Chachazz

Members
  • Content Count

    1522
  • Joined

  • Last visited

Posts posted by Chachazz


  1. Security Bulletin

    MPSB05-04 — Potential Security Risk with Macromedia eLicensing Client Activation Code

    Originally posted: June 9, 2005

    Summary

    Windows versions of the Macromedia installers and eLicensing client install a service with permissions that allow any member of the "Users" group to modify the service settings. This may allow local users to obtain the permissions of the "Local System" account.

    This potential vulnerability does not affect products installed on machines with a single user and it cannot be exploited remotely.

    Solution

    A hotfix can be downloaded from the Macromedia website to protect users of affected versions of Macromedia products, listed below.

    All future versions of Macromedia products will be unaffected by this issue.

    Affected Software Versions

    All versions of Macromedia MX 2004 products (Studio, Studio with Flash Professional, Flash Professional, Flash, FreeHand, Dreamweaver, Fireworks, and Director) as well as Captivate, Contribute 2, and Contribute 3 are affected.

    Severity Rating

    Macromedia categorizes this issue as an important update and recommends that administrators of systems supporting multiple users apply the hotfix linked below.

    More Info & Security Patch Download>>


  2. Shortcut to msconfig

    "How do I put a shortcut to the System Configuration Utility (msconfig) on my Start menu so I don't have to type "msconfig" in the Run box?"

    Right-click the desktop and select New, Shortcut to start the Create Shortcut wizard. In the 'Command line' field, enter msconfig (in Windows 98 and Me),

    or

    c:\windows\pchealth\helpctr\binaries\msconfig (in XP). Finish stepping through the wizard, making your own choices. Once you have the shortcut on your desktop, simply drag it to your Start menu.

    (Note that Windows 2000 lacks the System Configuration Utility.)

    Voila!

    handy, very handy! ;)


  3. The Antispyware Workshop, hosted by CNET Download.com, will provide an opportunity for the industry's key players to come together for a day of active and open dialogue about the current and future state of antispyware. Held at the W Hotel San Francisco on May 3rd, 2005, this full day workshop of relevant and timely sessions will ask and provide clarity to the tough questions: How are spyware and adware being defined and what are acceptable behaviors? Will legislation help regulate the industry? Is spyware okay as long as it's disclosed to the user? Where's the money? What is the future of antispyware?

    Overview: http://www.download.com/antispywareworksho...23-5142509.html

    Speakers:

    Simon Clausen, Panelist

    Wayne Cunningham, Moderator

    Esther Dyson, Moderator

    Alex Eckelberry, Panelist

    Ben Edelman, Panelist

    Dan Farber, Moderator

    Chris Jay Hoofnagle, Panelist

    Eric L. Howes, Panelist

    Declan McCullagh, Panelist

    Jeff McFadden, Panelist(Claria)

    Kelly Mackin, Panelist(eTrust/CA)

    Dave Methvin, Panelist(PC Pitstop)

    David Moll, Panelist(Webroot)

    Lydia B. Parnes, Opening Remarks(FTC)

    Ari Schwartz, Panelist

    Richard Stiennon, Panelist(Webroot)

    Joseph Telafici, Panelist(McAfee)

    Ralph Terkowitz, Panelist

    Daniel Todd, Panelist(180 solutions)

    Christine Varney, Panelist

    (Please note that speakers are subject to change.)

    Bio on the 'speakers': http://www.download.com/antispywareworksho...23-5142782.html

    Agenda

    Defining spyware and adware

        * Learn more about the antispyware topics that matter most

        * Gain insight on the current state of spyware and adware

        * Be part of compelling discussions and debate on timely, relevant topics

        * Help build consensus on behaviors and definitions of spyware and adware

        * Meet face to face with your peers and the industry's key antispyware experts

        * Take part in the future direction of antispyware

    EULAs and you-knows: What is meaningful disclosure?

        * What do end users understand and need to understand about spyware/ adware?

        * Are EULA's enough? It depends...on what?

        * What is it that users need to know? How can we get them to pay attention to disclosures?

        * What choices can and should users make - both about downloads and about uninstalls?

        * Rogue and suspect antispyware products and tactics ("anti-adware", scaremongering, spyware masquerading as anti-spyware).

        * Registries, lists and the like: is it who you are, or what you do?

        * How can the market keep up with new threats?

        * What responsibilities do antispyware vendors have?

        * What responsibilities do advertisers have?

        * What can the government do? What *should* it do?

    The Money Game: How adware works and how it is changing

        * How does adware operate?What incentives caused the rise of spyware?

        * Installation financial models: pay-per-install vs. revenue-sharing.

        * How does it get installed?

        * Why do advertisers use adware? Does it pay in the short-run or long-run?

        * How relevant are the ads?

        * How are the economics changing? Are response rates and shelf-life going up or down? Why?

        * Whither pop-ups?

        * What is the case *for* adware? (Why does it exist?)

        * What impact does "good behavior" have on profitability, short-run and long-run?

        * VC community interest in the industry.

        * Adware meets the publishing industry: what happens next?

    Future of the antispyware industry

        * Trend to enterprise.

        * Large security and industry companies competing with smaller antispyware companies.

        * What does this mean for the companies that only provide antispyware products?

        * Will antispyware be integrated into security suites?

        * Will corporate and consumers pay for antispyware protection?

        * Enterprise-wide antispyware - what are antispyware companies doing to address the enterprise?

        * Spyware companies looking for new ways to go un-detected

        * Where does antispyware end?

    http://www.download.com/antispywareworksho...23-5142509.html


  4. What is SuperKaramba?

    SuperKaramba is, in simple terms, a tool that allows you to easily create interactive eye-candy on your KDE desktop. Currently, only linux is officially supported.

    How does it work?

    Theme writers create themes, or text files that define their widget. Then, they can optionally add python scripting to make their widget interactive. The possibilities are endless!

    Here are just some examples of the things that can be done:

        * Display system information such as CPU Usage, MP3 playing, etc.

        * Create cool custom toolbars that work any way imaginable

        * Create little games or virtual pets that live on your desktop

        * Display information from the internet, such as weather and headlines

    The possibilities really are endless!

    http://netdragon.sourceforge.net/ssuperkaramba.html


  5. Kaspersky Lab begins beta testing of three new versions of Kaspersky Anti-Virus for Linux, FreeBSD and OpenBSD

    Kaspersky Lab, a leading developer of secure content management solutions, announces the launch of beta testing of three new versions of Kaspersky® Anti-Virus, designed to protect email and file servers, as well as workstations, running on the Linux, FreeBSD, and OpenBSD operating systems – Kaspersky Anti-Virus for Linux FreeBSD, and OpenBSD Mail Server, Kaspersky Anti-Virus for Linux FreeBSD, and OpenBSD File Server and Kaspersky Anti-Virus for Linux FreeBSD, and OpenBSD Workstations.

    The programs allow for the effective detection and neutralization of malicious code in all objects on a file server, workstation and mail server, which includes a user friendly process of automatic updates from the antivirus database, as well as a flexible antivirus configuration program.

    Kaspersky Anti-Virus for Linux FreeBSD, and OpenBSD Mail Server, File Server and Workstation contain a range of functions, including the scanning of all incoming and outgoing SMTP traffic, which neutralizes malware in infected messages, while providing configuration options for filtering mail according to predefined rules.

    Kavmonitor, (on-access scanner), a totally new component, supports real-time system scanning, and identifies and quarantines all suspicious objects, thereby minimizing the likelihood of malware infiltration of a network. In the updated version it is possible to choose between three types of antivirus databases – standard, expanded and super secure sets Riskware, (i.e., adware, legal software that has been used by hackers and other potentially hazardous programs) are detected using the latter two options.....

    http://www.kaspersky.com/news?id=162559363

    Kaspersky Beta-->>


  6. GIMP 2.2.6 Released2005-04-10

    The GIMP developers have released version 2.2.6 of the GNU Image Manipulation Program. This is a bug-fix release in the stable 2.2 series. A large number of problems have been fixed; users are encouraged to update. The source code is available from the usual places, binary packages will appear soon.

    In case you wonder about version 2.2.5, it had a bug in the Print plug-in and was immidiately replaced with the 2.2.6 release.

    http://www.gimp.org/

    *****************************

    Here is Gimp User Group

    for tutorials and help.

    http://gug.sunsite.dk/?page=tutorials


  7. Courtesy of [email protected]:

    With three announcements coming at one time, I thought it best to report all three together.  IMO, however, the first on Sygate is a biggie.
    Helsinki, April 11 2005

    Sygate Integrates Ad-Aware SE in its Network Access Control Solution

    Lavasoft's industry leading antispyware solution Ad-Aware SE Professional edition has been integrated to Sygate's flagship Network Access Control (NAC) solution, Sygate Secure Enterprise 4.1 (SSE). Ad-Aware SE has been licensed and branded as Sygate Anti-Spyware Business Edition (BE).

    Through the agreement, Sygate's corporate and government network customers are introduced to a solution that eliminates spyware from networks without an additional administrative overhead. Lavasoft is the first antispyware vendor to partner with Sygate.

    Full Report: http://www.lavasoftusa.com/news/sygate.shtml

    Helsinki, April 11 2005

    Lavasoft Partners With PIVX Solutions

    Helsinki: Lavasoft (www.lavasoft.com) the world leading antispyware vendor announces its comprehensive partnership agreement with PIVX (www.pivx.com), the leader in Active System Hardening for Windows based PCs. The partnership will guarantee both of the companies an even firmer position in the IT security industry.

    Full Report: http://www.lavasoftusa.com/news/pivx.shtml

    Helsinki, April 11 2005

    Ad-Aware SE Plus Edition Enters Retail in the Nordic Region in Cooperation with Verkkokauppa.com

    Helsinki: Lavasoft, the provider of the recognised antispyware solution Ad-Aware, has entered into partnership with Verkkokauppa.com, the largest computer and peripheral reseller in Finland. The Ad-Aware SE Plus edition has recently conquered the USA market and is now expected to gain great success in the Nordic region.

    Full Report: http://www.lavasoftusa.com/news/v.shtml


  8. NeroLINUX is a comprehensive, yet flexible application provided you have some prior knowledge of CD/DVD technologies. Here's some additional information assist you:

    * NeroLINUX uses NeroAPI for low-level operations (burn process)

    * Autodetection and support for all types of internal CD and DVD recorders supported by NeroAPI 6.6

    * Autodetection and support for all types of external CD and DVD recorders connected to the USB port and supported by NeroAPI 6.6

    * Kernel optimizations

    * Ultra Buffer support

    * Supports hot plug for external USB devices, without any application restart

    * Stores and reloads compilations in XML format

    * Fully compatible with FreeDB, to automatically get disc information over the Internet

    * Supports the new 2.6 IDE driver interface (non SCSI emulation)

    * Audio encoding and decoding done on the fly, using external utilities (mpg123, ogg123)

    * Supports 2.4 and 2.6 kernel flavors

    * Provided as RPM or Debian package for easy installation

    http://www.nero.com/us/NeroLINUX.html