Posts by happygeek

1. There is no reason to assume that Apple is trying to manipulate the media by making it harder for customers to get the iPhone 5 on the day of release by vastly reducing the numbers available for immediate pre-order. To do so would be pretty poor marketing and get filed in the shooting own foot cabinet surely.

2. The new iPhone sucks? Really? I've addressed the evolution/revolution debate here, but just being a 'hater' and saying the iPhone sucks adds nothing to the intelligent discussion, now does it.

3. As for being a 'mad fanboy' that's quite a stretch when I have stated that I have no intention to upgrade from my 4S to the 5, and that both the Galaxy SIII and Lumia 920 would be up there on my upgrade radar were it not for my investment in iPhone apps. That's more a case of practical realist than obsessive fanboy.

4. The BS comment, have to say I am finding myself hard-pressed to come up with a response worthy of standing in the same company as such a thoughtful and finely crafted piece of intellectual repartee.

Given the amount of negative press that has been generated since the announcement of the iPhone 5, calling it everything from boring to disappointing and even naming it the Apple Meh!phone, you might be forgiven for thinking nobody would want to buy it. You would be wrong. Very wrong indeed, in fact, if the pre-ordering process is anything to go by. It took the iPhone 4 and 4S around 20 hours to sell out after pre-orders went live on the Apple website. Yet the iPhone 5 'sold out' of launch day stock within the hour.

Both Apple.com and a number of wireless carrier sites reported problems due to the sheer amount of traffic after pre-orders went live, something that I don't recall happening when the iPhone 4S was made available. So has much of the media got it wrong, and Apple got it right again? Is this pre-order activity a taster of what's to come, and will the iPhone 5 actually outsell the 4 and 4S?

I'm an 'i' user myself, with both and iPad 2 and iPhone 4S in daily use, and can understand some of the negative press that the iPhone 5 received. File it under 'shame that Apple isn't innovating more' I guess. Not that I am knocking Apple for the iPhone 5 which, to be fair, does have some interesting new features such as the bigger screen, the thinner aluminium and crystal glass look, the 4G support, the new maps etc. …

I took the warning route when you were using your previous account and were being abusive to other members - you then promptly closed that account and started another one. You have had plenty of time to familiarise yourself with the rules here, and indeed promised me that you would not break any rules when you replied to my previous PMs. Posting the same question multiple times is doing just that, and you received a two point infraction as a result. It takes ten points to kick off a ban, and those two points will disappear soon enough. Do nothing else to break the rules between now and October 12th and your account will go back to being infraction point free. Think of the two point infraction as being, in effect, a warning not to digress again...

What is the meaning of 'hello there' - seriously, are you asking for clarification of hello there? :)

As for why did I welcome you back, becuase you have returned from your previous identity here on DaniWeb...

Let's not forget that Steve Jobs, in that Triumph of the Nerds video from 1996, referenced the Picasso quote "Good artists copy, great artists steal. And we have always been shameless about stealing great ideas" - after all, when Apple 'borrowed from and expanded' the GUI which Xerox had developed that was OK wasn't it? Which is what really stinks about the current patent infringement actions, the damn hypocrisy of it all...

A jury in the US has, after just three days deliberating, ruled that Samsung must pay Apple more than $1 billion in damages. The lawsuit had focussed on alleged patent infringements by Samsung in terms of both software and design relating to Apple's iPhone and iPad devices. Although not all of the claims made by Apple were upheld by the jury, it did agree that several Samsung devices had violated the intellectual property rights of Apple. At the same time, claims by Samsung that Apple had breached several of its patents were dismissed by the jury.

Samsung is expected to file post-verdict motions to overturn the decision as soon as possible, vowing to take the matter to the Court of Appeals if necessary in an attempt to prevent Apple from seeking a ban on the import of several Samsung smartphone and tablet devices into the US market. Given that the two companies currently have more than half of the worldwide sales of smartphones and tablets wrapped up between them, the money at stake is huge. Perhaps unsurprisingly, as a result of the verdict Apple shares spiked, with the market value of the company seeing a two percent increase.

Equally unsurprising, and many industry observers who have become increasingly frustrated with the outcome of patent disputes in the technology space during recent years would agree, Samsung saw the verdict as less of a win for Apple and more a defeat for the consumer. A Samsung spokesperson …

"If government is the answer, then it was a stupid question"
- some t-shirt :)

Over the weekend I wrote a news story for DaniWeb which revealed how the iPhone was vulnerable to SMS text message spoofing. This went under the title "Why Apple was right about iMessage 'fix' for iPhone SMS spoofing" because, simply put, SMS text messaging is exposed to this kind of User Data Header manipulation (and not just on the iPhone) whereas Apple's own iMessage isn't. However, as you may have guessed from the title of this follow-up news story that you are reading right now, I may have been a little premature in backing Apple as it seems iMessage is not without it's own privacy issues.

Apple has a point when addressing the specific issue of UDH manipulation, or text message spoofing if you prefer, when it comes to SMS. There are, though, a couple of however's that need attaching by way of qualification here:

However number one is the fact that Apple could, if it so desired, implement SMS on the iPhone in such a way that the UDH manipulation itself would be very apparent to the recipient of the text message. Indeed, plenty of other mobile phones seem quite capable of doing so.

It's however number two, though, which is where the focus of this follow-up rests: Apple managed to quite nicely skip over something of a controversy that has been brewing around the use of iMessage on the iPhone for many months now in the shape of private conversations being …

Has to be Hackers, for a rather strange reason: I could have been in it, but wasn't for the geekiest of reasons.

I used to belong to a casting/extras agency when I was a very punky looking wheelchair user, and ended up in various movies as a result (my favourite being the Stallone Judge Dredd flop). So, I get this call asking if I could be at a certain location in London to shoot a part in this movie called Hackers. I turned it down because, get this, I was going to a game developer conference that day and didn't want to miss it.

So, the hacker guy in the wheelchair in the cafe towards the start of the movie... that could have been me. But wasn't.

New members can only send replies to PMs, rather than create new ones, until they have made 10 contributions to the forums. This was implemented to stop the flurry of scammers/spammers who were using our PM system. As you now have the requisite 10 posts you should be able to send PMs. Sorry for the inconvenience, but we had to do something to prevent the scammers from being able to abuse DaniWeb in this way.

According to the Australian Federal Police, it would appear that at least half a million credit cards 'down under' have been compromised and funds in excess of AUS $25 million (US $26 million) stolen. Although precise details are still coming in, it would seem likely that nothing more complicated than a bit of simple scanning for point of sale terminals which looked vulnerable was used to locate potential victims in the small retailer market rather than run the greater risk of detection by targeting banks or bigger business. Lessons learned from the Subway caper in the US last year no doubt. Then, credit card processing systems at Subway chains were compromised, and eventually four Romanians were arrested and charged with obtaining millions of Dollars through fraudulent means that involved around 80,000 cards.

With so many small businesses struggling to keep afloat in hard times, it is little wonder that old and frankly quite dated ecommerce carts are still being used instead of being upgraded to less vulnerable alternatives. Couple this with the fact that smaller retail units in the kind of remote, rural areas where victims of this attack in Australia were located, are less likely to either have the necessary knowledge of IT security or the budgets to buy it in that the banks and larger concerns do, and it should come as absolutely no surprise that these targets are being uncovered so easily by the bad guys. When you thrown into the insecurity mix the use …

Seriously? You've been a member for SEVEN years and in that time posted just the one thread which, to be fair, could be seen as advertising. As it was the Geeks' Lounge I left it here, but was curious when you bumped the thread as to whether you might be the author, hence my question. It seems an odd reason to resign after being here so long.

Go to the Microsoft Windows 8 Release Preview site and follow the download instructions.

China may be odds-on to top the medal table at the London 2012 Olympic Games, with less than a week to go, but according to a new report South Korea has the Chinese well and truly beaten as far as malware infected PCs are concerned. And unlike at the Olympic Games where the USA and Great Britain are ahead of Korea in the medal tables currently, both America and Britain are nowhere to be seen in the top ten most malware infected countries, and the UK actually makes it into the 'least infected' listings.

The latest Panda Security antimalware labs quarterly report reveals that, for the first time ever, South Korea is top of the medal table when it comes to the numbers of malware infections per country. The report, covering the period between April and June 2012, shows that while the average number of infected PCs globally speaking is down by nearly 4% at 31.63%, the number in South Korea is a staggering 57.3% which is up by nearly 3% on the previous quarter. It is also head of China on 51.94%, with Taiwan and Bolivian some way behind these two in third and fourth places respectively. The least infected country is Switzerland with an average of 'just' (and I use that word with my teeth gritted as it is still way too high) 18.4% followed by Sweden on 19.07% - sadly no other countries could manage to drop below the 20% …

Don't encourage him. He's not new here. This isn't his first post. He is however a spammer who has stopped breaking the rules and started bending them, creating multiple accounts (from the same IP) which post one or two times - always with an advert link in his sig.

New huh? Then how do you explain the numerous other postings by you, from the exact same IP address, stating 'I'm new here, this is my first post' and then posting one or two messages somewhere with an advertising link in the signature.

I'm starting to get really bored with you now...

And now Microsoft has reverted to type with Windows 8 which is to Windows 7 what Vista was to XP: a pile of stinking crap. Seriously, what was Microsoft thinking? Roll on Windows 9 which will probably be another useful leap forward...

The UK-based Surrey Police Force has long since embraced Internet culture as being a way to help fight crime. It has an online crime reporting tool, active accounts on Facebook and Twitter, as well as a video channel on YouTube. But now it has moved into smartphone territory in order to entice members of the public into identifying suspected criminals by looking at CCTV mugshots using an app called Facewatch.

Available for free on the iPhone, Android and BlackBerry platforms as well as on the web, Facewatch lets the would be home-detective input their postcode and a distance radius of between half a mile and five miles before then displaying all the CCTV images 'connected to crimes' within that area. If the user recognises anyone in the images, they can quickly and anonymously send the name and address information to the police from within the app.

Surrey Police is quick to point out that the app is designed to "help identify people caught on camera" who "may be responsible for a crime" but may equally well just be able "to help with an active investigation". The company behind the app, Facewatch Ltd, is equally quick to try and remove itself from any potential legal liability should an entirely innocent member of the public feature on Facewatch and, by association, be wrongly thought of as being a criminal. The following disclaimer appears when the app starts:

"The police are seeking to identify …

That said, any 64-bit version of Windows is much less of a target (it would seem) for the bad guys anyway. Certainly that appears to be the case as far as Windows 7 is concerned.

The Kensington Folio Trio Mobile Workstation for new iPad and iPad 2 is rather a large title for what is actually just a case. Mind you, it's also rather a large case. This thing is absolutely huge. No, seriously, it's actually bigger in all dimensions than my laptop. This thing is 14" by 11", and 1.5" thick with an iPad in. Throw in a pen, some paper and a few documents along with that iPad and I found myself with something weighing more than 5lbs to lug around. Compare that with the perfect 10/10 Kensington KeyFolio Pro case which I reviewed for DaniWeb a month ago weighing just 2.1lbs with an iPad and a keyboard inside. The Folio Trio weighs more than that when it is empty! It's also faux-leather, which I approve of being vegan myself, but unfortunately faux-leather which feels (and smells for that matter) rather cheap.

The Folio Trio is, then, certainly no thing of beauty. However, the fact that it is marketed as a mobile workstation for your iPad 2 or 3 does rather suggest that it is the function rather than form that is important. Which begs the question, what's it like from the functionality perspective. I know, it's a bit weird talking about functionality when the object is just a case, but perhaps that's the point: is this more than just a case to carry your iPad around in? The answer is a bit yes and no …

member babyl is now banned after sending numerous scam PMs

No you are not new here and this is not your first post here. What you meant to say is "I am that spammer who keeps creating new accounts, posting something saying I am new here and this is my first post' quickly followed by some cut and pasted wordage from other sites that 'shares some of your views' (actually not your views, of course, as you've copied them from somewhere else) about everything from air conditioning to online business - the what rather depends on whatever it is you are trying to advertise in the signature attached.

PLEASE STOP IT, THIS IS GETTING OLD VERY QUICKLY. YOUR SPAM POSTS ARE BEING DELETED AND THE ACCOUNTS BANNED, SO WHAT IS THE POINT?

With the London 2012 Olympics due to open in just a few days time, the expected push by the bad guys has started. No, I don't mean the banning of wearing Pepsi T-Shirts in the Olympic Stadium as it might upset official sponsors Coke, or the fact that nobody is allowed to sell chips other than McDonalds or even the undemocratic powers given to law enforcement in the UK to prevent people using certain combinations of 'Olympic-related' words in their advertising. No, as if all that were not bad enough, the bad guys in question are the cyber-criminals looking to exploit the intense interest in the London 2012 event in order to distribute malware and steal data.

It's all too easy to let your guard down and slip up with regards to which links are being clicked when faced with a torrent of information to choose from surrounding an event such as the Olympic Games. The use of London 2012 themed content to distribute data stealing malware is ramping up now, and is perhaps best exampled by those using social media as the distribution channel. Take the as yet un-named, and un-detected by the vast majority of antivirus solutions, Pushbot variant which has been highlighted by a Polish CERT advisory (translated into English here) and uses Facebook, MSN and Skype as the attack vector. Obviously the folk behind this malware are serious about the money making potential it has, with code obfuscation to …

Go virtual, where there are plnety of geeks to hang out with. Hint: you are in the right place right now at Daniweb.

PS. I really don't think that having girlfriends or not has any bearing on geek status. If you have had five girlfriends this year then I would day you need to develop your emotional side a bit more, so that you can enjoy just having one girlfriend that hangs around...

The situation has been explained fully in my piece. Yes it is a true article. Yes six million passwords were leaked. If yours is not amongst them, congratulations. However, just becuase 'nothing has changed' does not mean your password was not compromised and I would still recommend that you change it as a matter of course.

It's not often that Microsoft recommends that Windows users should disable a much hyped part of the OS, but that's exactly what has happened regarding the Windows Sidebar and Windows Gadgets found in Windows Vista and Windows 7. Microsoft Security Advisory 2719662 clearly states "Disabling the Windows Sidebar and Gadgets can help protect customers from vulnerabilities that involve the execution of arbitrary code by the Windows Sidebar when running insecure Gadgets" and Microsoft even provides a handy Fix-It tool to do the job for you. So what's all the fuss about, all of a sudden?

Well the simple answer is either 'Black Hat 2012' or "Gadgets have always been insecure but now someone has actually noticed the fact". The someone in question being Israeli security researcher Mickey Shkatov and infosec professional Toby Kohlenberg who are planning to reveal just how insecure the whole Windows Gadget Platform actually is on July 26th at Black Hat USA in a briefing aptly entitled 'We have you by the Gadgets'.

The briefing promises to reveal "a number of number of interesting attack vectors that are interesting to explore and take advantage of" as part of their "research into creating malicious gadgets, misappropriating legitimate gadgets" and "the sorts of flaws we have found in published gadgets". Microsoft notes that gadgets installed from untrusted sources can "harm your computer and can access your computer's files" and perhaps importantly change their behavior at any time so …

A week may be a long time in politics, but 18 months is an absolute aeon as far as computing is concerned. Back in October 2010 here at DaniWeb I was posing the question of whether the newest Amazon Kindle could be an iPad killer and came to the almost inevitable conclusion that as far as reading books was concerned, then yes it was. Soon that boot could be on the other foot with ongoing rumours that an iPad Mini will be on sale in time for the seasonal rush at year end, backed up by what are claimed to be 'engineering prototype sample' photos published this week. Can the iPad Mini actually be a Kindle Fire killer?

The iPad Mini would, if the rumour machine and those leaked prototype photos prove to be genuine, measure around 213mm x 143mm, compared with 185mm x 241mm for the iPad 3. With a 7.85" display and an expected price tag in the $200 to $300 ballpark, the iPad Mini would not only be competing with Google Nexus 7 but perhaps more pertinently as far as this article is concerned, also with the Amazon Kindle Fire. At this price point don't expect too many bells and whistles, so no high definition retina display for starters and both the camera count and storage capacities are likely to suffer as well when compared with the iPads we have today.

Why would Apple even consider such a …

Of course, before anyone even considers using a 'buy followers' site, no matter how the site in question tarts it up that's essentially the service most are offering, you should first consider that doing so is in breach of the Twitter terms and conditions and you face having your account suspended as a result. Hardly the best marketing strategy on the planet then...

If I am bored I work. When I am bored of work I read. When I am bored of reading I listen to music. If I am bored of listening to music I am usually asleep...

Acronis responds to DaniWeb questions regarding a leak of customer data which, as we exclusively reported over the weekend, resulted in some information being indexed by search engines and accessible to anyone on the Internet.

Although the leak itself was identified by Acronis on Friday 29th June, the email informing those customers whose data was included in the spreadsheet that ended up exposed only went out late in the day on Friday 6th July. DaniWeb itself was only made aware of the problem, by one of those customers, on Saturday morning. As a result, contacting someone at Acronis for an official comment regarding the incident proved a little tricky. However, Acronis did swing into action and the relevant people were tracked down in order to provide that comment which arrived very late in the day (well, night here in the UK) on Sunday.

Here's what Ed Benack, Chief Customer Officer at Acronis Customer Central told DaniWeb about what actually happened:

"We have a strict content management policy that applies different access rights to our Knowledge Base, depending on content – for example, some may be Partner only, some may be Customer only. For reasons we are still investigating, the access control list reset to the default setting, making all content visible, temporarily. The vast majority of this content in the Knowledge Base is not sensitive or confidential, however it did contain an older spreadsheet listing just the email addresses of customers who …

Recently we have all become somewhat over-exposed to the leaking of customer data courtesy of inadequate security allowing hackers to gain access to databases. The LinkedIn LeakedOut leak and eHarmony dating data disaster are good examples of the genre. However, let's not forget that sometimes no hackers are required to make a security and privacy slip up. Sometimes the in-house folk are all that is required to kick-start an embarrassing data leak. And that's what appears to have just happened to an undisclosed number of Acronis customers who have been sent emails informing them that "a spreadsheet containing a few email addresses and upgrade serial numbers" had been indexed by search engines.

One customer who received the email from Acronis, a company which provides data backup software and services, was Mike Hall who called the fact that it still included a default signature stating that "Acronis does not supply customer information to any third party" to be something of an epic fail in the circumstances.

The email, which went out yesterday afternoon, and is signed by Ed Benack, Chief Customer Officer, Acronis Customer Central, blames an unspecified 'technical issue' for allowing a spreadsheet containing emails and upgrade serial numbers to be "indexed by the search engine" and assuring them that no additional data was leaked which could identify individual Acronis customer accounts or put them at risk of breach. Indeed, the email insists that the spreadsheet concerned was only searched for …

As a three times winner of the IT Security Journalist of the Year award in the UK, I am used to writing about all kinds of scams. Whilst most of them try and weasel their way into the bank accounts of the victim through purely online means, increasingly the bad guys are turning to 'old school' conman trickery via the telephone. The most common of these in recent years has probably been the rogue antivirus Microsoft support call (using remote access to your PC to install malware and then charge you to supposedly remove it) followed more recently by the credit card bank fraud team call. But now there's a new twist: the dial 999 scam.

My mother is eighty years old and not in the best of health, having been diagnosed with heart failure. She is, however, as sharp as a tack mentally. What's more, being my mum, she has perhaps a better understanding of IT scams than most people of her age. Which is why I was somewhat surprised to get a phone call from her yesterday evening recounting how she had almost fallen victim to a scammer. The keyword being 'almost' as no information was revealed to the scammer that would enable her bank account to be pillaged. Thankfully, some of the advice I have given her over the years stuck. That said, this particular scam implements some new tricks that are new to both me and the police officers who visited …

The Google Glass wearable computing 'enhanced reality' project got off the ground this week at the Google I/O Developers Conference in San Francisco earlier this week. Around 6,000 developers were present to see a demonstration of the futuristic technology which integrates a small video-display suspended from the arm of the headset which is worn like a pair of spectacles. Complete with Internet connectivity, a battery in the arm and the ability to change the perspective of the video stream as you move your head, the Google Glass prototype is no heavier than a standard pair of sunglasses and just as comfortable to wear.

The good news is that Google Glass is no pie in the sky vapourware project. The proof of that came when the pre-order books for the Google Glass Explorer Edition were opened at the conference to enable developers to start creating applications for the device as soon as possible.

The bad news is that those developers who do pre-order, and at the time of writing it is thought that in excess of a thousand have done just that, will have to wait until next year to get their hands on the prototype device. What's more, it will cost them $1500.

The worse news is that if you are a developer who wants to get a heads-up on the heads-up wearable computing revolution that Google Glass could just kick-start, then you are most probably out of luck. Unless, that is, you were …

Personally, I like it. Very helpful when editing news and review articles to be able to see the layout etc before I hit the publish button.

So a yay from me, but with the nay proviso that maybe making it toggle on and offable wouldn't be a bad compromise idea for those who hate it?

You know you are old when a student wants to interview you as part of a piece about 'Internet history' and you realise it's becuase you were there at the time.

Erm, but if you forgot your password how did you log in and post this question?

Reports are coming in thick and fast about 'state-sponsored' zero-day exploits hitting business websites in the UK. The latest, disclosed yesterday by SophosLabs, involves an as yet unnamed European aeronautical parts supplier and follows on from another the day before involving a European medical company site. In both cases the same unpatched vulnerability in Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 that can allow remote code execution, as detailed in Microsoft Security Advisory 2719615 appears to have been successfully exploited.

The vulnerability impacts users of all currently supported versions of Windows including Windows 7, as well as Microsoft Office 2003 and 2007 and is serious enough that a successful exploit as seen in both the attacks discovered this week can launch a drive-by compromise which simply requires a user to visit the infected website to become a victim. Assuming, that is, they do not have anti-malware protection installed that spots the thing or have disabled JaveScript which it uses. Both the sites identified by SophosLabs had four files dropped into them by the attackers: deploy.html containing the vulnerability itself and loading the JavaScript library deployJava.js which interrogates your browser, movie.swf is then run if possible in order to compromise your computer and for good measure an iframe is loaded into faq.htm as well. The end result is that the attacker can potentially gain the same user rights as whoever is using the target computer at the time.

As well …

One of the Internet's biggest online dating sites, eHarmony, has confirmed that security has been breached and member passwords compromised. eHarmony spokesperson Becky Teraoka says that "a small fraction of our user base has been affected" although I am led to understand that the 'small fraction' in question is actually around 1.5 million. The password hashes were published on a Russian hacking forum, with members asking for help in cracking them and converting the hashes into usable passwords.

Sound familiar? Well that's because this has the hand of the LinkedIn password hacker all over it. As DaniWeb reported yesterday, LinkedIn has also confirmed that security was breached and a file containing some 6.5 million password hashes has been published on a Russian hacking forum. That number has now been scaled down slightly to 5.8 million to allow for duplicates that were found, but it's still one heck of big breach with serious consequences for those users whose accounts may be compromised as a result.

Like LinkedIn, eHarmony has acted to mitigate the fallout and Teraoka confirms that "we have reset affected members passwords" and emails are going out to those members with instructions on how to reset them to something different again. Teraoka also insists that "eHarmony uses robust security measures, including password hashing and data encryption, to protect our members’ personal information. We also protect our networks with state-of-the-art firewalls, load balancers, SSL and other sophisticated security approaches." Which all …

Today is World IPv6 Launch Day.Today is the day that the global Internet gets redefined. Today is the day that people everywhere are saying "so what?" I imagine. However, not everyone is having a 'meh!' moment at the thought of IPv6 being officially launched. Take Jay Parikh, Vice President of Infrastructure at Facebook, who insists that "supporting IPv6 has become crucial to the future scalability of the Internet" and goes on to say that it's "awesome to see so many people and companies working together across the world to make progress on this transition".

But is IPv6, as the Internet Society insists, now the "new normal" for the Internet? Certainly as websites, ISPs and router manufacturers start supporting IPv6 by default, a process which one assumes is meant to happen from this day forth, that statement could make sense. For many people though, IPv6 adoption is as far off as ever. If you want to see whether your ISP is supporting IPv6, determine if you can access IPv6 only websites, simply navigate to the Test Your IPv6 Connectivity site.

The chances are pretty high that, for now, your test results will not be 'awesome' in regards to IPv6 connectivity but then neither is it 'critical' that they should be right now. It may be World IPv6 Launch Day but that doesn't mean that the Internet will somehow stop working from now on if you remain an IPv4 user for the foreseeable …

Microsoft Security Advisory notices do not, as a rule, make the media sit up and take much notice. Not least as they have become relatively commonplace over the years, but every now and then one comes along which may grab some press attention. Take MSA 2718704 for example.

At first the advisory with the expanded title of "Unauthorized Digital Certificates Could Allow Spoofing" issued on June 3rd doesn't hold out much hope in the immediately interesting stakes. However, when you realise that components of the Flame worm (as reported here on DaniWeb) were signed with a certificate that ultimately 'chained up' to the Microsoft Root Authority via the Microsoft Enforced Licensing Intermediate PCA Certificate Authority, and exposed a potentially serious problem with such code-signing certificates that could enable malware code to be validated as a Microsoft product, the interest starts to become clear.

Following the exposure of the Flame worm, Microsoft started investigating and discovered that a particular old crypto algorithm could be exploited in such a away as to enable certificates issued by the Microsoft Terminal Services licensing certification authority (for Remote Desktop services authorization in the enterprise) to be used to sign code as Microsoft itself without accessing the Microsoft internal PKI infrastructure which exists to prevent such abuse, rather than the intended use which is limited license server verification.

Of course, it's not just Flame that's the problem here; such unauthorised certificates could spoof content used for phishing …

In your original post you didn't mention that you had met the landlord face to face (just 'spoken with') nor seen the property with him, nor seen a draft contract. All those things change the perspective somewhat. You really should confirm what happens to the deposit if you don't go ahead though, at the very least being happy that it is non-refundable if that is the case.

Darn it, that's me out then :)

As an aside, I used to be involved with an early online community in the UK some twenty years ago which generated usernames based upon the actual name of the member registering an account. Somehow I managed to screw up the original registration, not surprising given these were the days of 300 baud modems and acoustic couplers, and when I tried again the original 'dwinder' (my name is Davey Winder) was flagged as unavailable as it had gone into the member database despite that account not being activated successfully. Long story short (too late, I hear you cry) it soimply appended an a to the name and I became 'dwindera' which I kind of liked as it rolled off the tongue somewhat. That username stuck for many years, followed, me around wherever I went, and even ended up on the front page of a national Sunday newspaper when I was interviewed under the headline of 'Meet dwindera and the virtual celebrities of cyberspace'. I migrated from dwindera to Wavey Davey (although I kept the dwindera account until jist a few years back) and eventually ended up as Happygeek.

The FBI took claims by new hacking group The WikiBoat that it was going to bring down the likes of Apple and Tesco last Friday at 4pm so seriously that it sent email warnings to those targeted. It's now Sunday morning, and the threatened DDoS attacks do not appear to have happened. So has The WikiBoat been sunk and is #OpNewSon a failure?

The answers would appear to be that it was never actually launched, but that doesn't mean that #OpNewSon is a failure or that this is the last we will hear from The WikiBoat in my opinion.

Let's look at the declaration from The WikiBoat which started the whole thing off:

"We, #TheWikiBoat would like to introduce this press release on our very first operation: Operation NewSon (OpNewSon). As previously stated, we have no motives other then doing it all for the lulz. However this operation will be slightly different and will somewhat change our already stated objective on doing it for the lulz. On the day of the operation, we plan to hit and attack several high corporate entities. Shortly after the start of the operation, we plan to release precious classified data on the already set out list of targets we do have. Those targets are none other then the ones who ultimately rule: the high revenue making companies of the world. While attacking the major companies of this planet may seem lulzy, we also wish that this operation make …

When 'Thefacebook' first launched in February 2004, access was initially restricted only to students of Harvard University where Mark Zuckerberg was a student. Facebook went on to become something of a success, with the social network controversially being valued at more than $100 billion.

Microsoft must have been watching from the sidelines, wondering when and if it could join the social networking revolution; conscious of how it was relatively late to embrace both the Internet and search bandwagons but still able to make more than a little impact when it did. Google limped into the social networking space with Google+, which has still really to make the kind of splash that those in Mountain View would have hoped for. So why would Microsoft think it could do any different, any better?

Truth be told, Microsoft has already been following the Facebook route by going down the well-trodden path of targeting students and restricting the invite only access to those based at universities and schools in the US. Sounds familiar huh? Now it has taken the leap from restricted to global, by launching the Microsoft So.cl social search network to the general public no matter where they happen to live or work. You can, apparently, "share your search and express your ideas" says Microsoft "through beautiful collages of content" which seems to mean that it's aimed at sharing search results, commenting upon them and as a result building a network of like-minded …

Makes a change from when it was all the C/C++ people :)

It's never easy calculating the true cost of inadequate security to business, not least as there are so many variables and such reticence when it comes to full disclosure for fear of brand damage. However, the latest Information Security Breaches Survey (ISBS) from PwC/Infosecurity Europe has had a good bash at it, at least as far as the UK is concerned, and the answer is breathtakingly big: billions of pounds. And that was just last year!

According to the survey which investigated a total of 447 UK-based businesses, the number of large enterprises being hacked into is at an all-time high right now with one in seven experiencing a breach of some kind during the last year. While the smaller business can expect a 'significant outsider attack' at the rate of one per month, that increases to one per week for the larger organisation.

That one in seven detecting hack attacks figure represents the highest level recorded since the PwC/Infosecurity Europe survey started back in the early 1990s which signals either a lack of security awareness from the defence perspective or a jump in attack methodology from the hacking side of the fence, and possibly a bit of both. Certainly the hackers are getting more active, as another record figure reveals: 70% of large companies have detected 'significant attempts' to break into their networks. The fact that these are attempts which have been spotted, and one assumes stopped, does at least show that …

I have always thought of Google as being a search engine for everyone, that's part of the appeal. So when the development team behind a web portal for 'mature users' contacted me about the launch of a new search engine specifically designed for the older user I was a little confused.

Maybe it's my age, after all I am fast approaching the '50 plus' demographic that the Mabels development folk are targeting with AskMabel or maybe it's just that I have seen it all before. Ever since Google burst onto the search scene, redefining and dominating it, start-ups have been trying to get a slice of the search action and convince us that niche searching is where it is at. AskMabel appears to be doing just that, what with it promising a "unique take on targeted search results" and being "designed with the 50+ surfer in mind" and all. What it offers, I am assured, is something that is "tailored to the search preferences of a mature audience" although I am struggling to think what they may be, or more to the point how they might differ from what Google does.

After all, if my 80 year old mother wants to find a web site detailing the antiques fairs in her location then Google will happily look for those for her, and return them in a format she can happily understand. As long as the hits returned are relevant, what more could my …

And here is the response from an eBay spokesperson:

"Here is the answer for you. It seems Chrome is supported as you’d expect." and pointing me to the eBay support FAQ

Not sure what question that was answering, but it certainly wasn't the one I had asked ("Could someone get back to me with a comment/clarification regarding the attached chat conversation which suggests that eBay is saying it does not support using three out of the four major web browsers and suggests users download Firefox?"). So I tried again with "Erm, well, I'd got that far. I was rather hoping that one one at eBay might want to clarify/comment as to why their support staff are telling users something very, very different..." to which the response was:

"I can only assume it was a mistake. Sorry for any inconvenience."

Well that's OK then... Not.