I’ve got the new Audi RS5 wallpapers on my work and home PCs if cars are your thing 😉
Looks like Windows 7 is vulnerable to an SMB remote exploit.
Unfortunatly this SMB2 security issue is specificaly due to a MS patch, for another SMB2.0 security issue:
Installing only this specific update on Vista SP0 create the following issue:
SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionnality.
The NEGOTIATE PROTOCOL REQUEST is the first SMB query a client send to a SMB server, and it’s used to identify the SMB dialect that will be used for futher communication.
Reminds me of the days of WinNuke.
Here’s four new Microsoft Windows 7 commercials, 7 seconds to talk about Windows 7. Short, sweet functionality and to the point. Oh and look, they don’t seem to need to be bashing their competitors (awww!).
Having used Windows 7 now for close to 2 months I have to say its nothing but pure awesomeness. If you have MSDN there’s no excuse not to try it out. I’ve been too busy to even blog about it 🙁
Excited about Windows 7 launch to the public in October? Organise a party and get some swagger!
Choose a day from October 22-29 and if you’re selected, you’ll not only receive a special Signature Edition of Windows® 7 Ultimate but your very own Windows® 7 Party Pack.
Countries allowed to partaye!
The only review you’ll ever need to read for the newly released Apple OS X 10.6 Leopard from Ars.
Having used 10.6 for a few days now (yes believe it or not I do have a couple of Macs at home!) I’ve felt it to be snappier than the original Leopard the Macbook and iMac shipped with. Still my main box is a Windows 7 machine 🙂 But I’d highly recommend installing 10.6 if you’re running 10.5 *after* you’ve made sure all your software is compatible, unfortunately Adobe CS3 is not supported in 10.6 (I mean not working in Snow Leopard), so I went out and got CS4 for Mac.
[Update: No one said anything about CS3 being “not supported” on Snow Leopard. The plan, however, is not to take resources away from other efforts (e.g. porting Photoshop to Cocoa) in order to modify 2.5-year-old software in response to changes Apple makes in the OS foundation.]
From Channel 9:
- Using Windows 7 – Contains consumer- and user-related videos such as how to install Windows 7 and how to set up a home group network
- Programming Windows 7 – I don’t really need to explain what goes here, right?
- Last but not least, “Under the Hood” – Contains classics like the interview with Mark Russinovich on Windows 7 Internals.
Enjoy, I’m house hunting this weekend!
I’ll let you decide if this is LOL worthy.
APPLE KEYBOARDS ARE vulnerable to a hack that puts keyloggers and malware directly into the keyboard. This could be a serious problem, and now that the presentation and code is out there, the bad guys will surely be exploiting it.
The vulnerability was discovered by K. Chen, and he gave a talk on it at Blackhat this year. The concept is simple, a modern Apple keyboard has about 8K of flash memory, and 256 bytes of working ram. For the intelligent, this is more than enough space to have a field day.
Nothing is encrypted, decrypted, and the process is simple. You then resume HIDFirmwareUpdaterTool, and in a few seconds, your keyboard is compromised. Formatting the OS won’t do you any good, the code is in keyboard flash. There are no batteries to pull, no nothing, the keyboard is simply compromised.
Then from the proof of concept document:
The application checks a number of properties of the keyboard and checks the validity of the ?rmware image ?le kbd 0x0069 0x0220.irrxfw in the bundle. The ?rmware validity checking routine is called CRC32: and is the 75 byte routine starting at 0x00003005. Despite the name, this routine does not do CRC32 at all and in fact, it simply just adds up the bytes of the ?rmware image ?le and the application veri?es that the sum is 0x252ed7.
EPIC FAIL. While the rest of the world has been working hard on securing the fabrics of their kernel, Apple have concentrated on painting the Lepoard with new stripes. Before you fall into a trap thinking this isn’t as big as they make it out to be – because you need physical (and root) access to update firmware (and the user would have to approve), think of malware or a Safari related exploit. How many security conscience Mac users are there do you think? Wasn’t the original deal move to Mac and forget all your troubles?
Surely Apple can’t be the only keyboard at fault, I’m sure my Razer Tarrantula (with a few modifications) can fall into the same trap – atleast you’d hope so, for Apple’s sake (or not!).
Anyway, woo WINdows 7 to Technet/MSDN guys this week!
After many leaks, a public release of RC1 and several premature releases of what cuda been the final RTM we finally have sufficient proof that Windows 7 has infact been Released To Manufacturing (confirmed too!).
Heres a summary of what to know.
The final build is tagged as 6.1.7600.16385.090713-1255. It was compiled on July 13, 2009, at 12:45pm.
Windows 7 x64 DVD-ISO
Windows 7 x86 DVD-ISO
These hashes and values are from Daniel Melancthon’s blog post.
This is what we know.
|General Public||October 22nd|
|Microsoft Partner Program (Gold/Certified)||August 16 (English)
October 1st (Other languages)
|Businesses with Volume Licensing (Software Assurance)||August 1st|
|Businesses with Volume Licensing (Other)||September 1st|
|MSDN/Technet Subscribers||August 6th (English)
October 6th (Other languages)
|Microsoft Action Pack||August 23rd (English)
October 1st (Other languages)
Thats about it, if you ‘obtained’ a copy from somewhere, give Long Zheng‘s Windows 7 ISO verifier a go to see what you’ve actually got, last thing you’d want is a copy of Vista with a Windows 7 Transformation pack!
I’ve got the seasonal flu, so I’ve mostlty relaxing the last couple of days, but you dont have to. Microsoft have finally release Windows 7 Release Candidate 1 to the public – comes with much of tweakin and small feature additions,. If you couldnt get it from MSDN or Technet before, now’s your chance. I’ve been running the RC build on my Dell M1330 since it hit Technet (maybe a tinsy bit earlier) and its been solid as a rock.
Changes in Version 3.90 Beta 1:
- WinRAR version for Windows x64 is available. If you use Windows x64, it is strongly recommended to install 64 bit WinRAR version. It provides a higher performance and better shell integration than 32 bit version.
- RAR compression speed is improved for multi-core and multi-CPU systems. This improvement is most noticeable in Windows Vista and Windows 7 operating systems.
- “Remove duplicate folders from extraction path” option in “Settings/Compression” dialog is replaced by more universal “Remove redundant folders from extraction path” option. This option will eliminate redundant archive name based folders from extraction path if you unpack an archive with “Extract to DestName\” context menu command and if archive root folder contains only one folder and no files.
- Changes in “Extraction path and options” dialog:
- “New folder” button creates a new subfolder in currently selected folder;
- F2 key renames a selected folder in the folders tree;
- F5 key updated the tree pane contents;
- Del key removes a selected folder in the folders tree.
- You can enable “Show seconds” option in “Settings/File list” dialog if you wish to see seconds in file dates in file list in WinRAR shell.
- “Where to check for SFX archives” options group in “Settings/Integration/Context menus items” dialog lets you to control processing of SFX archives in context menus. For example, if you frequently right click “.exe” files on slow network disks, you can turn off “Network disks” options to minimize the delay before displaying the context menu.
- If you sort files by name in the file list in WinRAR shell, WinRAR will use the new logical file name sorting, same as in Windows Explorer, considering digits in file names by their numerical value. So files will be sorted as 1.txt, 2.txt, 10.txt instead of previous 1.txt, 10.txt, 2.txt. This new sort behavior is available in Windows XP Service Pack 2 and newer.
- Ctrl+W key combination can be used to close the main WinRAR window also as WinRAR viewer windows. “View as Windows text” shortcut in WinRAR viewer changed from Ctrl+W to Ctrl+I.
- New command line switch -r- disables recursion completely. So ‘rar a -r- arc dirname’ command will add only the empty dirname folder and ignore its contents. By default, if dirname does not include wildcards, RAR adds its contents even if -r switch is not specified.
- If used when extracting, the new command line switch -ai forces RAR to ignore file attributes. When using this switch, extracted files will always have attributes assigned by operating system to a newly created file by default.
- If output file name is not specified in “cw” command, console RAR will send comment data to stdout.
- When compressing stdin data with -si[name] switch, RAR sets modification time of archived entry to current system time. Previous RAR versions did not fill this field, resulting in meaningless modification time for stdin.
- Message displayed when you place the mouse cursor on WinRAR tray icon includes the archive name now. Previously only time left and total percent were displayed for archiving operations.
- Bugs fixed:
- WinRAR could fail to open tar or tar.gz archive if such archive contained a file larger than 8 GB;
- WinRAR context menu did not work properly in Windows 7 beta if icons in context menus were enabled and user clicked a file inside of Windows 7 Library folder;
- previous WinRAR versions failed to rename files having 5 or more continuous spaces in the name. WinRAR shell does not display such spaces for safety reasons, because they can hide an actual file extension. But this security measure prevented the rename command to work properly.
The primary bits that got my attention was the native x64 release and the improved multi-threaded support for compression (the first two items – bolded). So naturally I downloaded the Windows x64 release and had a stab at doing some benches. This was a very quick test.
Windows Vista Ultimate x64 SP1 (current as of 01/05/2009)
WinRAR was set to ‘Best’ Compression and ‘Create Solid Archive’.
I looked around for the best bunch of files I could find to compress – and that’s easily reproducible. Funnily/nerdy enough, the Microsoft Enterprise Library 4.1 (Download from Microsoft) source folder was chosen – with build files already included (binaries, pdbs etc).
- Files: 5148
- Folders: 742
- Size: 230Mb (241,576,303 bytes)
- Size-on-Disk: 240 MB (251,727,872 bytes)
You can download a copy of the files from me, its 5.8Mb compressed. (UPDATE: Doh! wrong linkage!)
The final output size of the RAR file was 5.28 MB (5,541,888 bytes).
Wow, 10 seconds shaved off, the cores were definately being utilised far greater than the previous releases.
Unfortunately, the Beta 1 release (for me atleast) doesn’t properly register the shell context menus, so if you like right clicking and doing “Add to Archive” you might find that missing even though you told it to use it – I did make sure I uninstalled the 3.8 release prior to installing 3.9 and rebooted just to be sure, but no dice.
So maybe its not ready for prime time just yet, but 3.9 will surely rock your socks with some multi-core McLovin.