Recent Posts

Microsoft employs a server-side SPIM filter on its Messenger network for blocking malicious URLs in order to keep its users safe from the spread of malware. The system doesn’t always work, however. Most recently, Windows Live Messenger users have reported that TinyURL.com, a popular URL-shortening service that gets over 1.5 billion hits each month, is being blocked. Since the site can be potentially used to help send users to malicious websites, Microsoft may have done this intentionally. It may even be possible that there is currently a piece of malware out there that uses TinyURL to redirect users to a malicious site. Either way, TinyURL is being blocked regardless of what site a given URL redirects to:

Microsoft has blocked domains on the its instant-messaging service before, but last time, when YouTube and DeviantArt was blocked, Microsoft blamed its third-party partner that manages the URL blocking and explained that the blocking of a specific URL or whole domain is determined by multiple factors. Microsoft apologized for the blunder, but did not further detail how legitimate URLs were mistaken for harmful ones. This time, it’s not clear if Microsoft considers TinyURL to be a legitimate site; we’ll keep you posted as this story develops.

A Microsoft spokesperson told Ars: “We are very serious in our efforts to block virus, malware and other harmful URLs from being passed on to our customers. We’re continually working to improve this process so that we can keep our customers safe without having a negative impact on your Messenger service. We are aware that Windows Live Messenger is currently blocking the URL tinyurl.com. This URL is being blocked unintentionally and we are working to take the appropriate steps to remedy the situation as quickly as possible. We sincerely apologize for any inconvenience and disruption this may be causing our customers.”

Article Source

If you having a much money on your bank account and ready to pamper your fingers when you update your blog or surfing on the net, might you can try the Gold-plated computer keyboards from a Japanese Wazakura Koubou. The keyboard go with a couple of USB hubs and coated by 99.99% pure gold around the plated. If interested, you can pick the Kagayaki or Kirameki models into your home with an expected sale price of $270 and $217 respectively.

Since his briefing on a massive patch for the Internet’s domain-name system (DNS) earlier in the week, Dan Kaminsky has had to weather the disbelief of several prominent security researchers.

On Wednesday, Kaminsky, the director of penetration testing for security firm IOActive, attempted to head off more criticism by bringing a few researchers into the circle of network professionals that have been briefed on his technique for spoofing domain-name service (DNS) requests. While the susceptibility of the DNS system to spoofing attacks is well known, Kaminsky has reportedly demonstrated a technique that makes such attacks trivial.

Thomas Ptacek, principal at security firm Matasano, is one of the security researchers that has done an about-face after hearing the details of Kaminsky’s attack.

“I started out as a very open and loud skeptic, because I didn’t think that you could find anything in 2008 that we already hadn’t found in DNS,” said Thomas Ptacek, principal at security firm Matasano. “It turns out that he has the goods.”

On Tuesday, Microsoft, Cisco, Internet Systems Consortium (ISC) and network-technology vendors announced the near-simultaneous release of software patches that aimed to make attacks on name servers much more difficult. The domain-name system (DNS) has been a popular way to attack the Internet in the past, and it’s an ill-kept secret that the DNS system is insecure.

While Kaminsky — with the help of, most notably, ISC president Paul Vixie — managed to bring DNS experts and software vendors together to create a workaround for the domain-name system, the researcher now says he made a mistake by not bringing in more members of the security community.

“I really, really underestimated the impact of not having hackers on board,” he said. “I made a mistake, and if I did it again, I would do it differently.”

Article Source

Apple has released iTunes 7.7 ahead of the iPhone 3G launch tomorrow morning. Users who run the updated version of the software can access the App Store through a PC and browse about 500 third-party applications for the iPhone/iPod touch.

Only hours after Apple announced that the App Store will go live by Friday morning, the company updated its iTunes software to version 7.7. The updated media jukebox delivers support for the iPhone 3G, the iPhone 2.0 firmware update, downloading and syncing applications from the App Store for the iPhone/iPod touch, remote control of iTunes content playback using Apple’s free Remote application for iPhone/iPod touch and support for the new MobileMe cloud service.

The updated software is offered by Apple as a free download for Mac and PC. The iPhone 2.0 software is scheduled to appear in iTunes Friday morning. Along iTunes, Apple also quietly released Apple TV 2.1. The update enhances the set-top streaming media device with support for the remote application and Mobile Me service.

The biggest news in iTunes 7.7 is the ability to access the App Store using iTunes interface, available by clicking on the iTunes Store section in the iTunes application. Applications are categorized in the categories Business, Education, Entertainment, Finance, Games, Healthcare & Fitness, Lifestyle, Music, Navigation, News, Photography, Productivity, Reference, Social Networking, Sports, Travel, Utilities and Weather.

When you purchase or download a free application using iTunes, it will be stored locally in your iTunes library. Individual or all applications from your library can then be side-loaded to your iPhone. However, a native App Store application will also arrive as an integral part of the iPhone 2.0 firmware update. It will allow users to wirelessly browse, download and install applications directly from their handset, using the cellular or a Wi-Fi connection.Apple has posted an App Store Frequently Asked Questions list that is available through iTunes 7.7.

Article Source