Category: Computers, Science & Technology

Ooopsy! Another Microsft security blunder!

Office 365 bug allows hackers to steal credentials

ZDNet – “Anyone hosting a Word document on their webserver can steal Microsoft Office 365 credentials due to a bug in how the cloud service attempts to authenticate users.

Adallom chief software architect Noam Liran discovered the bug, outlining how it works on his blog.

Office 365 requires users to log in to their account, and, when downloading a document from a SharePoint server, it verifies the credentials of the currently logged-in user by sending an authentication token.

The token should only be sent when the server is on the sharepoint.com domain. However, Liran found that by running his own server and sending back responses that would be expected of a legitimate SharePoint server, the user’s computer would send the authentication token anyway.

‘Now, my malicious web server, in possession of your private Office 365 authentication token, can simply go to your organisation’s SharePoint Online site, download all of it, modify it, or do whatever it wants, and you will never know about it. In fact, you won’t even know you got hit! It’s the perfect crime,’ he wrote.

Adallom has created a proof of concept video demonstrating how authentication tokens can be stolen.”

Valve will soon be releasing the SteamOS, and Open Source operating system designed to be the center of your home entertainment system and is based on Debian Linux. How cool is this!?

The Open Source SteamOS

“Thousands of games, millions of users. Everything you love about Steam. Available soon as a free operating system designed for the TV and the living room.

Steam is coming to a new operating system. As we’ve been working on bringing Steam to the living room, we’ve come to the conclusion that the environment best suited to delivering value to customers is an operating system built around Steam itself. SteamOS combines the rock-solid architecture of Linux with a gaming experience built for the big screen. It will be available soon as a free stand-alone operating system for living room machines.

Living room & Steam
Finally, you don’t have to give up your favorite games, your online friends, and all the Steam features you love just to play on the big screen. SteamOS, running on any living room machine, will provide access to the best games and user-generated content available.

Fast forward
In SteamOS, we have achieved significant performance increases in graphics processing, and we’re now targeting audio performance and reductions in input latency at the operating system level. Game developers are already taking advantage of these gains as they target SteamOS for their new releases.

Cooperating system
Steam is not a one-way content broadcast channel, it’s a collaborative many-to-many entertainment platform, in which each participant is a multiplier of the experience for everyone else. With SteamOS, “openness” means that the hardware industry can iterate in the living room at a much faster pace than they’ve been able to. Content creators can connect directly to their customers. Users can alter or replace any part of the software or hardware they want. Gamers are empowered to join in the creation of the games they love. SteamOS will continue to evolve, but will remain an environment designed to foster these kinds of innovation.

Four new Steam features focused on the living room. Available soon in both SteamOS and the Steam client.

In-home Streaming
You can play all your Windows and Mac games on your SteamOS machine, too. Just turn on your existing computer and run Steam as you always have – then your SteamOS machine can stream those games over your home network straight to your TV!

Music, TV, Movies
We’re working with many of the media services you know and love. Soon we will begin bringing them online, allowing you to access your favorite music and video with Steam and SteamOS.

Family Sharing
In the past, sharing Steam games with your family members was hard. Now you can share the games you love with the people you love. Family Sharing allows you to take turns playing one another’s games while earning your own Steam achievements and saving your individual game progress to the Steam cloud.

Family Options
The living-room is family territory. That’s great, but you don’t want to see your parents’ games in your library. Soon, families will have more control over what titles get seen by whom, and more features to allow everyone in the house to get the most out of their Steam libraries.”

And, you will be able to download it soon, and install it on your own hardware! Stay tuned!

Google is getting into robotics! How do we feel about that?

Google buys robotics company Boston Dynamics

San Jose Mercury News – “The New York Times is reporting that Google has confirmed its purchase of engineering and robotics company Boston Dynamics.

Boston Dynamics is best known for developing prototype robots for the Pentagon and other high-profile clients that experiment with new types of robotic motion.

Google did not comment to the Times on how much it paid or how the company’s robotic expertise would be used, but they are likely to join in the Internet giant’s existing robotics efforts led by Android founder Andy Rubin.

Here are some of the concept robots that Boston Dynamics has created since its founding in 1992, many times with funding from the Pentagon’s Defense Advanced Research Projects Agency.”

Cross-posted from the Hand Held Hack – Here’s an article on the top picks for current had held gaming systems.

Top picks for handheld gaming devices

KOMO News, Seattle, WA – “If you have a small gamer on your list this holiday season, chances are he wants a portable video-game player. Consumer Reports checked out the offerings from the two main game makers, Sony and Nintendo.

Sony’s handheld device is called the PlayStation Vita, $200. It has better graphics than Nintendo and is a good choice for someone who already has a PlayStation gaming system, as it works as a sidekick to those consoles. So especially with the PlayStation 4, it has remote capabilities, which means that you can play some of your PS 4 titles on your PlayStation Vita.

Nintendo’s lineup is generally better for kids because it offers more kid-friendly games. They include popular series such as Mario Brothers and Legend of Zelda. There are three Nintendo devices available: the 2DS, the 3DS, and the 3DS XL, ranging in price from $150 to $200.

The 3DS and 3DS XL do the exact same thing. They both play the same 3DS games in 3D, and they’re backward compatible with Nintendo’s previous-generation DS games. The only difference is that the 3DS XL is larger than the 3DS.

The 2DS looks a little different but plays all the same games, though not in 3D. Consumer Reports says it’s a great choice for any small gamers on your gift list and, at $150, is the least expensive.

Games for those devices cost about $50 each. It’s possible to get used games for less. Check online at Amazon and eBay. You can also try stores such as GameStop and Best Buy, both of which offer used video games at a discount.”

A new version of WordPress is out. which our blog here is based on. Check it out!

Open Source WordPress 3.8 Released

Internet News – “Blogs and Websites around the world are getting a new look today, thanks to the new WordPress 3.8 release. WordPress is the world’s most widely deployed open-source content management and blog system platform, powering more than 73 million sites today.

The 3.8 release benefits from WordPress’ new rapid development process that debuted with the WordPress 3.7 update that came in October. Among the changes in the 3.7 update was the ability for automatic background updates for security and maintenance fixes. The new 3.8 update, however, is not an automatic update and will require those that self-host WordPress sites to manually click an update button.

The first thing that users will see when they update is a revamped administration interface. WordPress founder Matt Mullenweg wrote in a blog post that the design brings a ‘fresh, new look to the entire admin dashboard.'”

This is awesome! Who would have thought this even a year ago!

Take that, Microsoft!

Security maven Troy Hunt has created a web site that allows you to test your email to see if you have been “pwned” by recent security break-ins of user database lists. Check your email address to see if you have been “pwned!”

Introducing “Have I been pwned?” – aggregating accounts across website breaches

“Just after the Adobe breach, a number of sites started popping up that let you search through the breach to see if your email address (and consequently your password), was leaked. For example there was this one by Ilias Ismanalijev, here’s another by Lucb1e and even LastPass got on the bandwagon with this one. When I used the tool to check my accounts, I found both my personal and work accounts contained in the breach. I had absolutely no idea why!

The most likely answer is that I did indeed create accounts on Adobe, perhaps as far back as in the days when I was using Dreamweaver to build classic ASP whilst it was still owned by Macromedia. The point is that these accounts had been floating around for so long that by the time a breach actually occurred I had no idea that my account had been compromised because the site was simply no longer on my radar.

But of course Adobe is not the only searchable breach online, there’s also one for Gawker, another for LinkedIn passwords (emails and usernames weren’t disclosed) and so on and so forth. Problem is, there’s not a tool to search across multiple breaches, at least not that I’ve found which is why I’ve built haveibeenpwned.com”

Have I Been Pwned Web Site

Microsoft is fighting against Chromebooks HARD! Spending tons of holiday ad money on dissing Google’s Chromebook. Why? Isn’t Microsoft the “undisputed leader in the PC world?” Ummm… not anymore. In fact, I have asked Santa myself (ie. ny wife) for a Chromebook for Christmas… sparkling under the Christmas Tree! Why? I want to do my computing in The Cloud to see if I can live there! (More on that if it happens!)

Could it be that the Chrome OS is a version of Linux, and the idea of the world running on a totally non-Microsoft platform means their destruction? Maybe. But, Microsoft is running scared… and you know I love it!

Why is Microsoft scared of Chromebooks?

The Verge – ‘It’s pretty much a brick,’ says Pawn Stars’ Rick Harrison as he rejects a Samsung Chromebook brought in by an actor playing a customer. Microsoft really doesn’t want you buying this thing.

But why? Just how big of a threat are Chromebooks, Google’s oft-ridiculed web-only laptops, to Microsoft’s core business?

In many ways, 2013 has been the year of the Chromebook for Google. From Acer’s $199 C720-2848 to HP’s $279 Chromebook 11, Mountain View has attracted traditional Windows PC makers to build a variety of low-cost laptops in time for the holidays. While Microsoft had largely ignored the threat since the first Chromebook launched some two years ago, it’s been on the attack in recent weeks as part of its ongoing ‘Scroogled’ campaign. Following the Pawn Stars bit, the company has recruited its own ‘Ben the PC Guy’ to hit the streets for comparisons between Windows 8 and a Chromebook.

Microsoft’s latest effort to undermine the Chromebooks feels more ‘Mac vs. PC’ — Apple’s famous ad campaign from several years ago — than anything else. (More like “Linux vs. Mac vs. PC” from the old Novell spoof! – Dr. Bill) The scenes are reminiscent of the ‘laptop hunter’ ads that Microsoft used to attack Apple following the Windows Vista release — it’s a similar approach nearly five years later. The difference this time is that Microsoft appears to be targeting a threat that doesn’t really exist yet: while consumer-research group NPD claimed earlier this year that Chromebook sales have snared nearly 25 percent of the US market for laptops under $300, that market has been largely replaced by tablets. Rival research firm IDC estimates that Samsung shipped around 652,000 Chromebooks worldwide in Q3. ‘Among other vendors Lenovo, Acer, and HP have shipped, but in tiny volume,’ says IDC’s senior research analyst Rajani Singh. IDC expects Chrome OS devices to reach 3 million units this year — that’s less than 1 percent of all PC sales.

Something has Microsoft spooked, though. Chromebooks have dominated Amazon’s best seller charts in the US, but without hard numbers, it’s still unclear exactly how well Google’s laptops are selling worldwide. There is a threat from well-priced laptops, as we’ve witnessed from Linux-based netbooks years ago, but things appear to be moving slowly for Chromebooks right now. Google’s latest Chromebooks from Acer and HP could help push things further, but Google and HP were forced to halt sales of the Chromebook 11 last month following complaints of chargers overheating. After three weeks, the Chromebook 11 still hasn’t returned to shelves despite the important Black Friday and Cyber Monday shopping days during the busy holiday period.

And in reality, Microsoft’s offensive could backfire, drawing more attention to a platform that many consumers aren’t familiar with. Google has been aggressively pushing its range of Chromebooks with simple ads that focus on the price of the laptop and its simplicity. The devices won’t appeal to every consumer due to their various restrictions, but many potential customers might not even be aware of their existence yet.

‘Given Microsoft is currently losing the mobility war by a wide margin, they are turning to defending their laptop turf, and doing it by playing a strong offense,’ says Patrick Moorhead, president and principal analyst at Moor Insights and Strategy. ‘The downside is that by Microsoft going after Chromebooks with broadcast media, they are increasing general consumer awareness and familiarity for Chromebooks versus the more technically savvy who are buying Chromebooks.'”

Windows 8.0 and 8.1 is not exactly “taking off!” Could it be Microsoft’s stupid determination to not have a real Start Button be the reason for it? Well, as I always point out, you should use ClassicShell from classicshell.net.

Windows 7 gains more market share than Windows 8 and 8.1

The Inquirer – “Microsoft’s Windows 7 still holds more market share than Windows 8 and Windows 8.1 combined.

Even more disturbing, for Microsoft, is that Windows 7 has actually gained more market share that the newer versions of Windows.

Statistics provided by Netapplications in its Netmarketshare report for November show that Windows 8 and Windows 8.1 have gained a mere 0.05 percent, with Windows 8 reaching a satanic 6.66 percent.

This is hardly market saturation 13 months after release. Compare that to Windows 7, which despite being over four years old and just 18 months from End of Life still has 46.64 percent of the market. That’s just a tiny increase of 0.22 percent, but it’s a clear demonstration that most most PC users are avoiding Windows 8.

There are of course several possible reasons for this. We know that the PC market is slowing quite significantly. There are a lot of computer shops that might have old machines in stock. When we popped down to our local independent shop, it was selling Windows 7 laptops at hefty discounts.

Then there are those who buy shiny new laptops and are so determined not to use Windows 8 that they buy Windows 7 separately and downgrade manually.

The breakdown is as follows:

Windows 7 46.64 percent
Windows XP 31.22 percent
Windows 8 6.66 percent
Windows Vista 3.57 percent
Windows 8.1 2.64 percent

With Windows XP set to reach full End of Life including security updates in a mere four months, we can’t imagine what Microsoft can do to persuade PC users to upgrade their machines, especially since Windows 8 simply hasn’t caught on.”

7 million concurrent (all at the same time, for low information folks) sessions! Rock on!

Steam surpasses 7 million concurrent users for the first time

Venture Beat – “Microsoft’s and Sony’s new consoles are the hot items for this holiday season, but the excitement for those boxes isn’t causing any slowdown on the PC side of things.

Game-distribution service Steam just topped 7 million concurrent online customers for the first time in its history. This new record comes in the midst of the annual fall sale that Valve holds for its digital-download platform.

Steam approached the 7-million mark for the past several days, but it peaked at 7.19 million customers around 11 a.m. Pacific time today. In late October, Valve revealed that Steam has 65 million registered accounts. That means that more than one in every 10 Steam members were using the service today. That’s a huge number of engaged gamers.

This new record also represents significant growth over last year. Steam had around 6 million peak concurrent users during its 2012 fall sale. That’s a 17 percent growth in engagement for a platform that was already well established in 2012.

Steam should only continue to grow. Valve announced plans to expand the service out into its own operating system — called SteamOS — based on Linux in the near future. The company will also work with hardware manufacturers to bundle SteamOS on new PCs called Steam Machines.”