12/23/2007

Britain’s Queen Takes Up YouTube

Filed under: — Aviran Mordo

Britain’s 81-year-old Queen Elizabeth II, considered an icon of traditionalism, launched her own special Royal Channel on YouTube Sunday.

The queen will use the popular video-sharing Web site to send out her 50th annual televised Christmas message, which she first delivered live to the nation and its colonies on Dec. 25, 1957.

Buckingham Palace also began posting archive and recent footage of the queen and other royals on the channel Sunday, with plans to add new clips regularly.

YouTube, which allows anyone to upload and share video clips, was founded in 2005 and bought by Google last year.

“The queen always keeps abreast with new ways of communicating with people,” Buckingham Palace said in a statement. “The Christmas message was podcast last year.”

Board: Companies can bar union e-mail

Filed under: — Aviran Mordo

Employers can prohibit workers from using the office e-mail system for union activities, so long as they prohibit solicitations from any outside organization, the National Labor Relations Board has ruled.

The board said its 3-2 decision sets a new labor relations standard that allows employers to prohibit union activity through the company’s e-mail system while at the same time permitting office chitchat and personal messages.

The decision, released Friday, upheld the management of the Eugene Register-Guard newspaper in a case involving e-mail messages sent by Suzi Prozanski, a copy editor and Newspaper Guild leader, during contract negotiations in 2000 and the warnings the company gave her.

The board said two of the messages were “solicitations to support the union,” and the company was justified in enforcing a policy that forbade the use of e-mail for “non-job-related solicitations.” It ruled against the paper on a third message, saying it was “simply a clarification of facts surrounding a recent union event.”

Click here to turn your HP laptop into a brick

Filed under: — Aviran Mordo

A second bug in HP laptop utilities creates a means for hackers to turn PCs into “unbootable” bricks.

Flaws in the automatic software update tool bundled with HP notebooks might be abused to alter vital system files (in the kernel or elsewhere) leaving PC unbootable, according to a post on the milw0rm full disclosure mailing list. The vulnerability reportedly grants remote system arbitrary file write access. It stems from security flaws in an ActiveX control (called EngineRules.dll) that’s connected with automatic software updates.

Upshot: hackers could, at a push, inject hostile code onto vulnerable systems after tricking users into visiting maliciously constructed websites. It’s reportedly easier to carry out a much more unusual attack that corrupts system files and renders compromised systems unbootable.

The vulnerability affects HP laptop users running IE 6 or 7 on all supported versions of Windows.

Serious Flash vulns menace tens of thousands websites

Filed under: — Aviran Mordo

Researchers from Google have documented serious vulnerabilities in Adobe Flash content which leave tens of thousands of websites susceptible to attacks that steal the personal details of visitors.

The security bugs reside in Flash applets, the ubiquitous building blocks for movies and graphics that animate sites across the web. Also known as SWF files, they are vulnerable to attacks in which malicious strings are injected into the legitimate code through a technique known as cross-site scripting, or XSS. Currently there are no patches for the vulnerabilities, which are found in sites operated by financial institutions, government agencies and other organizations.

The vulnerabilities are laid out in the book Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions. It is due to hit store shelves soon, but is already in the hands of many security professionals. The book’s authors, who work for penetration testing firm iSEC Partners as well as for Google, say a web search reveals more than 500,000 vulnerable applets on major corporate, government and media sites.

“Lots of people are vulnerable, and right now there are no protections available other than to remove those SWFs and wait for the authoring tools and/or Flash player to be updated,” says Alex Stamos, one of the book’s authors. “In the mean time, people will have to think: ‘What kind of flash am I using on my site,’ and manually test for vulnerabilities.”

Kaspersky inadvertently quarantines Windows Explorer

Filed under: — Aviran Mordo

Windows Explorer, one of the most crucial components of Microsoft’s operating system, was quarantined earlier this week after being falsely identified as malicious code by an antivirus company.

Users of Kaspersky Lab’s antivirus products noticed the issue, which Kaspersky claimed lasted two hours, on Wednesday night.

The security company’s systems had decided that a virus called Huhk-C was present in the explorer.exe file, leading to its confinement or, in some cases, deletion. As Windows Explorer is the graphical user interface (GUI) for Windows’ file system, this made it difficult to perform many common tasks within the operating system, such as finding files.

David Emm, a senior technology consultant at Kaspersky Lab, told ZDNet UK on Friday that the company was still examining its checklist to find out why the false positive “slipped through the net.”

Microsoft quietly combines TV efforts

Filed under: — Aviran Mordo

Microsoft has quietly folded its Internet Protocol television, Media Center, and HD DVD efforts into a single organization, known as the Connected TV business group.

The unit, which is part of Robbie Bach’s Entertainment and Devices division, is headed by Enrique Rodriguez, the VP (and former WebTV developer) who has been heading the IPTV effort. Peter Barrett, who was CTO of the IPTV unit, takes on that role for the unit.

The move, which took place in October, paves the way for the different technologies, all centered around the television, to work more closely together.

On the IPTV front, Microsoft is moving ahead with its effort to allow additional programs to run on set-top boxes using its software. Microsoft said it now has more than two dozen companies working on software for its Mediaroom platform, including ES3 and Emuse Technologies.

Powered by WordPress