how long operating system vendors take to patch security bugs. Sun had the longest patch release time with 89 days followed by HP with 53 days. Apple took an average of 37 days while Microsoft and Red Hat had the lowest average patch release times of 13 days apiece.

 

Radical New Display Technology From Dell

by

Dell has shown for the first time new technology called Displayport. It claims that it will radically change monitor design.Talking up the goodness that is Displayport, Dell is suggesting that it will radically change monitor design.

Displayport is a smaller, more functional connector than VGA or DVI, allowing for daisy-chaining of displays, bi-directional communication and video and audio over a single cable.

The fact that the connector and the electronics required are so much smaller means we have some interesting new monitor designs, like this one. Consisting barely of a panel with a swanky clear surround, and only half an inch thin, Dell reckons this bad boy will be on sale before the year is out.

Seriously, Dell designed that? It looks like an absolutely insane piece of kit, requiring fanboy drool and everything. Is Dell about to get a clue when it comes to product design? Stranger things have happened.

Affordable 5.1 Sound For The Boardroom

by

We take a look at the majestic Logitech Interactive Speaker System to see whether its performance lives up to its fine looks.

Logitech Z-10 2.0 Interactive Sound System | $299.95 | | www.logitech.com
For: Reduces clutter of 5.1 systems; looks fantastic; profound sound
Against: Internet communication difficult; touchscreen reacts strangely at times
Verdict: A well-priced system that sounds great
_____________________________________________


Click to enlarge
Luckily, when it comes to the high-end segment, Logitech isn’t degrading the overall feel of the expensive component by using some third grade Made in the back-end of nowhere components. Rather it’s going all out to manufacture something that really looks good.
 
The device

The Z-10 is advertised as an Interactive 2.0 Speaker System. It is a two-speaker set with an integrated sound card, out of which one unit has an LCD display and touchscreen controls, while second one has Logitech logo. Declared power output of the units stands at 30 Watts.

Power and connecting cable are integrated into the box, so there is no choice of moving two speakers away more than 1.5 meters, the length of the connecting cable. However, even if you wish to run these on opposing sides of a 103″ plasma screen, you won’t over extend the cables.

First impression of these speakers is: Sheesh, they are heavy. Secondly, the speakers look just majestic. Our pictures may not do them justice but you can expect a mirror-style experience.

If you already own a Logitech G15 keyboard ($169.95), you can use LCD profiler for managing both LCD displays. Speakers are of course, compatible with all the LCD applets already released for the G15. This includes FRAPS and AMD utilities, so you can actually run frames per second or actual system clock (if you own an AMD CPU) on your speakers.


Click to enlarge
All of these, and even more… will be a part of your desktop experience
We have downloaded several add-ons from G15 forums and it is pretty interesting to see detailed stats about your computer, or just enjoy Logitech provided stats in WoW or your weapon in the adgame we know as Battlefield 2142.

One of the features is support for four favourite internet radio stations, but in order to bookmark it, you have to use either Windows Media Player, Apple iTunes or Real Player. So, for our favourite radio station, we used Windows Media Player. This part works flawlessly, just like everything else… apart from the touchscreen display.
 
At first, we were a bit confused when we saw that the touchscreen reacts at times, and sometimes it does not react at all. For controlling the device via advertised feature, you have to be pretty gentle and use “touch and go” (continuous touch won’t do you any favours) approach.

The Sound

As we mentioned, Logitech declares output power to 30 Watts per channel, which is more than sufficient for filling a nicely-sized daily room. Sounds stays pretty crisp and sharp until around 80% of maximum volume, but beware – you are guaranteed to hear the sound difference between even highest quality MP3 files at 128/192 and higher-quality 320 kbps. Audio CDs sound quite similar to our 9-year old Yamaha component line with Magnat’s 230W speakers. Of course, power isn’t comparable, but it’s not that we ever had more than 25% of the volume switched on. Logitech at 60% achieves same effect in the room, which only speaks about the quality. Kudos to implemented sound chip, works as a charm.
 


Click to enlarge
VoIP bonanza with several sound cards
However, there is one major setback of these speakers, most namely internet communication. If you use VoIP applications or Skype, you’re bound to have a bit more interaction with the computer once the phone starts ringing. You have to activate the volume control, and change from Z-10 back to computer’s soundcard. All the VoIP mess could have been easily avoided if Logitech added a mic in to stereo connector, located on left side of the LCD-enabled speaker.
 
Conclusion

Although the price is around the $300 mark, these aren’t your typical speakers. If you want your desk at either home or office to sport profound sound without all the clutter and cables a typical 5.1 system produces, and want that touchscreen feeling, there really isn’t any reason why we would not recommend this speaker set. Although, still… the idea of seeing our unread e-mail messages while listening to relaxing music after our workday sounds a bit… stress causing.

Microsoft Cash Pile Cut In Half

by

According to Bill Gates’ local newspaper. the Seattle Pi, Microsoft’s huge cash mountain is shrinking to the size of just an ordinary IT company.

Once legendary for its piles of cash, it seems that the Vole’s money mountain is half what it was two years ago when it eclipsed the sun and the royal family could take a well-earned sking holiday on its lower slopes.

In fact for the first time in five years, the Vole’s cash mountain is below $30 billion. OK, it is still a huge amount of dosh, but it seems that the software giant is spending money faster than most supercomputers can count it.

Windows and Office, are still generating large amounts of cash – about $1 billion a month – and the Vole has given its shareholders nearly $100 billion through dividends and by repurchasing its own stock in the past five years.

It is still buying up companies, but these are much smaller outfits and do not need lots of zeros on the cheque to buy.

The company is thinking of buying back a load of its own shares – again. In December Redmond authorised the buying of $29.3 billion worth of additional shares in the next glorious five year plan.