VERY,VERY HOT READS, I Would Read The News In This Thread This Thead Is To post Any Thing Ye Want About The News,,NEWS WAS MOVED,READ MY FIRST POS...

How to not keep your mind on the road and your driving.

Ford touts F-Series trucks as mobile offices

The Ford mobile-office system features a Stargate Mobile tablet PC running Windows XP Professional with full Microsoft Office capabilities, GPS navigation and broadband Internet access, according to Weiner. The computer is a rugged lightweight model mounted within easy reach of the driver, he said. The driver can remove the tablet computer and take it from the truck just as a user would use an ordinary laptop, he said.

The computer itself is built to withstand the rigors of a typical construction job site, Weiner said. A special console will be available for optional accessories such as a printer, digital camera and credit card scanner.

“The computer runs on Microsoft Windows XP software and has all the standard Windows XP stuff like Office, Streets and Trips and Outlook,” Weiner said. “We mount the computer in the vehicle, and it’s hooked into a GPS antenna so you can get GPS navigation and directions using Streets and Trips. The computer is hooked into the vehicle’s power and audio systems, so it will be charged off the truck’s electrical system, and the voice commands for Streets and Trips will come through the audio system. The Internet connection is through wireless broadband like a Sprint or Verizon setup. You could use cellular as a backup, but it works best with wireless broadband. (Source: Linda Rosencrance, ComputerWorld

 

Verizon's Music Service Hampers MP3 Ability By BRUCE MEYERSON, AP Business Writer
Mon Jan 9, 7:14 PM ET


NEW YORK - The first edition of a new music service from Verizon Wireless hampers a cell phone's ability to play MP3 songs acquired elsewhere, a handicap the company says is purely temporary and unrelated to larger battles over digital copyright restrictions.

The new V Cast Music store does, however, weigh in definitively on one side of the music download industry by employing the newest version of the Windows Media Player from Microsoft Corp., which doesn't work with Apple Computer Inc.'s Macintosh operating system or iTunes software.

Verizon Wireless spoke out Monday after criticisms began appearing on Web logs including PCS Intel and Techdirt regarding the new service, which the company launched last week at the International Consumer Electronics Show in Las Vegas.

Customers wanting V Cast Music who already own one of the two compatible handsets need to visit one of the company's retail locations for a software upgrade.

The two phones, one from Samsung Electronics Co. Ltd. and one from LG Electronics Inc., come with slots for removable storage disks and an application to play MP3 digital songs on those disks.

The V Cast upgrade disables that capability for now, though users still can convert music copied from CDs and other non-digitally protected MP3 files into a Windows Media format and then transfer them to the phone with a USB cable.

Verizon dismissed accusations on certain Web logs that this decision was made for any ulterior profit motive such as forcing users to repurchase music through the V Cast store.

Instead, the company said, the MP3 capability was temporarily disabled so that it can be integrated into the V Cast application, rather than appearing as a separate application that might confuse customers.

Verizon Wireless also emphasized that the upgrade is voluntary: Customers who'd prefer to keep their current MP3 capabilities over an immediate upgrade to V Cast Music can wait until the next edition of the application is released at an undetermined date.

The company also dismissed assertions that customers aren't being informed that they'll lose certain capabilities with the upgrade.

"Our training program makes sure that our customer representatives have in front of them what the tradeoff is, and they're told they need to provide that information," said spokesman Jeffrey Nelson.

 

Record falls as best Rubik's 'cubers' meet in S.F.

By Daniel Terdiman
Staff Writer, CNET News.com
Published: January 15, 2006, 11:25 AM PST

SAN FRANCISCO--Think of the things you could do in 11 seconds. Maybe you could walk to the fridge to get a soda. You could change CDs, or possibly put on a T-shirt. But when you think about it, it's a pretty short period of time.

Don't tell that to Leyan Lo. On Saturday, at the International Rubik's Cube competition held at the Exploratorium here, Lo took just 11.13 seconds to set the world record for solving of one of the iconic red, white, blue, green, yellow and red cubes.
Photos: Gamers gather

Lo's record came at the very beginning of a long day in which dozens of "cubers" squared off in bids to become the best at one or more of a series of different categories of Rubik's Cube competitions. Among them were the standard 3x3x3, the 3x3x3 blindfolded, the 3x3x3 one-handed and the 4x4x4.

And by day's end, Lo had established himself as perhaps the most accomplished of all the competitors, having finished second in the 3x3x3, first in the 3x3x3 blindfolded and 3x3x3 one-handed, and second in the 4x4x4.

But it was his world record that had everyone on hand buzzing all day, even if Lo himself tried to play it down.

"It was a lucky solve," he said. "It was kind of cool. You get good cases and bad cases all the time."

He explained that the solution he'd chosen--based on algorithms he'd memorized for solving the cube as it was presented to him--ended up not requiring a final step that normally would have added two or three seconds to his time.

But others weren't so sanguine about what they saw Saturday.

"It's great," said Tyson Mao, a student at Caltech and the organizer of the event. "I mean, it's great that people have opportunities to push the limits of Rubik's Cube solving. The world record has dropped so much recently because people have been putting in so much time."

Renewed popularity
Indeed, for a puzzle that is now 25 years old, it has gone through some serious peaks and valleys. After years in the 1980s as a worldwide phenomenon, Rubik's Cube dropped off the puzzle map in the '90s. But thanks to a growing number of competitions around the world and clubs like the one at Caltech, it is going through a major resurgence.

Part of the credit, naturally, goes to the Internet, and to its ability to spread the gospel of top-rank cube solving. The mecca for the Rubik's Cube community, said many on hand Saturday, is SpeedCubing.com.

And to see Saturday's competitors, some just little children and others in their thirties and forties, it's easy to see that one reason the cube is back is that it is appealing across all generations.

"It's addictive. I'm very addicted," said 15-year-old Shotaro "Macky" Makisumi, considered by many the best cuber in the world today. "It's something you can improve yourself on. There's a time to show (how you're doing), and it's almost a competition against yourself instead of others. It's a chance to perfect something."

Shotaro certainly did his best Saturday to cement himself in the Rubik's Cube community as the best, or at least one of the best.

He won the standard 3x3x3 solve competition, beating out more than 60 others, by posting an average time of 14.91 seconds. However, that time was below his world record average solving time of 14.59 seconds.

He also came in third in the 3x3x3 one-handed contest, second in the 3x3x3 blindfolded and third in the 4x4x4.

Not just for the boys
And as the sound of the clacking of rapidly spinning Rubik's Cube layers dominated the area of the Exploratorium where the event was being held, it wasn't only males who were amazing the crowd with their prowess.

Casey Pernsteiner, a 14-year-old girl from Gonzales, Texas, was making her second trip in recent months--after visiting Orlando, Fla., in November for the Rubik's Cube world championships--to states far from home to compete with the world's best. And while she didn't win any of the categories she entered, she came in a respectable ninth in the main 3x3x3 competition, posting an average time of 20.77.

By her own reckoning, however, that time places her just a notch below what she called the "elite" group of cubers who, she said, score times in the sub-20 seconds.

Still, she said, she's only be "cubing" for a year, and is already hooked on the pastime for much the same reason as Shotaro.

"It's sort of a competition with yourself to beat your best time," she said. "I like that, and it's a challenge. I like challenges."

Of course, with an average 3x3x3 time nearly six seconds slower than Shotaro, Casey is just as awed by seeing what the best cubers can do as anyone on hand Saturday.

(Lo's world record) "was incredible," she said. "I really didn't expect the record to be set. (The previous record before the one Lo broke) lasted a year, so I didn't expect the record to be set so soon."

In any case, while much of the focus Saturday was on the blazing times set by Lo, Shotaro and others in the standard 3x3x3, some of the crowd were more interested in watching the contestants solve their cubes in the blindfolded and one-handed categories.

Mao, who participated only in the blindfolded contest, said the trick to solving a Rubik's Cube without being able to see--competitors examine the cube before putting on their blindfolds--is to memorize all the layers and then, once blind, apply algorithms they've learned to finish the puzzle.

"If you make a mistake (though), it's over," Mao said. "One mistake and it's all off."
http://news.com.com/Record+falls+as...n+S.F./2100-1043_3-6027330.html?tag=nefd.lede

 

Would you use this Toilet?
Here's a picture of a public toilet in Houston TX ...
Now that you have seen the outside view of the Toilet,




Just spend another moment scrolling down to see how it looks from inside..!!
That's made entirely out of one-way glass. No one can see you in there,
but when you are inside, it looks like you're sitting in a clear glass box.



Would you / could you use it ???
http://www.waaaww.be/ImageDuMois/ToiletE.htm

 

Mission to Pluto Will Take Nine Years

Associated Press

January 15, 2006 04:15:55 AM PST

It will be the fastest spacecraft ever launched, zooming past the moon in nine hours and reaching Jupiter in just over a year at a speed nearly 100 times that of a jetliner. Its target is Pluto — the solar system's last unexplored planet, 3 billion miles from Earth. And the New Horizons spacecraft, set for liftoff on Tuesday, could reach it within nine years.

Pluto, a tiny, icy misfit of a planet — some say it's not a planet at all — neither resembles the rocky bodies of Mercury, Venus, Earth and Mars, nor the giant gaseous planets of Jupiter, Saturn, Uranus and Neptune. For years after its discovery 75 years ago, it was considered a planetary oddball.

But in recent years, astronomers have come to realize that Pluto's class of planetary bodies, ice dwarfs, isn't so odd after all. In fact, ice dwarfs are the most populous group in the solar system. Now, scientists have a chance to learn more about them and the origins of the planetary system.

"Just as a Chihuahua is still a dog, these ice dwarfs are still planetary bodies," said Alan Stern of the Southwest Research Institute in Boulder, Colorado, the mission's principal investigator. "The misfit becomes the average. The Pluto-like objects are more typical in our solar system than the nearby planets we first knew."

When the 7-foot-tall (2.1-meter-tall) New Horizons spacecraft reaches Pluto as early as 2015, the spacecraft will study the ninth planet's large moon, Charon, as well as two other moons just discovered last year. The $700 million (euro580 million) mission should provide scientists with a better understanding of the Kuiper Belt, a mysterious region that lies beyond Neptune at the outer limits of the planetary system.

Besides being home to Pluto, the Kuiper Belt is believed to hold thousands of comets and icy planetary objects that make up a third zone of the solar system, the rocky and gaseous planets making up the other two. Scientists believe they can learn about the evolution of the solar system by studying the Kuiper Belt since it possesses debris left over from the formation of the outer solar system. Depending on its fitness after arriving at Pluto, New Horizons will attempt to identify one or two objects in the Kuiper Belt.

"It provides for us a window 4 1/2 billion years back in time to observe the formation conditions of giant planets," Stern said. "This is a little bit about rewriting the textbooks about the outer planets."

A successful journey to Pluto will complete a survey of the planets that NASA began in the early 1960s with the Mariner program's exploration of Mars, Mercury and Venus by unmanned spacecraft. The best images of Pluto currently come from the Hubble Space Telescope, but they suffer from low-resolution fuzziness, making it difficult for scientists to interpret what they're seeing.

The 1,054-pound (474.3-kilogram) piano-sized spacecraft will be launched on an Atlas V. The rocket's makers, Lockheed Martin, experienced problems on another Atlas propellant tank similar to the one being flown to Pluto, forcing a delay of New Horizons' launch by several days to give the contractor extra time for inspection.

"Because we have such a long way to go, we put this small spacecraft on one of the largest rockets the U.S. has in its inventory," said project manager Glen Fountain of the Johns Hopkins University Applied Physics Laboratory.

When New Horizons reaches Jupiter in 13 months, it will use that giant planet's gravity as a slingshot, shaving five years off the trip to Pluto. During the trip between Jupiter and Pluto, the probe will go into hibernation, closing down most systems to conserve power. It will send weekly "beeps" back to Earth, providing updates on the vehicle's condition.

If the spacecraft is unable to launch during its monthlong window that closes Feb. 14, the next opportunity is in February 2007, but that would push back an arrival at Pluto to 2020 since New Horizons wouldn't be able to get the gravity assist from Jupiter then.

Powered by nuclear fuel that will produce less energy than is used by two 100-watt lightbulbs, New Horizons is loaded with seven instruments that will be able to photograph the surfaces of Pluto and Charon and examine Pluto's atmospheric composition and structure. Two of the cameras, Alice and Ralph, are named for the bickering couple from television's "The Honeymooners."

The spacecraft has a thermos-bottle design that will allow it to stay at room temperature. Tucked inside the probe will be a U.S. flag and a CD containing about a half million names of ordinary citizens who signed up on a NASA Web site.

Pluto and the Kuiper Belt have been full of surprises in recent years.

Scientists discovered in 2001 that binary objects — pairs like Pluto and Charon — litter the Kuiper Belt, and a year later they learned that Pluto's atmosphere undergoes rapid and dramatic global change. Last summer, scientists discovered Pluto's two extra moons.

Scientists expect more unexpected discoveries from the New Horizons mission.

Said Stern, "You can see why we think it's going to be like kids in a candy shop."

___

On the Net:

New Horizons Mission at http://pluto.jhuapl.edu/
Logged

 

Bizarre Holidays in January

January is National Careers in Cosmetology Month, National Eye Health Care Month, National Fiber Focus Month, National Hobby Month, National Soup Month, Hot Tea Month, Oatmeal Month, Prune Breakfast Month

January 1 is . . . . .First Foot Day and Z Day

January 2 is . . . . .Run Up the Flagpole and See if Anybody Salutes It Day

January 3 is . . . . .Festival of Sleep Day

January 4 is . . . . .Trivia Day and Humiliation Day

January 5 is . . . . .Bird Day

January 6 is . . . . .Bean Day

January 7 is . . . . .Old Rock Day

January 8 is . . . . .National JoyGerm Day and Man Watcher's Day

January 9 is . . . . . Play God Day

January 10 is . . . . Peculiar People Day

January 11 is . . . . National Step in a Puddle and Splash Your Friend Day

January 12 is . . . . Feast of Fabulous Wild Men Day

January 13 is . . . . Make Your Dream Come True Day and Blame Someone Else Day

January 14 is . . . . National Dress Up Your Pet Day

January 15 is . . . . Hat Day

January 16 is . . . . Hot and Spicy Food International Day and National Nothing Day

January 17 is . . . . Blessing of the Animals at the Cathedral Day

January 18 is . . . . Winnie the Pooh Day

January 19 is . . . . National Popcorn Day

January 20 is . . . . National Buttercrunch Day

January 21 is . . . . National Hugging Day

January 22 is . . . . National Answer Your Cat's Question Day and National Blonde Brownie Day

January 23 is . . . . National Handwriting Day, National Pie Day, and Measure Your Feet Day

January 24 is . . . . Eskimo Pie Patent Day

January 25 is . . . . Opposite Day

January 26 is . . . . Australia Day

January 27 is . . . . Punch the Clock Day and Thomas Crapper Day

January 28 is . . . . National Kazoo Day, Clash Day, Rattle Snake Round-Up Day

January 29 is . . . . National Cornchip Day

January 30 is . . . . Escape Day

January 31 is . . . . National Popcorn Day and Child Labor Day

 

Does that mean one you find on the ground, or 50/60's music??????????

 

China's Net Censorship

p2p news / p2pnet: Decades-long protests to Communist China about human rights violations have had almost zero effect. Individuals are persecuted and jailed, and far worse, and blogs and news and information sites are routinely censored and shut down with the full-blooded cooperation of mega US corporations such as Microsoft, Yahoo and Google.

These huge, unimaginably powerful companies, and others like them, appear to believe their unstinting cooperation is helping them to penetrate China, with its vast population, as their next natural profit centre.

However, the opposite is true.

Communist China is taking them for a ride.

US representative Christopher H. Smith, chairman of a House subcommittee on human rights, "plans to hold hearings next month on reports that US Internet companies, including Yahoo Inc. and Microsoft Corp., aid efforts by the government of China to suppress free speech," says Playfuls.com. "Smith has invited participants from technology firms to speak, as well as the U.S. State Department and watchdog group Reporters Without Borders."

If his ideas are adopted, "American Internet firms will be able to request a court order from Chinese authorities before revealing information about a user," says the post. "Also, US Internet companies that are operating in China or on the Chinese Web will need to report such information requests to the US government."

Meanwhile, "Microsoft's cooperation with China in getting a Chinese blogger's site closed, "is bringing a renewed focus on the role U.S. companies play in helping China control the Internet," says BusinessWeek Online.

"It's no secret that Western businesses that want to enter the Internet market in China have to do some unsavory things. The Chinese government, determined to prevent dissidents from using the Net to promote taboo subjects such as the Falun Gong religious movement, formal independence for Taiwan, or an end to Communist Party rule, pressures providers to play by Chinese rules and control the content that's available for local Net surfers."

Have to do to do some unsavory things?

But, "When companies do restrict what their Chinese users send or read on the Net," they face, "howls of criticism from activists, bloggers, and ordinary folks abroad who think that multinationals should not be helping Beijing police the Net."

The above quotes are preludes to an interesting and revealing Q&A with Nicholas Bequelin of Human Rights Watch in Hong Kong. In part, it goes on:

How big a role do foreign companies play in helping China control the Net?

Bequelin: China would not have succeeded in censoring the Net without the support and cooperation of foreign IT companies. This is the inescapable truth. This is the problem that has to be addressed.

AND ----

So do you think Western companies are doing anything wrong?

Bequelin: The fact is that foreign IT suppliers and companies are willingly, knowingly assisting the Chinese police in suppressing political dissent.

AND ---

What should people concerned about human rights do about that?

Bequelin: The business interests are so large that you will never stop this. What do you say? Pull out of China? "If we don't sell, someone else will," that's what people respond. And in the case of IT, China is definitely going to get it because of their own companies and the nature of the IT industry.

Even if Yahoo is not there, they will have something else. If Google is not there, they will have something else. What is objectionable is the stonewalling that companies do. They don't take any responsibility, admit that there are certain grey areas and that their technology can be used for repression, or mitigate this.
http://p2pnet.net/story/7614

 

New PC? How to Set Up a Safe, Secure System

desktopBuilding a solid security foundation is the key to protecting a brand new computer for years to come," said Marc Solomon, director of product management, McAfee Consumer Strategy and Marketing Group. "It is much easier to secure a new computer when you bring it home than to try to clean up an old one that's been infected with viruses and worms.

Forty-nine mouse clicks and 81 minutes. That's how long it takes to properly set up and secure that new PC you got for Christmas, according to security vendor Symantec. Why should the recipient of a brand new, shiny, fast PC care? Because the "bad guys" find new PC users on the Internet in 20 minutes or less, Symantec research indicates. Technology News: Security : New PC? How to Set Up a Safe, Secure System



Forty-nine mouse clicks and 81 minutes. That's how long it takes to properly set up and secure that new PC you got for Christmas, according to security vendor Symantec. Why should the recipient of a brand new, shiny, fast PC care? Because the "bad guys" find new PC users on the Internet in 20 minutes or less, Symantec research indicates.

What's more, the number of bot networks increased more than six-fold in January 2005 compared to December 2004. Bots are programs covertly installed on a computer that allow an unauthorized user to control it remotely. Symantec attributes the bot spike to the number of new PCs appearing online in the new year.

"Internet crime indicators were up for 2005 and, increasingly, the payload of these attacks is a worm Free Trial: Eliminate IM compliance and security threats with policy and enforcement. or virus that goes after confidential information," Vincent Weafer, senior director of Symantec Security Response, told TechNewsWorld. "Increasingly, profit is the the motivation behind these attacks."
The Missing Link

Despite ubiquitous warnings in the media, McAfee Latest News about McAfee research shows that only 50 percent of home PCs are properly secured.

Failing to properly secure a new PC can lead to poor performance in the future, potential issues with identity theft, and to children being exposed to inappropriate content on the Web.

"All of these problems can be easily prevented," said Marc Solomon, director of Product Management, McAfee Consumer Strategy and Marketing Group. "Building a solid security foundation is the key to protecting a brand new computer for years to come. It is much easier to secure a new computer when you bring it home than to try to clean up an old one that's been infected with viruses and worms."
Checking the List

Where do you begin? How do you ensure your new holiday PC is safe and sound? Understanding what occurs -- and what does not -- in the automatic setup is a good place to start.

Symantec purchased five different PCs from various channels -- including directly from the manufacturer, as well as from a national electronics retail store, a national discount retailer, a national retail warehouse and a local made-to-order PC shop. On each machine, the company's security experts attempted to mirror the user's set-up experience.

Symantec examined the following criteria:

* How many "clicks" does it take to configure a new PC?
* How many times is the user prompted to make a decision that can impact security settings and/or given the option to abort the setup?
* Did all the Windows security patches get loaded at setup?
* What didn't get installed?
* How long does this process take?
* Is the PC secure after the set-up process?

Symantec found 30 Windows patches are not installed during setup, some of which Microsoft (Nasdaq: MSFT) Latest News about Microsoft rates as high priority or critical. The exercise indicates that it requires more than following the automated prompts to set up a secure PC.

"PCs are more secure today, but you, as the user, need to take an active part to make sure you are deploying the security patches up front and configuring your machine correctly," Weafer said, "because there are increased attacks during the post-holiday season."
Step-by-Step Instructions

While there are a number of steps that a new computer owner can take, the most important issues to keep in mind are application of security patches, installation of a trusted client security product, and how the PC will be connected to the Internet, Ed Moyle, a manager with CTG's Information Security Practice, told TechNewsWorld.

"First of all, in most mainstream operating systems, 'auto-update' functionality is provided that makes it simple to download and install any security patches to the PC; many out of the box distributions do not come with the full set of security patches enabled," Moyle said. "So it is a good idea for the new computer owner to find and use this auto-update capability as one of their first few activities on their new PC."

Using the auto-update feature early on also helps to get computer users familiar with the patch-application process, which is to PCs as oil changes are to automobiles, Moyle said.
Install Anti-Virus Software

Over and above the application of patches, installation and maintenance of a trusted client security application -- such as Norton, McAfee, or CA -- helps to keep the PC protected from worms and viruses that may be circulating on the Internet, according to Moyle.

"A large number of those programs also come with built-in personal firewall Get Linux or Windows Managed Hosting Services with Industry Leading Fanatical Support. capability, as well as anti-spyware protection," he said. "As such, they can go a long way to helping the computer owner keep their PC worry-free."

Lastly, a new computer owner should think carefully about how to connect to the Internet, Moyle said. Always-on broadband connections, like cable or DSL, are particularly attractive targets to hackers.
Always On?

"If a computer owner employs an always-on connection of this type, it is a good idea to ensure that they use some type of filtering mechanism -- such as a personal firewall, which is included in many client security applications, or a broadband router," Moyle said. "Plugging an unprotected PC directly into a cable modem without some type of firewall can be a dangerous proposition."

It's best to leave a computer on all the time, Steven E. Brier, principal of Brier IT Services, told TechNewsWorld.

"Most of the security updates I see are delivered in the middle of the night and are installed automatically," he noted. "I'd rather my clients spend a couple extra bucks a year on electricity instead of missing a security update."
Safeguarding From Spyware

Spyware was a growing problem in 2005, and it is not likely to go away in 2006. Spyware is malicious software View Demo: IBM Workplace Services Express. Improves collaboration. Increases productivity. installed on a PC without the user's knowledge or consent. Typically, it performs some type of undesirable activity on the system, including gathering personal information.

PC users can be exposed to spyware through a software virus, by installing a new program, or even by visiting a Web site, Chris Thatcher, national practice director of Enterprise Security for Dimension Data North America, told TechNewsWorld.

"Users who have been infected with spyware are often plagued by pop-ups and may experience significant slow downs in system performance," Thatcher said. "They also run a risk of having personal or private information stolen."

To help individuals and companies decrease the risk of spyware, Dimension Data recommends the following steps:

* Recognize popular spyware tactics. Do not download suspect software or launch unfamiliar attachments. Adopt the mantra, "Be careful what you click on."
* Understand and communicate the risk to everyone in your home. If you are a parent, educate your kids about avoiding spyware as part of Internet safety.
* Set your browser to a medium-level security setting.
* Deploy security software on all PCs. Install software to prevent viruses and spyware. Personal firewalls can further thwart outsiders from accessing your private data and prevent applications from sending data out.
* Automate as much as possible. Use Windows Update, a consumer site that provides critical updates, security fixes and software downloads to keep Windows patched and current. Use the auto-update features of your anti-virus or anti-spyware software. Set up automated scans to occur on a weekly basis and scan incoming e-mails as they arrive.
* Use the right tools to protect yourself. Download and install tools like Ad-Aware, Spybot, SpywareBlaster and Spy Sweeper, in addition to anti-virus software.

"It may take a little more time to take these extra precautions," Symantec's Weafer said. "It may even take two hours if you have a slow connection. But it is worth the extra time to make sure your computer is properly and securely set up."
http://www.technewsworld.com/story/48081.html

 

Spyware Alert: WinFixer Almost Tricked Us

spy5While doing maintenance on a spyware-infested system that we use for testing, I noticed the popup window shown here. The spyware installed on this particular system spews an unending stream of unwanted popup windows, perhaps one every minute, and a goodly portion of them are fake security products. But this one stood out because it looked so very perfect, and because one of our discussion forum members reported difficulty removing the WinFixer program in December.

I emailed the screenshot to PC Magazine's software team to show how polished the fake security adware is getting. As it turned out, another PC Magazine editor spent Christmas Eve with WinFixer. His mother-in-law saw almost the same warning on her brand-new computer and assumed it was a legitimate security alert. After all, it had the Windows XP Security Center name and logo! Intrigued, I pointed my browser at winfixer.com – and immediately got a warning from Spyware Doctor that I was headed for a dangerous site. Spyware Alert from PC Magazine: WinFixer Almost Tricked Us



Spyware Alert: WinFixer Almost Tricked Us
01.14.06

Find out about the insidious spyware that forced one of us to spend Christmas cleaning up an in-law's PC. Argh.

Spyware Alert: WinFixer Almost Tricked Us
Total posts: 6


By Neil J. Rubenking

While doing maintenance on a spyware-infested system that we use for testing, I noticed the popup window shown here. The spyware installed on this particular system spews an unending stream of unwanted popup windows, perhaps one every minute, and a goodly portion of them are fake security products. But this one stood out because it looked so very perfect, and because one of our discussion forum members reported difficulty removing the WinFixer program in December.

I emailed the screenshot to PC Magazine's software team to show how polished the fake security adware is getting. As it turned out, another PC Magazine editor spent Christmas Eve with WinFixer. His mother-in-law saw almost the same warning on her brand-new computer and assumed it was a legitimate security alert. After all, it had the Windows XP Security Center name and logo! Intrigued, I pointed my browser at winfixer.com – and immediately got a warning from Spyware Doctor that I was headed for a dangerous site. Overriding the warning, I learned that WinFixer is a system protection suite that "protects your system against potential damages and problems, ensuring its optimal performance". Sounds OK, doesn't it?

Putting aside the question of whether the product improves performance, I checked for third-party opinions and got a virtual earful. The Rogue Antispyware page at spywarewarrior.com notes that WinAntiSpyware and WinAntiVirus use aggressive advertising, drive sales using false positive results, and inappropriately collect personal data. Sunbelt Software's research center states that WinFixer uses false warnings to goad trial users into purchasing it. The eTrust Spyware Encyclopedia reports that it installs without the user's permission or knowledge, displays popup ads not related to the program itself, and uses false warnings of "severe system threats". Tenebril Software's Spyware Research Center hits these same themes, adding that it may permit execution of unsigned executable code. And of course that oh-so-polished warning screen was delivered to my test system by known malware.

Don't assume that a message popping up on your screen is valid just because it looks good. The fact that it popped up without any request from you is a strike against it. Does it warn of dire system problems? That's strike two. Do a web search on the program's name plus the word spyware and carefully read any reports from the big antispyware vendors. If the vendors agree it's spyware, that's strike three. Now you need to consider just where that scary popup came from in the first place – time to run a full spyware scan!

 

Digital Vinyl: The Opposite of Sony BMG
cd There's a new trend underway among indie labels, dubbed "digital vinyl": offering free MP3 downloads for customers who buy albums on vinyl. First Merge Records offered free downloads to those who bought vinyl releases by Clientele and Robert Pollard. Now Saddle Creek Records has announced that they will be doing the same thing for their customers who prefer vinyl, starting with What the Toll Tells, the new record by Two Gallants due in February.

Sun Jan15 2006 1:59am EST by shanmuga ...Read more

Digital Vinyl: The Opposite of Sony-BMG
January 11, 2006

There's a new trend underway among indie labels, dubbed "digital vinyl": offering free MP3 downloads for customers who buy albums on vinyl. First Merge Records offered free downloads to those who bought vinyl releases by Clientele and Robert Pollard. Now Saddle Creek Records has announced that they will be doing the same thing for their customers who prefer vinyl, starting with What the Toll Tells, the new record by Two Gallants due in February.

For a variety of reasons, vinyl has enjoyed a resurgence of popularity among music fans (I, for one, can attest that The Decemberists' Picaresque vinyl release sounds better the CD). Unfortunately, music fans who own turntables and iPods find themselves in a bit of a quandary.

Who cares, you say? How many people could that be, you say? Well, smart independent labels aren't asking those questions. Instead, they are trying to make their customers happy, even the vinyl-loving, iPod-equipped ones.

Quite a stark contrast to the likes of EMI and Sony-BMG, whose copy-protected CDs are stopping music fans from getting their CDs into their iPods.

Thank god for independent record labels like Merge and Saddle Creek.

Posted by Fred von Lohmann at 12:59 PM | Permalink | Technorati
http://www.eff.org/deeplinks/archives/004313.php

 

Windows Vista to include two way firewall

vista1So, for those who’ve been demanding that Microsoft offer a fully functional two-way firewall, your request has been granted. In articles about the December CTP Build 5270, I’ve seen vague references to this new feature, but to my knowledge no one has yet published any details. So consider this a scoop.

After installing Windows Vista Build 5270 and examining all security options in Control Panel, you might conclude that the Windows Firewall hasn’t changed at all. Ed Bott's Windows Expertise » Windows Vista to include two-way firewall


* home
* about
* links
* books

Ed Bott’s Windows Expertise

Tips, tricks, news, and advice about Windows and Office
« Download details: dfMCE Master List
The funniest blond joke ever »
January 14, 2006 - 3:55 pm
Windows Vista to include two-way firewall

So, for those who’ve been demanding that Microsoft offer a fully functional two-way firewall, your request has been granted. In articles about the December CTP Build 5270, I’ve seen vague references to this new feature, but to my knowledge no one has yet published any details. So consider this a scoop.

After installing Windows Vista Build 5270 and examining all security options in Control Panel, you might conclude that the Windows Firewall hasn’t changed at all. To get to the more powerful functionality, the bare-bones Control Panel applet won’t do; you need to create a custom Microsoft Management Console (mmc.exe); load the Windows Firewall with Advanced Security snap-in; and point it at your local computer. When you do, you see a well-organized interface for controlling all firewall settings. Here’s a snippet:

Adv_firewall

Two things jump right out at you: First, you get separate firewall profiles, depending on whether or not your computer is connected to a domain. Second, outbound connections are allowed by default in both profiles. To change these settings, click the Windows Firewall Properties link. That opens this dialog box:

Adv_firewall_3

With one mouse click, as I’ve shown here, you can instantly block all outgoing connections except those you define as exceptions. That list of exceptions appears in the Windows Firewall with Advanced Security console. In a default installation, several dozen exceptions are defined but not enabled. After turning on the Block option for outbound connections, you can go through and enable the exceptions you want and define custom connections as well, with an excruciating level of detail. (In managed environments, you’ll be able to automate all these settings through Group Policy or using the netsh advfirewall from a command prompt.)

The documentation for these new firewall features is sparse at this point. The MMC console contains a half-dozen links that point to non-existent help topics and white papers. I’m betting that a few interface tweaks are yet to come, including a notification feature that allows you to see when an application tries to make an unsolicited outbound connection so you can approve it on the fly. For now, I can confirm that the outbound blocking works very well indeed. After enabling this feature, not a single program I tested, including Internet Explorer, was able to connect to any computer on the local network or on the Internet until an exception was defined.

Of course, we’ll be digging deep into this feature in Windows Vista Inside Out, and I’ll add more details after I receive the next CTP build, due around the end of this month.
Posted in Windows Vista | By Ed Bott
http://www.edbott.com/weblog/?p=1219

 

Windows Wireless Flaw a Danger to Laptops

wirelessAt the ShmooCon gathering in Washington, D.C., today, old-school hacker and mischief maker Mark "Simple Nomad" Loveless released information on a staggeringly simple but very dangerous wireless security problem with a feature built into most laptop computers running any recent version of the Microsoft Windows operating system.

Laptops powered by Windows XP or Windows 2000 with built-in wireless capabilities (these includes most laptops on the market today) are configured so that when the user opens up the machine or turns it on, Windows looks for any available wireless connections. If the laptop cannot link up to a wireless network, it creates what's known as an ad-hoc "link local address," a supposed "private network" that assigns the wireless card a network address of 169.254.x.x (the Xs represent a random number between 1 and 254). Security Fix - Brian Krebs on Computer and Internet Security - (washingtonpost.com)

Windows Wireless Flaw a Danger to Laptops

At the ShmooCon gathering in Washington, D.C., today, old-school hacker and mischief maker Mark "Simple Nomad" Loveless released information on a staggeringly simple but very dangerous wireless security problem with a feature built into most laptop computers running any recent version of the Microsoft Windows operating system.

Laptops powered by Windows XP or Windows 2000 with built-in wireless capabilities (these includes most laptops on the market today) are configured so that when the user opens up the machine or turns it on, Windows looks for any available wireless connections. If the laptop cannot link up to a wireless network, it creates what's known as an ad-hoc "link local address," a supposed "private network" that assigns the wireless card a network address of 169.254.x.x (the Xs represent a random number between 1 and 254).
Shmoocon_002

Microsoft designed this portion of Windows so that the address becomes associated with the name or "SSID" of the last wireless network from which the user obtained a real Internet address. The laptop then broadcasts the name of that network out to other computers within a short range of the machine (which may vary depending a number of things, including the quality of the laptop's embedded network card and things that may obstruct the signal, like walls, e.g.).

What Loveless found was that by creating a network connection on his computer that matches the name of the network the target computer is broadcasting, the two computers could be made to associate with one another on the same link local network, effectively allowing the attacker to directly access the victim's machine.

I followed Loveless up to his hotel room to get a first hand example of how this attack would work. I set up an ad hoc wireless network connection on my Windows XP laptop named "hackme." Within a few seconds of hitting "Ok," to create the network, my laptop was assigned a 169.254.x.x address. A few seconds later, Loveless could see my computer sending out a beacon saying it was ready to accept connections from other computers that might also have the "hackme" network pre-configured on their machines. Loveless then created an ad hoc network with the same name, and told his computer to go ahead and connect to "hackme." Voila! His machine was assigned a different 169.254.x.x address and we both verified that we could send data packets back forth to each other's computer.

Here's the really freaky part about all this: No more than five minutes after I had deleted the "hackme" network ID from my laptop, Loveless and I spotted the same network name being broadcast from another computer that didn't belong to either of us. Turns out, someone else at the hacker conference was trying to join the fun.

As Loveless pointed out, this "feature" of Windows actually behaves somewhat like a virus. Think of it this way: If you connect your Windows laptop to the wireless network at the local Starbucks, for instance, your computer will indefinitely store the name of the Starbucks network (invariably these are named "T-Mobile" for the wireless company that provides the service). Should you at a later date happen to open up your laptop in the vicinity of another Windows user who also had recently gotten online at Starbucks, those two machines may connect to each other without any obvious notification to either user.

This is precisely what was happening for a client of Bruce Kyes Hubbert, a systems engineer I met at Shmoocon who works for a company called Airmagnet, which develops wireless security products (companies often use Airmagnet and other such tools to ensure employees aren't setting up unauthorized wireless networks that could compromise the organization's security.) Hubbert said he smacked his forehead while hearing Loveless give his presentation because it explained weird behavior one of his company's clients has been seeing a lot more of lately.

Hubbert said this particular client -- a very large company that he asked me not to name -- was complaining that Airmagnet's products were setting off a bunch of false-positives, detecting rogue wireless networks throughout the client's company. He said the odd thing was that there appeared to be more of these networks being set up every day within the company, at the rate of two or three additional ad-hoc networks each day.

"They kept telling us, 'we've been seeing more ad-hoc networks showing up in our building every day,' and most of them were for local hotel hotspots," Hubbert said. "So we'd see multiple machines all associating with the same network SSID, and meanwhile the user is refreshing their PowerPoint presentation and has no idea this is going on in the background."

As it turns out, the specifications for this Windows feature -- detailed in a technical document entitled "RFC 3927," were actually written in part by a Microsoft employee -- one B. Aboba, according to the document. Strangely enough, the developers of that spec foretold of the dangers of configuring things the way Microsoft ultimately decided to do with their wireless system in Windows. This from section 5, paragraph three of the RFC:

"NOTE: There are certain kinds of local links, such as wireless LANs, that provide no physical security. Because of the existence of these links it would be very unwise for an implementer to assume that when a device is communicating only on the local link it can dispense with normal security precautions. Failure to implement appropriate security measures could expose users to considerable risks."

Whoops. Anyway, you might be wondering now how you can make sure your Windows laptop is protected from this.....er, feature. First of all, if you are running any kind of network firewall -- including the firewall that comes built in to Windows XP -- you won't have to worry about some stranger connecting to your laptop. In fact, I had to shut down my firewall for both of us to successfully conduct our test.

Also, many laptops have a button you can push that disables the built-in wireless feature until you hit that button again. Turning off the wireless connection when you are not using it also prevents this from being a problem.

Another good idea is to change the setting on the computer's wireless card to connect only to "infrastructure networks" -- real wireless access points that actually allow you to surf the Web. To do this, go to "Start," "Control Panel," "Network Connections," and then right click on the entry labeled "wireless network connection" and select "Properties" from the drop down menu. Then click on the "Wireless Networks" tab, and then on the "Advanced" tab at the bottom of that window. A box should pop up that gives you three buttons to choose from: Select the one next to "Access point (infrastructure) networks only."

By the way, Microsoft has acknowledged this vulnerability and says it plans to change the default configuration in the next service packs released for Windows, whenever that will be.

As a sidenote, Loveless described in delicious detail for a rapt audience at ShmooCon how he used the trick on various airline flights to gain access to Windows machines that other passengers were using. Referring to a previous conversation he had with Jennifer Grannick, a lawyer who represents accused hackers (and who also gave this morning's ShmooCon keynote), Loveless said he believes that since the attacks were mostly carried while the plane was over international waters that U.S. law enforcement might have a hard time making the case that he was violating any laws. The real answer to that very interesting question, he said, would probably not be evident until someone gets sued in court for it.
http://blogs.washingtonpost.com/securityfix/2006/01/windows_feature.html

 

Porn studio to release movies in the Blu-ray Disc format

Posted by Johnny on 16 January 2006 - 11:58 - Source: Xbiz

If porn will have any influence over the outcome of the format war then the Blu-ray camp has got a good start because Xbiz reports that Digital Playground has decided to launch high definition porn in the BD format:

“Companies selling PlayStation 3 will have Blu-ray built in, which will make it into homes faster,” Digital Playground co-founder Joone told XBiz. “The security features of Blu-ray also are really good for copyright protection.”


PS3 is scheduled to hit stores during the first quarter of 2006, which has motivated Digital Playground to act quickly, though the company has planned for this move for almost three years. The company’s first releases in Blu-ray formatting will follow the release of PS3, most likely beginning with “Fever Island 3” and “Pirates.”

The release date for the PS3 sounds quite unrealistic though as most believe Sony will launch the PS3 this spring at the very earliest. So you will probably have to wait a few more months before you can buy those Blu-ray porn movies
http://www.cdfreaks.com/news/12955

 

160 gig notebook hard drives

p2p news / p2pnet: Seagate Technology says it's now shipping a notebook PC hard drive that aligns bits of data vertically rather than horizontally, allowing it to boost capacity by up to 160 gigs.

The new 2.5" Momentus 5400.3 is a 5,400-rpm drive operating at 4,200-rpm to extend battery life, says the company, going on, "Seagate will also extend the advantages of perpendicular recording to its 7,200-rpm Momentus disc drive and to all of its 1- and 3.5-inch products."

The Momentus 5400.3 features the Ultra ATA 100 Mbyte/second interface and Seagate says it'll begin shipping Momentus 5400.3 with the 1.5 Gbit/second Serial ATA interface later this year.

Also See:
Seagate Technology - Seagate Ships World's First 160GB Notebook PC Hard Drives With Perpendicular Recording Technology, January 16, 2006

(Monday 16th January 2006)
http://p2pnet.net/story/7620

 

Golden Oldies and copyright

p2p news / p2pnet: More than 70% of American music recorded before 1965 isn't legally available in the US, says University of California Santa Barbara archivist Sam Brylawski.

But, "Some music lovers continue to take matters into their own hands by sharing MP3 downloads of forgotten LPs and 45s across the Internet, and on Web sites devoted exclusively to old music," says an NPR report.

Brylawski, the former head of the recorded sound division at the Library of Congress, took part in a Library of Congress study which reported the 70% finding, and, "The recording industry is a business, and their business is to sell records," he's quoted as saying. "And when the esoteric material loses its favor with the public, they have no responsibility to keep those in print. So recordings fall out of print, and they stay out of print."

However, copyrights are another reason for the fact golden oldies aren't readily available. Sound recordings made after 1972 are "protected" by federal law, says NPR, going on:

"Recordings made before that were covered by state and common law copyright. These laws do not have expiration dates. The Library of Congress study found that 84 percent of recordings from before 1965 cannot be reissued without permission from the copyright holder, which is usually the original record label."

The story also mentions vinylorphanage.com aka the Our Lady of Perpetual Obsolescence Vinyl Rescue Mission and Orphanage site.

On it, pastor Francis McPurvis says:

Our Lady of Perpetual Obsolescence Vinyl Rescue Mission and Orphanage has been helping old, forgotten, and unwanted vinyl records find a home since 1993, says McMillan on the site.

In these days of online music, compact discs, and other wonders of science, one tends to forget that vinyl records ever existed. But not too long ago, vinyl was the pinnacle of modern recording technology. These large, slowly rotating pieces of plastic held music, speech, instructional materials, and yes, even dreams.

But like so many dreams, the reign of vinyl, for the most part, came to an end when the alarm clock of the compact disc rang loud and long. In a twinkling, the long-playing record joined the rotary dial telephone and the milkman in the slow, sad march to becoming a footnote in the encyclopedia of life.

To be sure, some of the more popular examples of the vinyl genre have entered a new stage of life as 'collectibles'. Sought after and lovingly taken care of by fetishists all over the world, collectible vinyl is enjoying the good life.

But what of those poor, unfortunate individuals who by their very nature are not popular? What of the privately produced and vanity recordings that were never produced in great numbers? What of the musical genres that are given nary a glance today? What of the album covers that are so hideous that it was hoped that they would disappear without a trace?

Often found living in substandard conditions and crammed together without regard to their comfort, health, or dignity, these poor souls spend their days waiting to be rediscovered. Our staff here at the Our Lady of Perpetual Obsolescence Vinyl Rescue Mission diligently conducts rescue sweeps to locate these forgotten ones, bring them to our state of the art Rescue Center, and help them to begin the process of rehabilitation. Through our efforts, these unknown pieces of vinyl find a new life and are able to share their gifts with the world for the first time in many years, some for the first time ever. We invite to you explore our web site and see how these unique pieces of the past may enrich our lives in the present.

Praise be : )

Also See:
NPR - Copyright Laws Severely Limit Availability of Music, January 9, 2006

(Monday 16th January 2006)
http://p2pnet.net/story/7619

Copyright Laws Severely Limit Availability of Music

Listen to this story... by Joel Rose

All Things Considered, January 9, 2006 · Archivists and collectors have long lamented the lack of access to older recordings. So the Library of Congress commissioned a team to find out just how many are out of print. The report -- released in August -- suggests that over 70 percent of American music recorded before 1965 is not legally available in the United States.

Sam Brylawski, an archivist at the University of California Santa Barbara, and the former head of the recorded sound division at the Library of Congress worked on the study.

"The recording industry is a business, and their business is to sell records," Brylawski says. "And when the esoteric material loses its favor with the public, they have no responsibility to keep those in print. So recordings fall out of print, and they stay out of print."

But it's not just economics that keep older recordings out of print. It's also a matter of copyright. Sound recordings made after 1972 are protected by federal law. Recordings made before that were covered by state and common law copyright. These laws do not have expiration dates. The Library of Congress study found that 84 percent of recordings from before 1965 cannot be reissued without permission from the copyright holder, which is usually the original record label.

Some music lovers continue to take matters into their own hands by sharing MP3 downloads of forgotten LPs and 45s across the Internet, and on Web sites devoted exclusively to old music.

"There are a lot of good performances that are going to essentially go unheard," says record collector Max McMillan, who runs one of these "sharity" sites, VinylOrphanage.com. "Unless I happen to stumble across it in a thrift store, and encode it, put it on my Web site, more than likely you're not going to hear it at all."

Related NPR Stories

*
June 27, 2005
File-Sharing Firms May Be Liable, Says High Court
*
Jan. 15, 2003
Supreme Court Upholds 20-year Copyright Extension
*
April 3, 2001
Online Entertainment and Copyright Law
*
June 13, 2005
Beastie Boys Sampling Case Tossed from Court
*
April 5, 2005
Grunge, Rap Music Added to U.S. Recording Registry


http://www.npr.org/templates/story/story.php?storyId=5139522

 

Microsoft WMF hole still lethal

p2p news / p2pnet: Warnings about the highly dangerous Microsoft WMF security hole have been published on- and offline for more than 10 days but Finland's F-Secure says it believes the owners of most vulnerable Windows machines still haven't installed the patch.

"We also believe this vulnerability will continue to be used by various different attackers for months, possibly years," says company research director Mikko Hyppönen. "Today we saw a phishing scam exploiting this vulnerability," he says on the F-Secure blog.

"This scam works by sending out emails, urging customers of the global HSBC bank to visit a site called www[dot]jhsbc[dot]com. This domain, naturally, has nothing to with the real bank but it sounds close enough."

The scam site is running on a home computer connected to the Net by a high-speed cable connection somewhere in Illinois. It's hosting, or has been hosting, several other phishing-related domains, "including these gems that administrators might want to filter at their gateways".

* www[dot]i7tgg4rv[dot]com
* www[dot]ll67ffgsp[dot]com
* www[dot]mrhpd74e[dot]com
* www[dot]pph4e32q[dot]com.


The WMF connection, "comes from the fact that if you visit this site (and please don't), the front page contains an IFRAME that will try to push an exploit file called tr.wmf to your system," states Hyppönen, adding:

"When that is executed, it will download a file called update.exe from the same server. This unexpected gift turns out to be a variant of the Trojan-Spy.Win32.Goldun family, which will start to collect information from the system."

Also See:
the patch - 'Critical' Microsoft WMF flaw fix, January 6, 2006
blog - WMFishing, January 16, 2005

(Monday 16th January 2006)
http://p2pnet.net/story/7621

 

Florida Leads Nation in Sony Rootkit Victims

sonySecurity researcher Dan Kaminsky released new information at the Shmoocon 2006 hacker conference on Friday showing the U.S. states with the most computer networks hosting machines that remain infected by flawed anti-piracy software automatically installed by some music CDs produced by Sony BMG.

According to Kaminsky's research -- which relied on methods Security Fix detailed in a previous blog post on this topic -- Florida leads the nation with 12,588 networks hosting computers that show signs of having the software installed on them. Kaminsky found some 9,719 networks with infected hosts in California, 7,962 in Massachusetts, and 6,310 in New Jersey. Virginia was ninth on the list with 3,362 infected networks. Maryland has at least 527, and the District of Columbia came in last with just 99 affected networks.

Florida Leads Nation in Sony Rootkit Victims

Security researcher Dan Kaminsky released new information at the Shmoocon 2006 hacker conference on Friday showing the U.S. states with the most computer networks hosting machines that remain infected by flawed anti-piracy software automatically installed by some music CDs produced by Sony BMG.

According to Kaminsky's research -- which relied on methods Security Fix detailed in a previous blog post on this topic -- Florida leads the nation with 12,588 networks hosting computers that show signs of having the software installed on them. Kaminsky found some 9,719 networks with infected hosts in California, 7,962 in Massachusetts, and 6,310 in New Jersey. Virginia was ninth on the list with 3,362 infected networks. Maryland has at least 527, and the District of Columbia came in last with just 99 affected networks. You can view the entire list by downloading this file:

Download states.txt

It is important to note that Kaminsky's numbers probably mask the true extent of the problem because each network could hosts just a single computer with the Sony software installed -- or thousands.

This research could provide some interesting fodder for the ongoing lawsuits against Sony for exposing customers to security risks through its anti-piracy software (not to mention suits that have yet to be filed). The Texas attorney general is currently going after Sony for allegedly violating the state's new anti-spyware law, and several other attorneys general have indicated they also are considering action.

On a completely unrelated note, I owe at least six hours of shuteye Friday night to Kaminsky -- after a night of partying with Dan and other hackers, the guy let me crash on the couch in his room so I didn't have to drive home. Thanks, Dan.

By Brian Krebs | January 15, 2006; 01:01 PM ET | Category: Piracy

 

Windows XP Security Guide Version 2.1 now available

windowsThis version of the Windows XP Security Guide was updated to provide additional security guidance for:


* Maintaining different levels of security and control on Windows XP client computers.

* Securing Windows XP client computers that are not members of an Active Directory domain.

* Security settings for computers that must function reliably in extremely critical roles in high security environments.


Information about the security features in SP2 was included as an appendix in the previous version of this guide. This information has now been integrated throughout the guide, and thoroughly tested templates for Windows Firewall security settings are provided. Information is also provided about closing ports, Remote Procedure Call (RPC) communications, memory protection, e-mail handling, Web download controls, spyware controls, and much more. Download details: Windows XP Security Guide


Windows XP Security Guide
Brief Description
The Windows XP Security Guide provides several levels of security guidance for customers who are interested in hardening deployments of Windows XP for desktop and laptop clients in their environments.

Quick Details
File Name: Windows_XP_Security_Guide.zip
Version: 2.1
Date Published: 10/20/2005


Overview
The Windows XP Security Guide has been updated to provide specific recommendations about how to harden computers that run Windows XP with Service Pack 2 (SP2) in three distinct environments:

* Enterprise Client (EC). Client computers in this environment are located in an Active Directory directory service domain.
* Stand-Alone (SA). Client computers in this environment are not members of an Active Directory domain.
* Specialized Security - Limited Functionality (SSLF). Client computers in this environment are subject to extraordinary security concerns. These concerns are so great that a significant loss of functionality and manageability is acceptable.

Information about the security features in SP2 was included as an appendix to the previous version of this guide. This information has now been integrated throughout the guide, and thoroughly tested templates for Windows Firewall security settings (Windows Firewall replaced the Internet Connection Firewall in SP2) are provided. Information is also provided about closing ports, Remote Procedure Call (RPC) communications, memory protection, e-mail handling, Web download controls, spyware controls, and much more.
This guide is primarily intended for consultants, security specialists, systems architects, and IT planners who plan application or infrastructure development and the deployment of Windows XP workstations in an enterprise environment. It is not intended for home users, but for individuals whose job roles include the following:

* Systems architects and planners who are responsible for driving the architecture efforts for the workstations in their organizations.
* IT security specialists who are focused purely on providing security across platforms within an organization.
* Business analysts and business decision makers (BDMs) who have critical business objectives and requirements that need IT desktop or laptop support.
* Consultants from both Microsoft Services and partners who need knowledge-transfer tools for enterprise customers and partners.

Send questions or feedback to us directly at SecWish@microsoft.com.

Top of page
System Requirements

* Supported Operating Systems: Windows 2000; Windows 2000 Service Pack 2; Windows 2000 Service Pack 3; Windows 2000 Service Pack 4; Windows 95; Windows 98; Windows 98 Second Edition; Windows ME; Windows NT; Windows Server 2003; Windows Server 2003 Service Pack 1; Windows XP

* Microsoft Word is required to view the documentation.
http://www.microsoft.com/downloads/...BC-F434-4CC6-A5A7-09A8A229F118&displaylang=en