Patch Your Non-OS Applications

Love them or hate them, Microsoft has come a long way in making their Windows operating systems secure, mostly by employing built-in firewalls, default security settings and auto-patching features. Despite this, Windows is still the most-targeted operating system on the part of attackers, simply because it is the most ubiquitous. Now, instead of targeting flaws in the stronger operating systems, attackers have been hammering the weaker, unpatched, third-party “helper” applications.

In the past year, hackers have exposed vulnerabilities in the following programs to insert malware on Windows systems:

  • Skype
  • Flash Player
  • QuickTime
  • Real Player
  • Microsoft Office
  • Java
  • Acrobat Reader
  • Firefox
  • Symantec Anti-Virus
  • AOL Instant Messenger

Some of these programs, like Skype, do a pretty good job keeping themselves updated. Lately, QuickTime updates so often (as new vulnerabilities are found), I am beginning to think it has nagware built in. And while Symantec’s Norton Antivirus will automatically download new signatures, it won’t upgrade itself to a better, more-secure version.

Brian Krebs at the Washington Post sounded the alarm today about attackers using the latest vulnerabilities in Acrobat Reader to install malware and urges his readers to patch immediately. Krebs reminds us that Acrobat Reader would be an easy target:

It’s an interesting target for criminals because Adobe Reader has a truly enormous install base, yet it is one of those applications that so few people even think to update regularly. According to Adobe, more than 500 million copies of Adobe Reader have been distributed worldwide on 23 platforms and in 26 languages. The product also is distributed by the top 10 PC manufacturers.

It has been a while since a blended-threat worm such as Nimda or Code Red has circulated on the internet. And with most of the critical holes in Windows actually belonging to third-party applications that are not patched as often, the risk of a new blended threat emerging has never been higher.



Dubai to start building world’s largest arch bridge next month

Dubai, one of Earth’s most futuristic cities, has begun construction of the largest arch bridge ever built. With looks right out of a sci-fi movie and a hefty 817 million dollar price tag, this modern monument of architectural genius will span one mile and be 670 feet tall. Look for it in twenty twelve.

[Via World Architechture News]

Why you should always double check your “send to” address

Have you ever sent an email to someone in a hurry, only to realize a few minutes later that it has taken a completely different route, possibly wiping out your social and/or business life in the process? A mistake such as this, as shown below, can sure put you into a very uncomfortable position.

Had to remove the video from the post, sorry folks.



And the Geek Oscar for the best light-saber goes to…

By Mark O’Neill


“I’d like to thank George for making my light-sabre a nice shade of red….”

The writers strike has been resolved and the Oscars back on track for February 24th. But before Daniel Day-Lewis can pick up his Oscar, we need to first have the “Scientific and Technical Awards of the Academy of Motion Picture Arts and Sciences” – apparently otherwise known as the “Geek Oscars”.

These Oscars are apparently for the techie geeky side of movies – the CGI effects and the other special effects that go into making a good movie. Did you totally dig that alien monster in a movie you watched last night? The people who wrote the software for that alien are probably contenders for a Geek Oscar. George Lucas is probably a regular nominee.

As the Washington Post put it : “without these people, movies would just be actors acting. You might as well go see a play.”

Monster Cables: A bastardization of epic proportions

Everyone loves their expensive home theater setup. Some of us have poured thousands of dollars into enjoying reruns of the Brady Bunch; and after splurging on the TV, audio setup, and next gen media player, said devices need to be wired up for optimum viewing pleasure. Most people with money to burn would decide on outrageously overpriced Monster cables to get the job done.

Sure, Monster has –up until recently– had a pretty spotless reputation with HDMI and other cabling, but did you know that retailers make about an 80 percent profit off of pretty much every Monster cable that they force down your throat? The Consumerist put together a handy table which outlines the wholesale price of these cables as compared to what you and I would actually pay. A 19 foot Monster HDMI cable retails for about $180 with the wholesale clocking in at just under $100, creating a comfortable profit margin of 80 bucks.

You’re probably thinking right now: “But Ilya, if Monster Cables make things just a smidge more ‘Hi-Def’ then aren’t they worth it? Can’t you spare some of your advance journalistic integrity and rugged good looks to explain to me why the price is actually worth it?”. Sorry, but they’ve been proven to offer just about no visible improvement over cheaper wires.

In short: Go with cheaper cables and put the extra few hundred towards some new equipment.

Tags: , , , ,

The Simpsons….in real life!

By Mark O’Neill

I’m sure lots of you are big fans of the Simpsons and if so, then here’s something you’ll appreciate.  Someone went to a lot of time and effort to recreate the opening scene from the programme.  Judging from the look of the police officer and the background, it looks like it was shot in Great Britain.

The video is remarkably accurate, right down to Maggie blasting the car horn!

“So Jaredpower, what’s your burger-flipping experience?”

By Mark O’Neill

What is it with all the Second Life stories appearing in the mainstream media at the moment? Papers such as the Washington Post and the New York Times are suddenly going all Linden Labs crazy.

It seems that as well as the virtual reality world being used by terrorists and spies, it is also being used by employers to conduct virtual job interviews. The big employers are buying up virtual islands where they can hold company meetings and interviews.   A New York Times reporter undertook a dummy interview with Linden Labs to see how it was all done.

I guess it would be a big advantage if the job applicant was in another part of the country or even another country altogether.   Holding virtual interviews like this would also be beneficial if the job vacancy was in the area of computers, programming and virtual reality.   If the applicant demonstrated proficiency in getting into Second Life for the interview then they have already partly proved they are comfortable in that area.

But to be honest, if I was an employer and the job applicant’s name was Jaredpower Afarensis then I would be putting the local psych hospital on my phone speed-dial.

Let’s play Sim Iraq!

By Mark O’Neill

The latest tool in the US government’s arsenal in the war on terror – a virtual reality Sims game. Or as the Pentagon likes to call it, a ‘Human, Social, and Cultural Behavior Modeling program

Just a few days ago, I mentioned how the US intelligence community was using ‘Second Life’ for training. Now it seems it is also building virtual reality models of Iraq to get to know the place better.

They are hoping that by using these Sims-type games for training, they will discover :

how people communicate; what avenues of communication are traditionally trusted; who in that culture holds power and influence; how do tribal and trade associations interact; and where/how can societal behaviors contribute to options for stability and reduction in conflict potential.

Or they can just do what I did when I played the Sims. Set up a penthouse, buy a hot-tub and invite lots of hot girls around for a party.