Apple’s next-gen iPod nano takes its lumps as current models run dry

It isn’t even available yet, but Apple’s likely successor to the iPod nano has been dubbed the red-headed (and overweight) stepchild of the lineup by the online media.

A recently leaked image on the web suggests that the as yet unnamed sequel to Apple’s mid-range iPod nano would resemble a stubby blend between today’s model and the company’s full-size players, borrowing the width and larger screen of the video iPod but the colorful look and short body of the more diminutive nano. The photo also showed the iPod in five paler (and more controversial) variants of today’s iPod nano colors.

The squat, out-of-proportion look has been dismissed by some as a hoax. But after a swift attack by Apple’s legal team — which essentially confirmed the widely syndicated image as authentic by claiming it was “stolen” from the company — online news media quickly savaged the new player, hinting that Apple’s new darling could stand to slim down its wide-hipped look.

[ View ]

Multi-Core Confrontation: Core 2 Quad Q6600 vs. Core 2 Duo E6850

While AMD keeps postponing the launch of their quad-core processors to the end of this year – beginning of next, Intel Company is offering very affordable quad-core CPUs from Core 2 Quad family. However, can Core 2 Quad processors be regarded as a worthy alternative to popular dual-core solutions?

The Intel processor price cut that occurred a month ago turned into an important milestone on the multi-core processors’ way to user computer systems. The price of quad-core processors has finally dropped down to the level of dual-core solutions. To be more exact, the youngest model in the official Core 2 Quad lineup is priced exactly the same as the top Core 2 Duo CPU. This price, by the way, is set at $266, which seems quite sufficient to make processors with four computational cores much more popular than they used to be before.

[ View ]

Blogger and malware

You may have seen stories in the news recently about malware on Blogger, such has this one from the BBC or this one from Committee to Protect Bloggers. Blogger was not compromised. Instead, the blog posts are from users whose machines were compromised by a virus. These users had their mail2blogger addresses in their computers’ address books (a perfectly legitimate use case), which the virus then spammed with its content.

We are in the process of notifying impacted users and recommending that they scan their computers and run current anti-virus software, available in the Google Pack. This is also good advice for all users, especially those who may have clicked the links in the emails sent by the virus. For more information about computer security, check out upenn.edu and us-cert.gov.

AVG cries wolf at Adobe Reader

A faulty signature update from GRISoft published this week meant that its popular AVG anti-virus package falsely warned versions of Adobe Reader were infected with a Trojan.

Reg reader Tulio received a false alarm that his system was infected by SHueur-JXW after he downloaded Adobe Acrobat Reader 7.09. GRISoft acknowledged the problem and said that it planned it issue a new update that fixed the problem on Thursday. Faulty anti-virus signature updates are far from rare. Symantec, McAfee and others have all had problems in the area in recent months. False alerts are something of an Achilles heel for anti-virus scanning packages, a factor often highlighted by firms selling alternative approaches to malware detection (such as white listing)

[ View ]

Sony is awake

Sony Electronics phoned us today. They wanted to thank us for bringing the Microvault incident to their attention, and they also wanted to apologize for not responding to our earlier queries regarding the incident.

We have now opened direct discussion channels with Sony Electronics and are assisting them with the investigation. We have also provided them with our internal investigation notes on the case.

We were also promised a direct contact point for future. Just in case we would again discover a rootkit or something in Sony’s products.

[ View ]

TomTom ONE 3rd Edition GPS Navigation Device announced in the UK

In April this year, TomTom the world’s largest navigation solutions provider unveiled its TomTom One XL portable GPS device. Now, the company has announced the launch of its new TomTom ONE 3rd Edition that provides a host of new features.

Just like its predecessors, this GPS device too uses TomTom’s patented touch screen technology and award-winning software. However, the new TomTom ONE 3rd Edition GPS navigation device is user-friendly and extremely portable due to its sleek light-weight design.

The new TomTom ONE 3rd Edition navigation device also features an improved and enhanced user interface that provides a number of options for customizing the navigation screen as per the user’s requirements. This interface also provides much easier access to other functionalities and search tools.

A newly introduced feature in the TomTom ONE 3rd Edition device is the TomTom Map Share feature that was first seen in the company’s recently launched TomTom GO range of GPS devices.

The TomTom Map Share function allows users to instantly improve their own maps, respond in real time to changes in the road network and correct their maps on their devices accordingly, instantly providing users with the most up-to-date maps.

And, the new improved smart interface only makes this easier, as it becomes really easy to make improvements such as to mark blocked or unblocked streets, reverse one-way traffic or insert new street names, all of which will take effect immediately.

The new TomTom ONE 3rd Edition GPS device is also able to quicly recalculate the driver’s route in case he/she wishes to deviate from the current one or a roadblock occurs. This becomes easy due to the presence of the ‘Find Alternative’ option.

Yet another helpful feature of TomTom’s latest GPS device is that it is able to provide current street names aiding the driver.

And, with this device drivers are also provided with extensive safety and roadside assistance information wherever they go. This function called ‘Help Me’ includes information such as directions to the nearest hospital, car maintenance information and first aid instructions. Moreover, users will also be able to customize this ‘Help Me’ menu to set warning fro speed, traffic, restricted and school zones.

There are a host of extra features for the TomTom ONE 3rd Edition device that can be downloaded such as personalized options like warnings, special navigation voices, and Points of Interest. Also compatible with this GPS device are optional accessories like the RDS-TMC traffic antenna accessory, USB Home Charger, Carry case and trap, Mount Kits and Travel Cases.

Specifications of the TomTom ONE 3rd Edition GPS Device at a glance:

High sensitivity GPS chipset

3.5″ full color TFT LCD touchscreen (320 x 240 pixels, 64K colors)

1GB internal memory

RDS-TMC connector

Internal Lithium-Ion battery (2 hours operation)

Dimensions: 3.8 in. x 3.2 in. mm x 1 in. mm

Weight: 174gms

The TomTom ONE 3rd Edition GPS Navigation device is immediately available for a price of £149 for the Regional version and £179 for the European version.

[ Source ]

All set for GSLV-F04 take-off on Sept. 2; countdown starts today

The countdown for the launch of a rocket from Sriharikota, about 100 km from here, carrying India’s communication satellite INSAT-4CR, will start today.

“The countdown for the launch will start today afternoon,” ISRO sources told PTI.

The 49-metre tall rocket will be launched at 4.21 p.m. from the Satish Dhawan Space Centre at Sriharikota, they said.

The GSLV-F04, the fifth in the GSLV series, will put INSAT-4CR into a Geosynchronous Transfer orbit of 170 km perigee and 35,975 km apogee with an orbital inclination of 21.7 degrees, about 16 minutes and 40 seconds after lift off.

“The satellite will carry 12 high-powered KU-band transponders for DTH services, video picture transmission and Digital Satellite News Gathering,” the sources said.

The satellite will subsequently be manoeuvred into geostationary orbit using its own propulsion system.

ISRO scientists have taken all efforts to ensure that the vehicle does not meet the same fate of its predecessor, the GSLV-F02, in July 2006, when it had strayed away from its path, forcing scientists to destroy it, 56 seconds after take off.

Sony claims innocence in latest rootkit debacle

Sony claims the rootkit-like behavior of a device driver used to run its biometric MicroVault USB drive, was unintentional.

Sony Sweden representative Fredrik Fagerstedt told local press this week that sometimes even actions taken with “good will” can go wrong.

Fagerstedt’s comments come the same day that antivirus firm McAfee joined the growing chorus of companies to criticize Sony for compromising its customers’ security.

McAfee reported that Taiwan’s FineArt Technology Co. Ltd, which makes encryption software for PCs and laptops, was responsible for creating the offending software.

[ View ]

More clues point to Google phone

Specialized blogs are abuzz this week with rumors that Internet giant Google will soon launch the “Google Phone” or “GPhone,” a cheap mobile phone equipped with Google’s operating system.

High-tech product specialist Engadget said a Google announcement would come next week, adding that a Google operating system would be tailor-made for the new cell phone.

According to another blog, CrunchGear, “Google is currently assessing over twenty (of Taiwan’s) HTC models” and plans to launch its cell phone between January and March of 2008.

Photographs of Google’s touch-screen handset are already on the Internet, and according to Rizzn.com, it will cost a mere $100.

[ View ]

Bank of India’s website compromised !

Earlier today we saw a blog post from our friends over at Sunbelt about a compromise of Bank of India’s website and we checked it out.

On the front page of the site a hidden iframe has indeed been inserted and it loads a URL from another website.

This file in turn uses three iframes to load three other URLs.

Two of the URLs are now down but the third one contains an obfuscated JavaScript that uses exploits to download and run a file called ‘loader.exe’. This file is a small downloader which downloads additional files which are different password stealing trojans, additional downloaders etc. We detect all of the malicious files with the latest update.

Unfortunately the link is still active on the website so we can only hope that Bank of India removes it as soon as possible. Therefore we advise you to stay away from their website for the time being.

Update: The page is using exploits to install malware.

What we have seen so far:

Email-Worm.Win32.Agent.l
Rootkit.Win32.Agent.dw
Rootkit.Win32.Agent.ey
Trojan-Downloader.Win32.Agent.cnh
Trojan-Downloader.Win32.Small.ddy
Trojan-Proxy.Win32.Agent.nu
Trojan-Proxy.Win32.Wopla.ag
Trojan.Win32.Agent.awz
Trojan-Proxy.Win32.Xorpix.Fam
Trojan-Downloader.Win32.Agent.ceo
Trojan-Downloader.Win32.Tibs.mt
Trojan-Downloader.Win32.Agent.boy
Trojan-Proxy.Win32.Wopla.ah
Trojan-Proxy.Win32.Wopla.ag
Rootkit.Win32.Agent.ea
Trojan.Pandex
Trojan-Proxy.Win32.Cimuz.G
TSPY_AGENT.AAVG (Trend Micro)
Trojan.Netview

Fully patched systems should be unaffected. More coming.

Update 2: We’ve cataloged over 22 pieces of malware. Mostly spam-related malware but we did find a pinch Trojan variant. More info coming as we get it. Biggest issue is the sheer volume of malware we’ve had to analyze.

Update 3: As I write this, it is currently 1:20 a.m EST (10:20 a.m. in India), and the malicious IFRAME is still located on the Bank of India website.

With that said, i just wanted to mention two other very dangerous information stealing Trojans included in this massive install of malware.

First, we are seeing a variant of TSPY_AGENT.AAVG. Trend Micro has an excellent write which you can read here.

Secondly, a variant of Trojan.Netview is being installed. Trojan.Netview is used to gather files from the infected computer as well as network shares. This characteristic is particularly dangerous in networked environments where infected users might have access to unprotected shares containing sensitive information.

The collected files are then uploaded to an FTP server located in Russia.

Of interest is the fact that Trojan.Netview is specifically searching for quarantine folders of antivirus programs.

Update 4: The malicious iframe has been removed from the front page and it’s now safe to visit the site again.