13BIT IT news Blog

IBM has pioneered the process at their Almaden Research lab in California. Essentially, researchers detect 'magnetic anisotropy, a property of the magnetic field that gives it the ability to maintain a particular direction'. Since the process allows the detection of the 'direction' individual atoms are facing, this is the first step towards the ones and zeroes used in binary. "In a second report, researchers at IBM's lab in Zurich, Switzerland, said they had used an individual molecule as an electric switch that could potentially replace the transistors used in modern
chips. The company published both research reports in Friday's edition of the journal Science.The new technologies are at least 10 years from being used for components in commercial products, but the discoveries will allow scientists to take a large step forward in their quest to replace silicon, said IBM spokesman Matthew McMahon.

A Swedish IT consultant has caused a stir in diplomatic circles after publishing a list of secret log-in details belonging to 100 embassies, public authorities and political parties around the world. Dan Egerstad said he wasn't trying to earn money, gain publicity or get a name for himself in hacking circles. Instead he claimed that publishing the list was easier than contacting the organizations individually and that if he had handed it to the Swedish authorities then that would have been spying.

The blogosphere has hit the mainstream, according to a new survey, which reveals that 80% of Americans know what a blog is, 50% regularly visit blogs, and 8% publish their own blog. The survey also reveals that more women than men are bloggers, with 20% of American women who have visited blogs having their own versus 14% of men.

Up to 15,000 people will get access to a beta of SP1 by the end of September; general release is targeted for early 2008. The service pack is said to improve performance and stability, not to add features.

One in 10 web pages scrutinised by search giant Google contained malicious code that could infect a user’s PC.Researchers from the firm surveyed billions of sites, subjecting 4.5 million pages to “in-depth analysis”.

About 450,000 were capable of launching so-called “drive-by downloads”, sites that install malicious code, such as spyware, without a user’s knowledge.

A further 700,000 pages were thought to contain code that could compromise a user’s computer, the team report.

To address the problem, the researchers say the company has “started an effort to identify all web pages on the internet that could be malicious”.

Phantom sites

Drive-by downloads are an increasingly common way to infect a computer or steal sensitive information.

They usually consist of malicious programs that automatically install when a potential victim visits a booby-trapped website.

“To entice users to install malware, adversaries employ social engineering,” wrote Google researcher Niels Provos and his colleagues in a paper titled The Ghost In The Browser.

Finding all the web-based infection vectors is a significant challenge and requires almost complete knowledge of the web Google researchers Hi-tech crime Avoiding attacks

“The user is presented with links that promise access to ‘interesting’ pages with explicit pornographic content, copyrighted software or media. A common example are sites that display thumbnails to adult videos.”

The vast majority exploit vulnerabilities in Microsoft’s Internet Explorer browser to install themselves.

Some downloads, such as those that alter bookmarks, install unwanted toolbars or change the start page of a browser, are an annoyance. But increasingly, criminals are using drive-bys to install keyloggers that steal login and password information.

Other pieces of malicious code hijack a computer turning it into a “bot”, a remotely controlled PC.

Drive-by downloads represent a shift away from traditional methods of infecting a computer, such as spam and email attachments.

Attack plan

As well as characterising the scale of the problem on the net, the Google study analysed the main methods by which criminals inject malicious code on to innocent web pages.

Spam e-mails are a common way to infect a computer

It found that the code was often contained in those parts of the website not designed or controlled by the website owner, such as banner adverts and widgets.

Widgets are small programs that may, for example, display a calendar on a webpage or a web traffic counter. These are often downloaded from third-party sites.

The rise of web 2.0 and user-generated content gave criminals other channels, or vectors, of attack, it found.

For example, postings in blogs and forums that contain links to images or other content could unwittingly infect a user.

The study also found that gangs were able to hijack web servers, effectively taking over and infecting all of the web pages hosted on the computer.

In a test, the researchers’ computer was infected with 50 different pieces of malware by visiting a web page hosted on a hijacked server.

The firm is now in the process of mapping the malware threat.

Google, part of the StopBadware coalition, already warns users if they are about to visit a potentially harmful website, displaying a message that reads “this site may harm your computer” next to the search results.

“Marking pages with a label allows users to avoid exposure to such sites and results in fewer users being infected,” the researchers wrote.

However, the task will not be easy, they say.

“Finding all the web-based infection vectors is a significant challenge and requires almost complete knowledge of the web as a whole,” they wrote.

http://news.bbc.co.uk/2/hi/technology/6645895.stm

Posts on Neowin and Autopatcher's site announce Microsoft has forced the closure of the Autopatcher download section. Details are scarce as to the exact reason for the take down after over 4 years of availability, but an official from Microsoft legal says that it has nothing to do with Windows Genuine Advantage. Goodbye to another useful tool that helped sysadmins apply Microsoft's numerous patches.

I like the idea of keeping my data private, so I thought you guys might like this how-to that [mark] put together. He mentions some decent dedicated distributions like FreeNAS and Cyrptobox, but he used OpenBSD for his.

 

 

 

 

 

 

According to the The Privacy Rights Clearing House 158 million records have been exposed over the past two years as a result of inadequate security. Data's less secure today because as fast as banks, merchants and consumers add new layers of security to their storage systems and networks, new technologies ”or simply careless users” create new security holes, according to Bob Scheier at Computerworld.

Codeplex is interesting to me for several reasons, but primarily because it demonstrates something that I've argued for many years now: open source on the Windows platform is a huge opportunity for Microsoft. It is something for the company to embrace, not despise.

It is nice to see the open source projects' progress in Microsoft world, especially it is been extremely fast growth after the Codeplex launched, and also GotDotNet suggests their hosted projects to move on to Codeplex. As you might remember, I have submitted a post about Codeplex a few weeks ago; Microsoft Open Source Projects. This time, it is proud to list most popular and active top 25 projects that has been hosted in Codeplex.

• AJAX Control Toolkit - a collection of samples and components which make it easier than ever to build and consume rich client-side controls and extenders built on the Microsoft AJAX Library and ASP.NET 2.0 AJAX Extensions. The Toolkit provides both ready to go samples and a powerful SDK to simplify the creation and re-use of your own custom controls and extenders.
• BlogEngine.NET - a full featured blog engine targeted at .NET developers. It is light weight and very simple to modify and extend.
• SharpMap - an easy-to-use map rendering and display engine, including AJAX-powered ASP.Net UserControl and a WinForm 2.0 control. You supply it with GIS data for use in web and desktop applications, and it generates eye-catching, useful maps. Written in C# 2.0.
• VMukti P2P Multipoint Real-time Rich Media Collaboration Platform - Web2.0, distributed, peer-to-peer, grid computing, unified communications SAAS platform for web, phone, and IM rich media collaboration & conference. This Multipoint VoIP, VVoIP Video service delivery platform is based on C#, WPF, WCF, & .NET 3.5.
• GoTraxx - C# program that plays the game of Go.
• DocProject for Sandcastle - drives the Sandcastle help generation tools using the power of Visual Studio 2005/2008 and MSBuild. Choose from various project templates that build compiled help 1.x or 2.x for all project references. DocProject facilitates the administration and development of project documentation with Sandcastle, allowing you to use the integrated tools of Visual Studio to customize Sandcastle's output.
  
• IronPython - a new implementation of the Python programming language on the .NET Framework. It supports an interactive interpreter with fully dynamic compilation. It is well integrated with the rest of the framework and makes all .NET libraries easily available to Python programmers.
• umbraco - a Content Management Platform (CMS) written in c# on the Microsoft .NET platform. It's fast, flexible and with a user interface that makes it a charm to use.
• Coding4Fun Developer Kit - a collection of components, controls and samples in both Visual Basic and Visual C#. The features of the kit include a single installation file that provides users easy access off the Windows Start Menu to the documentation, sample executables and source code; a toolbox entry within Visual Studio for all components and controls for easy drag 'n drop experience.
• Community Kit for SharePoint - a set of best practices, templates, Web Parts, tools, and source code that enables practically anyone to create a community website based on SharePoint technology for practically any group of people with a common interest.
• Facebook Developer Toolkit - the original Facebook Developer Toolkit for the Microsoft Visual Studio Express Team. This project contains .NET wrappers to the Facebook API. Also, includes sample projects and controls. We are going to start by trying to maintain both the vb.net and C# code bases.
• TheBeerHouse - CMS & e-commerce StarterKit, an ASP.NET 2.0 website which features a layout with user-selectable themes, a membership system, a content management system for publishing and syndicating articles and photos, polls, mailing lists, forums, an e-commerce store with support for real-time credit card processing, homepage personalization, localization and more.
• Vista Battery Saver - tinny program will save up to 70% of your battery by disabling those nice, but greedy Vista features. Running in task bar with private workset of 5.5M and 0% CPU it will do all work for you, by enabling and disabling customizable features when power source changed or battery power fall under certain percent.

 

• Ajax.NET Professional - one of the first AJAX frameworks for Microsoft ASP.NET and is working with .NET 1.1 and 2.0. The framework will create proxy classes on client-side JavaScript to invoke methods on the web server with full data type support working on all common web browsers including mobile devices.
• Sandcastle Help File Builder - consists of a GUI front end that lets you interactively build help files using Sandcastle. A console mode version is also supplied that allows you to build help files as part of the normal project build. The GUI front end provides access to project settings that let you configure various aspects of the resulting help file including the ability to add additional content, build HTML Help 1, HTML Help 2, or website output.
• dashCommerce - a free, open source e-commerce storefront written specifically for ASP.NET 2.0. It features out-of-the-box product catalog and shopping cart functionality that allows website owners to setup, run, and maintain an online store with little or no costs, license fees, or limitations. dashCommerce offers .NET developers of all skill levels the ability to create an e-commerce site quickly and efficiently. The project is built in C# and takes advantage of features of the Microsoft.NET Framework 2.0. It also supports PayPal Website Payments Standard and Pro as the payment engine.
• PHP Excel 2007 classes - a set of classes for the PHP programming language, which allow you to write to Excel 2007 files and read from Excel 2007 files.
• Power Toys Pack Installer - one-stop download utility for all things power toys. Get latest releases and updates from just a single executable.
• ProMesh.NET Web Application Framework - a MVC-ready lightweight web application framework for .NET 2.0. It includes a full unit testing framework.
• Terminals - a multi tab terminal client to ease the work of anyone who needs to connect simultaneously to more then one terminal server/remote desktop.
  Terminals uses Microsoft Terminal Services ActiveX.
• Vista Virtual Desktop Manager - A virtual desktop manager made for Windows Vista using the new thumbnail APIs to create a live preview of all of your desktops.
• DinnerNow.net - a fictitious marketplace where customers can order food from local restaurants for delivery to their home or office. This sample application is designed to demonstrate how you can develop a connected application using several new Microsoft technologies, including: IIS7, ASP.NET Ajax Extensions, Linq, Windows Communication Foundation, Windows Workflow Foundation, Windows Presentation Foundation, Windows Powershell, and the .NET Compact Framework.
• SQL Server Hosting Toolkit - A suite of tools designed to enable shared hosters to provide a great experience around hosted SQL Server.
• Ionics Isapi Rewrite Filter - a small, cheap, easy to use, URL rewriting ISAPI filter that combines a good price (free!) with good features. It is implemented in about 1700 lines of C code, works with IIS 5.x and 6, does regular-expression matching, rewriting, redirects, and RewriteCond. IIS7 will have a nice model for managed ISAPI, but IIRF is available now.
• PowerShell Community Extensions - provides a widely useful set of additional cmdlets, providers, aliases, filters, functions and scripts for Windows PowerShell that members of the community have expressed interest in but didn't make it into PowerShell v1.0. Examples of these cmdlets are Get-Clipboard, Out-Clipboard, Get-Hash, Get-ShortPath, Set-FileTime, New-SymLink, Format-Hex, Format-Xml, Test-Xml, Test-Assembly, Ping-Host, etc.
• QuickGraph 2.0 - provides generic directed graph datastructures and algorithms for them. It also comes with algorithms such as depth first seach, breath first search, shortest path, network flow etc...
• SharePoint 2007 Features - add new functionality to a SharePoint 2007 farm, site collection, or site. This project will create Features to address deficiencies in SharePoint 2007 or add new capabilities. You should understand a little about Features before trying these out. The packages here use batch files or WSP files to install the Features. After installation, be sure to activate the Features to see them in SharePoint.
• iTunes 2.0 - an online rich internet application. Using ajax.asp.net and silverlight im going to bring the iTunes experience completely online.
• Facebook.NET - a framework for creating Facebook applications in .NET. It is optimized for creating ASP.NET-based Facebook applications.
• ASP.NET RSS Toolkit - gives ASP.Net applications the ability to consume and publish to RSS feeds.
• BDCToolkit - The MOSS BDC & DAL generator is a tool that generates typed webservices and a typed c# data access layer from an BDC application definition. It also ensures that the code that has been generated is used on the correct application definition.
• DbEntry.Net - a lightweight Object Relational Mapping (ORM) database access compnent for .Net 2.0. By using Generics and Anonymous Method, it has clearly and easily programing interface. It based on ADO.NET, and supported C#, Visual Basic, ASP.NET, Access, SqlServer, MySql and SQLite etc...
• System Search to LinQ - create a LinQ extension to interact with the new functionality of desktop search using de advantages of the elegant and efficient programming model introduced by C# 3.0
• D.NET (DDotNet) - a "Development for .NET" framework, created to help all developers to create a better applications. Contains a implementation of ORM (Object Relational Mapping) framework with Business Objects Framework and other components.
• TFSBuildLab - simplify the day to day operations when using automated builds and Team System.
• Blind Shark - a musical game, where you have to find the music being played before your opponents.
• Balder - A 3D game engine for Silverlight and possibly other .net based technologies.
• Elephant Game Framework - a small Game Framework, currently set with a focus on game development through Microsoft XNA.
• PoshConsole - a more modern PowerShell Console.

Blumer web development

Before you read this blog I want you to know that I have no intention to hack into Office 2007. When Office 2007 was RTM'ed and downloadable on MSDN I used Office Professional 2007. For my new course, SharePoint BI, which I'm writing at the moment I needed InfoPath as well. With InfoPath I can easily create forms and publish those on SharePoint. Nevertheless InfoPath is only available in Office Professional Plus 2007 or Office Enterprise 2007. So I downloaded Office Professional Plus 2007, because the other options in the Enterprise version I don't need at all. When I installed the product, I totally forgot to obtain a new Product Key. I thought I could use my current Product Key. And as expected the key was accepted during the install phase, but when I tried to activate my product with MS it complained the Product Key isn't usable. This gave me a situation where I needed to reenter a new obtained Product Key, but it's not possible in Add/Remove Programs control panel.

I found the following solution on the Internet. This describes an other error, but it gave me the ability to reenter a new Product Key.

Follow these steps:

1. Close all Microsoft Office applications.
   
   
2. Click Start, click Run, type regedit in the Open box, and then click OK.
   
   
3. Locate the following registry subkey:
   HKEY_LOCAL_MACHINE\Software\Microsoft\Office\12.0\Registration
   
   Note You may also find another subkey that resembles the following subkey:
   
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\Registration\{91120000-0011-0000-0000-0000000FF1CE}
   
   
4. If you find additional subkeys that reference Microsoft 12.0 registration, open each subkey, and then identify the product by the ProductName entry.
   For example: ProductName=Microsoft Office Professional Plus 2007
   
   
5. When you find the subkey for the product from which you want to remove the existing product license key, delete the following entries:
   • DigitalProductID
   • ProductID
     
     
6. Exit Registry Editor.

The next time that you try to run an Office application, you will be prompted for a new product license key. Then, you can enter the product license key.

Hit the "Install Now" button and you Office app, will be updated with the new key. After updating you can activate you Office app, without reinstalling it.

 

A rocket-powered bionic arm has been successfully developed and tested by a team of mechanical engineers at Vanderbilt University as part of a $30 million military program to develop advanced prosthetic devices for next generation of super-soldiers.

The mechanical arm mechanical arm with a miniature rocket motor can lift (curl) about 20 to 25 pounds, three to four times more than current commercial arms, and can do so three to four times faster.

“That means it has about 10 times as much power as other arms despite the fact that the design hasn’t been optimized yet for strength or power,” Michael Goldfarb, the professor of mechanical engineering who is leading the effort, said.

Tests show that the mechanical arm also functions more naturally than previous models.

Conventional prosthetic arms have only two joints, the elbow and claw, but the prototype’s wrist twists and bends and its fingers and thumb open and close independently.

The Vanderbilt arm is the most unconventional of three prosthetic arms under development by the Defense Advanced Research Project Agency (DARPA) program.

The other two units, powered by batteries and electric motors, are being designed by researchers at the Advanced Physics Laboratory at Johns Hopkins University in Baltimore who head the program.

The military is funding neuroscientists at the University of Utah, California Institute of Technology and the Rehabilitation Institute of Chicago who are developing advanced methods for controlling the arms by connecting them to nerves in the users’ bodies or brains.

“Battery power has been adequate for the current generation of prosthetic arms because their functionality is so limited that people don’t use them much,” Goldfarb says. “The more functional the prosthesis, the more the person will use it and the more energy it will consume.”

At a certain point, the weight of the batteries required to provide the energy to operate the arm for a reasonable period becomes a problem, and it was this poor power-to-weight ratio of the batteries that drove Goldfarb to look for alternatives while working on an exoskeleton project for DARPA.

Goldfarb’s power source is about the size of a pencil and contains a special catalyst that causes hydrogen peroxide to burn produce pure steam which is used to open and close a series of valves.

The valves are connected to the spring-loaded joints by belts made of a special monofilament used in appliance handles and aircraft parts and a small sealed canister of hydrogen peroxide that easily fits in the upper arm can provide enough energy to power the device for 18 hours of normal activity.

By covering the hottest parts with special insulating plastic, they were able to reduce surface temperatures enough so they are safe to touch and the steam exhaust is vented through a porous cover, where it evaporates like natural perspiration.

“The amount of water involved is about the same as a person would normally sweat from their arm in a warm day,” Goldfarb says.

Goldfarb denies he is creating a superman for the military.

“Our design does not have superhuman strength or capability, but it is closer in terms of function and power to a human arm than any previous prosthetic device that is self-powered and weighs about the same as a natural arm,” he said.

A web connection via the toilet bowl may sound like Google's most recent April Fool, but the University of Aberdeen plans to welcome students back with a high bandwidth internet network connected via the sewers. The university tapped H2O Networks to provide a high capacity link for the next 10 years, enabling students to access the internet from their halls of residence. H2O Networks is a deploying dark fibre in the UK's waste water network to enable connectivity to those who have limited access. The network is known as 'fibre via the sewer'