A security consultant based in New Zealand has released a tool that can unlock Windows computers in seconds without the need for a password.
Adam Boileau first demonstrated the hack, which affects Windows XP computers but has not yet been tested with Windows Vista, at a security conference in Sydney in 2006, but Microsoft has yet to develop a fix.
Interviewed in ITRadio's Risky Business podcast, Boileau said the tool, released to the public today, could "unlock locked Windows machines or login without a password ... merely by plugging in your Firewire cable and running a command".
Boileau, a consultant with Immunity Inc., said he did not release the tool publicly in 2006 because "Microsoft was a little cagey about exactly whether Firewire memory access was a real security issue or not and we didn't want to cause any real trouble".
But now that a couple of years have passed and the issue has not resolved, Boileau decided to release the tool on his website.
To use the tool, hackers must connect a Linux-based computer to a Firewire port on the target machine. The machine is then tricked into allowing the attacking computer to have read and write access to its memory.
With full access to the memory, the tool can then modify Windows' password protection code, which is stored there, and render it ineffective.
Older desktop computers do not come equipped with Firewire ports, which are needed for the hack to work, but many recent models do. Most laptops made in the last few years include Firewire ports.
Paul Ducklin, head of technology for security firm Sophos, said the security hole found by Boileau was not a vulnerability or bug in the traditional sense, because the ability to use the Firewire port to access a computer's memory was actually a feature of Firewire.
"If you have a Firewire port, disable it when you aren't using it," Ducklin said.
"That way, if someone does plug into your port unexpectedly, your side of the Firewire link is dead, so they can't interact with your PC, legitimately or otherwise."
Ducklin also advised people to be careful when giving others physical access to their computer.
"I know people who'd think three times about asking passing strangers to take their photo in front of the Opera House in case they did a runner with the camera, yet who are much more casual with their laptop PC, as long as it's software-locked, even though the hardware alone is worth five times as much as the camera," he said.
Monday, October 12, 2009
Microsoft to Buy Yahoo Search and Then Facebook
Rumours from silicon valley this week point towards Microsoft purchasing Yahoo Search and then using $20 billion to get hold of Facebook. Microsoft picking up the Yahoo search business.
Word is that this deal will be done this week. While this is not surprising, it does bring to question the motives and plans of Microsoft.Techmeme is buzzing about the latest Microsoft Yahoo talks that has Microsoft buying the Yahoo Search business only. Here is Microsoft’s and Yahoo official statements.
Why would such a complicated transaction (just Yahoo search with all the headaches and all) be in the cards for Microsoft? After the failed bid for $40 plus billion for all of Yahoo, Microsoft’s intentions are clear. Buy the search business from Yahoo and take that team and go spend at least 20 billion for Facebook. Integrating the search team at Yahoo with Facebook puts a formidable army to take on Google.
Friday, October 9, 2009
Apple Iphone OS 3.1.2.
Apple on Thursday released an update for the iPhone operating system, bringing the current version of the OS to 3.1.2.
According to notes accompanying the update, Apple fixed three bugs, which may not seem like a lot, but they are important. Among the changes is a fix for what Apple says is a "sporadic issue," where the iPhone would not wake up from sleep mode.
The update also resolves an issue that could interrupt the cell network until the phone is restarted. A bug that caused a crash during video streaming has been addressed in iPhone OS 3.1.2.
Apple said iPhone OS 3.1.2 is compatible with the iPhone, iPhone 3G, and iPhone 3GS. The update is available by plugging your iPhone into your computer and clicking on the update button in iTunes.
Once finished, your iPhone will restart and immediately alert you to a Carrier Settings update. This is a very small update that will be completed without needing to restart again.
According to notes accompanying the update, Apple fixed three bugs, which may not seem like a lot, but they are important. Among the changes is a fix for what Apple says is a "sporadic issue," where the iPhone would not wake up from sleep mode.
The update also resolves an issue that could interrupt the cell network until the phone is restarted. A bug that caused a crash during video streaming has been addressed in iPhone OS 3.1.2.
Apple said iPhone OS 3.1.2 is compatible with the iPhone, iPhone 3G, and iPhone 3GS. The update is available by plugging your iPhone into your computer and clicking on the update button in iTunes.
Once finished, your iPhone will restart and immediately alert you to a Carrier Settings update. This is a very small update that will be completed without needing to restart again.
Announcing Google Chrome OS
Google has moved from being just a search engine to being a software giant. With the release of Android and Chrome, Google has proven that they are not just a web giant. With Chrome being downloaded over 30 million times, Google has decided that they are going to work and build on it’s success with Chrome.
Today Google has announced that they will be working on a new Operating System called Google Chrome OS. Google Chrome OS is going to be a open source, lightweight operating system that will initially be targeted at netbooks. Later this year they will open-source its code, and netbooks running Google Chrome OS will be available for consumers in the second half of 2010.
Today Google has announced that they will be working on a new Operating System called Google Chrome OS. Google Chrome OS is going to be a open source, lightweight operating system that will initially be targeted at netbooks. Later this year they will open-source its code, and netbooks running Google Chrome OS will be available for consumers in the second half of 2010.
The OS will run on both x86 and as well as ARM chips. Chrome OS has speed, simplicity and security is the key points for the Operating System. They are designing the OS to be fast and lightweight, to start up and get you onto the web in a few seconds. The user interface is minimal to stay out of your way, and most of the user experience takes place on the web.
Google Chrome OS is being created for people who spend most of their time on the web, and is being designed to power computers ranging from small netbooks to full-size desktop systems.
This all leads to the question though, like the Android, will it have a marketplace for the user’s to work with and how is it going to be better than Fedora or Ubuntu for a Linux distro? Looks like we will find out this fall together.
This all leads to the question though, like the Android, will it have a marketplace for the user’s to work with and how is it going to be better than Fedora or Ubuntu for a Linux distro? Looks like we will find out this fall together.
Download the Windows 7 RC EARLY!
Looks like the RC for Windows 7 has been let lose early! Microsoft has released the RC today on their own servers, no torrent! Download it before everyone (if you haven’t got the leaked version yet) and brag to others.
Download it here: Windows 7 RC at Microsoft.com.
File Name: 7100.0.090421-1700_x86fre_client_en-us_Retail_Ultimate-GRC1CULFRER_EN_DVD.isoSize: 2.35GBMD5 Hash: 8867C13330F56A93944BCD46DCD73590
Welcome to Windows 7 Release Candidate (RC) testing. We’re on our way to Windows 7, and if you like trying out pre-release software, now’s your chance. You get to see what’s coming, and we get to see if our changes and fixes from the Beta testing are working correctly.
How do you test the software? You put it on your PC, and then do what you’d normally do. Your PC will automatically and anonymously send our engineers the information they need to verify the fixes and changes they made based on the Windows 7 Beta tests.
How do you test the software? You put it on your PC, and then do what you’d normally do. Your PC will automatically and anonymously send our engineers the information they need to verify the fixes and changes they made based on the Windows 7 Beta tests.
Intel’s New Core i5 and i7’s Offically Released.
Today on a computer hardware website named NewEgg.com released the new Intel Core i5 750 ($209.99) and the Intel Core i7 860 ($299.99)and 870 (at a whopping $579.99). This marks the official release of the new Intel Core i5 processors that use the 1156 socket type.
Intel’s plan is the Core 2 Duo/Quad series will disappear before Q1 next year, being replaced by Nehalem-based Core i7/i5/i3. In addition, some Pentium processors will also employ Nehalem architecture.
The Core i7 will target the high-end market, the Core i5 is designed for mid-range segment, and the Core i3 is aimed for entry-level market. Pentium is used for ordinary applications, Celeron for entry-level solutions, and Atom for netbooks and handheld devices.
Intel also have Lynnfield and Clarkdale products to offer. Lynnfield consists of Core i7-800 and Core i5-700. To be more exact, it includes Core i7-870, Core i7-860 and Core i5-750 models. Clarkdale is the Core i5-600 and Core i3-500 series, which has not released yet.
Intel also have Lynnfield and Clarkdale products to offer. Lynnfield consists of Core i7-800 and Core i5-700. To be more exact, it includes Core i7-870, Core i7-860 and Core i5-750 models. Clarkdale is the Core i5-600 and Core i3-500 series, which has not released yet.
With the new releases, we should expect to see PC’s equipped with these processors soon and the Core 2 brand being phased out with cheaper prices.
Subscribe to:
Posts (Atom)
