Mozilla, Google Patch Browsers Before Hacker Fest

Google and Mozilla have been preparing for the Pwn2Own contest by patching their browsers. This is in anticipation to the contest, where hackers congregate to find and exploit vulnerabilities, especially in browsers. The same contest in the past had hackers holding on to existing but undiscovered vulnerabilities they knew about until the contest, when they exploited the same to save time. It’s little wonder that the Internet majors have patched up their browsers, as Google had paid $1,000 for their troubles last year. Google had also announced a $20,000 reward last month to anyone who can compromise its Chrome browser, which wasn’t be exploited in the last contest.

Google was the first to release a patch fixing 19 flaws in the Chrome browser; of which three bugs were classified as “medium” while the rest were marked as “high” risk vulnerabilities. This was followed by Mozilla publishing fixes for 10 security flaws in Firefox that included eight rated “critical,” while the remaining two were rated “High” and “Moderate”. One of those was particularly malicious, with the hackers being able to code a JPEG image that could save malicious code onto the system memory.

Speaking on the vulnerability, Mozilla warned its users, “Security researcher Jordi Chancel reported that a JPEG image could be constructed that would be decoded incorrectly, causing data to be written past the end of a buffer created to store the image. An attacker could potentially craft such an image that would cause malicious code to be stored in memory and then later executed on a victim’s computer.”

The Pwn2Own hacker contest has been an annual event since 2007, where hackers are encouraged, and even paid to compromise software, computing platforms and web browsers. However, it’s nothing illegal. The event sponsor pays reward money to the hacker and it in turn profits by alerting the vendors of vulnerabilities in their software/OS. The browsers targeted include Firefox, Internet Explorer, Chrome and Safari. Opera hasn’t been targeted because of the lack of widespread usage and the fact that the contestants use the browser for the same reason.

Successful hackers are asked to sign a confidentiality agreement regarding the vulnerabilities, and the vendors are free to patch their code with the information on vulnerabilities provided the sponsor. Think of this as a monetised form of ethical hacking, and everyone profits at the end of the day.

Eat an apple a day to live longer

An apple a day keeps the doctor away. Now, scientists claim the fruit may help one live longer — at least among flies.

Researchers at the Chinese University of Hong Kong found that when given an apple extract, fruit flies, which share many genes with humans despite their tiny size, lived 10% longer than those fed normally. The flies with normal diet lived an average of 50 days — five days fewer than those whose food was supplemented with apple extract, the Daily Mail reported.

Not only did the flies given the apple extract live 10% longer, they also found it easier to walk, climb and move about as they aged.

The apple extract also cut levels of various biochemicals found in older fruit flies and linked to age-related deterioration, the researchers found.

They believe that the antioxidants in the extract mopped up free radicals, the dangerous chemicals blamed for a host of ills, including ageing.

“The results, obtained with fruit flies — stand-ins for humans in hundreds of research projects each year — bolster similar findings on apple antioxidants in other animal tests,” said a spokesman for the American Chemical Society.

In another study, researchers who quizzed women about their diets found that those who regularly ate apples were 20% less likely to suffer heart attacks and strokes.

Endhiran tickets sold out in US

Superstar Rajinikanth starrer Endhiran‘s ticket booking was started soon after Sun Pictures announced the release date of the film. According to reports, tickets for all the three versions were sold out within hours after bookings were opened.

The US rights was acquired by FICUS Movies, a U.S. based production house. It has bagged the rights of both Tamil and Telugu version for a whooping amount of Rs.35 Crores. However, Venus has acquired the Hindi rights and it will release the Hindi version of the film in US.

Meanwhile, the entire team of Sun Network is vigorously promoting the film by featuring cover stories in all its print network and teasers in satellite channels. The producers have also set up a special team to be vigilant over curbing down the piracy.

Kingston Launches USB 3.0 Flash Drive

Kingston has announced the launch of its first USB 3.0 Flash drive in India. The drive, branded as the DataTraveler Ultimate, makes use of the faster data transfer rates in USB 3.0.

If you’re still wondering whether or not to invest in a USB 3.0 compatible device, let us inform you that USB 3.0 devices can transfer data almost 10 times faster than our good ol’ USB 2.0. The DataTraveler Ultimate 3.0 boasts of a read speed of 80MB/sec and a write speed of 60MB/sec. It is available in 16GB, 32GB and 64GB capacities. Kingston has also cleverly added a Y cable to ensure backward compatibility of the drive with USB 2.0 ports. This is because some USB 2.0 ports require this cable to kick start USB 3.0 drives. Kingston adds that in internal tests the drive was able to transfer a 1 hour 44 minute movie worth 3.9GB in just over a minute. The Kingston DataTraveler Ultimate 3.0 USB Flash drive is backed by a five-year warranty and free tech support.

Will IE9 change the way we use the web?

Microsoft’s newest web browser, Internet Explorer 9, sees the technology giant wrest some of the initiative from its rivals

The internet of the future is likely to look very different from the distinct pages and sites we visit today – that was the message as Microsoft launched the latest version of their much-maligned Internet Explorer web browser. And while every major manufacturer always claims that theirs is a revolutionary product, the company that remains best known for Windows and Office might just be on the right track this time. Headlines around the world greeted IE9 as Microsoft’s most ambitious yet, while others called it revolutionary. Respected British website Techradar.com went so far as to call it “ie-mazing”.

Almost since it launched Internet Explorer in 1995, the browser has been troublesome for Microsoft. Even when it was in use by 95 percent of all web users in 2002, a tech-savvy audience maintained that it was not the best option available. Firefox, the now-defunct Netscape Navigator and more recently Google Chrome have set the pace for speed and ease of use. With usage now down to less than two-thirds of the online population Microsoft has staged a fightback that, for once, appears to be winning many experts round, even if browsers are all starting to look more similar anyway.

At the heart of IE9, however, are two key features: the first is a bid to make websites more like applications, which means that the depth of features of, say Microsoft Word, could also be available to any site where developers have sufficient resources. In practice a chunk of that is largely cosmetic, but it’s a visual change that makes a genuine difference to the way people use the web. In the words of Microsoft’s Leila Martine, head of Windows in the UK, “it’s making web pages first class citizens”. Given that users spend around half their time using a computer online, some might argue this is rather overdue.

Secondly, however, is the integration between hardware and software: with the advance of new web programming language HTML5, Microsoft is now able to offload much of the burden of processing graphics onto computer hardware that’s built for the job, the graphics processing unit (GPU). This means that web pages are rendered at significantly greater speed – in a demo, the company showed IE9 to be at least five times quicker than Google Chrome.

It’s the combination of these two features, primarily, that Microsoft hopes will have a transformative effect on the internet: the download site for IE9 is called “beautyoftheweb.com“, and in some of the company’s demos there clearly are new possibilities. Amazon, for instance, has built a site called Bookshelf, which combines the best bits of browsing in a bookshop – looking at covers, getting a sense of what else is around – with providing useful additional information about titles and genres. The effect is genuinely unlike anything else that other browsers can produce successfully.

All this is not to say, however, that the web will change instantly. And anyway, Google, Firefox and other browsers are all heading in the same direction. But what’s certain is that the development of applications, both for the web and for the iPhone and other mobile devices, has made many companies notice that the internet on a desktop or laptop PC was starting to feel strangely limited: Microsoft has tried to solve this by tightly integrating IE9 with Windows 7, as Google will when it launches its equivalent Chrome operating system. What that means is that, in future, the line between being online and simply using a computer may become indistinguishable – but broadband, mobile phone and wifi providers will have to sort out getting us all connected first.

Endhiran release postponed to Oct 1

The release of Rajinikanth and Aishwarya Rai Bachchan starrer Endhiran has been postponed from September 24 to October 1.

Sun Pictures in a statement said: “The film will now release in theatres in India and across the world including USA, UK, Europe, Malaysia, Singapore and Australi on October 1 in Telugu, Tamil and Hindi languages.”

Sun Pictures, a division of the Marans-held media conglomerate Sun TV Network, is producing the tri-lingual multi-crore movie

The movie directed by Shankar was supposed to release along with Kapoor-Priyanka Chopra’s Anjaana Anjaani.

The film, which had a mega music launch in Malaysia last month, has music by Oscar winning AR Rahman.

It is the most awaited film of 2010 featuring Ash and Rajinikanth for the first time on screen.

Update kills code-execution threat in Samba

Samba developers have warned of a software flaw that allows attackers to remotely execute malicious code on systems running the widely used file-sharing package.

Version 3.5.5, which was released on Tuesday, fixes the underlying buffer overrun in functions used to generate a credential known as a Windows Security ID. It can be exploited by sending a booby-trapped ID that overflows the stack variable and injects malicious code into memory.

It remains unclear how easy it is to exploit the bug. H D Moore, CSO of Rapid7 and chief architect of the Metasploit project, said the only vector he’s been able to identify is an option known as quota support, which isn’t enabled by default. Even when turned on, he added, an attacker would need a root password.

Moore said other possible openings included the file find, the get/set user quota, and active directory, but so far, none of them has panned out so far.

Samba is used to share files across systems running Linux, Windows, and Mac OS X. The vulnerability affects Samba versions going back to 3.0, which was released more than five years ago. It was discovered during an internal audit. Andrew Bartlett, the Cisco Systems employee who identified the bug, didn’t return an email seeking additional details.

Twitter facelifts its homepage

Twitter has revamped its homepage, offering a brand new microblogging UI that serves up more stuff alongside your collection of self-serving mini-messages – from embedded photos and videos to geolocation tags.

“We’re introducing a new, re-engineered Twitter.com that provides an easier, faster, and richer experience,” Twitter co-founder Evan Williams said in a blog post.

Yes, the page is still centered around your never-ending stream of “tweets.” But above this timeline, you’ll find new links to additional lists, including your “retweets” and searches. And when you click on a tweet, a second pane appears on the right-hand side of the page, for viewing additional stuff, including replies, more tweets from the same user, a map showing where the tweet was sent from, or embedded media. Embedded photo and video viewing is provided via partnerships with the likes of Flickr, TwitPic, Vimeo, and YouTube.

You can also click on a sender’s name to view a truncated version of their profile. Twitter provides a video of the redesign here:

Williams said the redesign will roll out to users “as a preview” over the next several weeks. Some accounts, he said, will receive it as soon as Tuesday night. During the preview period, you’ll have the option of returning the old interface. But eventually, all Twittering types will be moved to the new Twitter.

Google offers multiple sign ins in Gmail

Now those who have multiple accounts on the Gmail need not to enter the sign in or sign out process again and again. The Google engineers has offered the multiple sign in into the Gmails.

Users with multiple accounts on Gmail can use upto three email accounts through this new feature on the Gmail. For using the feature of the multiple sign in users need to go into the account option and change the setting.

New feature is not compatible in the picasa album and blogger. Users need to wait for sometime for the compatibility issue of Gmail multiple account signin at Blogger and Picasa.

Google received many requests from the users with multiple accounts who need to move from one account to other and undergo the process of sign in and sign out.

PHP 4 and MySQL 4 End of Life Announcement

WordPress has always been to make it run on common server configurations. WordPress has want users to have flexibility when choosing a host for their precious content. Because of this strategy, WordPress runs pretty much anywhere. Web hosting platforms, however, change over time, and occasionally are able to reevaluate some of the requirements for running WordPress. Now is one of those times. You probably guessed it from the title — we’re finally ready to announce the end of support for PHP 4 and MySQL 4!

First up, the announcement that developers really care about. WordPress 3.1, due in late 2010, will be the last version of WordPress to support PHP 4.

For WordPress 3.2, due in the first half of 2011, we will be raising the minimum required PHP version to 5.2. Why 5.2? Because that’s what the vast majority of WordPress users are using, and it offers substantial improvements over earlier PHP 5 releases. It is also the minimum PHP version that the Drupal and Joomla projects will be supporting in their next versions, both due out this year.

The numbers are now, finally, strongly in favor of this move. Only around 11 percent of WordPress installs are running on a PHP version below 5.2. Many of them are on hosts who support PHP 5.2 — users merely need to change a setting in their hosting control panel to activate it. We believe that percentage will only go down over the rest of the year as hosting providers realize that to support the newest versions of WordPress (or Drupal, or Joomla), they’re going to have to pull the trigger.

In less exciting news, we are also going to be dropping support for MySQL 4 after WordPress 3.1. Fewer than 6 percent of WordPress users are running MySQL 4. The new required MySQL version for WordPress 3.2 will be 5.0.15.

WordPress users will not be able to upgrade to WordPress 3.2 if their hosting environment does not meet these requirements (the built-in updater will prevent it). In order to determine which versions your host provides, wordpress created the Health Check plugin. Right now, Health Check will only tell you if you’re ready for WordPress 3.2. In a future release it will provide all sorts of useful information about your server and your WordPress install, so hang on to it!

In summary: WordPress 3.1, due in late 2010, will be the last version of WordPress to support PHP 4 and MySQL 4. WordPress 3.2, due in the first half of 2011, will require PHP 5.2 or higher, and MySQL 5.0.15 or higher.