BeautyandBoost.com
Music
Security Alerts
- TA13-141A: Washington, DC Radio Station Web Site Compromises
- TA13-134A: Microsoft Updates for Multiple Vulnerabilities
- TA13-107A: Oracle Has Released Multiple Updates for Java SE
- TA13-100A: Microsoft Updates for Multiple Vulnerabilities
- TA13-088A: DNS Amplification Attacks
- TA13-071A: Microsoft Updates for Multiple Vulnerabilities
- TA13-064A: Oracle Java Contains Multiple Vulnerabilities
- TA13-051A: Oracle Java Multiple Vulnerabilities
- TA13-043B: Microsoft Updates for Multiple Vulnerabilities
- TA13-043A: Adobe Updates for Multiple Vulnerabilities
Security Tips
- ST06-001: Understanding Hidden Threats: Rootkits and Botnets
- ST06-004: Avoiding the Pitfalls of Online Trading
- ST04-009: Identifying Hoaxes and Urban Legends
- ST06-006: Understanding Hidden Threats: Corrupted Software Files
- ST10-001: Recognizing Fake Antiviruses
- ST04-016: Recognizing and Avoiding Spyware
- ST04-015: Understanding Denial-of-Service Attacks
- ST04-014: Avoiding Social Engineering and Phishing Attacks
- ST05-019: Preventing and Responding to Identity Theft
- ST05-006: Recovering from Viruses, Worms, and Trojan Horses
No REAL ID, No problem. You just won’t be able to fly.
Another decent Real ID article I found.
If states do not comply to the Real ID act, or file paperwork for extension for compliance, then passengers will not be able to use there state issued ID for purposes of flying. Any state that continues to fight the Real ID act will find its citizens unable to fly with their state issues ID after May 1 of this year.
Think you have nothing to be concerned about? These states have actively passed legislation rejecting the Real ID act. These states include Arkansas, Colorado, Georgia, Hawaii, Idaho, Illinois, Maine, Missouri, Montana, Nebraska, Nevada, New Hampshire, North Dakota, Oklahoma, South Carolina, Tennessee and Washington.
I’m sure the airlines, which is a PRIVATE industry, btw, will be thrilled to hear that the government is going to cut into their customer base in the name of national security.
But remember guys, this is for your safety.
Real ID is postponed for 5 years
But starting this May, states resisting the law will be penalized: Their driver’s licenses won’t be valid for air travel.
WASHINGTON — The Bush administration hit the brakes Friday on a controversial law requiring Americans to carry tamper-proof driver’s licenses, delaying its final implementation by five years, until 2017.
A number of states have balked at the law, objecting to it largely over cost and privacy concerns. But under the administration’s new edict, states that continue to fight compliance with the law face a penalty: Their residents will be forbidden from using driver’s licenses to board airplanes or enter federal buildings as of May 11 of this year.
Congress passed the Real ID law in 2005 to address security flaws spotlighted by the 2001 terrorist attacks. But 17 states, including Arizona, Colorado and Nevada, have passed legislation calling for its repeal or opposing its implementation.
“Come May 2008, [their] citizens . . . will feel the consequences” of the states’ resistance, Homeland Security Department spokesman Russ Knocke said Friday. To board a plane or enter a federal building, those residents will have to use a passport or other form of accepted identification, he said.
California is well on its way to compliance, Knocke said.
The 2007 Darwin Award Winners
THE DARWIN AWARDS – January 2008
Announcing the new, the beloved, the 2007 DARWIN AWARD WINNERS!
” Named in honor of Charles Darwin, the father of evolution, the Darwin Awards commemorate those who improve our gene pool by accidentally removing themselves from it. ”
This was the year of the Squashed Darwin Award Winner. THREE
independent groups of people attempted to remove the supports
from beneath a barn, a water tower, and a heavy factory roof.
In all cases, the structures collapsed without their aptly-named
supports. Duh! This year brought us 16 jaw-droppping nominees,
not counting new nominees for previous years and Near Misses
(AKA Honorable Mentions) which I will cover in the next ish.
Enjoy the stories of the winners… and be glad you’re not one!
~ Wendy
The Meanest Thing Gizmodo Did at CES
Long story shorts now banned from attending CES. They walked around and turned off people’s tvs during presentations. Sucks to be a gadget blog banned from CES.
Click the link below to view the video Gizmodo made of their mischief.
CES has no shortage of displays. And when MAKE offered us some TV-B-Gone clickers to bring to the show, we pretty much couldn’t help ourselves. We shut off a TV. And then another. And then a wall of TVs. And we just couldn’t stop. (And Panasonic, you’re so lucky that 150-incher didn’t have an active IR port.) It was too much fun, but watching this video, we realize it probably made some people’s jobs harder, and I don’t agree with that (Especially Motorola). We’re sorry.
The Linux Girlfriend Project – Two Months In The Trenches
New updates from Fsckin’. I know exactly where this guy is coming from. My girlfriend uses Fedora. 
About 2 months ago, I convinced my girlfriend to try out Linux for a month after a really nasty bit of spyware infected her computer. This isn’t a bash on Microsoft, but it happened twice in about a month.
Unfortunately, a roommate who pays a portion of the internet bill (and thus welcome to use the computer, which is located in the living room) likes to browse nefarious websites, I’ll let you speculate what type of websites he visits. Browsing those kind of sites by itself is completely fine by me, as long as it doesn’t fsck up the computer. The spyware/adware/etcware attracting behaviors of the roommate got some nasty sh!t on the computer – TWICE in a month. I tried to get everyone in the house to use Firefox, and that went over well.
Even if the shady websites are surfed upon using Firefox, if you install software from said websites, it’s all over anyways. I can’t help stupid user syndrome. Quite simply, I had enough at that point, I’m sure as hell not going to backup, fdisk, format and reinstall Windows every two weeks. Plus, I really don’t want to have that uncomfortable conversation with the roommate about his online behaviors, to be honest.
Push came to shove, and my girlfriend let me install the operating system of my choosing, since I would be the one supporting it.
Wine 0.9.53 released
Continuing in the day of Linux software releases, is version 0.9.53 of Wine, a free implementation of Windows on Unix.
What’s new in this release:
- RunOnce and Run entries now executed on startup.
- Beginnings of support for emulated disk devices.
- Many Richedit improvements.
- Nicer looking color dialog.
- Lots of bug fixes.
KDE 4.0 Released
With the fourth major version, the KDE Community marks the beginning of the KDE 4 era.
The KDE Community is thrilled to announce the immediate availability of KDE 4.0. This significant release marks both the end of the long and intensive development cycle leading up to KDE 4.0 and the beginning of the KDE 4 era.
The KDE 4 Libraries have seen major improvements in almost all areas. The Phonon multimedia framework provides platform independent multimedia support to all KDE applications, the Solid hardware integration framework makes interacting with (removable) devices easier and provides tools for better power management.
The KDE 4 Desktop has gained some major new capabilities. The Plasma desktop shell offers a new desktop interface, including panel, menu and widgets on the desktop as well as a dashboard function. KWin, the KDE Window manager, now supports advanced graphical effects to ease interaction with your windows.
Lots of KDE Applications have seen improvements as well. Visual updates through vector-based artwork, changes in the underlying libraries, user interface enhancements, new features, even new applications — you name it, KDE 4.0 has it. Okular, the new document viewer and Dolphin, the new file manager are only two applications that leverage KDE 4.0′s new technologies.
The Oxygen Artwork team provides a breath of fresh air on the desktop. Nearly all the user-visible parts of the KDE desktop and applications have been given a facelift. Beauty and consistency are two of the basic concepts behind Oxygen.
New Words for 2008
Essential vocabulary additions for the workplace (and elsewhere)!!!
1. BLAMESTORMING: Sitting around in a group, discussing why a deadline was missed or a project failed, and who was responsible.
2. SEAGULL MANAGER: A manag er, wh o flies in, makes a lot of noise, craps on everything, and then leaves.
3. ASSMOSIS: The process by which some people seem to absorb success and advancement by kissing up to the boss rather than working hard
4. SALMON DAY: The experience of spending an entire day swimming upstream only to get screwed and die in the end.
5. CUBE FARM : An office filled with cubicles.
How To Actually Win a Fist Fight
You know it has to be said, first sentence, first paragraph: the best way to win a fist fight is not to get into one in the first place.
No shit, sherlock.
Every single mens magazine who has ever attempted to publish an article like this has started (and ended) exactly that way and is usually devoid of any real information – sometimes because someone on the editorial staff wanted to avoid putting the periodical at risk for a lawsuit; other times because the author has absolutely no clue what they’re talking about, so they cop out with this “Verbal Judo Wins The Day!†crap.
If you didn’t know, the United States Postal Service had a very successful competitor.
The government then made competing with the USPS illegal… LOL
Super-delegates explained: How the nomination could still be in doubt after all the primaries, and why your vote matters less than you think
WASHINGTON – It’s called the Democratic Party, but one aspect of the party’s nominating process is at odds with grass-roots democracy.
Voters don’t choose the 842 unpledged “super-delegates†who comprise nearly 40 percent of the number of delegates needed to clinch the Democratic nomination.
The category includes Democratic governors and members of Congress, former presidents Bill Clinton and Jimmy Carter, former vice president Al Gore, retired congressional leaders such as Dick Gephardt, and all Democratic National Committee members, some of whom are appointed by party chairman Howard Dean.
The Republicans do not have a similar super-delegate system.
These super-delegates don’t have superhuman powers, but unlike rank-and-file Democrats, they do automatically get to cast a vote at the convention to decide who the party’s nominee will be.
Although dubbed “unpledged†in Democratic Party lingo, the super-delegates are free to come out before their state’s primary and pledge to support one of the presidential contenders.
Follow the link below to read the rest of this interesting and disturbing article
Linux Package Management 101
Excellent linux packages 101 writeup by DownloadSquad. it seems Ubuntu-rific but some of the info is universal.
“Your shiny new Linux system has it all — except that one program you really needed it to install. You get online, you find the program’s website, and click ‘download’. Except there’s not just a link to the program there.
There are four, or five, or more links to the program. Each has a slightly different format, ending with .rpm, .deb, .tgz, or possibly even .ebuild.
Some include x86 in the name, while others say ppc or amd64. What’s the difference? What’s actually included in these packages?
Packages are pre-compiled programs for your system (the exception being Gentoo’s .ebuild). You’ve got to know a bit about your system to install them.
It’s not enough to know just that you need an .rpm or .deb. You should know your computer’s architecture (32 or 64 bit chip? PowerPC?), as well as the architecture of the distribution you installed. Don’t panic if you have a 64 bit chip and installed an x86 distribution (backwards compatibility is a good thing), but keep in mind you’ll have to install x86 packages. It’s best to use a package labeled for your distribution, though in some cases it is possible to install packages across similar Linux systems. For instance, many Slackware packages are able to install on Zenwalk.
Package management refers to the way your distribution installs and configures (as well as manages and removes) software applications and libraries on your system. When Windows installs an .exe (which is the closest thing in Windows to a package) it usually places it in a single specific place within a directory. Linux installs across a few directories, leaving many new Linux users scratching their heads as to where their .rpm actually went. Most distributions install the executables in /usr/bin, and the libraries in /usr/lib. You may notice related files in /usr/share or /etc.
Money Management Finance Website Buxfer Lets You Store Sensitive Data On Your Own Computer
With its new Google Gears functionality, Buxfer might finally be the answer for people who want the bells and whistles of an online personal finance website (hello Mint!)—charts, pretty colors, and general infoporn goodness—without having to blindly trust an unknown company with sensitive data such as bank account or credit card numbers (goodbye Mint!). The service uses Google Gears to store account login information and credentials on your own computer, then syncs the data collected with the Buxfer servers, writes VentureBeat.
Buxfer has been around for a while—both Consumerist and Lifehacker wrote about it nearly a year ago—but the Google Gears functionality is a new component added just last month, and at least at first glance it seems like a good answer to the “sensitive data” issue.
Beware of NetSol (NetworkSolutions.com)
A friend tipped me off to a Domain State thread that warns you not to look up a domain name at Network Solutions. If you go to the Networks Solutions site and look up a domain name to see if it’s registered then Network Solutions, within seconds, will buy the domain name, causing you to have to go buy it from them.
Let me explain, using a specific example, exactly what Network Solutions is doing and what is wrong with what they’re doing.
First, I went to the NetworkSolutions.com home page and filled out their form to see if RonPaulIsGod.com was available. According to Network Solutions, RonPaulIsGod.com was available. (It is my contention that within seconds of my inquiring about the RonPaulisGod.com domain name Network Solutions automatically registered that domain name.)
But, my friend called me on my cell phone and I had to step away from my computer for a few minutes. A few minutes later, I realized that I could buy that same domain name for $6.99 over at another registrar and decided to go with them, rather than paying Network Solutions the $34.99 for the domain name. After all, I could think of a lot of things that I could spend the savings of $28 dollars on, mainly 3 other domain names.
Then I come to find out, Network Solutions had already purchased the domain name and I am forced to buy it from them. Not only did Network Solutions buy the domain name after I looked it up, they automatically put up a “domain parking page†on the site, telling me that I must buy it from them.
Network Solutions may call this a service of theirs. Frankly, I would not call this a “service†or even a bad business practice–I would call it extortion. There are thousands of registrars out there, and we all have the right to register a domain name at any registrar. It’s called “fair competitionâ€. If I check to see if a domain name is available at Network Solutions, I should not be required to purchase that domain name from them for $34.99. I should be able to go to another registrar and register it for $6.99 or even $14.99. A domain lookup is absolutely not an agreement to buy.
Does Wiping a Hard Drive with Zeros Really Work?
 This might be pretty interesting as long as someone doesnt just steal the guys drive.
Q. What is this?
A. A challenge to confirm whether or not a professional data recovery firm or any individual(s) or organization(s) can recover data from a hard drive that has been overwritten with zeros once. I used the 32 year-old Unix dd command using /dev/zero as input to overwrite the drive. Three data recover companies were contacted. All three are listed on this page. Two companies declined to review the drive immediately upon hearing the phrase ‘dd’, the third declined to review the drive after I spoke to second level phone support. Here is their response… paraphrased from a phone conversation:
“According to our Unix team, there is less than a zero percent chance of data recovery after that dd command. The drive itself has been overwritten in a very fundamental manner. However, if for legal reasons you need to demonstrate that an effort is being made to recover some or all of the data, go ahead and send it in and we’ll certainly make an effort, but again, from what you’ve told us, our engineers are certain that we cannot recover data from the drive. We’ll email you a quote.”
Chilling NYTimes Graphic: A Year in Iraq
The chart, compiled from data provided by the American and Iraqi governments and news media organizations, gives information on the type and location of each attack responsible for the 2,592 recorded deaths among American and other coalition troops, Iraqi security forces and members of the peshmerga militias controlled by the Kurdish government.
Warning: Large Graphic
06opchartlarge.gif
HOWTO: Access the Internet When Web Browsers are Disabled
Ever been on PC where Internet Explorer was blocked? One solution would be to use a portable version of Firefox on a USB drive, or you can access a hidden browser in Microsoft HTML Help program if removable media is not an option. This was tested on Windows XP SP2 with Internet Explorer 6.
Latest Topics
US CERT RSS Feed
- Google Releases Google Chrome 27.0.1453.93
- Adobe Releases Security Updates for Adobe Flash Player
- Security Updates Available for Adobe Reader and Acrobat
- Mozilla Releases Multiple Updates
- Microsoft Releases May 2013 Security Bulletin
- Adobe Releases Security Update for ColdFusion
- Microsoft Releases Security Advisory for Internet Explorer
- Cisco Releases Security Advisories
- Apple Releases Security Updates for Safari
- Scams Exploiting Boston Marathon Explosion
