Tips Links and Tidbits Newsletter

Tuesday 27th February 2007


Basic Computer User

Report: Chinese hackers waging cyberwar on US
Chinese hackers are waging war against the United States through the cyber realm, a senior defense official said last week. More

Critical vulnerability surfaces on Google Desktop
Desktop search vulnerable to cross site scripting attack. More

New search engine provides live answers from experts
Jyve on Tuesday launched a new search site that links users directly with people who can answer their questions. More

Nine Tips for Resurrecting “Dead" Technology
Is that gadget really dead? Here are some ways to make sure before you dump it. More

Spam at all time high
Up to 90 percent of all e-mails will be spam by the end of this year, according to research released yesterday. More

Microsoft hit with US$1.52 billion damages bill
A U.S. federal jury found that Microsoft infringed audio patents held by Alcatel-Lucent and should pay US$1.52 billion in damages. More

Where Is All The Vista Software?
Just 104 software applications have been certified to run under Windows Vista, according to an update published on Microsoft’s Web site. More

New Firefox Updates Eliminate Major Security Flaw
The security and stability revision stops hackers from being able to tamper with how Web sites are displayed and how they operate. More

As much as I dig Google, I’ve always felt a little leery about Google Desktop. I mean, why would I want to make my computer searchable from the Web? It sounds more scary than beneficial. Turns out, my worst nightmares about Google Desktop came true. Good thing I didn’t install it.

According to a whitepaper from Watchfire, a Cross-Site Scripting (XSS) vulnerability in the way Google Desktop and are integrated could allow an attacker to overcome security protections and achieve remote, persistent access to a victim’s desktop. The attacker could then do anything from reading sensitive documents on your PC to executing code with your permissions, potentially gaining complete control of your machine. For the attack to work, the attacker just needs to fool you into clicking his hyperlink, executing a malicious Javascript. Worse yet, this attack uses normal HTTP syntax, which merges with Google’s code, and thus occurs well under the radar of most security devices. Firewalls, antivirus, and Intrusion Protection Systems don’t see this attack’s seemingly legitimate requests as malicious, and it can persist even after you switch browsers..

But don’t take my word for it. Watchfire has produced an excellent Web-based demonstration showing this attack in action. It describes the flaw in great detail and shows you exactly how an attacker might exploit it. Check it out.

Happily, this story ends with some good news. Google has fixed the XSS flaw in their Web site that made this attack possible. However, as Watchfire points out, this flaw shows a prime example of how hackers can exploit badly coded Web applications to cause utter havoc. With the rise of Web 2.0, more and more Web applications make their way onto the Internet every day. We’d better start writing them securely now or they’re sure to bite us in the rear later. -- Corey Nachreiner, CISSP

Copyright© 2007 WatchGuard® Technologies, Inc. You may copy and distribute this article freely in any medium as long as you copy and distribute the entire article without change and preserve this copyright statement and notice.

Schools should teach deep, strategic computer insights that can’t be learned from reading a manual. More

Rene Els has a new web site... here

Stealth fighters hit by software crash
F-22 Raptors stepped over the International Date Line. More

Experts warn of data security ’police state’
Ill-conceived or poorly implemented IT security regimes could leave enterprises struggling to survive within the restrictive confines of an information “police state", experts have warned. More

Reduce risk by wiping out data
Beware the security black hole when disposing old computer equipment and mobile devices, a study finds. More

Back to Top

Advanced Computer User

4G to kill mobile per-second billing
Operators will be forced to offer ’all-you-can-eat’ services. More

Edinburgh to host 60-teraflop super-computer
Cray’s HECToR heads for the highlands. More

The Dissection of a Rootkit
F-Secure Security Labs’ new paper takes apart the dangerous and stealthy rootkit. Refers to article that explains in detail what kernel malware is, how it works, and what makes its detection and removal so challenging. He also details two malware cases that use kernel-mode techniques to escape detection and to bypass personal firewalls. More

Back to Top


Another rap for vitamin D More

Cheap, ’safe’ drug kills most cancers

How not to blow yourself up at the petrol station here

Mobile phones boost brain tumor risk by up to 270 percent on side of brain where phone is held
Using a cell phone regularly – even a modern one – raises the risk of developing a brain tumor for many users, a new Finnish study published online in the International Journal of Cancer. More

Folic acid, vitamin B-12 boost cognitive function It has long been known that folate and vitamin B-12 are important to the healthy functioning of the nervous system. More

If you have Eczema
Eczema is sometimes associated with allergies or reactions to a variety of foods. But there is another reaction to food... intolerance to gluten, the protein found in many grains including wheat, barley and rye.

From the Daily Health News: Or forward this E-mail to a friend so they can sign-up to receive their own copy of Daily Health News.

Selenium intake prevents loss of brain function as we age
A person’s selenium intake throughout life may influence how well they retain cognitive function as they age, according to a new study published in the “American Journal of Epidemiology." “In this cross-sectional survey of cognitive function... More

Back to Top


Chemical-free oven cleaning
The Wise Woman’s tip for cleaning the oven without harsh chemicals is to place half a cup of cloudy ammonia in a bowl in a warm (turned off) oven and leave overnight. Remove the bowl the next day and wipe the walls of the oven with newspaper soaked in warm water and vinegar. Racks can be soaked from time to time in a laundry tub containing grey water from the washing machine - they should need just a scrub with steel wool to remove any difficult grime.

Some shots of a _very_ big plane... More

Nintendo Wii takes the lead in console war
Wii outselling PSP and Xbox by a 50 percent margin.

Medieval Muslims Beat West to Math Breakthrough
Magnificently sophisticated geometric patterns in medieval Islamic architecture indicate their designers achieved a mathematical breakthrough 500 years earlier than Western scholars, scientists said on Thursday. More

"The value of an idea lies in the using of it." - Thomas Edison

Ready! Fire! Aim! How Marc Singer Became a Great Filmmaker

By Michael Masterson

For most dreamers who want to become filmmakers, this would probably be the most sensible path for them to follow:

1. Spend six months to a year locating a film school that will accept you.

2. Invest tens of thousands of dollars to enroll in the best program you can find.

3. Spend two to six years studying film and developing a familiarity with all the major skills: direction, lighting, sound, etc.

4. After getting your degree, spend six months to a year looking for a job. And if you don’t find a job (and chances are you won’t), get a non-paid apprenticeship with a movie-related business and work at that till you get a shot at something better.

5. Keep at it for 10 or 20 years until you finally get a lucky break.

If you think this is unrealistically pessimistic, consider what the Bureau of Labor Statistics has to say about employment in the film industry: “In television and film, actors and directors typically start in smaller television markets or with independent movie production companies and then work their way up to larger media markets and major studio productions. Intense competition, however, can be expected at each level, because ever more applicants will be vying for increasingly fewer numbers of available positions."

So what if you don’t want to devote half your life to academia and internships and small-time productions and groveling and schlepping and kissing butt?

If that’s the case, you can take my “Ready. Fire. Aim." approach.

On Friday, I explained how taking quick action - action before you have all the facts, knowledge, or experience - can be the best way to accomplish great things. That’s just what Marc Singer did...

Marc was an unemployed immigrant from England when he heard the rumor: Hundreds of homeless people were living beneath the ground in New York City.

There was something about the idea that struck his imagination. He couldn’t stop thinking about it. A village of homeless men and women hidden in a subway tunnel. How did they live? What did they do? And where, exactly, were they?

He got his chance to find out when an article in an independent newspaper gave him a clue as to where this urban Atlantis might be - and it wasn’t far from where he lived. For several weeks, Singer poked around and talked to homeless people. Finally, he found what he was looking for - an otherwise unremarkable pile of rubbish in a tunnel stretching north from Penn Station to Harlem.

For several days, he watched raggedy people disappear into the tunnel and come out again. Eventually, he approached them. He told them that he was interested in getting to know them. They thought he was crazy.

He had a feeling that in the blackness beneath that hole lay his destiny. So he kept talking to the homeless people who were using it, trying to make friends with them, until one of them finally invited him down.

It was an Alice in Wonderland experience for Singer. In the cavernous darkness, he discovered dozens and dozens of painstakingly constructed huts made from discarded plywood, plastic, and canvas - huts that housed hundreds of squatters.

The property they were squatting on had been abandoned long ago when the subway stopped running along that route. There were still, however, electrical wires and water pipes running through it that the crafty squatters had tapped. Inside the shacks, radios played. Beneath a jimmy-rigged water line, the denizens of this dark city showered. There was everything here that Singer had imagined... and more. He built himself a little shelter among his new neighbors and, for several months, spent half his days there.

At one point, sitting around a makeshift campfire, playing cards and talking to several of the men, someone suggested that Singer make a film about it all. The moment he heard it, the idea struck him as exactly right. Despite the fact that he knew nothing about filmmaking ("If I ever picked up a camera in my life, it was a little disposable throw-away one," he told reporter Amy Goodman of IndieWire), he got started immediately.

Singer spent the next several weeks hustling around the city, gathering up equipment and reading books on filmmaking. He used his newfound (and equally inexperienced) friends as his crew and, relying mostly on instinct, directed the filming, lighting, and sound. As the weeks went by, he accumulated hundreds of hours of film. When he ran out of film, he borrowed money and shot more film.

After several months of shooting, Amtrak announced that they were going to clean up this abandoned tunnel to make way for some new project. They contacted the police to force the squatters out. Singer went to Amtrak and asked for a deal. If they would give him just a month or two of leeway, he said, he would sell the film and use the money to find other places for the squatters to live.

It was a promise without a foundation, based entirely on faith. But, miraculously, he pulled it off. The second half of the amazing black and white film he produced down in the tunnel tells the story of how these people fought for their right to stay... and then, when that effort failed, worked with Singer until he found homes and jobs for them.

The film, a documentary called Dark Days, went on to win the 2000 Sundance Film Festival Audience Award and the Freedom of Expression Award, and it shared the Cinematography Award. Marc Singer became an instantly credible and credited filmmaker, and his career has been uphill ever since.

Rent the film and enjoy it. But then watch the extra feature that describes how Singer made it. You will be impressed by his ingenuity and the tenacity he showed given the obstacles that faced him. For me, the big lesson was that he went full-speed ahead with his goal of making the film the moment the idea popped into his head.

After spending all that time and effort getting integrated into this unusual community, he recognized - on a gut level - that making the documentary was the right thing for him to do. He didn’t let his complete ignorance of filmmaking or his lack of money or contacts or anything else stand in his way.

He had the right idea, and he was emotionally ready to pursue it. That is how many, many great things are done.

Ready. Fire. Aim.

[Ed. Note: Learn how you can be part of an exclusive group of 25 to 50 ambitious businesspeople that Michael will be leading through an elite 5-day program that can help you dramatically increase the profitability of your business here.]

From the newsletter
[Early to Rise Copyright ETR, LLC, 2007]
If you’d like to subscribe to Early to Rise or suggest it to a friend, please visit: here

Muhammad Yunus, Winner of the 2006 Nobel Peace Prize, on Simple Solutions

"Business is about problem-solving, but it does not always have to be about maximizing profit. When I went into business, my interest was to figure out how to solve problems I see in front of me. That’s why I looked at the poverty issue. I got involved in lots of things to address it, and one of them was money lending with loans and credits and savings accounts, and in the process I created Grameen Bank. So you can also have social objectives. Ask yourself these questions: Who are you? What kind of world do you want?

"Most of the problems we have and talk about today sound very complicated, but they aren’t. They’re simple. And complications actually hide solutions. So when I’m faced with a problem that looks complicated, I try to bring it back to its simplest state. Like poverty. Poverty is not complicated. It’s deprivation, a denial of resources. Credit is not available to you, so you cannot move forward. Simple. All it takes is one little step: My first loan was one for $27 that I gave to 42 people. But at Grameen [Bank] it’s not that we lend money to people in small or big amounts; it’s that we loan in an appropriate amount to their needs.

"The size is small because the need is small. I could complicate things: I could lend a person $1 million, but if that someone can only handle $20, that would be stupid. But if she can handle $20, it makes sense, and that’s still big money for her. So I say, when you’re trying to solve a problem, always bring it back to the simplest formulation."
(Source: Business 2.0)

Back to Top

Soft Design Pty Limited ACN 082 885 845
as trustee for the Just For You Software Trust ABN 71 940 807 195
trading as Just For You Software RBN R8577304
PO Box 470 Glebe NSW 2037