Software And Internet Blog

Developed in November 2005, the Xbox 360 gaming console is Microsoft`s solid answer to Sony`s play station. Having already sold 20 million units worldwide, it is still proving to be popular among gaming freaks. Designed by the Hers Experimental Design Laboratory Inc. of Japan and Astro Studios of USA, the Xbox 360 is a fine product of its kind. It is available in two different types.

One is the Xbox 360 and the other is the core system. The Xbox 360 pack houses an Ethernet connectivity cable, a headset, a HD AV cable, a media remote, removable hard drive and a wireless controller whereas the core system has an AV cable and a wired controller. Being the powerful machine that it is, it has all the capacities to compete with other major brand of gaming consoles.

The Xbox 360 gaming console is a great improvisation over the original Xbox built in 2001. As mentioned above, for people who really want to own an Xbox 360, to have a chance to choose from its available models according to their budget, it is a good option. There is a basic core version available which comes with wired controller and composite AV cable but you surely can move on to buy the other peripherals, as and when your budget allows. But, if you are someone who can afford to buy the whole system at once, then you can be advised to go for the Xbox 360 pack. The Xbox 360 gaming console allows up to four wireless controllers to function on one console. This can provide the user with a real thrill of gaming with three other players concurrently.

The uses of the Xbox 360 gaming console are multiple in nature. It can introduce you to a fine world of digital entertainment. Armed with the capacity of enhancing your music and movies, it can magnify its sound to soft or loud. If you attach it to your TV, you can take the advantage of its high definition TV resolution to the maximum. Games that can be absolutely relished on the Xbox 360 are: `Dead or Alive 4`, `King Kong`, `Call of Duty 2` and `Need for speed Most Wanted`. These games are really considered as must haves for those who own the gaming console.

However, there is one minor disappointment in store for Xbox fans. Some games like `Madden NFL 06` and `NBA Live 06`, which run exceedingly well in the original Xbox, do not run that amazingly in the Xbox 360 version. The audio and video effects are not up to the mark when these games are played on the latest model. Microsoft needs to pay immediate attention to this concern, which might become a potential reason of a deal breaker in future days.

Another very alluring advantage that the Xbox 360 gaming console has to offer is the `family settings` feature. This feature has become a favorite among parents who can now protect their children from unpleasant contacts. This control feature performs two functions in the gaming console. They are allow/restrict access to offline games/movies and access to online contact and content. All said and done, the Xbox 360 has everything in it to become a favorite of gaming freaks across age groups.

You can have access to articles about video games in portuguese language from page Video_Games

Source Here

Conflicker did not unleash a global attack like SQL Slammer- a worm that crippled the Internet in 30 minutes. But, it isn’t because it wasn’t capable per se.

The fact is that crippling the Internet is not a smart business model. It is like showing your hand in poker. Right now there are somewhere between 3 million and 15 million computers compromised by Conficker. Both numbers are big, but the larger point is the range in the estimates. Give or take 12 million PC’s, nobody really knows how big the threat is. There are 12 million PC’s that might be infected, or maybe not.

To unleash the global Conficker army in some sort of massive April Fool’s Day prank that grinds the Internet to a halt just for the sake of doing so might have entertainment value, but it doesn’t generate revenue. What it would do is to help identify the compromised machines, enabling them to be cleaned and patched, and help wipe out the threat. The Conficker creators have a business interest in flying under the radar so they can live to fight- and profit- another day.

So- nothing really happened on April 1st. Does that mean that we can just forget Conficker ever existed and move on? Absolutely not. The fact that nothing visible occurred from Conficker on April 1st means that there are still millions of PC’s- somewhere between 3 million and 15 million- compromised with Conficker. They can send out spam. They can host malware. They can be used in a botnet denial-of-service attack. They are a mercenary army of malicious PC’s for hire.
(more…)

HP StorageWorks Storage Mirroring, Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access

Release Date: 2009-04-20
Last Updated: 2009-04-20

Potential Security Impact:
Remote execution of arbitrary code, Denial of Service (DoS), unauthorized access

Source:
Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP StorageWorks Storage Mirroring. These vulnerabilities could be exploited remotely to execute arbitrary code, cause a Denial of Service (DoS), or gain unauthorized access.

References:
CVE-2009-0716, CVE-2009-0717, CVE-2009-0718

SUPPORTED SOFTWARE VERSIONS*:
ONLY impacted versions are listed.
HP StorageWorks Storage Mirroring v5 prior to v5.1.1.1090.15

BACKGROUND

CVSS 2.0 Base Metrics
===============================================
Reference Base Vector Base Score
CVE-2009-0716 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2009-0717 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2009-0718 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
===============================================
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.

The Hewlett-Packard Company thanks Zhenhua Liu, Junfeng Jia, and Xiaopeng Zhang of Fortinet’s Fortiguard Global Security Research Team for reporting these vulnerabilities to security-alert (at) hp (dot) com. [email concealed]

(more…)

Maya celebrates its tenth anniversary with the 2009 release, an event marked by enhancements across the board. Although some of these have popped up in other Autodesk tools before now.
For example, Maya’s modelling toolset gains true Soft Selection (below), a technique found in 3DS Max and Mudbox that allows you to sculpt smoothly by manipulating weighted selections of a mesh. Once the selection is created with the mouse (Select, Move, Rotate or Scale tool) and keyboard shortcuts (B), it can be moved, scaled and rotated.

Colour feedback indicates the size of the area affected and a much smoother transformation than normal is possible. The fall-off area of the effect (the strength and coverage of the selection’s influence) can be increased or decreased by holding B and the left and right mouse button, while the shape can be modified through the use of the Falloff curve.

It’s also possible to set the fall-off to affect multiple objects at the same time (setting it to have a global basis) such as deforming a row of teeth to match a jawline. By pressing ‘ on the keyboard and simultaneously dragging a component, you can also invoke a Tweak mode allowing you to quickly move components under the mouse regardless of whether you are currently using the Select tool, Move tool, Rotate tool or Scale tool. Soft selection also works well when used with symmetrical modelling – another key feature of Mudbox.
(more…)

Another year has just started and with it comes a clutch of new Linux distro releases, among them the somewhat predictably named Mandriva Linux 2009.

As with previous versions, the 2009 implementation of Mandriva Linux is predominantly designed for desktop rather than server use. As such it can detect and handle most desktop hardware straight out of the box, including wireless notebooks and the latest breed of lightweight ‘netbook’ devices.

Another plus is the ability to integrate easily into mixed Windows/Linux networks, added to which Mandriva Linux is easy to install, simple to learn and a good starting point for those new to the open source platform.

The Mandriva Linux kernel naturally gets updated in this release (to 2.6.27) while the default KDE desktop is upgraded from KDE 3 to 4. More specifically, you get the latest KDE 4.1.2 implementation which includes numerous performance and interface enhancements together with a number of new applications, including Dolphin file manager, Okular document viewer and Dragon media player.

No special video hardware is needed to run KDE 4, but the new interface does take a little getting used to so the older KDE 3 desktop is still there for those who need it. There’s also a Gnome (2.24) implementation and LXDE, a lightweight desktop designed, primarily, for use on low-powered netbook PCs.
(more…)

Summary :
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process. As such the library is responsible for loading itself by implementing a minimal Portable Executable (PE) loader.

Introduction:
Under the Windows platform, library injection techniques both local and remote have been around for many years. Remote library injection as an exploitation technique was introduced in 2004 by Skape and JT. Their technique employs shellcode to patch the host processes ntdll library at run time and forces the native Windows loader to load a Dynamic Link Library (DLL) image from memory. As an alternative to this technique Stephen presents Reflective DLL Injection.

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process. As such the library is responsible for loading itself by implementing a minimal Portable Executable (PE) file loader. It can then govern, with minimal interaction with the host system and process, how it will load and interact with the host. Previous work in the security field of building PE file loaders include the bo2k server by DilDog

The main advantage of the library loading itself is that it is not registered in any way with the host system and as a result is largely undetectable at both a system and process level. When employed as an exploitation technique, Reflective DLL Injection requires a minimal amount of shellcode, further reducing its detection footprint against host and network based intrusion detection and prevention systems.

Despite selling products that inhabit a competitive landscape occupied by technology heavyweights like Microsoft, Google and IBM, Zoho keeps building new online software that consumers can use for free or that businesses can buy on a massive scale for dirt cheap prices. As struggling companies cut their technology budgets, Zoho has become a compelling option, says Raju Vegesna, the company’s chief evangelist.

More on CIO.com Understanding Zoho, the Quiet Company Taking on Google and Microsoft Understanding What Google Apps Is (And Isn’t) Understanding Microsoft SharePoint in a Web 2.0 World “Business is really picking up,” Vegesna told CIO at the Web 2.0 Expo here in San Francisco. “This downturn might actually help the low-cost technology providers like us.”

Zoho, which derives its name from the term “small office home office,” launched back in 2005. It’s a property of AdventNet, a privately held company in India that handles IT support and data center maintenance. Because Zoho is a software as a service company, customers access its software over a Web browser and Zoho hosts all the information on its own servers.

For an upstart software vendor, Zoho sells a staggering (around 20) amount of applications. Many of the apps are available for free (for up to 10 users), while Zoho charges US$50 per user per year for every user thereafter. From a word processor, spreadsheet and presentation app that competes with Microsoft Office and Google Apps, to customer relationship management (CRM) software for sales and marketing people that nibble at Salesforce.com’s billion dollar business, Zoho and its 200 person developer team in India fearlessly create app after app, quickly sending them to market.
(more…)