http://www.w3exchange.com W3Exchange en http://backend.userland.com/rss http://www.w3exchange.com/view_topic.php?pid=8062#8062 8062@http://www.w3exchange.com Topic: FileView.Net Control 2008 released. Message: FileView.Net Control 2008 brings a drop-in Windows Explorer file and folder browsing functionality to your app. This UI component is a perfect replacement for the plain, inflexible, modal APIs which developers are currently limited to. It offers complete support for Thumbnail, Details and GroupView, AutoUpdate, dragdrop, icons, contextmenus, non-filesystem items, default key-handling, infotips and renaming. It features powerful behavior control and customization functionality that takes it miles ahead of Windows Explorer by adding features like filtering, checkboxes, custom items, custom columns and dragdrop control and customization of default contextmenus, displaynames, icons and infotips. When combined with FolderView and ShComboBox controls, it recreates the entire Windows Explorer UI in your app. FileView.Net is written in 100% managed code and completely supports a variety of IDEs and tools including Visual Studio 2008. FileView.Net has a royalty-free redistribution license and has no external dependencies.For Product Information, visit,http://www.ssware.com/fileview/fileview.htm Wed, 11 Jun 2008 02:29:58 -0700 http://www.w3exchange.com/view_topic.php?pid=7906#7906 7906@http://www.w3exchange.com Topic: EMC unveils two new disk libraries, de-duplication capabilities Message: EMC Corp. today announced two new disk arrays for small and midsize companies, as well as upgrades to the company's existing enterprise-class virtual tape library (VTL) that include policy-based data de-duplication and disk power-down capability.   At its annual conference, EMC World, EMC announced two new versions of its Disk Library series VTL: the DL 3D 1500 for entry-level shops, and the DL 3D 3000 for midrange environments. The new arrays are targeted at LAN-based backup, using NFS and CIFS protocols for file backup.  The DL 1500 offers up to 36TB of capacity, and the DL 3000 up to 148TB of capacity. Both systems use new, larger-capacity 1TB Serial ATA disk drives with RAID 6 protection, and they offer optional Fibre Channel ports for SAN connectivity. Both libraries will also include de-duplication capability. They are slated to be available May 28.  EMC plans to begin offering policy-based de-duplication on its DL 4000 enterprise-class VTL, according to Dave Donatelli, EMC's executive vice president of storage product operations. The new SATA 1TB drives will also be available in the DL 3D 4000 VTL, which previously used 750GB drives.   The DL 3D 4000 model will be available July 28.  While there are many varieties of deduplication -- host-based, client-based, block-based, file-based etc. -- EMC is using the technology on its VTL arrays to create a single copy of a document but allow it to be seen by multiple users through the creation of a pointer. For example, an e-mail sent around a corporation with an attachment would not include the actual attachment for every employee receiving the message, but a pointer to a centrally located file that only looked like an actual e-mail attachment.  EMC also added disk power-down capability on its DL 4000 VTL through an algorithm built into the array's management software, allowing users to put any number of disks into a "hibernation" mode when not in use, to save on power and extend overall hard disk drive life.   In a separate announcement, EMC also touted a new version of its NetWorker backup software for midsize businesses. NetWorker Fast Start integrates licensing, installation and setup under a single-panel view. The backup software supports up to 20 Windows or Linux servers and five applications, including SQL Server, Exchange and Oracle.  Both Donatelli and EMC CEO Joe Tucci emphasized the importance that solid-state disk drive technology will play at the highest level of enterprise-class primary storage. "Over the next two years, all [data] recovery will come off disk ... not tape," Tucci said. "Tape is too slow."  EMC announced support for solid-state disk drives in its enterprise-class DMX array in January.   Donatelli said that by the end of 2010, solid-state drives will be on price parity with the highest-end spinning disk drives and will represent greater and greater amounts of the Tier 1 capacity in DMX arrays.  Pricing for the DL 1500 array starts at $115,000 retail. The DL 3000 starts at $215,000, and the DL 4000 starts at $200,000. NetWorker Fast Start is priced at $18,500. Tue, 20 May 2008 03:59:07 -0700 http://www.w3exchange.com/view_topic.php?pid=7835#7835 7835@http://www.w3exchange.com Topic: Virtual Serial Port Kit 5.0.5 Message: United Kingdom, May 12, 2008, Liverpool - FabulaTech, a software development company, announced today the launch of Virtual Serial Port Kit updated version 5.0.5 which soon will take part in the worldwide software tradeshow WST on June, 19, 2008 in New York being currently available  at http://www.virtual-serial-port.comAccording to Robert Fischer, a company spokesman, Virtual Serial Port Kit version 5.0.5 is tenderly designed to create pairs of virtual serial ports in the system which are virtually connected to each other. Physical null modem cables are not required any more. One can connect any number of virtual port pairs. Virtual serial port pairs will look and work exactly like real hardware serial ports connected via null modem cables. Virtual Serial Port Kit is designed for software developers to speed up development process during software debugging.Additional offerings for discount  enable use of OEM license, the latter allows to integrate Virtual Serial Port Kit functionality into any own application and permits unlimited redistribution of Virtual Serial Port Kit as an integral part of one's own software without having individual license keys. Andrew Scott said OEM License grants a royalty free distribution, so it is no use to pay extra fee per every license of one's application."Whether you need to emulate unlimited number of serial ports and connect each pair of them via a virtual null-modem cable, Virtual Serial Port Kit is the ideal solution. For example, using VSPK, you can create pair of virtual serial ports (e.g. COM7 and COM8) and connect two applications to them. All data that the first application writes to COM7 is read from COM8 by the second application, and vice versa" says the Business Director of FabulaTech , John Scott. He added, "Virtual Serial Port Kit is extremely useful for serial software developers as it allows to speed up development process during debugging and data-logging period. You can debug your program (which uses serial port) by connecting it to another program (e.g. serial device emulator).You can connect ActiveSync directly to Pocket PC emulator using Virtual Serial Port Kit".According to Fischer, Virtual Serial Port Kit is the only program of its kind designed both for professionals, software developers and general users. Mon, 12 May 2008 06:35:53 -0700 http://www.w3exchange.com/view_topic.php?pid=7708#7708 7708@http://www.w3exchange.com Topic: Shell MegaPack.Net 2008 released Message: Shell MegaPack.Net is a Set of Windows Explorer like File & Folder Browser Components and User Controls. Consisting of a folder tree control, a file/folder list control and a drive-selection control, it completely mimics the Windows Explorer UI including Thumbnail, Detail & Group View, dragdrop, icons, context menus, virtual items, infotips and renaming. Additionally, it features advanced functionality like item filtering, multiple-root nodes, checkboxes, custom items, custom columns and allows customization of context menus, dragdrop, appearance, display names, icons, overlay icons and infotips. It is a perfect replacement for the plain, inflexible, modal APIs which developers are currently limited to.Also included is the ShellObjects set of components for creating quick launch-like appbars, displaying multiple MSN/Office2003 style popups, wizard UIs, animated tray icons, automatic form resizing, Vista-style task dialogs, system-wide hotkeys, task scheduler library, SingleInstanceComponent, shell file operations, system idle notifications and create and read shortcuts and internet shortcuts. Shell MegaPack.Net is written in 100% C# managed code; it fully supports Visual Studio 2008 and Net 3.5/3.0; it has a royalty-free redistribution license; it has no external dependencies and it comes with comprehensive documentation and numerous samplesFor Product Information, visit,http://www.ssware.com/megapack.htm Sun, 27 Apr 2008 22:50:57 -0700 http://www.w3exchange.com/view_topic.php?pid=7549#7549 7549@http://www.w3exchange.com Topic: HP unveils low-cost mini-laptop for education market Message: Hewlett-Packard Co. today unveiled a low-cost mini-laptop that's aimed at the education market.The HP 2133 Mini-Note PC, which has a starting price of less than $500, is a rugged machine with an 8.9-in. diagonal WXGA display -- three inches smaller than HP's next-smallest laptop screen. The full-featured laptop is designed for the education markets in North America, Europe and parts of Asia; it's also aimed at low-end business travelers, according to HP spokeswoman Carol Hess-Nickels.At slightly more than two and a half pounds, the HP 2133 weighs less than a lot of textbooks, said Hess-Nickels. Instead of using a processor from Intel Corp. or Advanced Micro Devices Inc., it has a single-core C7-M microprocessor from Taiwan-based Via Technologies Inc. (See Computerworld's review of the HP 2133.)Since HP is the top PC and laptop maker, releasing a product for the education market is a strong move for the company, said Richard Shim, an analyst at Framingham, Mass.-based research firm IDC."HP has been riding a wave of growth. They're No. 1 in notebooks and No. 1 in PCs," added Shim. "This isn't the type of product that you establish market share with. They're putting a product out there because they don't want to be left on the sidelines if there's tremendous growth in this category. Everybody is hedging their bets by coming out with a product. HP is going after a segment they know exists by going after education."Intel just last week unveiled a line of newly architected low-power processors called Atom chips, which are designed specifically for mobile Internet devices, but HP didn't pick Atom processors for its new little PC. The HP 2133 is interesting "because of the price it's at, the processor it uses and the form factor it's in," said Shim.The laptop has a nearly full-size keyboard that is spill resistant. The keyboard features HP DuraKeys, which have a clear coating to protect the finish and the printed letters and characters. Other features designed to improve the machine's durability include an all-aluminum casing with a magnesium alloy structure, along with a scratch-resistant acrylic covering."This is for K-12," said Hess-Nickels. "They're going to be rough on the units, so we needed to make them durable, while retaining the price point."The HP 2133 also has several optional features, such as a webcam and Bluetooth wireless technologies.HP will begin shipping the mini-laptop on April 15. Wed, 09 Apr 2008 02:15:03 -0700 http://www.w3exchange.com/view_topic.php?pid=7209#7209 7209@http://www.w3exchange.com Topic: King of Spam pleads guilty; faces 26 years in prison Message: The notorious spammer authorities dubbed "the King of Spam" is facing a possible 26-year jail sentence after pleading guilty in Seattle on Friday to charges of fraud and tax evasion.Robert Soloway, 28, had already been found guilty of spam charges in several civil cases -- Microsoft won a $7.8 million judgment against him in 2005 -- but had avoided paying fines in those cases. The criminal charges to which he pleaded guilty on Friday followed his arrest in 2007 by the U.S. Justice Department.He was arrested on criminal charges brought by the U.S. Department of Justice in May 2007.In a 2005 discussion group post, Soloway bragged, "I've been sued for hundreds of millions of dollars and have had my business running for over 10 years without ever paying a dime regardless to the outcome of any lawsuits."That year, Soloway raked in more than $300,000 from his spam operations, according to his plea agreement.Soloway has avoided fines in the past, but this time around he may not be so lucky. In addition to the jail time he now faces, he has also agreed to discuss his financial assets while being monitored by a lie detector.While there have been hundreds of spam prosecutions in the U.S., it is extremely rare for spammers to face criminal charges, and those involved in the matter say that Soloway's case could serve as a deterrent to other spammers.In an interview last month, Microsoft Senior Attorney Aaron Kornblum said he thought the prosecution would make other spammers think twice. "There have not been a large number of criminal CAN-SPAM prosecutions in the U.S.," he said. "This is significant."Soloway is set to be sentenced on June 20. The prosecution had been seeking $700,000 in damages when Soloway was first charged nearly a year ago. Sat, 15 Mar 2008 23:16:38 -0700 http://www.w3exchange.com/view_topic.php?pid=7181#7181 7181@http://www.w3exchange.com Topic: Motorola launches 802.11n-capable switch and access point Message: Motorola Inc. today announced a new wireless LAN switch and a new Wi-Fi access point, both designed to support the faster 802.11n draft specification.   The new RFS6000 switch can support up to 48 Ethernet ports to connect to access points. The eight-port version starts at $2,900, Motorola officials said. The access point, called the AP-7131, is the first on the market with three radios built in, and will   for $1,199. Both devices will ship next month.   Motorola joins a growing group of companies supporting the 802.11n specification, which is still in draft form. But it's far enough along for Siemens Networks, Cisco Systems, Trapeze Networks and others to ship devices.   Customers can feel secure that while the final specification for 802.11n might result in a software change, the hardware will not be changed and will not need to be replaced, said Sujai Hajela, general manager of the enterprise wireless LAN unit at Motorola.   Some customers have found that some access points using 802.11n require more power than what's provided in the current Power over Ethernet standard, known as 802.3af, and Motorola confirmed that all three radios will not work with that much power output. However, an emerging 802.3at standard provides for the power needed for all three radios. To reach a receiver at 75 to 100 feet from the access point, power will support only one radio, said Manish Rai, director of product marketing for enterprise wireless LAN.   However, Rai noted that Motorola's 802.11n products offer much faster speeds -- as much as four times faster -- compared to those provided by 802.11a/b/g radios. And 802.11n works over longer distances.   The San Marino Unified School District in San Marino, Calif. will use the new AP and other Motorola wireless point-to-point technologies to connect four school campuses, according to a statement released by Motorola. "In evaluating vendors for WLAN," said school representatives, only Motorola provided an end-to-end wireless solution with the advantage of smart adaptability and mesh that met our evolving needs."   Two IT managers who have been using Motorola 802.11a/b/g in retail environments said they will evaluate the new 802.11n gear, but have no immediate deployment plans. Todd Dvorak, project manager for management information systems at Circuit City Stores Inc. in Richmond, Va., said Wi-Fi has been a valuable tool in support of wireless tablet laptops carried by sales personnel to look up information for customers. He said plans for 802.11n adoption are not set, noting that Circuit City upgraded its networks three years ago to accommodate IBM-based point-of-sale systems. "Had n been around three years ago, we would have used it," he said. Wed, 12 Mar 2008 04:12:37 -0700 http://www.w3exchange.com/view_topic.php?pid=7135#7135 7135@http://www.w3exchange.com Topic: ShellObjects ActiveX 9.0 released Message: ShellObjects ActiveX brings to your app quick-launch-like appbars, MSN/Office2003 style popups, system-wide hotkeys, animated trayicons, vista-style task-dialogs, task scheduler library and much more.ShellObjects has a royalty-free redistribution license; it has no external dependencies and it comes with comprehensive documentation and numerous samples.For Product Information, visit,http://www.ssware.com/shlobj/shlobj.htmShellObjects has following components.ShellAppBar-------------------Quickly and easily convert your forms into application desktop toolbars - simply place the component on your form and you are done!Dock appbars to any screen edge or leave them undocked.Complete support for animated autohide functionality when appbar is not in user.Support for appbar resizing when docked.Complete support for drag-docking of appbars.Support for multi-monitor configurations.ShellPopupNotification---------------------------------Displays multiple popups in MSN or Office2003 style with complete customization of appearance. Multiple popups are automatically arranged on the screen and the arrangement origin and direction can be customized.Popups can be displayed using slide, fade or a combination of slide-fade animation with complete customization of animation properties and various slide styles. Popups can also be shown at programmer-defined locations on the screen. Popups can have a close button and an options button with the ability to automatically show a contextmenu when the options button is clicked Popups can be dragged around in Office2003 style by the gripper bar. A simple yet comprehensive API consisting of properties, methods and events allows complete customization and advanced control over the behavior. ShellNotifyIcon -------------------------Displays icons in the shell tray notification area. Supports animation with complete control over the animation properties.Supports multiple icons - a different icon can be shown at different times depending on the state of your application. Automatically display a context menu when the icon is clicked or right-clicked. Supports balloon style infotips when the icon is added to the system tray.Displays a tooltip when the mouse moves over the icon. A simple yet comprehensive API consisting of properties, methods and events allows complete customization and advanced control over the behavior.TaskDialog -------------------Full support for the new Vista task dialogs. Comprehensive task dialog features and functionality exposed via a simple set of methods, properties and events. Supports all task dialog features including progress bars, buttons, radio buttons, expando buttons and more. SystemHotKey---------------------Define system wide hotkeys which are listened for even when your application is not the active application. Full design-time support allows easy definition of the hotkey at design time. Hotkey can be enabled/disabled. TaskScheduler ------------------------Total control of the Windows Task Scheduler service Create, modify or delete tasks on local and remote computers. Add or delete a variety of triggers (event triggers, date/time triggers) from tasks. Simple yet powerful API for easy access to all features of the Task Scheduler.ShellLink--------------Allows applications to read, modify and create new shortcut/ shellinks (*.lnk files) through a simple set of properties and methods. UrlLink-----------Allows applications to read, modify and create new internet shortcuts (*.url files) through a simple set of properties and methods. Fri, 07 Mar 2008 02:21:51 -0800 http://www.w3exchange.com/view_topic.php?pid=6901#6901 6901@http://www.w3exchange.com Topic: Hackers spread malware with 'Hilary Clinton' spam Message: Cybercriminals may have weighed risk and reward and figured that the first isn't worth the second if they try to exploit the 2008 U.S. presidential campaign, a security researcher at Symantec Corp. said today.   At least for now.   "We've now seen just two instances of spam using political candidates to spread malicious code," said Oliver Friedrichs, director of Symantec's security response team and a writer on electoral cybercrime. "I think [hackers] are still a little skittish. The high visibility of the federal elections makes them cautious about stepping into it."   Earlier this week, researchers at both Symantec and McAfee Inc. reported a spam run that tried to trick users into downloading a Trojan horse posing as a video of Sen. Hillary Rodham Clinton (D-N.Y.) supposedly shot before Tuesday's Virginia primary. "Hilary [sic] Clinton visited her campaign headquarters in Virginia and did satellite interviews, looking beyond Tuesday's trio of contests and touting the importance of a March 4 vote in Ohio," the bogus e-mail read. "Full video. Download it now!"   Users who clicked the embedded link, however, were faced with a file pegged "mpg.exe." That file was actually a downloader, which in turn retrieved and installed the "Srizbi" Trojan horse -- malware that turns Windows-running PCs into spam-spewing bots.   The other example of what Friedrichs has called "electoral cybercrime" was a late-October 2007 spam blast ostensibly promoting Rep. Ron Paul (R-Texas) and his campaign for the Republican Party nomination. More than a month after that attack, which had links to the Srizbi Trojan horse like the Clinton one this week, researchers at SecureWorks Inc. linked the spam to a Ukrainian botnet.   McAfee researcher Alex Hinchliffe drew a line between this week's Clinton spam and the Russian Business Network, a notorious hacker and malware hosting network once based in St. Petersburg, Russia.   Although Friedrichs had speculated last year that the 2008 presidential campaign would see an increase in electoral attacks -- especially phishing attacks -- over the number that occurred in 2004, when there were just two reported cases, that hasn't happened yet.   Friedrichs offered a possible explanation. "The scale of an election is such that any potential disruption will clearly gather all the strength of all law enforcement," he said.   "But they haven't been afraid of phishing charities," Friedrichs said, citing the aggressive identity-theft attacks that exploited the aftereffects of Hurricane Katrina in New Orleans and the Gulf Coast states. "Maybe it's just too early. Maybe we'll see more [phishing] after the primaries are over."   A lot of money will be at stake. The campaign of Sen. Barack Obama (D-Ill.) raised $28 million online in January alone, according to news reports.   "That's a substantial amount of money. And clearly any sense of conscience or caution [on the part of hackers] might just go out the window," said Friedrichs. Sat, 16 Feb 2008 02:33:33 -0800 http://www.w3exchange.com/view_topic.php?pid=6704#6704 6704@http://www.w3exchange.com Topic: RealGames Announces Results of Casual Games Survey Message: Digital entertainment services company RealNetworks(R), Inc. today announced new survey results from consumers playing downloadable casual games from its RealGames(TM) family of sites and syndication network. In a survey of 1500 RealGames players, nearly 90 percent said they will watch video ads before and during natural breaks in casual games in exchange for free game play. Additionally, 34 percent of the respondents said they take further action and click on in-game advertisements to learn more about the advertised product or service.  Over the past two years, RealGames - the pioneer in in-game streaming video ads for downloadable casual games - has watched its customers embrace this innovative form of advertising with much more interest than many in the gaming industry originally expected. The Yankee Group recently reported that the global in-game advertising market which generated $77.7 million globally in 2006 will grow to $971.3 million by 2011.  "We have been evolving our customer sales model based on user's feedback since we created in-game streaming video advertising in the PC casual games space in 2006," said Chris Houtzer, senior director of new media, RealGames. "The right mix of advertising in our games gives us greater flexibility in providing advanced game-play options for our customers, sharing in incremental revenue with game developers, and delivering a competitive ROI for advertisers."  Houtzer added that the survey is a testament to the success of advertising and sponsorship programs in casual games and to new business models in the industry. The vast majority of survey respondents fall in the coveted 30 plus female purchaser range. Eighty-one percent were female and 65 percent were in the 35-64 age range which is in line with the core casual games demographic.  RealGames currently has a catalog of more than 500 downloadable games in seven different languages with more than 40 titles ad-enabled. The RealGames family of gaming portals includes RealArcade.com, GameHouse.com, Zylom.com, MrGoodLiving.com, Atrativa.com.br and GameTrust.com.  This year, RealNetworks plans to greatly expand the number of ad-enabled downloadable games. RealGames will also be participating in Google's AdSense for Games beta program to introduce in-game ads to its Web-based games. Wed, 06 Feb 2008 03:07:20 -0800 http://www.w3exchange.com/view_topic.php?pid=6598#6598 6598@http://www.w3exchange.com Topic: Crytek to Feature Cross Platform CryENGINE(R)2 at GDC Message: Crytek GmbH will demonstrate their multi award winning CryENGINE(R)2 game development middleware and their Sandbox 2(TM) game editor again at this year's Game Developer Conference on February 18 - 22 in San Francisco. First publicly shown at last year's conference, and recently released as the technology supporting the hit PC game, Crysis, this year's engine will be shown for the first time running on multiple hardware platforms such as the PS3 and Xbox 360, to a select audience.  In addition, Crytek will once again be hosting a series of public presentations of the CryENGINE(R)2 at their booth #6611 in the North Hall. For the first time, Crytek will also be joined at their booth by some of their many licensing partners, which will also show the CryENGINE(R)2 being used for architectural visualizations and serious games applications. Seating is on a first come, first served basis, and likely to fill quickly. There is no appointment needed to attend. Wed, 30 Jan 2008 02:26:47 -0800 http://www.w3exchange.com/view_topic.php?pid=6528#6528 6528@http://www.w3exchange.com Topic: Two New Worms Use Valentine's Day as Bait Message: Panda Security , a leading provider of IT security solutions, announced that PandaLabs, Panda Security's laboratory for detecting and analyzing malware, has detected two new worms, Nuwar.OL and Valentin.E, which use the topic of Valentine's Day to spread.  "Year after year we see the appearance of several malware strains that use Valentine's Day as bait to attract users," explains Luis Corrons, Technical Director of PandaLabs. "This indicates that cyber-crooks are still reaping the benefits of this technique and many people still fall into the trap."  The first one of these worms, Nuwar.OL, reaches computers by email with subjects like "I Love You Soo Much," "Inside My Heart" or "You ... In My Dreams." The text of the email includes a link to a website that downloads the malicious code. The page is very simple and looks like a romantic greeting card, with a large pink heart. Once it has infected a computer, the worm sends out a large amount of emails to the infected user's contacts, in order to spread. This also creates a heavy load on networks and slows down the computer.  Valentin.E is very similar to this. Like the Nuwar worm, it spreads by email in messages with subjects like "Searching for True Love" or "True Love" and an attached file called "friends4u." If the targeted user opens the file, a copy of the worm will be downloaded. The malicious code installs on the computer as a file with the .scr extension. If the user runs it, Valentin.E shows a new desktop background to trick the user, while it makes several copies of itself on the computer. Finally, the worm sends out emails with copies of itself from the infected computer to spread and infect more users.  "Both cases are clear examples of social engineering techniques used to spread malware. They use attractive subjects -- Valentine's Day greeting cards, romantic desktop themes, etc. -- to entice users to run attachments or click links that ultimately download malware onto their computers," continued Corrons.  Over the last few years, PandaLabs has detected several malware specimens that used Valentine's Day as bait to spread and infect users. Malware strains like Nuwar.D or the A and B variants of Nurech spread in emails with love themes and subjects like: "You and I Forever," "A Valentine Love Song," or "For My Valentine." In the case of Nurech.B the malicious code hid in an attached file with names such as "FLASH POSTCARD.EXE" or "GREETING CARD.EXE." Sat, 26 Jan 2008 01:52:06 -0800 http://www.w3exchange.com/view_topic.php?pid=6493#6493 6493@http://www.w3exchange.com Topic: Most malware comes from legit sites, says researcher Message: The majority of Web sites serving up attack code are legitimate domains that have been hacked by criminals, a security researcher said in a report released today. It's the first time that legitimate sites outnumber the malicious ones hackers purposefully set up to spread malware. According to data compiled by Websense Inc., 51% of the sites it classified as malicious in the second half of 2007 had been compromised and then seeded with attack code that infected unpatched machines visiting the URLs. The remaining 49% were "intentionally built for malicious intent," the Websense report said. Hacking legitimate sites to make them sling malware gives attackers instant advantages, added Dan Hubbard, Websense's vice president of security research. "It's a great vector because they don't need to drive users to the sites in many cases; they also get free hosting, of course, and [it's] hard to trace ownership," Hubbard said. "Additionally, if someone is allowing access based on reputation, then they may go undetected." The win-win for hackers -- who get a crack at the built-in audience that's composed of a hacked site's usual visitors -- is a lose-lose for everyone else, a fact that's been proved by several prominent events where hacked sites spewed out malicious code. A year ago, for example, the Web sites of Dolphin Stadium and the Miami Dolphins NFL team, host to Super Bowl XLI, were hacked so that they served visitors with malicious JavaScript that, in turn, tried to load a Trojan onto unpatched PCs. Then in August 2007, the Bank of India, one of that country's largest banks, was also found hosting attack code after being hacked. Later, criminals associated with the notorious Russian Business Network, a St. Petersburg-based malware and hacking hosting network, were implicated in the Bank of India compromise. The trend is accelerating, said Hubbard, who noted that the last report estimated that the share of malicious sites that were actually hacked legitimate domains was in the mid-30% range. In fact, a pair of recent mass hacks -- one that compromised upward of 90,000 sites and another at least 10,000 -- demonstrated the extent of the problem. Hubbard echoed that with an estimate of the number of sites serving up attack code. "Counting sites can be a tricky game [because] there are sometimes entire domains we classify that have thousands of pages," he said. "However, it's safe to say that at any given time, we have more than 2.5 million in the malicious categories." Sites are hacked in a variety of ways, said Hubbard, who noted that there is no one method that stands out. "[Compromises are] all over the place, unfortunately, [including] miss-configurations, no patches and so on." A significant number of the sites, however, are compromised by the multi-exploit tool kits made infamous by Mpack and Neosploit. Websense estimates that 19%, or about one in five, of malicious sites were created or compromised using such tool kits. Wed, 23 Jan 2008 22:47:54 -0800 http://www.w3exchange.com/view_topic.php?pid=6480#6480 6480@http://www.w3exchange.com Topic: Oracle Announces Oracle(R) Utilities Network Management System Release Message: Oracle today announced the availability of Oracle(R) Utilities Network ManagementSystem Release 1.8.0, an integrated suite of real-time operationstechnology applications designed to improve network reliability, maximizeasset utilization, reduce outage durations and increase customersatisfaction. This new release builds on the product's market leadership(1)in outage management with new enhancements to help utilities improvedistribution management, including new applications for Fault Location,Isolation and Service Restoration, as well as Volt/Var Optimization.Oracle Utilities Network Management System Release 1.8.0 leveragesOracle's application infrastructure -- including Oracle Database and OracleFusion Middleware -- to provide a unified application and technologyoperating environment. This combined application and supporting technologyenables utilities to leverage new functionality to support theirintelligent grid roadmaps."Maintaining high performance and service levels requires thevisibility to anticipate and respond to dynamic usage requirements," saidQuentin Grady, senior vice president and general manager, Oracle Utilities."Oracle Utilities Network Management System allows utilities to providerapid and cohesive responses to performance issues, and it serves as thefoundation for expanded services and enhanced operations."The Fault Location, Isolation and Service Restoration applicationwithin the new release integrates with distribution automation andSupervisory Control and Data Acquisition (SCADA) systems. The applicationautomates fault isolation and determines how to efficiently restoreservice. It also initiates closed-loop switching actions within 60 seconds-- without requiring dispatcher interaction, enabling utilities to quicklyreduce the number of customers experiencing sustained outage durations.Oracle's Optimal Power Flow Engine enhancements feature Volt/VarOptimization to minimize system losses. Volt/Var Optimization providesenhanced insight during system load changes -- providing system operatorswith additional flexibility and responses for managing peak loadconditions.Oracle Utilities Network Management System Release 1.8.0 also featuresAutomated Metering Infrastructure (AMI) Integration Adapters to supportIntelligent Grid and Smart Metering solutions. The integration of AMItechnologies into Oracle Utilities Network Management System provides theability to communicate with meters to enable restoration verification. As aresult, utilities can reduce the number of truck deployments when power hasalready been restored to the meter and receive more comprehensive outageextent notifications from meters reporting that power is off. Oracle'sfield-proven interfaces are based on a Service Oriented Architecture (SOA)implemented with Web services and exchanging MultiSpeak(R)-compliantextensible markup language (XML) messages.Oracle is providing additional capabilities to help utilities enhancesystem security and comply with industry mandates. New Oracle integrationto Lightweight Directory Access Protocol (LDAP) provides utilities withconsistent user name and password administration and management within thesystem. Simplified user access for Oracle Utilities Network ManagementSystem provides single sign-on to all network management systemapplications. Wed, 23 Jan 2008 03:02:13 -0800 http://www.w3exchange.com/view_topic.php?pid=6459#6459 6459@http://www.w3exchange.com Topic: Phone with fold-away screen to launch in mid-2008 Message: A Dutch company that has squeezed a display the size of two business cards into a gadget no bigger than other mobile phones--by making a screen that folds up when not in use--says the device will be available later this year. The 5-inch display of Polymer Vision's Readius is the world's first that folds out when the user wants to read news, blogs, or e-mail and folds back together so that the device can fit into a pocket. Polymer Vision, spun out of Philips, whetted the appetite of gadget fans more than two years ago when it showed off a prototype. Now the gadget is in production and will go head-to-head with Apple's iPhone and Amazon's e-book reader Kindle when it hits stores mid-2008. "You get the large display of e-reading, the super battery life of e-reading, and the high-end connectivity...and the form factor and weight of a mobile phone," said Karl McGoldrick, chief executive of the venture capital-funded firm, in which Philips still has a 25 percent stake. "We are taking e-reading and bringing it to the mobile phone." He would not say how much the Readius would cost, but said it would be comparable to a high-end mobile phone. McGoldrick said his "dream device," which the company planned to build within five years, was a mobile phone with an 8-inch color display that could show video. Like Amazon's Kindle, the Readius has a so-called electronic paper screen, which displays black-and-white text and images that look almost like they have been printed on paper. The device--which will also make phone calls--connects to the Internet using the third-generation mobile phone networks with high data speeds. The company said it is talking to retailers as well as mobile operators to   the device. Like Apple's iPhone, the gadget offers the chance for operators to boost data usage, which is more profitable than voice revenue. Users will be able to set up their e-mail accounts, news sources, podcasts, audio books, and blog feeds at home on their computer, and the data is then pushed to the device whenever it is updated. McGoldrick said the company opted to use this approach--which rules out quickly browsing the Web on the go--because it was simpler in a mobile environment. "I see these devices with 50 buttons on them. We have eight," he said, adding that the company plans to add a keypad to future models. Tue, 22 Jan 2008 03:07:41 -0800