12/20/2005

UDI Next-Generation Connectivity to PC Monitors

Filed under: — Aviran Mordo

Leading PC and consumer electronics companies today announced that they are working to develop a specification, referred to as the unified display interface (UDI), that is intended to serve as the next-generation digital display interface standard for PCs and provide compatibility with Consumer Electronics (CE) devices.

UDI is targeted to become the new display interface for desktop PCs, workstations, notebook PCs and PC monitors, replacing the aging VGA analog standard and providing guidelines to ensure compatibility with today’s DVI standard. Further, as planned, the UDI specification will be fully compatible with HDMI (High-Definition Multimedia Interface), the standard digital interface for High Definition TVs (HDTVs) and advanced CE displays.

UDI will be able to use High-bandwidth Digital Content Protection (HDCP) technology widely deployed in HDMI-compatible products today. As a result, host platforms with UDI connectors will be able to plug into monitors and HDMI-equipped display devices including HDTVs with full content-use rights management and high-definition video compatibility.

For end users, UDI will provide a universal video connection from the computer host to the display, including PC and notebook monitors, HDTVs and projectors. For PC and monitor makers, UDI is intended to enable easy integration with both discrete and integrated graphics controllers, letting OEMs build computer platforms and all-digital LCD monitors that are lower in cost, easier to use and higher in bandwidth.
(more…)

Hackers Break Into Computer-Security Firm’s Customer Database

Filed under: — Aviran Mordo

Guidance Software — the leading provider of software used to diagnose hacker break-ins — has itself been hacked, resulting in the exposure of financial and personal data connected to thousands of law enforcement officials and network-security professionals.

Guidance alerted customers to the incident in a letter sent last week, saying it discovered on Dec. 7 that hackers had broken into a company database and made off with approximately 3,800 customer credit card numbers. The Pasadena, Calif.-based company said the incident occurred sometime in November and that it is working with the U.S. Secret Service on a more detailed investigation.

Guidance’s EnCase software is used by hundreds of security researchers and law enforcement agencies worldwide, including the U.S. Secret Service, the FBI and New York City police. John Colbert, the company’s chief executive officer, said Guidance alerted all of its customers less than two days after discovering the break-in, and that it would no longer store customer credit card data.

Guidance stored customer records in unencrypted databases, and indefinitely retained customers’ “card value verification” (CVV) numbers, the three-digit codes on the back of credit cards that are meant to protect against fraud in online and telephone sales, according to Colbert and the notification letter sent to customers.

Merchant guidelines published by both Visa and Mastercard require sellers to encrypt customer credit-card databases. They are also prohibited from retaining CVV numbers for any longer than it takes to verify a given transaction.

Companies that violate those standards can be fined $500,000 per violation. Credit card issuers generally levee such fines against the bank that processes payment transactions for the merchant that commits the violations. The fines usually are passed on to the offending company.

Source: Washington Post

Highly Critical Vulnerability In Symantec AntiVirus

Filed under: — Aviran Mordo

A highly critical vulnerability (pdf) discovered in Symantec AntiVirus, which potentially can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error in Dec2Rar.dll when copying data based on the length field in the sub-block headers of a RAR archive. This can be exploited to cause a heap-based buffer overflow and may allow arbitrary code execution when a malicious RAR archive is scanned.

The vulnerability has been reported in Dec2Rar.dll version 3.2.14.3 and potentially affects all Symantec products that use the DLL.

Security company Secunia rates this vulnerability as highly critical (4/5) and recommends to filter RAR archives at email or proxy gateways.

Oracle Unveils Comprehensive Identity Management Suite

Filed under: — Aviran Mordo

Oracle (Nasdaq: ORCL) today announced general availability of the Oracle Identity and Access Management Suite, a comprehensive, integrated portfolio of products that protect applications, critical systems and data from unauthorized access.

As part of Oracle’s commitment to information security, the company has focused on rapidly building out a best-in-class identity management suite for heterogeneous IT environments. The culmination, Oracle Identity and Access Management Suite, spans a multitude of home-grown and acquired technologies including: web access control, identity administration, user provisioning, federated identity management, directory services, including virtual directory technologies and enterprise-wide user provisioning.

“Over the past nine months Oracle has demonstrated a serious commitment to providing a strong technical solution for the identity and access management needs of both Oracle customers and the general market,” said Phil Schacter, vice president and service director, Burton Group. “The new Identity and Access Management Suite assembles the component technologies into a package that is easier for customers to understand and invest in.”

Computer worm traps child porn offender

Filed under: — Aviran Mordo

A child porn offender in Germany turned himself in to the police after mistaking an email he received from a computer worm for an official warning that he was under investigation, authorities said on Tuesday.

“It just goes to show that computer worms aren’t always destructive,” said a spokesman for police in the western city of Paderborn. “Here it helped us to uncover a crime which would otherwise probably have gone undetected.”

The 20-year-old was caught out by a version of the “Sober” worm, a prolific Internet virus which can invade computers and then send out messages from a host of fabricated addresses.

The trap was set when the man got an email saying “an investigation is underway”, that listed the sender as Germany’s Federal Criminal Police Office (BKA). Police charged him after finding pornographic images of children on his home computer.

Source: Reuters

Zen MicroPhoto Gives Nano A Run For Its Money

Filed under: — Aviran Mordo

Just like the Ipod Nano, it has a 1.5-inch 262,000 colours display that will show off your pictures nicely and amongst other things it can play music. Creative Labs Zen Microphoto 8G has twice as much storage compared to the largest Ipod Nano 4GB player. It’s wider and thicker than the Nano but it’s also shorter. Zen still looks sexy especially when you see it live. The device has touch pad controls and it’s very intuitive.

If you care about functionality and not only about looks, this player is definitely something that you should consider. It’s small and light. Still thicker and heavier than the Ipod Nano but it simply offers more features. It has a radio tuner, you can exchange the battery and replace it with the recharged one, and you can listen and record radio, use it as four GB memory storage and enjoy the nice sound of the music. The battery is really the great stronghold of this device and you will simply forget when you last recharged. You really need to work hard to discharge it. It has some flaws that we would like to see fixed, such as one to two second pause when you manually go from song to song, ability to watch the photos and listen to the music and some kind of cross fade mixer would be the things that we would like fixed. It’s a great device that I can easily recommend to anyone that needs a player and wants to spend around €300, $300 or around ₤200 for a MP3 multi functional 8GB player. It looks great, maybe not as sexy as the Ipod Nano but it simply offers more. It’s small and it’s great and will offer you all you need.

You can read the full review @ theinquirer

Xbox modders charged with copyright crime

Filed under: — Aviran Mordo

Two owners of a Los Angeles game store and a third man face a up to five years in prison on charges filed Monday in a federal copyright infringement case for selling modified Xbox game consoles, prosecutors said. The modifications allowed the machines to play pirated video games, they said.

The three men are being accused of “conspiring to traffic in a technology used to circumvent a copyright protection system and conspiring to commit criminal copyright infringement,” in violation of the Digital Millennium Copyright Act, according to a statement from the U.S. Attorney’s Office for the Central District of California.

Source: News.com

Pro-Hollywood bill aims to restrict digital tuners

Filed under: — Aviran Mordo

A new proposal in Congress could please Hollywood studios, which are increasingly worried about Internet piracy, by embedding anticopying technology into the next generation of digital video products.

If the legislation were enacted, one year later it would outlaw the manufacture or sale of electronic devices that convert analog video signals into digital ones–unless those encoders honor an anticopying plan designed to curb redistribution. Affected devices would include PC-based tuners and digital video recorders.

“This legislation is designed to secure analog content from theft that has been made easier as a result of the transition to digital technologies,” House Judiciary Committee Chairman James Sensenbrenner Jr., a Wisconsin Republican, said late Friday. Criminals “obtain copyrighted content and then redistribute for profit at the copyright owner’s expense,” he added.

Sensenbrenner’s bill, also backed by Democratic Rep. John Conyers, is designed to plug what technologists have come to call the “analog hole.” That’s the practice of converting copy-protected digital material to analog format, stripping away copy protection, and shifting the material back to digital format with only a slight loss in quality.

Source: News.com

Powered by WordPress