Author: Dr. Bill

I love my Roku, as you know, so set-top boxes for Internet-based TV is awesome! But, GoogleTV apparrently just didn’t “catch on!”

Logitech confesses to ‘gigantic’ mistake with Google TV

“Logitech is halting production of its Google TV Revue set-top boxes, acknowledging that the whole affair was a financial disaster for the company.

At an Analyst and Investor Day hosted by Logitech on Wednesday, CEO Guerrino De Luca confessed that the Revue was a ‘mistake of implementation of a gigantic nature.’ In his presentation, DeLuca in part pointed the finger at Google TV, referring to it as a ‘beta’ product, according to The Verge.

De Luca told investors that Logitech lost more than $100 million in operating profits on the Revue after bringing it to the market almost a year ago. As a result, the company will simply let existing inventory of the Revue run out this quarter and will not make another set-top box to replace it.

The CEO intimated that Google TV simply wasn’t ready to launch when it did and that Logitech mistakenly thought the search giant’s product was revolutionary, The Verge reported. DeLuca also blamed his company’s own ‘operational miscues in EMEA [Europe, Middle East, and Africa]’ for the Revue’s failure to ignite the market.

‘To make the long story short, we thought we had invented [sliced] bread and we just made them,’ DeLuca said. The company made a commitment to ‘just build a lot because we expected everybody to line up for Christmas and buy these boxes [at] $300…that was a big mistake.'”

I am an Ubuntu desktop guy myself, but one of my friends at work uses Fedora as his standard desktop (notebook) OS… it looks pretty cool. I may have to “play” with it!

Fedora 16 released with GNOME 3.2, virtualization enhancements

“The Red Hat-sponsored Fedora Project released Fedora 16 (‘Verne’), featuring the GNOME 3.2 desktop environment and virtualization and cloud enhancements — including support for the Aeolus and OpenStack Infrastructure-as-a-Service (IaaS) platforms. Version 16 upgrades the techie-focused Linux distribution to Linux 3.1, and moves up to the GRUB2 bootloader and Firefox 7.0.1, while offering enhanced contact and document management apps.

As we noted when the Fedora Project released its first beta of Fedora 16 in early October, the release is notable to desktop end users primarily for its upgrade to the GNOME 3.2 desktop. Fedora first tried out GNOME 3.0 in Fedora 15, a more significant release that also added a dynamic firewall, the SystemD configuration utility, and major new applications.

Like Fedora, which acts as the cutting-edge, Red Hat-backed upstream contributor to Red Hat Enterprise Linux (RHEL), SUSE’s OpenSUSE also moved to GNOME 3.2 in its 12.1 beta. And on Nov. 4, the Linux Mint team succumbed to the wheels of ‘progress,’ announcing that the upcoming Linux Mint 12 will offer GNOME 3.
Mint, however, will also keep a full-fledged GNOME 2.32 alternative to the controversial GNOME 3. By comparison, Fedora 16 and OpenSUSE 12.1 will block users from booting into GNOME 2.x except for a simplified fallback mode for low-end systems.

GNOME 3.2 is said to have squashed many of the bugs of the original, while fixing a few of the most unpopular changes. Yet, GNOME has not backtracked much from its radical UI makeover. Fortunately, Fedora 16 also offers KDE Plasma Workspace 4.7 as an alternative.”

(Cross Posted from the Hand Held Hack) A quad core CPU for hand helds! Sweet! “Project Kal-El” – gotta love the Superman reference!

Nvidia ships Tegra 3, claims it’s up to five times faster than Tegra 2

“Nvidia says its Tegra 3 processor, previously code-named ‘Kal-El,’ is now in production, making its first appearance in the Android-powered Asus Transformer Prime before the end of the year. The chip includes five ARM Cortex A9 cores, but the fifth ‘Companion core’ runs only up to 500MHz, and is optimized for saving power when running background tasks, the company says.

Nvidia introduced and demonstrated its ‘Project Kal-El’ last February. At the time, the chip was touted as the world’s first quad-core mobile processor, including four ARM-based CPU cores plus a twelve-core GeForce GPU (graphics processing unit).

But on Sept. 20, Nvidia disclosed that the Tegra 3 would actually sport five ARM Cortex-A9 cores, not four. The fifth ‘Companion Core’ is identical to the other four, except that it has been built using low power process technology and runs only from 0 to 500MHz, as opposed to the ‘0 to max GHz’ delivered by the others, according to the company.”

LibreOffice V3.4.4 (Final) is out, and it is a production (safe for business use) version. Time to upgrade!

LibreOffice Download Page

“LibreOffice is a comprehensive, professional-quality productivity suite that you can download and install for free. There is a large base of satisfied LibreOffice users worldwide, and it is available in more than 30 languages and for all major operating systems, including Microsoft Windows, Mac OS X and GNU/Linux (Debian, Ubuntu, Fedora, Mandriva, Suse, …).

You can download, install and distribute LibreOffice freely, with no fear of copyright infringement.

What’s outstanding about LibreOffice?

LibreOffice is a feature-packed and mature desktop productivity package with some really great advantages:

It’s free – no worry about license costs or annual fees.

No language barriers – it’s available in a large number of languages, with more being added continually.

LGPL public license – you can use it, customize it, hack it and copy it with free user support and developer support from our active worldwide community and our large and experienced developer team.

LibreOffice is a free software community-driven project: development is open to new talent and new ideas, and our software is tested and used daily by a large and devoted user community; you, too, can get involved and influence its future development.

LibreOffice gives you high quality:

The roots of LibreOffice go back 20 years. This long history means it’s a stable and functional product.

Thousands of users worldwide regularly take part in beta testing of new LibreOffice versions.

Because the development process is completely open, LibreOffice has been extensively tested by security experts, giving you security and peace of mind.

LibreOffice is user-friendly:

You get a simple-to-use yet powerful interface that is easy to personalize – Microsoft Office users will find the switch easy and painless, with a familiar look and feel.

Compatible with all major competitors’ file formats. You can easily import files from Microsoft Word, Excel and PowerPoint and many other formats, and can easily save to Microsoft Office and other formats when needed.

LibreOffice is supported by a big worldwide community: volunteers help newcomers, and advanced users and developers can collaborate with you to find solutions to complex issues.”

The future is here for sure! Voting on a hand held device!

Oregon Tests Using iPad as a Voting Machine

“While most Oregon residents are still voting with paper ballots this election, a select few will be voting by iPad.

The state is testing Apple’s tablet to help those with disabilities more easily cast their ballots.
Although the iPad is being used to assist with the election, those using it aren’t casting their votes electronically. Rather, the iPad allows those with visual and other challenges to better see the ballot and make their selections. Their choices are then printed out on a paper ballot, according to an Associated Press report.

Apple has donated five iPads to help with the pilot project, according to the report.
The state decided to try out the iPad because its current crop of adaptive technology is aging. According to the AP report, the iPad-based approach has the potential to lower election costs, even if the state has to purchase significant numbers of Apple tablets.”

The Duqu Zero Day Exploit is evil! Not all virus signature files have caught up yet, so try these defenses!

Five Things To Do To Defend Against Duqu

“Whether Duqu is related to Stuxnet’s authors or its source code is the least of your worries if your organization ends up in the bull’s eye of this new targeted attack. Microsoft says it considers the threat ‘low risk’ at this point. Trouble is, the names of the organizations that have been targeted thus far have been kept confidential, so we don’t know just what Duqu is after exactly, and whether it’s focused on a particular industry or region.
‘I don’t expect Duqu to stop. It looks to be manned on the inside and not on autopilot — they are actively setting up new modules, etc., to keep the operation alive,’ says Don Jackson, a director with Dell Secureworks Counter Threat Unit. ‘So [right now] it’s an intelligence game.’

Even so, there are still some things organizations can do to protect themselves while the world waits for more information on this attack, as well as for Microsoft’s patch for the zero-day flaw that was exploited and used with Word to spread the infection. Microsoft late today issued a ‘hot fix’ along with an advisory about Duqu and assured users that antivirus vendors in its MAPP program would soon be updating their products with Duqu signatures very soon.

Even if you’re not a certificate authority or manufacturing firm — the two industries cited publicly so far as having Duqu victims — security experts say there are some steps you can take to help protect your infrastructure from this new targeted attack.

1. Install the just-released ‘hot fix’ from Microsoft and workaround.
Microsoft is working on a patch, and it will do so via its regular security bulletin release — just not in time for next week’s batch. So in the meantime, Microsoft today began offering a hot fix for the threat that blocks access to t2embed.dll used in the zero-day attack in Duqu.

The flaw lays in the Win32k TrueType font parsing engine, according to Microsoft: ‘An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We are aware of targeted attacks that try to use the reported vulnerability; overall, we see low customer impact at this time. This vulnerability is related to the Duqu malware,’ Microsoft said in an advisory today.

Jerry Bryant, group manager for response communications in Microsoft’s Trustworthy Computing Group, says Microsoft is closely monitoring further developments with Duqu. ‘As previously stated, the risk for customers remains low. However, that is subject to change, so we encourage customers to either apply the workaround or ensure their anti-malware vendor has added new signatures based on the information we’ve provided them to ensure protections are in place for this issue,’ he says.

2. Run updated anti-malware — and use standard security best practices.
Not all antivirus products can detect Duqu yet, but security experts say to keep updating to be sure you get protection for Duqu as soon as it’s released.

‘Detections related to Duqu are mapped to the W32.Duqu family of signatures. We also highly encourage people not to click on attachments in email that seems suspicious, even if it comes from someone they know,’ says Kevin Haley, director of product management for Symantec.

Secureworks recommends using any host-based protection in addition to the typical network monitoring and user access controls that would help thwart Duqu. Tarek Saadawi, professor of electrical engineering at The City College of New York’s Grove School of Engineering, says because Duqu sniffs keyboard strokes and tries to steal passwords to internal systems, users should also protect their home computers and networks. Aside from updating AV and Windows, be sure to update third-party applications and shut down computers at night, he says.

3. Scan or filter Word documents from unknown sources.
One handy tool here is Microsoft’s MOICE (Microsoft Office Isolated Conversion Environment), which checks for malformed Word documents, Secureworks’ Jackson says. ‘That’s how Duqu starts: with a malformed Word file. It’s playing a trick on Microsoft Word to run this code,’ he says.

Jackson suggests filtering Word documents from unknown sources and scanning them with MOICE until there’s a patch for the new zero-day attack. Another option is to use something like FireEye’s software: ‘FireEye loads the Word document inside the VM and [executes] malicious detection,’ he says.

4. Monitor for traffic from potentially infected machines trying to ‘phone home’ to Duqu.
Be on the lookout for machines trying to connect to a Duqu command-and-control (C&C) server or trying to resolve to a Duqu-related domain. Two C&C servers have been taken down thus far, but there are likely new ones. The IP addresses of the C&Cs that were found and ultimately shuttered: 206.183.111.97 and 77.241.93.160.

‘I’m confident that there are other command-and-control servers either going up now or that are already up,’ Jackson says. ‘We are a step behind them in spotting new ones.

‘Duqu has a stay-alive module … and has the ability to change itself, so anything you can do to block IP addresses will help,’ he says.

5. Watch for any Port 443 traffic that’s unencrypted, and keep an eye out for ~DQ files.
Watching for unencrypted traffic on the HTTP-S or SSL-based traffic port can help detect malware, including a possible Duqu infection. ‘If it’s not encrypted [traffic there], it’s probably bad,’ says Secureworks’ Jackson.

Meanwhile, a Duqu-infected file may start with ‘~DQ’ in the Windows temporary file directory, so be on the lookout for that as well, Secureworks recommends.”