Thursday, March 1, 2007

PC World - Vista's UAC Warnings Can't Be Trusted, Symantec Says Windows Vista's User Account Control (UAC), a system that Microsoft says makes the new operating system safer from attack, can be spoofed and shouldn't be completely trusted, a Symantec researcher said on Wednesday. Ollie Whitehouse, an architect at Symantec's advanced threats research team, first used a blog entry Tuesday to point out how a hacker could use a file included with Vista to disguise the UAC warning dialog in the color associated with alerts generated by Windows itself. 10:19:06 PM

Tricking Vista's UAC To Hide Malware. Tricking Vista's UAC To Hide Malware. Vista's User Account Control, love it or hate it, represents a barrier against unwanted software getting run on users' computers. A Symantec researcher has found a simple way to spoof UAC and says that it shouldn't be completely trusted. The trick is to disguise the UAC warning dialog in the color associated with alerts generated by Windows itself.  [Slashdot] 10:14:53 PM

Windows for Warships nears frontline service | The Register The Type 45 destroyers now being launched will run Windows for Warships: and that's not all. The attack submarine Torbay has been retrofitted with Microsoft-based command systems, and as time goes by the rest of the British submarine fleet will get the same treatment, including the Vanguard class (V class). The V boats carry the UK's nuclear weapons and are armed with Trident ICBMs, tipped with multiple H-bomb warheads. All this raises a number of worrying issues. First up is basic reliability and usability. Most of us have stared in helpless despair at the dreaded blue screen; how much worse would you feel if that wasn't just your desktop gone but your combat display, and it really was the screen of death? 10:07:50 PM

Windows For Warships Nearly Ready. Windows For Warships Nearly Ready. mattaw writes "The Register is carrying the sanest and balanced article on Windows deployment in UK warships that I have read to date in the public domain. As an ex-naval bod myself we have long considered that this is potentially a REAL problem. The main issues are the huge amount of unrelated code that is imported with the kernel and the need for incredibly fast response times." [Slashdot] 9:59:26 PM

Solaris Worm Blasts Way Through Operating System. Solaris Worm Blasts Way Through Operating System. "Hi, I'm Casper, I am a bored Sun developer and I wrote this piece of code." [GT: Security and Privacy] 9:02:48 PM

Malware Adopts Disguises in Attempt to Dupe IT Defenses. Malware Adopts Disguises in Attempt to Dupe IT Defenses. Top ten threats and hoaxes reported in February 2007. [GT: Security and Privacy] 8:55:38 PM

MPAA Fires Back at AACS Decryption Utility. MPAA Fires Back at AACS Decryption Utility. RulerOf writes  "The AACS Decryption utility released this past December known as BackupHDDVD originally authored by Muslix64 of the Doom9 forums has received its first official DMCA Takedown Notice. It has been widely speculated that the utility itself was not an infringing piece of software due to the fact that it is merely "a textbook implementation of AACS," written with the help of documents publicly available at the AACS LA's website, and that the AACS Volume Unique Keys that the end user isn't supposed to have access to are in fact the infringing content, but it appears that such is not the case." --- From the thread   "...you must input keys and then it will decrypt the encrypted content. If this is the case, than according to the language of the DMCA it does sound like it is infringing. Section 1201(a) says that it is an infringement to "circumvent a technological measure." The phrase, "circumvent a technological measure" is defined as "descramb(ling) a scrambled work or decrypt(ing) an encrypted work, ... without the authority of the copyright owner." If BackupHDDVD does in fact decrypt encrypted content than per the DMCA it needs a license to do that."  [Slashdot: Your Rights Online] 7:43:21 PM

© Copyright 2007 Paul Hardwick. Last update: 3/4/07; 11:05:09 AM.