*HOT* Tech News And Downloads, I Would Read This Thread And Post Any Good Info

RIAA launches propaganda, lawsuit offensive against college students

3/1/2007 11:35:00 AM, by Eric Bangeman

Marking a new chapter in its war against file sharing, the RIAA announced a new campaign against college students while launching its new lawsuit-settlement web site. Affirming his stance that the RIAA "must continue to enforce its rights," RIAA CEO Mitch Bainwol said that his organization sent out 400 prelitigation settlement letters to students at 13 different schools. The organization has also sent a mass mailing to college and university presidents across the US asking for their cooperation in the RIAA's ongoing war against file sharing.

Ars obtained a copy of the letter, which explains the rationale behind the decision to escalate the RIAA's "deterrence and education efforts." Calling the amount of on-campus file sharing "extensive and unacceptable," the letter lays out a couple of ways in which campus administrators can assist the RIAA.

Stew Pydd: Wales fly-half
or dirty pirate?

Schools should use technological solutions to clamp down on piracy, which the RIAA says will result in a lower likelihood that a university's students will be targeted. The RIAA is also looking for full cooperation when it comes to the RIAA's new prelitigation letters and settlement web site, which will allow "students and others with access to the network" to settle claims at a lower cost and before lawsuits are filed. Universities are also encouraged to give students an inexpensive alternative to file sharing, such as Ruckus Networks' free, ad-supported college music service.

The RIAA hopes students see the light

We first learned about the prelitigation settlement letters and the existence of p2plawsuits.com a couple of weeks ago, when a copy of a letter the RIAA sent to American ISPs asking for increased cooperation was leaked. p2plawsuits.com represents the RIAA's best effort to date at making an end-run around the judicial system and extracting sizable—yet "discounted"—settlements from those it believes are guilty of infringing its copyrights.

In another sign that the RIAA has no plans to let up on its enforcement actions, the group said that it promises "hundreds of similar enforcement actions" every month. "Because we know that some audiences—particularly campus music downloaders—can sometimes be impervious to even the most compelling educational messages or legal alternatives, these new efforts aim to help students recognize that the consequences for illegal downloading are more real than ever before," argued RIAA president Cary Sherman. "We will continue to work with respected educators to reach students before college through programs like i-SAFE and Young Minds Inspired, but we simply cannot afford to write off a generation of college music fans."

The RIAA's renewed commitment to following through with on-campus enforcement may give pause to the surprisingly large number of college students that engage in file-sharing on campus networks under the assumption that they are "safe" behind the college firewall. Should a university receive a subpoena from an RIAA-filed "John Doe" lawsuit, however, it will be forced to respond in the same manner as any other ISP and reveal as much information as they have about the identity behind the account fingered by the RIAA.

One significant challenge that the music industry faces with college students is that they don't find the file-sharing alternatives very compelling, even free, official services like Ruckus. A semester-long trial of Ruckus' free service at one school in 2005 resulted in almost half of the students ignoring the service. Students are like any other set of consumers. Usability is just as important as price, and most of the RIAA-approved services fail to measure up in that regard. Unless the music industry wises up, it will be faced with a long and protracted battle that may end up alienating the next generation of music fans.
http://arstechnica.com/news.ars/post/20070301-8953.html

 

SimplyMEPIS Linux 6.5 Beta 7
Mar 01, 2007 - 11:52 AM - by soxrocker
..One of my fav distro's..

ProMEPIS Linux is a Linux OS based on Debian that can be run from your CD drive without installation. Where it shines is its easy, 100% "point and click" installation, and automatic detection of not only "normal" computer hardware but also popular webcams, the latest wireless network cards, "Winmodems" that usually work only with Windows, digital cameras, scanners, and other devices.

FileForum download

Released: February 28, 2007
Publisher: MEPIS LLC
Homepage: SimplyMEPIS Linux
Downloads: 10,950
License: Freeware
OS Support: Linux

download here
http://fileforum.betanews.com/detail/SimplyMEPIS_Linux/1106840725/1

 

Portable Firefox 2.0.0.2
Mar 01, 2007 - 7:52 AM - by Digital Dave
Sweet!

Portable Firefox is a fully functional package of Firefox optimized for use on a USB key drive. It has some specially-selected optimizations to make it perform faster and extend the life of your USB key as well as a specialized launcher that will allow most of your favorite extensions to work as you switch computers.

majorgeeks.com

Portable Firefox 2.0.0.2
Author: John T. Haller
Date: 2007-02-28
Size: 5.9 Mb
License: Freeware

Portable Firefox is a fully functional package of Firefox optimized for use on a USB key drive. It has some specially-selected optimizations to make it perform faster and extend the life of your USB key as well as a specialized launcher that will allow most of your favorite extensions to work as you switch computers. It will also work from a CDRW drive (in packet mode), ZIP drives, external hard drives, some MP3 players, flash RAM cards and more.

This is an unofficial package. It is an official build, but has been modified and a specialized launcher added to make extensions portable. No warranty is expressed or implied.

To install, just download the ZIP and unzip it to the root directory of your USB drive. It will create a "firefox" directory and all the requisite directories underneath. To use Firefox on your drive, launch it with the PortableFirefox.exe file in the firefox directory. DO NOT launch the firefox.exe file directly, as this will create a profile on your hard drive or use an existing one. Additionally, be sure you've closed any local copies of Firefox and that they've finished shutting down. Otherwise, a new window of your local install will be launched. This is a feature of Firefox itself to prevent multiple copies running at the same time.


download here
http://www.majorgeeks.com/Portable_Firefox_d4424.html

 

Music executives judge Jobs, lament losses


By Greg Sandoval
Staff Writer, CNET News.com
Published: February 27, 2007, 4:25 PM PST
Tell us what you think about this storyTalkBack E-mail this story to a friendE-mail View this story formatted for printingPrint Add to your del.icio.usdel.icio.us Digg this storyDigg this

NEW YORK--The discussions at a music conference here Tuesday started with an all-around bashing of Apple CEO Steve Jobs before moving to the plethora of issues plaguing the music industry.

Apple, digital rights management (DRM) and the public's willingness to pirate music were discussed, debated and lamented once more by attendees of the Digital Music Forum East conference.

"We're running out of time," Ted Cohen, managing director of music consulting firm TAG Strategic, told the roughly 200 attendees. "We need to get money flowing from consumers and get them used to paying for music again."

The call to arms by Cohen, who was moderating a panel discussion titled "The State of the Digital Union," comes as the music industry suffers through one of the worst slumps in its history.

CD sales fell 23 percent worldwide between 2000 and 2006. Legal sales of digital songs aren't making up the difference either. Last year saw a 131 percent jump in digital sales, but overall the industry still saw about a 4 percent decline in revenue.

That has the industry pointing fingers at a number of things they believe caused the decline.

At the opening of the conference, some of the panel members lashed out at Jobs. Members said Jobs' call three weeks ago for DRM-free music was "insincere" and a "red herring."

"Imagine a world where every online store sells DRM-free music encoded in open licensable formats," Jobs wrote in a letter that rocked the music industry. "In such a world, any player can play music purchased from any store, and any store can sell music which is playable on all players. This is clearly the best alternative for consumers, and Apple would embrace it in a heartbeat."

Jobs' position was perceived by many in the music industry as a 180-degree shift in direction. The view expressed at the conference is that Apple has maintained a stranglehold on the digital music industry by locking up iTunes music with DRM.

Cohen told the audience that if Jobs was really sincere about doing away with DRM, he would soon release movies from Disney--the studio Jobs holds a major stake in--without any software protection. An Apple representative declined to comment on Tuesday on remarks made by the panel.

Panel member Mike Bebel, CEO of Ruckus music service, said: "Look, I don't think anybody is necessarily down on Apple. The problem is the proprietary implementation of technology...and it's causing everybody else who is participating in the marketplace--the other service providers, the labels, the users--a lot of pain. If they could simply open it up, everybody would love them."

The role of DRM
Panel members--who included Thomas Gewecke, Sony BMG senior vice president, and Gabriel Levy, general manager of RealNetworks Europe--were divided about what the music industry should do about DRM in general.

Most of the panel members, save for Greg Scholl, CEO of independent music label The Orchard, believe that some form of DRM is necessary.

Scholl said flatly that DRM doesn't work. "The idea that DRM gives us choice isn't right," he said.

"The economics of the business are over for good and aren't ever going to be the way they were before," Scholl said. This is a position that some in the music industry are starting to warm up to.

In January, EMI said it was reviewing a request by the Electronic Frontier Foundation to allow reverse engineering of its digital rights management software. That EMI would even consider the proposal was seen in many circles as a step forward by the anti-DRM camp.

Gewecke also defended record labels against the criticism that the music industry has its head in the sand and just doesn't understand the Digital Age. He said that Sony BMG is working with technologists and retailers, and is constantly is looking for technological solutions to some of the industry's problems.

He also said that despite all the bad news, there's plenty for the sector to be encouraged about.

"We routinely talk to companies about what's different," Gewecke said. "We're constantly looking for where value is being created in a business model. We are being flexible. There's still an evolution that has to happen. I say it's an optimistic time considering there's more music being listened to now than ever before. There's more opportunities to monetize the music. We want to be out there looking for new ideas and companies."
http://news.com.com/2100-1027_3-6162729.html?part=rss&tag=2547-1_3-0-5&subj=news

 

New Santangelo motion

p2pnet.net news:- Patti Santangelo, the New York mother who's been standing against the Big 4 music cartel's RIAA, says she wants to either go to trial so a jury of her peers can clear her name, or have her case dismissed 'with prejudice' so it's over and done with.

Her lawyer, Jordan Glass, has now filed a motion opposing the RIAA's attempt to have the case dismissed without prejudice, meaning they could bring it again at any time. Nor do the Big 4 want a date set for a trial.

In the motion, "Ultimately, Plaintiffs have shown only three things," says the court document:

"there is no evidence against Patricia Santangelo supporting any claim of infringement;

"Plaintiffs actions were, from the beginning, vexatious and in bad faith; and,

"Plaintiffs' claim should be dismissed with prejudice and Patricia Santangelo should be found to be the prevailing party."

Another RIAA (Recording Industry Association of America) victim, Oklahoma mother Debbie Foster, achieved "prevailing party" status, meaning she's entitled to lawyers' fees.

However, she's still battling with the RIAA, a judge ruling the Big 4 enforcer has a final 60 days to finish "reasonableness" discovery, says Recording Industry vs The People.

Slashdot Slashdot it!

Also See:
against the Big 4 - Us, Them, p2p and file sharing, December 9, 2007
Debbie Foster - RIAA times out in p2p case, February 27, 2007
Recording Industry vs The People - Judge "Clarifies" Order in Capitol v. Foster, February 27, 2007
http://p2pnet.net/story/11493

 

FREEWARE,MediaMonkey 2.5.5.998 Beta beta

Publisher's Description:

MediaMonkey is an easy-to-use music manager and media jukebox for serious music collectors and iPod users. It catalogs your CDs, OGG, WMA, MPC, FLAC, APE, WAV and MP3 audio files. It looks up missing Album Art and track information via Freedb and the web, and includes an intelligent tag editor and an automated file and directory renamer to organize your music library. It includes a CD ripper, CD Burner, and audio converter for saving music, and manual or automated playlist editors for creating music mixes. Its player automatically adjusts volume levels so that you don't have continually fiddle with the volume control and supports hundreds of Winamp plug-ins and visualizations; or if you prefer, it can use Winamp as the default player. It also includes portable audio device synchronization that allows you to quickly synch tracks and playlists with iPods and other portable audio devices.

Released: February 27, 2007
Publisher: Ventis Media, Inc.
Homepage: MediaMonkey
Downloads: 45,058
License: Freeware
OS Support: Windows (All)

DOWNLOAD HERE
http://fileforum.betanews.com/detail/MediaMonkey/1004522272/1

 

GOOD MORNING TO YE ALL A HELL OF A GOOD READ........


ONE HELL OF A VERY VERY VERY VERY LONG READ,AS IF I WAS YE I WOULD READ THIS BECAUSE OF THE WAY THE RIAA PULLS THE CRAP ON US..

THE ARTICLE IS HERE IN ITS FULL TEXT..
http://p2pnet.net/story/11499

FOR US RAG TAGS THE TOTAL ARTICLE IS POSTED IN THE LINK ON THE BOTTOM OF THIS POST

RIAA expert Jacobson: full text

p2pnet.net news:- Below is a break-out of the deposition given by RIAA expert witness Dr Doug Jacobson to Ray Beckerman, acting for Marie Lindor in UMG v. Lindor.

Lindor, a Brooklyn, New York, home health aide, is a self-confessed computer fool who doesn't know one end of a PC from another.

But according to Warner Music, EMI, Vivendi Universal and Sony BMG, the members of the Big 4 music cartel, she's an illegal online distributor of their copyrighted music.

"Now I ask the tech community to review this all-important transcript, and bear witness to the shoddy 'investigation' and 'junk science' upon which the RIAA has based its litigation war against the people," Lindor's lawyer, Ray Beckerman, told p2pnet.

"The computer scientists among you will be astounded that the RIAA has been permitted to burden our court system with cases based upon such arrant and careless nonsense."

This is probably the first example of a case in which members of Net communities, notably people who post on slashdot and Groklaw, actively helped a lawyer frame the questions he needed to ask and, "Were deeply grateful to the community for reviewing our request, for giving us thoughts and ideas, and for reviewing other readers' responses," Beckerman says.

This document was created by hand, so any mistakes are probably ours.

If you're a techie and you have any thoughts on this, Beckerman would like to hear from you. Contact him at rbeckerman[at]anfeliu.com.

http://

 

Your Wi-Fi can tell people a lot about you


By Joris Evers
Staff Writer, CNET News.com
Published: March 1, 2007, 6:40 PM PST
Tell us what you think about this storyTalkBack E-mail this story to a friendE-mail View this story formatted for printingPrint Add to your del.icio.usdel.icio.us Digg this storyDigg this

ARLINGTON, Va.--Simply booting up a Wi-Fi-enabled laptop can tell people sniffing wireless network traffic a lot about your computer--and about you.

Soon after a computer powers up, it starts looking for wireless networks and network services. Even if the wireless hardware is then shut-off, a snoop may already have caught interesting data. Much more information can be plucked out of the air if the computer is connected to an access point, in particular an access point without security.

"You're leaking all kinds of information that an attacker can use," David Maynor, chief technology officer at Errata Security, said Thursday in a presentation at the Black Hat DC event here. "If the government was taking this information from you, people would be up in arms. Yet you're leaking this voluntarily using your laptop at the airport."

There are many tools that let anyone listen in on wireless network traffic. These tools can capture information such as usernames and passwords for e-mail accounts and instant message tools as well as data entered into unsecured Web sites. At the annual Defcon hacker gathering, a "wall of sheep" always lists captured login credentials.

Errata Security has developed another network sniffer that looks for traffic using 25 protocols, including those for the popular instant message clients as well as DHCP, SMNP, DNS and HTTP. This means the sniffer will capture requests for network addresses, network management tools, Web sites queries, Web traffic and more.

"You don't realize how much you're making public, so I wrote a tool that tells you," said Robert Graham, Errata Security's chief executive. The tool will soon be released publicly on the Black Hat Web site. Anyone with a wireless card will be able to run it, Graham said. Errata Security also plans to release the source code on its Web site.

The Errata Security sniffer, dubbed Ferret, packs more punch than other network sniffers already available, such as Ethereal and Kismet, because it looks at so many different protocols, Graham said. Some at Black Hat called it "a network sniffer on steroids."

Snoops can use the sniffer tools to see all kinds of data from wireless-equipped computers, regardless of the operating system.

For example, as a Windows computer starts up it, it will emit the list of wireless networks the PC has connected to in the past, unless the user manually removed those entries from the preferred networks list in Windows. "The list can be used to determine where the laptop has been used," Graham said.

Apple Mac OS X computers will share information such as the version of the operating system through the Bonjour feature, Graham said. Bonjour is designed to let users create networks of nearby computers and devices.

Additionally, computers shortly after startup typically broadcasts the previous Internet Protocol address and details on networked drives or devices such as printers that it tries to connect to, Graham said.

"These are all bits of otherwise friendly information," Graham said. But in the hands of the wrong person, they could help attack the computer owner or network. Furthermore, the information could be useful for intelligence organizations, he said.

And that's just the data snoops can sniff out of the air when a laptop is starting up. If the computer is then connected to a wireless network, particularly the unsecured type at hotels, airports and coffee shops, much more can be gleaned. Hackers have also cracked basic Wi-Fi security, so secured networks can't provide a security guarantee.

In general, experts advise against using wireless networks to connect to sensitive Web sites such as online banking. However, it is risky to use any online service that requires a password. The Errata Security team sniffed one reporter's e-mail username and password at Black Hat and displayed it during a presentation.

People who have the option of using a Virtual Private Network when connected to a wireless network should use it to establish a more secure connection, experts suggest. Also, on home routers WPA, or Wi-Fi Protected Access, offers improved security over the cracked WEP, or Wired Equivalent Privacy.

"The best solution is to be aware of the danger," Graham said. "Everyone doesn't need to work from a coffee shop."
http://news.com.com/2100-7355_3-6163666.html?part=rss&tag=2547-1_3-0-20&subj=news

 

DVDFab 3.0.8.6 is out
Dear all,

DVDFab products 3.0.8.6 is out (03/02/2007):

DVDFab Platinum/Gold 3.0.8.6:
http://www.dvdfab.com/download.htm

DVDFab Decrypter 3.0.8.6:
http://www.dvdidle.com/free.htm

What's New:
- New: Added audio/subpicture preselection feature.
- New: You can let DVDFab preselect specific language of audio/subpicuture.
Ideal for "Main Movie", "Customize" and "Merge".
- New: Updated language files.
- Fix: Some extra content will be removed in "Full Disc" mode, when copying
some copy-protected DVDs, like "Cinderella III" and "Open Season".
- Fix: Preview problem on Windows Vista.
- Fix: A problem that more than 6 sources cannot be opened, now the limit is 64.
- Fix: A problem that LPCM audio cannot be converted in "DVD to Mobile".
- Fix: Several minor problems.

Best Regards,
Fengtao

 

A history of Microsoft Windows - the inside story exposed

Dates, times, approximations

By Liam Proven: Friday 02 March 2007, 12:32
WELCOME TO AN architectural overview of the design and planning of a market-leading operating system, illustrating how real professionals do this sort of thing.

Please note that due to a complete lack of access to internal documentation, dates are approximate.

1982: "Interface Manager" is being planned out.
THE MANAGEMENT: "Oh, hell, we have to stomp on VisiOn, they might be big, their spreadsheet was. Quick, build some kind of graphical shell thing."

1983: Windows 1.0 announced.
THE MANAGEMENT: "We must incorporate TopView compatibility, IBM's too big to ignore!"

1984: Apple Macintosh released.
THE MANAGEMENT: "OK, guys, the Mac's out, it's OK, you can play with those ones the Mac app developers have. Make it look more like the Mac!"

1985: Windows 1.01 released.
MARKETING DEPT: "Look, ma, we got one o' dem gooey things!"

1987: Windows 2.0 released.
THE MANAGEMENT: "No, really, Windows isn't that big a deal, OS/2 is the future. But for now, develop for Windows and you can port to OS/2 later! Here, look, we've got some apps for it!"

1988: Windows 2.1, Windows/286, Windows/386
WINDOWS DEVELOPERS: "Hey, we have some cool ideas about the 286 and 386. We could really use the extra memory!"

1990: Windows 3.0
THE MANAGEMENT: "Uh-oh. OS/2 is bombing. What to do we do now?"
WINDOWS DEVELOPERS: "Well, we could borrow the look and feel from OS/2 - you know, that app manager thing, File Manager, the proportional fonts and 3D widgets, stuff like that, give it virtual memory support and a few other hacks we had in mind, and bring all three editions into one?"
THE MANAGEMENT: "OK, go for it. It'll have to do for now."
(Shortly after the release, the dust settles and a stunned silence falls.)
THE MANAGEMENT: "Bloody hell. They bought it! Forget OS/2, this is the future!"
[Meanwhile, in Finland, a bored Comp Sci student thinks "I'm sick of this QL, I want a 386 with Unix. Only I can't afford Unix. I think I'll write my own."]

Early 1992: Windows 3.1
THE MANAGEMENT: "Oops. Multimedia. It needs that built in. IBM, here, you have OS/2. We'll, um, work on OS/2 3 with this Dave Cutler chap from DEC. Yeah, OS/2 3, that's it. All new technology."

Late 1992: Windows for Workgroups
THE MANAGEMENT: "And networking! We need networking!"

1993: NT 1.0, I mean, 3.1
MARKETING: "Here's NT! It's not OS/2 at all, it's Windows, look! It's the future!"

1995: Windows 95
16-BIT WINDOWS DEVELOPERS: "Hey, we've got some nifty ideas for tarting up the shell a bit. We could call it Windows 4!"
THE MANAGEMENT: "All right, but you're not calling it that 'cos it'd sound more advanced than NT. Speaking of which, you'd better make it 32-bit." 16-BIT WINDOWS DEVELOPERS: "Errr... OK. We can do that. Kinda."
MARKETING DEPT: "OK, so, lots of stuff doesn't work on NT, so here's Windows 95, it's, er, your migration path to NT! Yes, that's it!"

Windows NT 4
THE MANAGEMENT: "Oh bugger. Now 95 looks better than NT. Look, forget that Cairo stuff for now, let's bung the 95 interface on NT and call it NT4! Yeah! That's the real future!"

1996: Windows 95B OSR2
THE MANAGEMENT: "What did you say? You ess bee? What's that, then?"
LEGAL TEAM: "No, you honour, IE really is part of Windows, it's integral and everything. OK, so, we forgot to include it in 95 v1.0, it was part of the Plus Pack, but you need it. It's part of 95 OSR2. Look, if we remove it, Windows stops working."
LEGAL TEAM: "Oh, when Larry Lessig removes it, it still does work? Well, what does he know?"
LEGAL TEAM: "No, your honour, we wouldn't dream of stomping on Netscape, this isn't a bundled product, you told us not to do that last time."

1998: Windows 98
THE MANAGEMENT: "Shit, NT 5.0 still doesn't work, look, bung out a fixed version of 95… Give them, I don't know, multi-head support or something…"

1999: Windows 98SE
THE MANAGEMENT: "What do you mean the fixed version doesn't work? Oh, for god's sake…"

2000: Windows ME, Windows 2000
THE MANAGEMENT: "Here's NT5! Isn't it nice? Look, power management, plug and play, all that stuff that that nasty little 95 team had five years ago! No, it won't run 98 drivers. No, it won't run NT drivers either. No, not all DOS stuff works. No, it's not great for games. All right, shut up, here, have another version of 98, call it… Well, we know the millennium's not 'til next year, but it's close enough. Yeah, Millennium Edition. What, they can't spell "millennium"? Well call it something cuddly, then."

2001: Windows XP
MARKETING DEPT: "OK, look, we're really sorry about ME, all right? We're killing it off now. Finally. Here, try this, it's shiny!"

2003: Windows Server 2003
THE MANAGEMENT: "Look, it's been two years, we've had service packs and everything, it must be stable enough by now!"

2004: (...)
THE MANAGEMENT: "What do you mean it still doesn't work? Try harder!"

2005: (...)
"MAKE IT WORK! FOR GOD'S SAKE, MAKE IT WORK! Well, throw it away and use the server version then, that seems all right. Look, they won't know the difference, drop the database stuff, nobody remembers what we said in 1995 now! That was ten years ago! "Apple has what? 3D acceleration? So, we have DirectX. What, in the desktop? Really? What, even Stallman's beardie-weirdies have it? Oh hell. Right, you lot, make it look like this!"

2006: Windows Vista
THE MANAGEMENT: "Look, if we trickle it out to those mugs, I mean, valued customers who've already paid, we can say we released it this year and it'll buy us some more time…"

2007: No, really Windows Vista, honest
MARKETING DEPT: "Never mind the features, look at it! Isn't it shiny? Yes! Pretty!" µ


http://www.theinquirer.net/default.aspx?article=37962

 

some excellent posts you made on WiFi security, the RIAA/Fair Use and Windoze Vister. I just updated my sig to post a link to that story on settling with the RIAA. College students don't need to be admitting any wrongdoing to an organization that treats its "customers" like criminals for using their legally bought items the way they want to.
A former RIAA executive once referred to mp3 files as "a file format for piracy". u know what? Screw him!

 

Microsoft Vista, IE7 Banned By U.S. DOT

Microsoft Hit By U.S. DOT Ban On Windows Vista, Explorer 7, and Office 2007


Tens of thousands of federal workers are prohibited from upgrading to the latest versions, according to memos seen by InformationWeek.


By Paul McDougall
InformationWeek

March 2, 2007 12:00 PM

Citing concerns over cost and compatibility, the top technology official at the federal Department of Transportation has placed a moratorium on all in-house computer upgrades to Microsoft's new Windows Vista operating system, as well as Internet Explorer 7 and Office 2007, according to a memo obtained Friday by InformationWeek.

In a memo to his staff, the DOT's CIO Daniel Mintz says he has placed "an indefinite moratorium" on the upgrades as "there appears to be no compelling technical or business case for upgrading to these new Microsoft software products. Furthermore, there appears to be specific reasons not to upgrade."

Among the concerns cited by Mintz are compatibility with software applications currently in use at the department, the cost of an upgrade, and DOT's move to a new headquarters in Washington later this year. "Microsoft Vista, Office 2007, and Internet Explorer [7] may be acquired for testing purposes only, though only on approval by the DOT chief information officer," Mintz writes.

The memo is dated Jan. 19. In an interview Friday, DOT chief technology officer Tim Schmidt confirmed that the ban is still in effect. "We're analyzing different client software options and also integration issues," says Schmidt. Among the options the Transportation Department is weighing as a possible alternative or complement to Windows Vista are Novell's Suse Linux and, for a limited group of users, Apple's Macintosh hardware and software, he says.

Schmidt says the Transportation Department hasn't ruled out upgrading its computers to Windows Vista if all of its concerns about the new operating system -- the business version of which was launched late last year -- can be resolved. "We have more confidence in Microsoft than we would have 10 years ago," says Schmidt. "But it always makes sense to look at the security implications, the value back to the customer, and those kind of issues."

The DOT's ban on Vista, Internet Explorer 7, and Office 2007 applies to 15,000 computer users at DOT proper who are currently running the Windows XP Professional operating system. The memo indicates that a similar ban is in effect at the Federal Aviation Administration, which has 45,000 desktop users.

Compatibility with existing applications appears to be the Transportation Department's major concern. According to a separate memo, a number of key software applications and utilities in use in various branches of the department aren't Vista compatible. Among them are Aspen 2.8.1, ISS 2.11, ProVu 3.1.1, and Capri 6.5, according to a memo issued by staffers at the DOT's Federal Motor Carrier Safety Administration.

Any prolonged ban on new Microsoft technologies by the federal government could have a significant impact on the software maker's bottom line, as Microsoft sells millions of dollars in software to the feds annually.

http://www.informationweek.com/news/showArticle.jhtml?articleID=197700789

 

Antivirus firms charge loyal customers more 5:31PM, Friday 2nd March 2007
The mortgage industry has woken up to the fact that its customers get a little irate when they see fabulous introductory rates offered to new customers while they are left to plod along feeling uncared for.

It seems this ailment has afflicted the antivirus industry as well.

We were contacted by a reader, Bob Brough, who pointed out that renewing his copy of ZoneAlarm Internet Suite 2007 was more expensive than buying a new version.

And when he questioned the company over the logic of the pricing, he was told: 'The current 3 user license is discounted due to a promotion. Promotion pricing does not apply to renewals.'

ZoneAlarm apologised for the inconvenience and hoped that the issue had been resolved. But the inconvenience remained that renewals were £15 more expensive at £64.95.

'Needless to say I will be buying a 'new' download and not renewing. Bonkers eh?,' wrote our reader.

Even more bonkers, however, is that instead of downloading a new version from Zone, you


ADVERTISEMENT
can get the boxed product shipped free of charge (under Super Saver conditions) from Amazon for half that price: £24.97. And less than half the price of the renewal.

ZoneAlarm may have tripped up on this discount issue, but it's not alone. It highlights just how cynical companies can be in relying on customers' assumptions that a renewal should be cheaper than buying new.

McAfee's Internet Security Suite costs just £24.99 with the current 50 per cent discount. However, should you be fool enough to already be a customer of McAfee, you'll have to pay £39.99 to renew your licence.

To renew Symantec's Norton Internet Security 2007 costs £10 less than buying new, but to upgrade to Norton 360 costs £54.99, just £5 less than buying it new. Aside from the website authentication technologies and online backup, there's not much more you're getting, especially once you have downloaded the Add-on pack for Internet Security 2007. So while Symantec shouldn't be lumped together with McAfee and ZoneAlarm, it's definitely not worth upgrading to Norton 360 until your Internet Security 2007 licence is due for renewal.

ZoneAlarm had not returned our request for comment by the time of publishing.
Matt Whipp
http://www.pcpro.co.uk/news/106448

 

Windows Live Messenger (formerly MSN Messenger) 8.1.0178
Author: Microsoft Corporation
Date: 2007-03-02
Size: 17.6 Mb
License: Adware
Requires: Win All


Ta da! It’s the next-generation MSN Messenger. Along with everything you already love about Messenger—your contact list, emoticons, instant access to your friends—there are brilliant new ways to connect and share your photos (and other stuff). As always, Windows Live Messenger is free to download Messenger and use most of its features.

Call their phones. Call their PCs.
Call your friends' mobile or landline phones. It's affordable, both within the US and internationally. And calling someone's PC is always free.

See them on the screen
Show and tell: Grab a webcam and start a video conversation within minutes.

Share stuff
Set up a Sharing Folder with a friend. Drop in photos and other stuff, as many as your computer can handle. See your Sharing Folder even when one of you is offline.

Now: Talk to your Yahoo! friends, too
The world's largest IM network has just gotten bigger—and better. With Windows Live Messenger you can now connect with your Yahoo! IM contacts. Forget about using multiple accounts to talk to your friends—IM them all with Windows Live Messenger.

DOWNLOAD HERE
http://www.majorgeeks.com/Windows_Live_Messenger_formerly_MSN_Messenger__d4258.html

 

New computer virus threatens biz nets
Technology security firm warns the latest strains of the RINBOT or DELBOT virus are starting to multiply rapidly.
By Parija B. Kavilanz, CNNMoney.com staff writer
March 1 2007: 12:25 PM EST

NEW YORK (CNNMoney.com) -- A disgruntled hacker with a personal grudge against Symantec, which provides anti-virus software to leading Fortune 500 companies, could be behind a new, crippling computer virus that's already hit a division of at least one big U.S. corporation on Thursday.

If it spreads, technology experts warn the latest strains of the insidious RINBOT computer virus could hijack network systems of businesses worldwide.
New strains

Graham Cluley, senior technology consultant with Boston-based IT security firm Sophos, said his company has been aware of "a number" of new versions of the RINBOT or DELBOT virus produced since Feb. 15.

"We believe this latest strain is the 7th version of RINBOT which first emerged in March 2005," Cluley said.

According to Cluley, this version is designed to exploit security vulnerabilities embedded in anti-virus software.

"Traditionally hackers always went after Microsoft's anti-virus programs. But now they're increasingly targeting other commonly used programs such as Symantec programs and others," he said.

Cluley said this strain appears to be hitting MS SQL servers. It looks for networks that run the Microsoft (Charts) Windows operating system, including Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT and Windows XP. It then spreads through the network by manipulating "weak" spots such as simple passwords.
Getting hijacked

Once it's in, Cluley said the virus quickly spreads and takes over many computers with the intention of turning the network into a botnet, or a "zombie" network.

"Without you knowing it, hackers will use your computer for a variety of purposes like sending out spam, or distributing denial of service attacks, or even blackmailing other Web sites. There was a case where hackers blackmailed a gambling site and said they would bring down the site for a few days unless they were paid thousands of dollars" Cluley said.

Cluley warned that the virus is not geographically limited. "It's very stealthy and insidious and works without you knowing it," he said.

Turner Broadcasting System, a division of Time Warner (Charts) and parent of CNN and CNNMoney.com, confirmed that its systems were hit by a virus Thursday.

"A virus has affected the network and we are actively working to rectify the situation," said company spokeswoman Shirley Powell.

Thomas Parsons, an IT specialist with Symantec (Charts), confirmed to CNNMoney.com that the most recent variants of RINBOT have targeted Symantec's anti-virus programs.

"We're not sure what the motivation is, but we are aware of a hacker that has been adding his own commands into the strain," Parsons said. Using those codes, Parsons said the hacker let it be known that he wasn't happy that Symantec was calling the virus RINBOT. Top of page
http://money.cnn.com/2007/03/01/news/companies/virus/index.htm?section=money_technology

 

The 25 Most Common Mistakes in Email Security

I still remember receiving my first phishing email in my AOL account. I had won the AOL lottery! As good as it sounded, I was skeptical at best. So without much thought, I opened the email and clicked on the link inside to check if I truly was a millionaire after all. Almost instantly, my computer crashed, and with each subsequent restart would crash again.

Countless computer crashes and thousands of spam emails later, I had learned the lesson that just opening spam email can bring harm to my computer. Unfortunately there are a whole host of traps and errors that catch new email users just because "they didn't know any better".

In this article we focus on 25 of the most common and easy to fix mistakes that people make when it comes to email security. We've designed this article with the new internet user in mind, so if you're an email expert, you may want to pass this along to your novice friends.

Properly managing your email accounts
1. Using just one email account.

Individuals new to email often think about their email account like they do their home address, you only have one home address, so you should only have one email. Instead, you should think about your email address like you do your keys, while it may be okay to use the same key for your front and your back door, having a single key open everything is both impractical and unsafe.

A good rule of thumb for the average email user is to keep a minimum of three email accounts. Your work account should be used exclusively for work-related conversations. Your second email account should be used for personal conversations and contacts, and your third email account should be used as a general catch-all for all hazardous behavior. That means that you should always sign up for newsletters and contests only through your third email account. Similarly, if you have to post your email account online, such as for your personal blog, you should only use your third email account (and post a web friendly form of it at that).

While your first and second email accounts can be paid or freebie, your third 'catch-all' account should always be a freebie account such as those offered by Gmail or Yahoo!. You should plan on having to dump and change out this account every six months, as the catch-all account will eventually become spammed when a newsletter manager decides to sell your name or a spammer steals your email address off a website.
2. Holding onto spammed-out accounts too long.

It is simply a fact of life that email accounts will accumulate spam over time. This is especially true of the account you use to sign up for newsletters and that you post online (which as stated above should not be your main email account). When this happens, it is best to simply dump the email account and start afresh. Unfortunately, however, many new email users get very attached to their email accounts and instead just wade through dozens of pieces of spam every day. To avoid the problem, prepare yourself mentally ahead of time for the idea that you will have to dump your 'catch all' account every six months.
3. Not closing the browser after logging out.

When you are checking your email at a library or cybercafé you not only need to log out of your email when you are done, but you also need to make sure to close the browser window completely. Some email services display your username (but not your password) even after you have logged out. While the service does this for your convenience, it compromises your email security.
4. Forgetting to delete browser cache, history, and passwords.

After using a public terminal, it is important that you remember to delete the browser cache, history, and passwords. Most browsers automatically keep track of all the web pages that you have visited, and some keep track of any passwords and personal information that you enter in order to help you fill out similar forms in the future.

If this information falls into the wrong hands, it can lead to identity theft and stolen bank and email information. Because the stakes are so high, it is important that new internet users be aware of how to clear a public computers browser cache so that they can delete private information before lurking hackers can get a hold of it.

For those of you using Mozilla's Firefox, simply press Ctrl+Shift+Del. Opera users need go to Tools>>Delete Private Data. And users of Microsoft's Internet Explorer need to go to Tools>>Internet Options then click the 'Clear History', 'Delete Cookies', and 'Delete Files' buttons.


5. Using unsecure email accounts to send and receive sensitive corporate information.

Large corporations invest huge amounts of money to ensure that their computer networks and email remain secure. Despite their efforts, careless employees using personal email accounts to conduct company business and pass along sensitive data can undermine the security measures in place. So make sure that you don't risk your company's security, and your job, by transmitting sensitive company data via your own personal computer or email address.
6. Forgetting the telephone option

One of the most important lessons about email security is that no matter how many steps you take to secure your email, it will never be foolproof. This is never truer than when using a public computer. So unless you need a written record of something or are communicating across the globe, consider whether a simple phone call rather than an email is a better option. While a phone conversation may require a few extra minutes, when compared with accessing email through a public computer, a phone call is a far more secure option and it does not leave a paper trail.

Emailing the right people
7. Not using the Blind Carbon Copy (BCC) option.

When you put a person's email addresses in the BCC: rather than the CC: window, none of the recipients can see the addresses of the other email recipients.

New email users often rely too much on the TO: because it is the default way of sending emails. That is fine as long as you are writing to just one person or a few family members. But if you are sending mail out to a diverse group of people, confusing BCC: and CC: raises some serious privacy and security concerns. It takes just one spammer to get a hold of the email and immediately everyone on your email list gets spammed.

Even if the honesty of the group isn't in question, many email programs are setup to automatically add to the address books any incoming email addresses. That means that some people in the group will inadvertently have added the entire list to their address book, and as a result, if one of their computers is infected with "Zombie" malware and silently sends out spam emails, you will have just caused the entire list to get spammed.
8. Being trigger happy with the "Reply All" button.

Sometimes the mistake isn't in deciding between CC: and BCC: but between hitting Reply All instead of Reply. When you hit Reply All, your email message is sent to everyone included on the original email, and if you didn't intend to include them, the information can be disastrous from both a security and personal humiliation perspective:

Example 1: "A very successful salesman at our networking company had a large email address book filled with his best customers, including some very important and conservative government contacts. With a single click, he accidentally sent a file chock-full of his favorite pornographic cartoons and jokes to everyone on his special customer list. His subject line: 'Special deals for my best customers!' Needless to say, he's cutting deals for another company these days."

Example 2: "A woman was in torment over a busted romance. She wrote a lengthy, detailed message to a girlfriend, adding that her ex-boyfriend preferred men to women. But instead of hitting Reply to a previous message from her girlfriend, she hit Reply All. Her secret was sent to dozens of people she didn't even know (including me), plus the aforementioned ex and his new boyfriend. As if that weren't bad enough, she did this two more times in quick succession!
9. Spamming as a result of forwarding email.

Forwarding emails can be a great way to quickly bring someone up to speed on a subject without having to write up a summary email, but if you aren't careful, forwarding emails can create a significant security threat for yourself and the earlier recipients of the email. As an email is forwarded, the recipients of the mail (until that point in time) are automatically listed in the body of the email. As the chain keeps moving forward, more and more recipient ids are placed on the list.

Unfortunately, if a spammer or someone just looking to make a quick buck gets a hold of the email, they can then sell the entire list of email ids and then everyone will start to get spammed. It only takes a few seconds to delete all the previous recipient ids before forwarding a piece of mail, and it can avoid the terrible situation of you being the cause of all your friends or coworkers getting spammed.

Making backups and keeping records
10. Failing to back up emails.

Emails are not just for idle chatting, but can also be used to make legally binding contracts, major financial decisions, and conduct professional meetings. Just as you would keep a hard copy of other important business and personal documents, it is important that you regularly back up your email to preserve a record if your email client crashes and loses data (It happened to Gmail as recently as December 2006).

Thankfully, most email providers make it rather simple to backup your email by allowing you to export emails to a particular folder and then just creating a copy of the folder and storing it onto a writeable CD, DVD, removable disk, or any other type of media. If that simple exporting process sounds too complicated, you can just buy automated backup software that will take care of the whole thing for you. Whether you purchase the software or decide to backup manually, it is important that you make and follow a regular backup schedule, as this is the sort of thing that new email users tend to just put off. The frequency of backups necessary for you will of course depend on your email usage, but under no circumstances should it be done less frequently than every 3 months.
11. Mobile access: Presuming a backup exists.

Mobile email access, such as through Blackberry, has revolutionized the way we think about email; no longer is it tied to a PC, but rather it can be checked on-the-go anywhere. Most new Blackberry users simply assume that a copy of the emails they check and delete off the Blackberry will still be available on their home or office computer.

It is important to keep in mind, however, that some email servers and client software download emails to the Blackberry device and then delete them from the server. Thus, for some mobile email access devices, if you delete it from the device, you have deleted it from your Inbox.

Just be aware of the default settings of your email client and make sure that if you want a copy of the email retained, you have adjusted the email client's settings to make it happen. And preferably make sure of this before you decide to delete that important email.
12. Thinking that an erased email is gone forever.

We've all sent an embarrassing or unfortunate email and sighed relief when it was finally deleted, thinking the whole episode was behind us. Think again. Just because you delete an email message from your inbox and the sender deletes it from their 'Sent' inbox, does not mean that the email is lost forever. In fact, messages that are deleted often still exist in backup folders on remote servers for years, and can be retrieved by skilled professionals.

So start to think of what you write in an email as a permanent document. Be careful about what you put into writing, because it can come back to haunt you many years after you assumed it was gone forever.

Avoiding fraudulent email
13. Believing you won the lottery … and other scam titles.

Spammers use a wide variety of clever titles to get you to open emails which they fill with all sorts of bad things. New email users often make the mistake of opening these emails. So in an effort to bring you up to speed, let me tell you quickly:

* You have not won the Irish Lotto, the Yahoo Lottery, or any other big cash prize.
* There is no actual Nigerian King or Prince trying to send you $10 million.
* Your Bank Account Details do not need to be reconfirmed immediately.
* You do not have an unclaimed inheritance.
* You never actually sent that "Returned Mail".
* The News Headline email is not just someone informing you about the daily news.
* You have not won an Ipod Nano.

14. Not recognizing phishing attacks in email content.

While never opening a phishing email is the best way to secure your computer, even the most experienced email user will occasionally accidentally open up a phishing email. At this point, the key to limiting your damage is recognizing the phishing email for what it is.

Phishing is a type of online fraud wherein the sender of the email tries to trick you into giving out personal passwords or banking information. The sender will typically steal the logo from a well-known bank or PayPal and try to format the email to look like it comes from the bank. Usually the phishing email asks for you to click on a link in order to confirm your banking information or password, but it may just ask you to reply to the email with your personal information.

Whatever form the phishing attempt takes, the goal is to fool you into entering your information into something which appears to be safe and secure, but in fact is just a dummy site set up by the scammer. If you provide the phisher with personal information, he will use that information to try to steal your identity and your money.

Signs of phishing include:

* A logo that looks distorted or stretched.
* Email that refers to you as "Dear Customer" or "Dear User" rather than including your actual name.
* Email that warns you that an account of yours will be shut down unless you reconfirm your billing information immediately.
* An email threatening legal action.
* Email which comes from an account similar, but different from, the one the company usually uses.
* An email that claims 'Security Compromises' or 'Security Threats' and requires immediate action.

If you suspect that an email is a phishing attempt, the best defense is to never open the email in the first place. But assuming you have already opened it, do not reply or click on the link in the email. If you want to verify the message, manually type in the URL of the company into your browser instead of clicking on the embedded link.
15. Sending personal and financial information via email.

Banks and online stores provide, almost without exception, a secured section on their website where you can input your personal and financial information. They do this precisely because email, no matter how well protected, is more easily hacked than well secured sites. Consequently, you should avoid writing to your bank via email and consider any online store that requests that you send them private information via email suspect.

This same rule of avoiding placing financial information in emails to online businesses also holds true for personal emails. If, for example, you need to give your credit card information to your college student child, it is far more secure to do so over the phone than via email.
16. Unsubscribing to newsletters you never subscribed to.

A common technique used by spammers is to send out thousands of fake newsletters from organizations with an "unsubscribe" link on the bottom of the newsletter. Email users who then enter their email into the supposed "unsubscribe" list are then sent loads of spam. So if you don't specifically remember subscribing to the newsletter, you are better off just blacklisting the email address, rather than following the link and possibly picking up a trojan horse or unknowingly signing yourself up for yet more spam.

Avoiding malware
17. Trusting your friends email.

Most new internet users are very careful when it comes to emails from senders they don't recognize. But when a friend sends an email, all caution goes out the window as they just assume it is safe because they know that the sender wouldn't intend to hurt them. The truth is, an email from a friend's ID is just as likely to contain a virus or malware as a stranger's. The reason is that most malware is circulated by people who have no idea they are sending it, because hackers are using their computer as a zombie.

It is important to maintain and keep updated email scanning and Anti-virus software, and to use it to scan ALL incoming emails.
18. Deleting spam instead of blacklisting it.

An email blacklist is a user created list of email accounts that are labeled as spammers. When you 'blacklist' an email sender, you tell your email client to stop trusting emails from this particular sender and to start assuming that they are spam.

Unfortunately, new internet users are often timid to use the blacklist feature on their email client, and instead just delete spam emails. While not every piece of spam is from repeat senders, a surprising amount of it is. So by training yourself to hit the blacklist button instead of the delete button when confronted with spam, you can, in the course of a few months, drastically limit the amount of spam that reaches your Inbox.
19. Disabling the email spam filter.

New email users typically do not start out with a lot of spam in their email account and thus do not value the help that an email spam filter can provide at the beginning of their email usage. Because no spam filter is perfect, initially the hassle of having to look through one's spam box looking for wrongly blocked emails leads many new email users to instead just disable their email spam filter altogether.

However, as an email account gets older it tends to pick up more spam, and without the spam filter an email account can quickly become unwieldy. So instead of disabling their filter early on, new internet users should take the time to whitelist emails from friends that get caught up in the spam filter. Then, when the levels of spam start to pick up, the email account will remain useful and fewer and fewer friends will get caught up in the filter.
20. Failing to scan all email attachments.

Nine out of every ten viruses that infect a computer reach it through an email attachment. Yet despite this ratio, many people still do not scan all incoming email attachments. Maybe it is our experience with snail mail, but often when we see an email with an attachment from someone we know, we just assume that the mail and its attachment are safe. Of course that assumption is wrong, as most email viruses are sent by 'Zombies' which have infected a computer and caused it to send out viruses without the owner even knowing.

What makes this oversight even more scandalous is the fact that a number of free email clients provide an email attachment scanner built-in. For example, if you use Gmail or Yahoo! for your email, every email and attachment you send or receive is automatically scanned. So if you do not want to invest in a third-party scanner and your email provider does not provide attachment scanning built-in, you should access your attachments through an email provider that offers free virus scanning by first forwarding your attachments to that account before opening them.

Keeping hackers at bay
21. Sharing your account information with others.

We've all done it – we need an urgent mail checked, and we call up our spouse or friend and request them to check our email on our behalf. Of course, we trust these people, but once the password is known to anybody other than you, your account is no longer as secure as it was.

The real problem is that your friend might not use the same security measures that you do. Your friend might be accessing his email through an unsecured wireless account, he may not keep his anti-virus software up to date, or he might be infected with a keylogger virus that automatically steals your password once he enters it. So ensure that you are the only person that knows your personal access information, and if you write it down, make sure to do so in a way that outsiders won't be able to understand easily what they are looking at if they happen to find your records.
22. Using simple and easy-to-guess passwords.

Hackers use computer programs that scroll through common names to compile possible user names, and then send spam emails to those usernames. When you open that spam email, a little hidden piece of code in the email sends a message back to the hacker letting him know that the account is valid, at which point they turn to the task of trying to guess your password.

Hackers often create programs which cycle through common English words and number combinations in order to try to guess a password. As a consequence, passwords that consist of a single word, a name, or a date are frequently "guessed" by hackers. So when creating a password use uncommon number and letter combinations which do not form a word found in a dictionary. A strong password should have a minimum of eight characters, be as meaningless as possible, as well as use both upper and lowercase letters. Creating a tough password means that the hacker's computer program will have to scroll through tens of thousands of options before guessing your password, and in that time most hackers simply give up.
23. Failing to encrypt your important emails.

No matter how many steps you take to minimize the chance that your email is being monitored by hackers, you should always assume that someone else is watching whatever comes in and out of your computer. Given this assumption, it is important to encrypt your emails to make sure that if someone is monitoring your account, at least they can't understand what you're saying.

While there are some top-of-the-line email encryption services for those with a big budget, if you are new to email and just want a simple and cheap but effective solution, you can follow these step-by-step 20 minute instructions to install PGP, the most common email encryption standard. Encrypting all your email may be unrealistic, but some mail is too sensitive to send in the clear, and for those emails, PGP is an important email security step.
24. Not encrypting your wireless connection.

While encrypting your important emails makes it hard for hackers who have access to your email to understand what they say, it is even better to keep hackers from getting access to your emails in the first place.
One of the most vulnerable points in an emails trip from you to the email recipient is the point between your laptop and the wireless router that you use to connect to the internet. Consequently, it is important that you encrypt your wi-fi network with the WPA2 encryption standard. The upgrade process is relatively simple and straightforward, even for the newest internet user, and the fifteen minutes it takes are well worth the step up in email security.


25. Failing to use digital signatures.

The law now recognizes email as an important form of communication for major undertakings such as signing a contract or entering into a financial agreement. While the ability to enter into these contracts online has made all of our lives easier, it has also created the added concern of someone forging your emails and entering into agreements on your behalf without your consent.

One way to combat email forgery is to use a digital signature whenever you sign an important email. A digital signature will help prove who and from what computer an email comes from, and that the email has not been altered in transit. By establishing the habit of using an email signature whenever you sign important emails, you will not only make it harder for the other party to those agreements to try to modify the email when they want to get out of it, but it will also give you extra credibility when someone tries to claim that you have agreed to a contract via email that you never did.

For a quick primer on digital signatures, you can read YoudZone and Wikipedia's articles on the subject.

This article is intended to provide you with the basic information you need to avoid many of the email security pitfalls that frequently trip up new email users. While no single article can cover even the basics of email security, avoiding the 25 common mistakes listed in this article will make a dramatic difference in improving the safety and security of your computer, your personal information, and your emails.

http://www.itsecurity.com/features/25-common-email-security-mistakes-022807/

 

Disk drive failures 15 times what vendors say, study says
Drive vendors declined to be interviewed
Robert L. Scheier

March 02, 2007 (Computerworld) -- Customers are replacing disk drives at rates far higher than those suggested by the estimated mean time to failure (MTTF) supplied by drive vendors, according to a study of about 100,000 drives conducted by Carnegie Mellon University.

The study, presented last month at the 5th USENIX Conference on File and Storage Technologies in San Jose, also shows no evidence that Fibre Channel (FC) drives are any more reliable than less expensive but slower performing Serial ATA (SATA) drives.

That surprising comparison of FC and SATA reliability could speed the trend away from FC to SATA drives for applications such as near-line storage and backup, where storage capacity and cost are more important than sheer performance, analysts said.

At the same conference, another study of more than 100,000 drives in data centers run by Google Inc. indicated that temperature seems to have little effect on drive reliability, even as vendors and customers struggle to keep temperature down in their tightly packed data centers. Together, the results show how little information customers have to predict the reliability of disk drives in actual operating conditions and how to choose among various drive types (see also "Hard data ").

Real world vs. data sheets

The Carnegie Mellon study examined large production systems, including high-performance computing sites and Internet services sites running SCSI, FC and SATA drives. The data sheets for those drives listed MTTF between 1 million to 1.5 million hours, which the study said should mean annual failure rates "of at most 0.88%." However, the study showed typical annual replacement rates of between 2% and 4%, "and up to 13% observed on some systems."

Garth Gibson, associate professor of computer science at Carnegie Mellon and co-author of the study, was careful to point out that the study didn't necessarily track actual drive failures, but cases in which a customer decided a drive had failed and needed replacement. He also said he has no vendor-specific failure information, and that his goal is not "choosing the best and the worst vendors" but to help them to improve drive design and testing.

He echoed storage vendors and analysts in pointing out that as many as half of the drives returned to vendors actually work fine and may have failed for any reason, such as a harsh environment at the customer site and intensive, random read/write operations that cause premature wear to the mechanical components in the drive.

Several drive vendors declined to be interviewed. "The conditions that surround true drive failures are complicated and require a detailed failure analysis to determine what the failure mechanisms were," said a spokesperson for Seagate Technology in Scotts Valley, Calif., in an e-mail. "It is important to not only understand the kind of drive being used, but the system or environment in which it was placed and its workload."

"Regarding various reliability rate questions, it's difficult to provide generalities," said a spokesperson for Hitachi Global Storage Technologies in San Jose, in an e-mail. "We work with each of our customers on an individual basis within their specific environments, and the resulting data is confidential."

Ashish Nadkarni, a principal consultant at GlassHouse Technologies Inc., a storage services provider in Framingham, Mass., said he isn't surprised by the comparatively high replacement rates because of the difference between the "clean room" environment in which vendors test and the heat, dust, noise or vibrations in an actual data center.

He also said he has seen overall drive quality falling over time as the result of price competition in the industry. He urged customers to begin tracking disk drive records "and to make a big noise with the vendor" to force them to review their testing processes.

FC vs. SATA

While a general reputation for increased reliability (as well as higher performance) is one of the reasons FC drives cost as much as four times more per gigabyte than SATA, "We had no evidence that SATA drives are less reliable than the SCSI or Fibre Channel drives," said Gibson. "I am not suggesting the drive vendors misrepresented anything," he said, adding that other variables such as workloads or environmental conditions might account for the similar reliability finding.

Analyst Brian Garrett at the Enterprise Storage Group in Milford, Mass., said he's not surprised because "the things that can go wrong with a drive are mechanical -- moving parts, motors, spindles, read-write heads," and these components are usually the same whether they are used in a SCSI or SATA drive. The electronic circuits around the drive and the physical interface are different, but are much less prone to failure.

Vendors do perform higher levels of testing on FC than on SATA drives, he said, but according to the study that extra testing hasn't produced "a measurable difference" in reliability.


Such findings might spur some customers to, for example, buy more SATA drives to provide more backup or more parity drives in a RAID configuration to get the same level of data protection for a lower price. However, Garrett cautioned, SATA continues to be best suited for applications such as backup and archiving of fixed content (such as e-mail or medical imaging) that must be stored for long periods of time but accessed quickly when it is needed. FC will remain the "gold standard" for online applications such as transaction processing, he predicts.

Don't sweat the heat?

The Google study examined replacement rates of more than 100,000 serial and parallel ATA drives deployed in Google's own data centers. Similar to the CMU methodology, a drive was considered to have failed if it was replaced as part of a repair procedure (rather than as being upgraded to a larger drive).

Perhaps the most surprising finding was no strong correlation between higher operating temperatures and higher failure rates. "That doesn't mean there isn't one," said Luiz Barroso, an engineer at Google and co-author of the paper, but it does suggest "that temperature is only one of many factors affecting the disk lifetime."

Garrett said that rapid changes in temperature -- such as when a malfunctioning air conditioner is fixed after a hot weekend and rapidly cools the data center -- can also cause drive failures.

The Google study also found that no single parameter, or combination of parameters, produced by the SMART (Self-Monitoring Analysis and Reporting Technology) built into disk drives is actually a good predictor of drive failure.

The bottom line

For customers running anything smaller than the massive data centers operated by Google or a university data center, though, the results might make little difference in their day-to-day operations. For many customers, the price of replacement drives is built into their maintenance contracts, so their expected service life only becomes an issue when the equipment goes off warranty and the customer must decide whether to "try to eke out another year or two" before the drive fails, said Garrett.

The studies won't change how Tom Dugan, director of technical services at Recovery Networks, a Philadelphia-based business continuity services provider, protects his data. "If they told me it was 100,000 hours, I'd still protect it the same way. If they told me if was 5 million hours I'd still protect it the same way. I have to assume every drive could fail."
http://hardware.slashdot.org/article.pl?sid=07/03/02/2110259&from=rss

 

Great Graphics for Free


These four free programs can help you wrangle your digital media.
Preston Gralla
Wednesday, February 14, 2007 01:00 AM PST

Preston Gralla is filling in for Laura Blackwell, who is on maternity leave.

Got plenty of photos and other media on your PC? Then you know that the graphics tools built into Windows won't exactly knock your socks off. And looking at the price tags on some add-in photo and media programs might send you into sticker shock.

But you don't need to pay a bundle for solid media tools--in fact, you don't need to spend a penny. We've rounded up four freebies that do a great job of helping you master your media.

StudioLine PhotoBasic
http://www.studioline.biz/EN/downloads/photo-basic/default.htm
Click for enlarged image.

Don't be fooled by StudioLine Photo Basic's name: This image managing and editing program is anything but basic. It's a kind of jack-of-all-trades for handling digital photographs.



The program bills itself as a photo archiving tool, and while it does a good job of that, it does a lot more. It has all the archiving tools you'd expect; you can use it to browse and reorganize your photo and image collection, including organizing your photos into albums.

A particularly useful feature is its ability to create what it calls "Web galleries." These are HTML-coded Web pages, complete with navigation links to your photos, that you can publish on your own Web page, or to a CD or DVD. And there are plenty of other archiving tools as well.

The program also includes a surprisingly robust set of editing tools. You'll find the common standbys for red-eye removal, cropping and rotating, changing the color balance, hue, saturation, and tone, and so on. But there are surprisingly sophisticated ones as well, such as a very useful "Despeckle" tool that removes speckles and spots from old photographs. You can also add a wide variety of special effects, including embossing and adding sepia tones.

In fact, there's so much packed into this program that your greatest problem will be finding it all: The interface is not the most intuitive. Still, this is a surprisingly powerful program that just may be the only photo management and editing tool you'll need.

Microsoft Photo Info

http://www.studioline.biz/EN/downloads/photo-basic/default.htm

Click for enlarged image.

One of digital photography's many benefits is that it enables you to embed metadata into each digital photograph--information such as the time and date the picture was taken, the camera model number, the exposure time, the ISO speed, keywords, a category, and a description.

Unfortunately all that metadata is difficult to attach to the photo. By default, most cameras embed only very basic metadata, such as camera model number, exposure time, and ISO speed. There's no easy way to include more-descriptive information such as category, keywords, and the location where the photo was taken.

Microsoft Photo Info fills this need--and it integrates directly into Windows Explorer. Right-click any photo, choose Photo Info from the resulting context menu, and you'll see a preview of the photo, along with multiple tabs for inputting metadata. Simply type in the data, click OK, and you're done. Many applications, including Windows Search (you can search by metadata) and photo organizers such as Media Purveyor 3 (see below), can use the metadata to help you find, sort, and organize your photos.

FastStone MaxView
http://www.faststone.org/
Click for enlarged image.

Sometimes you don't want a graphics or photo program with lots of fancy-pants extras; you just want to view a file quickly. For those times, try FastStone MaxView. This small viewer loads quickly and can handle 19 different graphics file types, including .jpg, .gif, .png, .pcx, and .tif.

Though it's small and fast, MaxView does more than just let you view and print files. Its panoply of photo manipulation tools includes software for rotating, flipping, resizing, blurring, and changing the saturation of your image.

You can also use MaxView to convert graphics files to different formats: Simply open the file and save it in the desired format.

If you're looking for a full-blown image editor, this isn't the program you want. But for fast and easy file viewing, with a few extras thrown in, it's an admirable package.

Media Purveyor 3
http://www.mediapurveyor.com/

Click for enlarged image.

Looking to organize and browse a big media collection, including music, videos, photographs, and other graphic images? Give Media Purveyor a whirl. This all-in-one tool lets you do everything from organizing and sorting media to searching for, displaying, playing, and editing it. Like Microsoft Photo Info, it's a metadata editor as well.

The program gives you multiple ways to organize your media, including via a traditional folder structure, as bookmarks, and as albums (which the program calls collections). Media Purveyor's image-editing tools are surprisingly powerful for a free program. In addition to providing 43 editing effects, the software supports special effects that you can add to your photos.
http://www.pcworld.com/article/id,128839-page,1/article.html

 

Motherboards: Power at the Right Price

http://www.pcworld.com/article/id,128615-page,1/article.html

If you want the newest CPU, graphics, and storage technologies, you need a motherboard that can support them all. Our lab tests reveal great boards that won't break the bank.
Jon L. Jacobi, Testing by William Wang
Monday, February 26, 2007 03:00 PM PST

A new motherboard can provide cool new technologies that your PC might be missing: faster, second-generation SATA connections, which currently reach 3 gigabits per second (gbps); gigabit ethernet; high-definition audio; and even dual-card graphics (SLI or CrossFire).

We evaluated 14 standard-size motherboards by building systems using each board, running our Windows XP-based WorldBench 5 benchmark, and then installing Windows Vista Ultimate to check for compatibility problems.

Rather than make an apples-to-oranges comparison between AMD- and Intel-equipped motherboards, we split our roundup into two groups: seven boards based on AMD's socket AM2 (for use with AMD chips requiring DDR2 memory) and seven boards employing Intel's socket LGA775 (for use with that company's dual-core and quad-core processors). The Intel boards' WorldBench 5 scores were nearly 15 percent better than those of the AMD group, thanks to the advantage the Core 2 Duo CPU holds over the Athlon 64 X2 processor running at the same clock speed, though the Intel chip we tested costs around $200 more. Performance within each group varied little, however, so once you decide whether to choose an AMD or an Intel CPU, selecting a board largely comes down to assessing its features.

See our chart, "Features Set Motherboards Apart."


Top Motherboards
Performance within each group varied only slightly, so components and connections should guide your buying decision.
Edited by Danny Allen
Monday, February 26, 2007, 03:00 PM PST
Test Center About the Test Center
How We Test • What Our Ratings Mean • How the Charts Work
Compare
Use the Check Boxes to See a Side-by-Side Comparison
Rank Name PCW Rating
INTEL-BASED MOTHERBOARD
1
Asus P5N-E SLI
Asus P5N-E SLI
• nVidia nForce 650i SLI chip set
• 2 PCIe x16, 1 PCIe x1, 2 PCI slots
• 4 SATA, 2 PATA ports
• 4 + 2 USB, 1 FireWire, 1 eSATA ports
• Price when ranked: $149
Check latest prices
This impressive all-around SLI board has two ATA channels and an eSATA port, though only x8. You'll need a rear-panel breakout to get 7.1-channel analog output.
Test Report

Pending
2
ECS nForce 570 SLIT-A (v5.1)
ECS nForce 570 SLIT-A (v5.1)
• nVidia nForce 570 SLI chip set
• 2 PCIe x16, 2 PCIe x1, 3 PCI slots
• 8 Serial ATA, 1 PATA ports
• 4 USB ports
• Price when ranked: $95
Check latest prices
Easily the lowest-priced SLI board on the chart, this model is a very good performer. A lack of FireWire ports and limited x8 SLI are the only nits to pick.
Test Report

Pending
3
MSI P965 Platinum
MSI P965 Platinum
• Intel P965 chip set
• 2 PCIe x16, 2 PCIe x1, 2 PC slots
• 7 SATA, 1 PATA ports
• 4 + 2 USB, 1 + 2 FireWire ports
• Price when ranked: $135
Check latest prices
The best performing board, this model also offers a full complement of cutting-edge and legacy features. Only the lack of dual graphics kept it out of the top spot.
Test Report

Pending
4
Gigabyte GA-965P-DQ6
Gigabyte GA-965P-DQ6
• Intel P965 chip set
• 2 PCIe x16, 3 PCIe x1, 2 PCI slots
• 8 SATA, 1 PATA ports
• 4 USB, 1 FireWire, 0 + 4 eSATA ports
• Price when ranked: $198
Check latest prices
Another board with a complete set of legacy ports and state-of-the-art features. We love the friendly color scheme, but the price--not so much.
Test Report

Pending
5
Abit AB9 Pro
Abit AB9 Pro
• Intel P965 chip set
• 1 PCIe x16, 2 PCIe x1, 2 PCI slots
• 8 SATA, 1 PATA ports
• 4 + 2 USB, 0 + 2 FireWire, 1 eSATA ports
• Price when ranked: $150
Check latest prices
This great performer has contemporary ports to spare: ten USB (six on headers), eight SATA, and a single eSATA port. But a lack of legacy ports dropped its ranking.
Test Report

Pending
Motherboard
Find Intel, Soyo, Gigabyte & More - Shop Today for Motherboards Today.
www.TigerDirect.com

AMD & Intel Motherboard
Get motherboards at Newegg.com. Super deals for AMD & Intel models. Same-day shipping.
www.newegg.com

Motherboards Direct
Low prices on brand-name Motherboards, toll-free suppport, and three-year warranty.
www.motherboardsdirect.com

AMD-BASED MOTHERBOARD
1
Gigabyte GA-M59SLI-S5
Gigabyte GA-M59SLI-S5
• nVidia nForce 590 SLI chip set
• 2 PCIe x16, 1 PCIe x8, 1 PCIe x1, 2 PCI slots
• 8 SATA ports, 1 PATA ports
• 4 USB, 1 FireWire, 0 + 2 eSATA ports
• Price when ranked: $170
Check latest prices
Like its 965-based sibling on the Intel portion of the chart, this model has all the legacy ports and cutting-edge features you'll need--but at a better price.
Test Report

Pending
2
Abit Fatal1ty AN9 32X
Abit Fatal1ty AN9 32X
• nVidia nForce 590 SLI chip set
• 2 PCIe x16, 2 PCIe x1, 1 PCI slots
• 6 SATA ports, 1 PATA ports
• 4 + 2 USB, 0 + 2 FireWire ports
• Price when ranked: $170
Check latest prices
This board performed well at specified speeds and was born to overclock. If you don't need legacy parallel or serial ports, it's a terrific deal.
Test Report

Pending
3
MSI K9A Platinum
MSI K9A Platinum
• ATI CrossFire Xpress 3200
• 2 PCIe x16, 2 PCIe x1, 2 PCI slots
• 4 SATA ports, 1 PATA ports
• 4 + 2 USB, 1 + 1 FireWire ports
• Price when ranked: $130
Check latest prices
This very solid offering mixes all of the newest and oldest technlogies, but it performed a tad slowly in our testing, which kept it from the top of the chart.
Test Report

Pending
4
Asus Crosshair
Asus Crosshair
• nVidia nForce 590 SLI chip set
• 2 PCIe x16, 1 PCIe x4, 3 PCI slots
• 6 SATA ports, 1 PATA ports
• 4 + 2 USB, 1 + 1 FireWire ports
• Price when ranked: $249
Check latest prices
A tweaker's delight, with a ton of techie-oriented lights and other features. It's pricey if your needs are basic, but it's a great board for overclocking enthusiasts.
Test Report

Pending
5
Sapphire Pure CrossFire PC-AM2RD580
Sapphire Pure CrossFire PC-AM2RD580
• ATI CrossFire Xpress 3200 (AMD 580X)
• 2 PCIe x16, 1 PCIe x1, 1 PCI slots
• 8 SATA ports, 1 PATA ports
• 4 + 2 USB, 1 + 1 FireWire, 2 eSATA ports
• Price when ranked: $130
Vendor's Web Site
The classy, retro pale green look belies a true overclocker's heart. But this board could use better SATA connectors, and Sapphire's support policies are stingy.
Test Report

Pending
Compare
Use the Check Boxes to see a Side-by-Side Comparison
CHART NOTES: We tested all boards with a 256MB EVGA GeForce 7800GT graphics board, 2GB of Kingston PC-6400 DDR2 memory, and two 250GB Western Digital hard drives configured in a striped RAID array. We tested Intel boards with a 2.66-GHz Core 2 Duo E6700 CPU. We tested AMD boards with a 2.6-GHz Athlon 64 X2 5200+ CPU. The first number listed for peripheral ports indicates those located on the back panel of the motherboard; the second number (following the "+") indicates ports located on included expansion brackets (which will occupy an expansion bay in the case). Most boards also have additional internal port headers to which additional expansion brackets can be connected.

go here to see more info
http://www.pcworld.com/article/id,129265/article.html

 

Useful Upgrades That Will Outlast Your Aging PC
Plus: Setting up simultaneous audio channels, and a USB/FireWire hub that offers plenty of ports.
Kirk Steers
Wednesday, January 24, 2007 10:00 AM PST

Often the best way to get an old system up to speed is to stay outside the box. Spending a few extra dollars now on an external hard drive or other outside-the-case component can save you time and trouble--and maybe a little money--when you finally do buy a new PC. Not only do external devices offer quick and easy upgrades, but they'll also work with your future PC, so you can subtract those items from the new system's invoice.

Consider buying a bare Serial ATA hard drive, even if your current PC lacks SATA support. Put the drive in a USB enclosure like Addonics' $60 External Drive Enclosure UF, and you'll have an external device that can boost your storage now and easily move on to your next PC as well. Then your SATA drive can move into the new machine, while your old parallel-ATA drive heads to the enclosure. For a quiet external drive, look for a heat-dissipating aluminum housing that doesn't require an additional fan. If you hunt around for an affordable bare drive, you should be able to build an external drive for less than you'd pay for a comparable preconfigured external storage device.

Your system will talk to external USB 2.0 and FireWire drives more slowly than to internal drives connected to the PATA or SATA bus (although these drives are quick enough for most backup and other data storage tasks; see Figure 1). External SATA drives are comparable in speed to internal models, however. You can add an external SATA port to an older PC by installing a host adapter, such as the $40 eSATA II-150 PCI i/e from SIIG.

Buying a "SATA II" product is not essential because no current hard drive can sustain a data-transfer rate sufficient to saturate the 150-megabits-per-second bus on a SATA device as it is. Having the 300-mbps bus supported by the SATA II spec matters only when you are using a multidrive RAID setup. If you buy a SATA II controller card, however, it will support both generations of SATA drives.

An external sound card such as the $80 Audio Advantage SRM from Turtle Beach can improve sound quality and add such high-end audio features as 5.1 or 7.1 surround-sound audio to a ho-hum, value system with mediocre audio capabilities.
http://www.pcworld.com/article/id,128543-c,upgrading/article.html


Double Up on Audio

I'd like to listen to music through my external speakers and use my Skype headset for VoIP calls at the same time, but Windows doesn't support such simultaneous audio channels. Is there a quick fix?

Jan Holt, Tampa, Florida

Click Start, Control Panel, Sounds and Audio Devices (in Categories view click Sounds, Speech, and Audio Devices first). Choose the Audio tab. To play MP3 files through your speakers, which use the sound card, and to simultaneously use a VoIP headset, which uses its own audio processor, launch your MP3 player, select the sound card as the playback device under 'Sound playback' and 'Sound recording', and then launch your VoIP software and change the playback device settings again. For both, make sure 'Use only default devices' is unchecked. This also works to switch playback between your headphones and speakers.

A USB/Firewire Hub With Plenty of Flexibility

Sometimes thinking outside the box means getting rid of the box altogether. That's what LaCie has done with its $80 Hub, a spherical combination USB/FireWire hub. It looks like a large white onion that has sprouted four USB 2.0 ports and two FireWire 400 ports, each sitting at the end of its own inches-long tentacle. The device's rounded shape makes it easy to tilt in any direction. This hub is a great solution for anyone who has struggled to plug a gadget into an overcrowded conventional hub.
http://www.pcworld.com/article/id,128543-page,2-c,upgrading/article.html