Adobe Systems has acknowledged that all versions of its Adobe Reader, including editions for Windows, the Mac and Linux, contain at least one, and possibly two, critical vulnerabilities. ‘All currently supported shipping versions of Adobe Reader and Acrobat, [Versions] 9.1, 8.1.4 and 7.1.1 and earlier, are vulnerable to this issue,’ said Adobe’s David Lenoe said in a blog entry yesterday. He was referring to a bug in Adobe’s implementation of JavaScript that went public early Tuesday.

A “Bugtraq ID,” or BID number has been assigned to a second JavaScript vulnerability in Adobe’s Reader. Proof-of-concept attack code for both bugs has already been published on the Web. Adobe said it will patch Reader and Acrobat, but Lenoe offered no timetable for the fixes. In lieu of a patch, Lenoe recommended that users disable JavaScript in the apps.

Andrew Storms, director of security operations at nCircle Network Security, said of the suggestion in lieu of patches, ‘Unfortunately, for Adobe, disabling JavaScript is a broken record, [and] similar to what we’ve seen in the past with Microsoft on ActiveX bugs.

Java provides a class called java.net.HttpURLConnection which lets you make a single connection to a url, however when you need to make the connection using proxy you are in trouble.

There are couple of methods to connect via proxy. The first one is simply to define system properties which will then let you make an HttpURLConnection using the proxy properties. Here is one way to define the properties

System.setProperty("https.proxyHost", "127.0.0.1");
System.setProperty("https.proxyPort", "80");

That’s all wonderful with system properties, but what if you need to use a specific proxy for one kind of requests, and another proxy for all others? For instance local HTTP proxy that connects to a corporate proxy and other proxy to connect to the internet, and you need that the requests are issued simultaneously by different threads? Changing system.properties obviously won’t help.

Take a look at abstract class java.net.HttpURLConnection. It requires concrete implementation, and Sun provides one: sun.net.www.protocol.http.HttpURLConnection. It even has a public constructor public HttpURLConnection(URL url, String s, int i), that accepts parameters of target URL, proxy host name and proxy port! All you need to do is instantiate it directly, and not obtain from java.net.URL.openConnection(), and there you go, http connection via proxy.

sun.net.www.protocol.http.HttpURLConnection conn = new HttpURLConnection(requestedURL, "127.0.0.1",80);

With the release of AMD’s latest budget graphics card, the Radeon HD 4770, the GPU giant is bringing a lot of technology to the table.

The card sports the world’s first 40nm GPU (beating out CPUs to a new process technology for the first time), GDDR5 memory, and 640 stream processors, all for under $100. What is even more interesting is that as PC gaming has evolved it appears that a $99 graphics card is all you really need to play the latest PC titles — as long as you are comfortable with a resolution of 1920×1200 or below. Since so few PC gamers have screens larger than that, could the world of high-end PC graphics simply go away?

Mozilla has updated Firefox again, just one week after its last update. Available for Windows, Mac, and Linux, Firefox 3.0.10 fixes a stability problem that also behaved like a security breach. A critical regression error unintentionally introduced in v3.0.9 caused some users to suffer frequent crashes when using the HTML Validator add-on, subsequently linked to potentially compromised browser security.

In the wake of the Conficker worm spreading via removable storage devices among other methods, Microsoft said on Tuesday it is making a change to the way Windows 7 handles USB drives.

As a result of the change, most USB drives will not be able to automatically launch a program using a Windows feature known as AutoRun, Microsoft said in a post on its Security Research & Defense Blog.

So, if an infected USB drive is inserted on a machine then the AutoRun task will not be displayed, Microsoft said.

Fixed removable media, such as CDs and DVDs will still be able to use AutoRun. Also, some specialized “smart” USB flash drives such as those containing U3 software will still be able to appear as DVD drives, effectively allowing them to also use AutoRun, Microsoft cautioned.

Mozilla on Monday released beta 3.5 of Firefox, a revamp of the open-source Web browser designed to include better performance, several new Web programming features, and a private browsing mode.

The earlier betas had been numbered 3.1, but Mozilla switched to the version 3.5 name after concluding the changes were more significant than it envisioned earlier. Mozilla has said earlier the fourth beta will the last, with more polished release candidates expected before the final version of Firefox 3.5 is released.

Eizo Nanao has announced the inclusion of an “EcoView Sense” feature into its just announced FlexScan monitors, the 20-inch EV2023W and the 23-inch EV2303W.

The EcoView feature allows the monitors–using motion detectors–to detect if a person is sitting in front of it.

If it senses for 40 seconds that no one is there, it puts the monitor into sleep mode. It then resumes normal operation when the user returns. For example, it won’t be fooled by such shenanigans as leaving a cardboard cutout of yourself in front of it. It will only resume if there is movement up to 120 centimeters in front of it.

The problem: you’re upgrading your collection of animated classics at home to Blu-ray, but the backseat video player in the minivan only plays DVDs. The solution: trade up to Panasonic’s new Blu-ray-compatible entertainment system for the car.

The two-part system consists of the CN-HX900D, a Windows-powered dash-mountable device with a 7-inch, 1280×720 display. The CN-HX900D offers GPS, a CD/DVD player, Bluetooth, a 40GB hard drive, and iPod/iPhone compatibility.

You’ll need to hook it up to the CY-BB1000D in-car Blu-ray player if you want the kids to get the full fancy-movie treatment in the backseat. (It’s not BD-Live compatible.)

Pricing for CN-HX900D and CY-BB1000D is not yet available

Apple Insider has unearthed proof that YouTube uploading will be built into the upcoming version of QuickTime that ships with OS X 10.6.

According to beta testers, several video-sharing options will be baked into the latest release of Apple’s QuickTime media playback and editing software, including the capability to directly upload to YouTube. With the new QuickTime, you will be able to convert and upload any supported video file type to the online video service and all you will need is to be a registered YouTube user. You also will be able to seamlessly upload supported video to the MobileMe Gallery.

Like many new releases, Metallica’s latest album “Death Magnetic” was uploaded to the popular file hosting service Rapidshare one day prior to its official release date last year. Since users don’t broadcast their IP-address or distribute files to the public directly though Rapidshare, it came as a surprise when the police raided the house of an uploader a few weeks ago.

At first it was unclear how the identity of the uploader was revealed, but today German news outlet Gulli said it had found out that this was likely to be accomplished by creative use of paragraph 101 of German copyright law. It turns out that several record labels are using this to take legal action against those who share music on Rapidshare.

In Germany, the file-hosting service Rapidshare has handed over the personal details of alleged copyright infringers to several major record labels. The information is used to pursue legal action against the Rapidshare users and at least one alleged uploader saw his house raided.

General Electric says it has achieved a breakthrough in digital storage technology that will allow standard-size discs to hold the equivalent of 100 DVDs.

The storage advance, which G.E. is announcing on Monday, is just a laboratory success at this stage. The new technology must be made to work in products that can be mass-produced at affordable prices.

But optical storage experts and industry analysts who were told of the development said it held the promise of being a big step forward in digital storage with a wide range of potential uses in commercial, scientific and consumer markets.

“This could be the next generation of low-cost storage,” said Richard Doherty, an analyst at Envisioneering, a technology research firm.

The promising work by the G.E. researchers is in the field of holographic storage. Holography is an optical process that stores not only three-dimensional images like the ones placed on many credit cards for security purposes, but the 1’s and 0’s of digital data as well.

The data is encoded in light patterns that are stored in light-sensitive material. The holograms act like microscopic mirrors that refract light patterns when a laser shines on them, and so each hologram’s recorded data can then be retrieved and deciphered.

A crucial challenge for the team, which has been working on this project since 2003, has been to find the materials and techniques so that smaller holograms reflect enough light for their data patterns to be detected and retrieved.

The recent breakthrough by the team, working at the G.E. lab in Niskayuna, N.Y., north of Albany, was a 200-fold increase in the reflective power of their holograms, putting them at the bottom range of light reflections readable by current Blu-ray machines.

“We’re in the ballpark,” said Brian Lawrence, the scientist who leads G.E.’s holographic storage program. “We’ve crossed the threshold so we’re readable.”

In G.E.’s approach, the holograms are scattered across a disc in a way that is similar to the formats used in today’s CDs, conventional DVDs and Blu-ray discs. So a player that could read microholographic storage discs could also read CD, DVD and Blu-ray discs. But holographic discs, with the technology G.E. has attained, could hold 500 gigabytes of data. Blu-ray is available in 25-gigabyte and 50-gigabyte discs, and a standard DVD holds 5 gigabytes.

Watch what you say. Scientists in England have developed a computer that can not only read lips, but can tell the difference between languages.

Researchers at the University of East Anglia’s School of Computing Sciences developed the technology by statistically modeling the lip motions of 23 bilingual and trilingual speakers. The resulting system is able to identify the language spoken by an individual with “very high accuracy,” according to the university. Identifiable languages included English, French, German, Arabic, Mandarin, Cantonese, Italian, Polish, and Russian.

What gives you away? The movement of your articulators–when you wag your tongue, jaw, and lips, you are generating the measurable characteristics of visual speech, the recognition of which is known as lip reading. Computer vision has already been used in lip reading, or “feature extraction,” but this is the first time computers have been “taught” to recognize different languages, according to UEA