Tech Review: Wednesday, August 10, 2011

Maylong M-250 7" $100

http://www.maylonggroup.com/M-250_MID.htm

• 7 "
• Resistive
• Stylus
• Android 2.2

Android Tablets . Net

http://www.androidtablets.net/forum/

Nice site on Android Tablets

Tech Review: Friday, August 5, 2011

http://www.shopping.hp.com/webapp/shopping/store_access.do?template_type=storefronts&landing=rts_tablet&category=rts_tablet&jumpid=em_r329_hhos_5944&aoid=105495&email=null

HP Touch Pad with Web OS $450

WOOT has it for $380

• 16 GB Storage
• 1.2 GHz Qualcomm Snapdragon dual-core AP!8060 processor
• 9.7" backlit 
• 1.3MP front-facing camera
• Wi-Fi
• Bluetooth
• Wireless charging
• WebOS
• Woot price for $380
• https://mail.google.com/mail/?shva=1#inbox/1319963c1b2ff4e4

http://www.shopping.hp.com/webapp/shopping/computer_can_series.do?storeName=computer_store&category=notebooks&a1=Category&v1=Mini&series_name=mini110_series&jumpid=in_R329_prodexp/hhoslp/psg/notebooks/Mini/mini110_series

HP Mini 110 $280 (Upgrade $320)

• Intel Atom N455 (upgrade to dual core ATOM N570)
• Graphic Media Accelerator 3150
• 1 GB Mem (upgrade to 2 GB)
• 10.1 "
• 250 GB drive
• 2.52 lbs
• Ethernet
• Webcam
• Integrated Wireless
• Bluetooth optional
• Win7 Starter 32-bit
• 1024x600

http://www.shopping.hp.com/webapp/shopping/store_access.do?template_type=series_detail&category=notebooks&series_name=dv6t_series&jumpid=in_R329_prodexp/hhoslp/psg/notebooks/promo_tile/2/lp_promo_tile2_HP_Pavilion_dv6t___731

PH Pavilion dv6t Series $600 ($1,528)

• (Win 7 Pro-64 bit)
• (Recovery DVD)
• (Dual Core Intel i5-2410M (2.3 Gz)
• (2GB Radeon 6770M GDDR5)
• (16GB Memory)

http://gcn.com/articles/2011/08/04/black-hat-apt-threat-china.aspx?s=gcndaily_050811

Flaw in advanced threats points to Chinese networks

• IP address of command and control servers in China
• Believed used in breach of RSA Security in March
• Advance Persistent Threats (APTs)
• Quietly infect systems
• remain undetected
• high-profile breaches

http://gcn.com/articles/2011/08/04/black-hat-android-apps-mobile-security.aspx?s=gcndaily_050811

Android app test demonstrates dangers for mobile devices

• 10,000 apps evaluated
• not necessarily malicious (?)
• leaky and noisy (?)
• 30% access unique equipment or subscriber identity number
• Report to server something in clear (can be read by anyone)
• definitely a privacy and security problems - Neil Daswani
• tries to get root access on device
• Short Message Service activity
• limited to a single message sent to the number of the phone installed on

http://gcn.com/articles/2011/08/03/android-hacks-rise.aspx

3 of 10 Android users now face malware attach

• trojan steal account passwords and SSN by recording phone coversations
• doubling the risk of 6 months ago - (Lookout)
• 80 to 400 number of apps in 6 months - (Lookout)
• 0.5 to 1 million user affected
• 48% malware
• repackaging
• malicious code added to legitimate app
• upgrade attach
• pub clean app, wait offer infected update
• 52% sypware
• Users transmitting sensitive data without proper encryption

http://gcn.com/articles/2011/08/04/black-hat-windows-kernel-vulnerabilities.aspx?s=gcndaily_050811

Window kernel a fertile field for vulnerabilities

• Win32K.sys from 1997 remains a fundamental component of Win architecture
• no proper authentication for changes in memory after for user-mode call backs
• 40 patches
• count much higher
• Tarjei Mandt - Norman ASA
• fundamental problem buried in an old element of he Win kernal

https://market.android.com/details?id=com.skype.raider&hl=en

Skype now does video

• 3.6 stars
• Skype is not known for good software
• who else has similar apps?
• Google?

http://www.zdnet.com/photos/gallery-photos-suggest-flowing-water-on-mars/6272308?tag=nl.e589

Life On Mars

• Melting salt water turns red

http://gcn.com/articles/2011/08/02/stuxnet-type-attack-prisons.aspx?s=gcndaily_040811

Stuxnet-style could attack prisons

• prisons use PLC
• doors
• gates
• video
• alarms
• intercoms

Tech Review: Thursday, August 4, 2011

Web Operating System (WOS)

http://en.wikipedia.org/wiki/Web_operating_system

Web Operating System (WOS)

A term for describing internet scale distributed computing.

http://desizntech.info/2009/08/top-5-web-operating-systems/

Liz Cornwell

The above artical is from 2009, but it is better than a poke in the eye.

Top 5 WOSs.

1. icloud
2. Glide OS 3.0
3. G.HO.ST
4. Jolicloud
5. EYEOS

How The New 'Protecting Children' Bill Puts You At Risk

http://www.zdnet.com/blog/violetblue/how-the-new-8216protecting-children-bill-puts-you-at-risk/590?tag=nl.e539

• nothing to do with pornography
• opposed by over 30 civil liberties and consumer advocacy organizations
• forces ISPs to retain 
• customer names, 
• address, 
• phone numbers, 
• credit card numbers, 
• bank account numbers and 
• dynamic IP address for
• 1.5 years
• ISP snooping bill
• fails to note that this would be an effective tool against child porno, which is a favorite habit of most pedophiles.

Android Trojan records conversations, can send them to bad guys

http://www.zdnet.com/blog/hardware/android-trojan-records-conversations-can-send-them-to-bad-guys/14006?tag=nl.e539

• Android Trojan
• records conversations

• Where was the application?  
• In the Android Market? 
• In the wild? 
• Why on earth would someone want to record a bunch of conversations?  
• Doesn't make sense. 
• Is this something malicious, 
• a developer mistake, or 
• marketing gone awry?
• Author says "Best defense ... is to pay attention to the permissions..."   
• Fails to realize that a lot of legitimate applications ask for a lot of privileges.
• I personally would recommend 
• loading from the Google Android Market
• using the Lookout Mobile Security

Forrester: U.S. debt ceiling showdown will affect IT spending

http://www.zdnet.com/blog/btl/forrester-us-debt-ceiling-showdown-will-affect-it-spending/53401?tag=nl.e540

• 2011 IT forecast growth drops from 7.4 to 5.5
• 2012 IT forecast growth drops from 10.4 to ?

CNET 100 Android apps: Winners, in pictures

http://reviews.cnet.com/8301-19736_7-20083700-251/winners-of-the-cnet-100-your-top-10-android-apps/?tag=content;photo-frame

1. Google Maps
2. Dolphin Browser HD
3. Lookout Mobile Security
4. SoundHound
5. Read It Later
6. Google Voice
7. Google

How do I see the 100?

How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History

http://www.wired.com/threatlevel/2011/07/how-digital-detectives-deciphered-stuxnet/

• Iran
• 800 to ?
• 1000 and 2000 in a few months
• most complex malware ever written
• first real cyberweapon
• zero-day exploit
• looks like US/Israel

Ematic 2GB MP3 Video Player with 1.5" Screen

http://www.walmart.com/ip/Ematic-2GB-Video-MP3-Player-with-1.5-Screen-Black/10574420?adid=1500000000000026683350

• $25
• 2 GB
• FM tuner/recorder
• 1.5 " display
• voice recorder
• Plays
• MP4
• AVI
• MP3
• JPEG
• E-book

Tech Review: Tuesday, August 2, 2011

• http://gcn.com/Articles/2011/07/29/Fastest-broadband-cities.aspx?s=gcndaily_010811&Page=2

Which cities have the fastest broadband?

18 cities in the US ranked in the top 100 of the world.

Riverside - 7.8 megabits/sec

Rhode Island - 894 kilobits/sec 

Idaho - 318 kilobits/sec (slowest)

Japan - 13.2 megabits/sec

http://www.zdnet.com/blog/mobile-news/lenovo-ideapad-k1-tablet-first-impressions/3510?tag=nl.e539

Lenovo IdeaPad K1 tablet: First impressions

• Android Honeycomb 3.1 (3.2 is current)
• 10" screen
• Nvidia Tegra 2 dual-core processor
• two cameras
• doesn't wake on press of physical home button
• 1.65 lbs

http://www.zdnet.com/blog/bott/where-did-all-the-mac-malware-go/3628?tag=nl.e539

Where did all the Mac malware go?

• Mac Defender group doing attack
• cause the first release of Mac OS with patch target at virus
• Mainly stopped by Google shutting down the "poisoned searches"
• http://www.net-security.org/secworld.php?id=10989

http://www.zdnet.com/blog/open-source/the-top-five-linux-desktop-vendors/9313?tag=nl.e539

The top five Linux desktop vendors

• Eight Vitrues looks like the best for mid range are lower Linux boxes.
• http://www.eightvirtues.com/support.html

http://www.smartplanet.com/blog/design-architecture/chinas-young-designers-create-products-that-merge-tradition-and-innovation/219?tag=nl.e550

China's young designers create products that merge tradition and innovation

• American born Aric Chen is running at state sponsored magazine to highlight Chinese architecture, graphics, and products.

http://www.zdnet.com/blog/security/skype-facebook-critical-security-vulnerability/9163?tag=nl.e550

Skype + Facebook = critical security vulnerability

• Really a security hole in the newest release of MS Skype.

http://www.spi.dod.mil/lipose.htm

• From DOD
• Lightweight Portable Security (LPS)
• Any intel-base Mac or PC
• Accredited for LPS-Remote Access
• Mark Clute has played with it

http://www.spi.dod.mil/ewizard_down.htm

Encryption Wizard

• Encryption Wizard
• Run on anything that runs Java v1.5
• DOD
• Mark Clute recommended it

http://www.walmart.com/ip/Archos-501582/15567528

ARCHOS 70 7" Touchscreen Tablet PC: $229

• Capacitive multi touch
• Android 2.2
• Webcam

http://www.f3program.org/

• Jessica Pater works with
• http://virtualities.net/JessicaPater.aspx
• GT, Gov, Industry effort to ensure universal k-12 tech access.

http://www.net-security.org/secworld.php?id=10989

• compromise a legit web site
• Usually Wordpress
• Introduces PHS scripts in sites' source code
•  Scripts monitor Google trend queries
• Create artificial web pages containing content
• Detects Google crawlers and deliver content
• Pics end up in image search database
• Exploit happens when user clicks thumbnail
• Google use iFrame
• PHP script checks if user came from Google results page
• redirect to another compromised site.

https://market.android.com/details?id=com.netflix.mediaclient&hl=en&pli=1

• Android app for Netflex.  
• Installed it and it works great.
• Could not find when I searched in Market
• There is one for Blockbuster but it is in-compatable with my phone
• https://market.android.com/details?id=com.motorola.Blockbuster&feature=related_apps