Antivirus programs need to be able to inspect a lot of data and file types from a variety of sources: the Web, email, the local file system, network shares, USB attached storage devices, etc. They also have a large number of components that implement various layers of protection: drivers for intercepting network traffic, plug-ins that integrate with browsers and email clients, graphical user interfaces, antivirus engines with their subsystems that perform signature-based, behavior-based and cloud-based scanning and more.

This is what security researchers call a very large attack surface, meaning there is a lot of potentially vulnerable code that attackers can reach in a variety of ways. Furthermore, when it comes to antivirus products, much of this code runs with the highest possible privilege, something that researchers argue should be avoided as much as possible.

Rigs of Rods is an open source vehicle simulator licensed under the GNU General Public License version 3. What makes Rigs of Rods different to most simulators is its unique soft-body physics: vehicles, machines, objects, etc. are simulated in real-time as flexible soft-body objects, giving the simulation an extremely accurate behavior which entirely depends on the physical construction of the vehicles or objects you create. The community contributes greatly to the game, giving it a vast selection of vehicles and terrains from which you can choose.

It’s called the Microsoft Tech Support scam, and it’s been around for years. Last week, Emsisoft and Bleeping Computer intercepted one of these scammers, and in addition to messing with him for a good three hours, we took detailed notes on how the Microsoft Tech Support scam works.

According to leaked internal documents from the German Federal Office for Information Security (BSI) that Die Zeit obtained, IT experts figured out that Windows 8, the touch-screen enabled, super-duper, but sales-challenged Microsoft operating system is outright dangerous for data security. It allows Microsoft to control the computer remotely through a built-in backdoor. Keys to that backdoor are likely accessible to the NSA – and in an unintended ironic twist, perhaps even to the Chinese.

KSP is a game where the players create and manage their own space program. Build spacecraft, fly them, and try to help the Kerbals to fulfill their ultimate mission of conquering space. The game is currently under heavy development. This means the game will be improved on a regular basis, so be sure to check back for new updates. Right now, KSP is in Sandbox Complete state, but we want you to try it out and have fun with it. The first versions are free to download and play, and will remain so forever.

In a typical example, at Beth Israel Deaconess Medical Center in Boston, 664 pieces of medical equipment are running on older Windows operating systems that manufactures will not modify or allow the hospital to change—even to add antivirus software—because of disagreements over whether modifications could run afoul of U.S. Food and Drug Administration regulatory reviews, Fu says.

As a result, these computers are frequently infected with malware, and one or two have to be taken offline each week for cleaning, says Mark Olson, chief information security officer at Beth Israel.

Medical equipment running Windows? Old versions of Windows? Without security patches? And without any kind of malware protection? Yeah, sounds like a good idea. What could possibly go wrong?

This scam itself is a few years old now, but I had not personally received one of the calls until yesterday—the very day that the Federal Trade Commission (FTC) announced a major crackdown on such "boiler room" call center operations. The very day that six civil lawsuits were filed against the top practitioners. The very day on which I had just finished speaking with Ars IT reporter Jon Brodkin, who spent the morning on an FTC conference call about this exact issue. And here were the scammers on the other end of the line, in what could only be a cosmic coincidence.

Oh look, Microsoft actually has sensible recommendations on applications using customized windows:

Most Windows applications should use the standard window frames. However, for immersive, full screen, stand-alone applications like games and kiosk applications, it may be appropriate to use custom frames for any windows that aren't shown full screen. The motivation to use custom frames should be to give the overall experience a unique feel, not just for branding.

Of course, these recommendations don't apply to Microsoft themselves, only to everybody else. Microsoft Office, anyone? Outlook? Or the absolute GUI monstrosity that is the Windows Media Player? In Microsoft's own applications, there are gratuitous custom window frames everywhere.

iodine lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries are allowed. It runs on Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD and Windows and needs a TUN/TAP device. The bandwidth is asymmetrical with limited upstream and up to 1 Mbit/s downstream.

If you are familiar with vcs software such as Subversion, you might think of boar as "version control for large binary files". But keep reading, because there is more to it.

Boar stores snapshots of directory trees in a local or remote repository and provides tools to ensure that your data is consistent and complete. You can keep just some or all of your data checked out for viewing and editing.

The repository has a simple layout to ensure that the data can easily be extracted even if the original software should be unavailable. This simplicity makes boar ideal for data that needs safe long-term storage.

1–10 (79)   Next >   Last >|