User Control Panel
Search iVirtua
Advanced/Tag Search...
Search Users...
What is iVirtua Exclusive Community?
  • An exclusive gaming industry community targeted to, and designed for Professionals, Businesses and Students in the sectors and industries of Gaming, New Media and the Web, all closely related with it's Business and Industry.
  • A Rich content driven service including articles, contributed discussion, news, reviews, networking, downloads, and debate.
  • We strive to cater for cultural influencers, technology decision makers, early adopters and business leaders in the gaming industry.
  • A medium to share your or contribute your ideas, experiences, questions and point of view or network with other colleagues here at iVirtua Community.
Guest's Communication
Live Chat
Teamspeak (VOIP) Audio Conference
Private Messages
Check your Private Messages
Themes
Choose an iVirtua Community theme to reflect your interests...
Business Theme
India/Arabic Theme

Gaming Theme
iVirtua Recommends
Fly Emirates Advertising
522 results for security
'Why I Still Use Windows 95' - (and IE4...) ? in General Discussion, including Off Topic, Current Affairs
this is stupid, a lot of what that guy said is not true.  for example, win98 is NOT eyecandy, and w/e it does have that would be considered that can be turned off.  win95 is not good for everyday tasks.  is it suitable to do so?  sometimes, but a newer os would be much better, even if its 98.  and how is the whole "3d" look annoying?  not only would be insignificantly take up disk space and ram, but it helps you actually see whats the boarder of something.  and, from what i remember, win98 was under 700mb.  big whoop, 200+mb for a LOT more features, stability, and functionality.  if you're that cheap, go with linux and use a live cd every time you start up your computer - at least that way you take up no space at all.

as for his complaint about programs such as firefox working on a newer os, maybe he just needs to get into the new ages and just buy a new computer.  it would not surprise me that hes using a newer os on something that isn't even 1ghz.  this guy needs to learn to think - FIREFOX IS DESIGNED FOR MODERN COMPUTERS.  obviously it'll run slow if you run it on something that wasn't designed for something THAT new.

with his whole comment on security and stability, one of the greatest complaints about the first win95 that came out was it was very INSECURE, which results in instability.  win98 was considered so great because it was so much more stable and well designed.  win95 was the first os of its kind for MS, you HAVE to expect problems with it.  if this guy were to do as much tweaking and fixing with win98 or any other os as he did with 95, he'd get the exact amount of stability and security as he would with 95 but probably with less work, making his comments void.

i can understand his whole native feeling argument, but 1 thing that just plain makes no sense is why can't he just make the emulator fullscreen?  that way, its like he really IS running DOS.  Again, his point is void.

i couldn't tell if he was kidding or not in the next paragraph.  even in the NT based OSes, if you're running IE and type "c:\", a file browser in explorer will run and replace IE.  works the same way if you type in a website in explorer.  Again, this guy just doesn't think.  and who really gives a crap about those "essential tools".  ever heard of right clicking?  And how is forward, back, and favorites awkward?  first of all, they're optional.  secondly, its for a different type of organization, and apparently it worked well since the old fashioned tree idea (which i'm assuming is what he finds is better) is no longer used for regular file and website browsing whereas these buttons are.  to comment on the last sentence, win98 has columns as well as every other os with menus, so idk where hes getting that from.  instead of alphabetical order, its made in order of installed date, which is easier to navigate.  and unlike win95, you can edit the menus yourself so they are in alphabetical order.  also, the scroll arrows are NOT slow on a NORMAL computer DESIGNED for the os and they're for organization, which again, is proven effective since the idea is still being used today.

i'm completely fine with people using win95, but the reasons this guy gave are just plain wrong or stupid, or invalid.i don't mean to be this critical, but this is just ignorance.
Posted by schmidtbag Thu Jul 10, 2008 1:01 pm
10 Best Hacking and Security Software Tools for Linux in Hardware, Internet, Networking, Comms and Security
Linuxis a hacker’s dream computer operating system. It supports tons oftools and utilities for cracking passwords, scanning networkvulnerabilities, and detecting possible intrusions. I have here acollection of 10 of the best hacking and security software tools forLinux. Please always keep in mind that these tools are not meant toharm, but to protect.

1. John the Ripper




John the Ripperis a free password cracking software tool initially developed for theUNIX operating system. It is one of the most popular passwordtesting/breaking programs as it combines a number of password crackersinto one package, autodetects password hash types, and includes acustomizable cracker. It can be run against various encrypted passwordformats including several crypt password hash types most commonly foundon various Unix flavors (based on DES, MD5, or Blowfish), Kerberos AFS,and Windows NT/2000/XP/2003 LM hash. Additional modules have extendedits ability to include MD4-based password hashes and passwords storedin LDAP, MySQL and others.


2. Nmap

Nmapis my favorite network security scanner. It is used to discovercomputers and services on a computer network, thus creating a "map" ofthe network. Just like many simple port scanners, Nmap is capable ofdiscovering passive services on a network despite the fact that suchservices aren't advertising themselves with a service discoveryprotocol. In addition Nmap may be able to determine various detailsabout the remote computers. These include operating system, devicetype, uptime, software product used to run a service, exact versionnumber of that product, presence of some firewall techniques and, on alocal area network, even vendor of the remote network card.

Nmapruns on Linux, Microsoft Windows, Solaris, and BSD (including Mac OSX), and also on AmigaOS. Linux is the most popular nmap platform andWindows the second most popular.


3. Nessus

Nessusis a comprehensive vulnerability scanning software. Its goal is todetect potential vulnerabilities on the tested systems such as:

-Vulnerabilities that allow a remote cracker to control or access sensitive data on a system.
-Misconfiguration (e.g. open mail relay, missing patches, etc).
-Defaultpasswords, a few common passwords, and blank/absent passwords on somesystem accounts. Nessus can also call Hydra (an external tool) tolaunch a dictionary attack.
-Denials of service against the TCP/IP stack by using mangled packets

Nessusis the world's most popular vulnerability scanner, estimated to be usedby over 75,000 organizations worldwide. It took first place in the2000, 2003, and 2006 security tools survey from SecTools.Org.


4. chkrootkit

chkrootkit(Check Rootkit) is a common Unix-based program intended to help systemadministrators check their system for known rootkits. It is a shellscript using common UNIX/Linux tools like the strings and grep commandsto search core system programs for signatures and for comparing atraversal of the /proc filesystem with the output of the ps (processstatus) command to look for discrepancies.

It can be used from a"rescue disc" (typically a Live CD) or it can optionally use analternative directory from which to run all of its own commands. Thesetechniques allow chkrootkit to trust the commands upon which it dependa bit more.

There are inherent limitations to the reliability ofany program that attempts to detect compromises (such as rootkits andcomputer viruses). Newer rootkits may specifically attempt to detectand compromise copies of the chkrootkit programs or take other measuresto evade detection by them.


5. Wireshark

Wiresharkis a free packet sniffer computer application used for networktroubleshooting, analysis, software and communications protocoldevelopment, and education. In June 2006, the project was renamed fromEthereal due to trademark issues.

The functionality Wiresharkprovides is very similar to tcpdump, but it has a GUI front-end, andmany more information sorting and filtering options. It allows the userto see all traffic being passed over the network (usually an Ethernetnetwork but support is being added for others) by putting the networkinterface into promiscuous mode.

Wireshark uses thecross-platform GTK+ widget toolkit, and is cross-platform, running onvarious computer operating systems including Linux, Mac OS X, andMicrosoft Windows. Released under the terms of the GNU General PublicLicense, Wireshark is free software.


6. netcat

netcat is a computer networking utility for reading from and writing to network connections on either TCP or UDP.

Netcatwas voted the second most useful network security tool in a 2000 pollconducted by insecure.org on the nmap users mailing list. In 2003, itgained fourth place, a position it also held in the 2006 poll.

The original version of netcat is a UNIX program. Its author is known as *Hobbit*. He released version 1.1 in March of 1996.

Netcat is fully POSIX compatible and there exist several implementations, including a rewrite from scratch known as GNU netcat.


7. Kismet

Kismetis a network detector, packet sniffer, and intrusion detection systemfor 802.11 wireless LANs. Kismet will work with any wireless card whichsupports raw monitoring mode, and can sniff 802.11a, 802.11b and802.11g traffic.

Kismet is unlike most other wireless networkdetectors in that it works passively. This means that without sendingany loggable packets, it is able to detect the presence of bothwireless access points and wireless clients, and associate them witheach other.

Kismet also includes basic wireless IDS featuressuch as detecting active wireless sniffing programs includingNetStumbler, as well as a number of wireless network attacks.


8. hping

hpingis a free packet generator and analyzer for the TCP/IP protocol. Hpingis one of the de facto tools for security auditing and testing offirewalls and networks, and was used to exploit the idle scan scanningtechnique (also invented by the hping author), and now implemented inthe Nmap Security Scanner. The new version of hping, hping3, isscriptable using the Tcl language and implements an engine for stringbased, human readable description of TCP/IP packets, so that theprogrammer can write scripts related to low level TCP/IP packetmanipulation and analysis in very short time.

Like most tools used in computer security, hping is useful to both system administrators and crackers (or script kiddies).


9. Snort

Snortis a free and open source Network Intrusion prevention system (NIPS)and network intrusion detection (NIDS) capable of performing packetlogging and real-time traffic analysis on IP networks.

Snortperforms protocol analysis, content searching/matching, and is commonlyused to actively block or passively detect a variety of attacks andprobes, such as buffer overflows, stealth port scans, web applicationattacks, SMB probes, and OS fingerprinting attempts, amongst otherfeatures. The software is mostly used for intrusion preventionpurposes, by dropping attacks as they are taking place. Snort can becombined with other software such as SnortSnarf, sguil, OSSIM, and theBasic Analysis and Security Engine (BASE) to provide a visualrepresentation of intrusion data. With patches for the Snort sourcefrom Bleeding Edge Threats, support for packet stream antivirusscanning with ClamAV and network abnormality with SPADE in networklayers 3 and 4 is possible with historical observation.


10. tcpdump

tcpdumpis a common computer network debugging tool that runs under the commandline. It allows the user to intercept and display TCP/IP and otherpackets being transmitted or received over a network to which thecomputer is attached.

In some Unix-like operating systems, auser must have superuser privileges to use tcpdump because the packetcapturing mechanisms on those systems require elevated privileges.However, the -Z option may be used to drop privileges to a specificunprivileged user after capturing has been set up. In other Unix-likeoperating systems, the packet capturing mechanism can be configured toallow non-privileged users to use it; if that is done, superuserprivileges are not required.

The user may optionally apply aBPF-based filter to limit the number of packets seen by tcpdump; thisrenders the output more usable on networks with a high volume oftraffic.


Do you have a favorite security software tool for Linux? Feel free to comment and tell us about it.
Posted by Editorial Team Fri Jul 04, 2008 6:06 am
British hacker should not be extradited to US, Lords told in General Discussion, including Off Topic, Current Affairs
A British man who allegedly hacked into the Pentagon's computernetwork should not be extradited to America because US prosecutorstried to intimidate him into cooperating with them, the House of Lordswas told today.
Gary McKinnon, a systems analyst who faces up to60 years in jail if his extradition goes ahead, was the victim of anabuse of process, the panel of five law lords was told.
The44-year-old is accused of causing £475,000 in damage by hacking into 97computer systems operated by the Pentagon, Nasa and elsewhere in the USmilitary.
McKinnon, a self-taught hacker who operated under thename Solo, admits accessing the computers but insists he only did so totry to find evidence for UFO landings, and that he was only able togain access because of lax security.
His activities, described byBritish prosecutors in 2005 as the "biggest ever military computerhack", were carried out using a low-speed dialup connection from a roomin his girlfriend's aunt's house in Crouch End, north London.
McKinnonwas first arrested in 2002 but has never been charged in the UK. Lastyear, he lost a high court appeal against a government decision togrant his extradition to the US.
Addressing the Lords today,his lawyer, David Pannick QC, said McKinnon was told by US authoritiesthat unless he agreed to plead guilty and to extradition he faced amuch heavier jail sentence.
A US embassy legal officialinvolved in the case had also quoted New Jersey authorities as sayingthey wanted to see McKinnon "fry", said Pannick, an apparent referenceto the electric chair.
It was "not in dispute" that a UK courthad the power to turn down an extradition if it was thought there hadbeen abuse of process, Pannick told the law lords.
"The USprosecutors sought to impose pressure on the appellant through hislegal advisers to consent to extradition and plead guilty," he said.
McKinnonwas told that if he cooperated he would receive a jail sentence ofbetween 37 and 46 months and would be repatriated to the UK forpossible parole after half this time, the lawyer said.
"Bycontrast, the appellant's representatives were told that if theappellant declined to cooperate, this sentence would be in the regionof eight to 10 years, possibly longer," Pannick said, adding that onethreat was to treat the matter as a terrorism case, resulting in apossible 60-year term.
US officials additionally said anytransfer to the UK would also be ruled out if McKinnon foughtextradition, Pannick told the law lords.
"This was pressure of an unacceptable degree," he said.
A judgment is expected within three weeks.
Posted by Editorial Team Tue Jun 17, 2008 5:27 am
WWDC 08 Live Coverage: iPhone SDK 2.0 in Apple
Ok, Scott, we love what you've done here, but we're yawning. Thenagain, the thousands of devs in the audience are probably stoked --those that haven't used the SDK anyway.

Demo time! "I want toconcentrate on how we construct a UI..." making an app called NearbyFriends. Accesses the contacts database and Core Location to filter allcontacts with contacts within 10mi. Building the UI with InterfaceBuilder. Dragging and dropping interface elements.

Going over debungging and Xcode, instruments -- all the stuff from the March iPhone roadmap event.

10:20AM PT - "Wetop it all off with Cocoa Touch -- our UI object oriented framework,which makes building an app for our fullscreen touch interface anabsolute breeze. We have a great set of APIs. On top of this we have areally powerful set of tools."

"With the SDK in iPhone 2.0 we'reopening the same native APIs and tools we use internally... that meansyou as a dev can build apps for the iPhone the same way we do. Let'sstart by talking about the APIs. The APIs and frameworks on the iPhoneshare extensively with OS X... We use the same kernel in the iPhonethat forms the basis of OS X... almost all of them share the samesource code line-for-line as OS X." He's going over the bits of CoreServices: SQL lite, OpenGL ES, OpenAL


Steve's back on: "That gives you a sense of what we're doing in theenterprise, all this stuff built into iPhone 2.0. Next up is the SDK,to take us where we are there and to show us some really excitingstuff, I'd like to bring up Scott Forstall." Applause.

Still going... the Army sure does love the new iPhone software!

Going over some firms, testimonials style. Great if you care about the petabytes in the datacenters of Disney, we guess!

10:13AM PT -"We've had phenomenal participation from higher education. Again,gotten fantastic feedback. We made a video of these customers, I'd loveto show it to you..." Video time!

"We've had a beta going... 35%of the Fortune 500 has participated in that beta program. The top 5banks, top 5 securities firms, 6 or 7 top airlines, 8 of 10 top pharma,and 8 of 10 top entertainment companies."


"Exchange... as you know, we've done it... push email, calendars,contacts, auto-discovery, global address lookup, remote wipe, all thisstuff built in. In addition we've worked with Cisco to build in theirVPN services... all sorts of security demanded by the enterprise.Everything they told us they wanted, we built in."


"iPhone 2.0 software, there are three parts: enterprise support, SDK, and new end-user features. Let me start with enterprise."

10:10AM PT -"Let's talk about iPhone, the place to start is our new software -- theiPhone 2.0 platform, a giant step forward from where we've been... westarted a dev program in March, which is just 95 days ago. In those 95days we've had over 250k download the free SDK. We've had over 25kpeople apply to the pay developer program... unfortunately we couldn'ttake everybody, so we admitted 4k people to the program..."

"Tohelp me, I'm going to ask Scott Forstall and Phil Schiller to help mewith parts of this. Then... Bertrand Serlet will give you a sneak peakat the next version of OS X called Snow Leopard."


"Let's get started. As you know there are three parts to Apple --the first part is Mac, second part is our music business, iPod andiTunes, and the third part is the iPhone. I'm going to take thismorning to talk about the iPhone."


"I'm sorry for all those folks that couldn't be here... we're goingto have a great week this week. 147 sessions, 85 on the Mac, and 62 onthe iPhone... it's going to be packed! 169 hands-on labs, 1k Appleengineers, iFund and Intel sessions. I think it's going to be one ofthe best WWDCs ever."

10:07AM PT - "Thankyou very much. I'm really glad to be here this morning. We've beenworking hard on some great stuff... thank you for coming to WWDC 2008.We've got a record 5200 attendees -- we wish we could have had more,but we sold out!"


Roar, applause.

Music's over, and here we go... lights all the way down, Steve's on stage!

10:06AM PT - Lights are coming down! Crowd beginning to roar!

Announcer: "Turn off all cellphones, iPhones, PDAs... our program will start in a few minutes."

10:02AM PT - OK, weird, a bunch of attendees just stood up and started clapping -- we don't know why, since it wasn't Jobs (or so we think).


9:51AM PT - Peoplestill funneling in -- this auditorium seats thousands of people, so ittakes a little while. Say, is that Gavin Newsome? Oh, and there's AlGore.

9:46AM PT -We're in! The cattle rush of the media was pretty mellow this timearound. Shockingly enough, they're playing oldies -- not the usualsoundtrack of Gnarles Barkley, Coldplay, Gorillaz, etc.


9:37AM PT - Everybody is crowding up at the closed gates, preparing for the Running of the Media.

9:16AM PT - People are really filing in. You've never heard so many people say the word "iPhone" in your life.

8:43AM PT - We'rein line at the Moscone Center (which is actually pretty spare at themoment), but it's early. The media's got a ton of MacBook Airs. Staytuned for our live coverage of the event.




Already hundreds of devs and attendees are piling up downstairs to get in.



Posted by Editorial Team Mon Jun 09, 2008 1:26 pm
WWDC 08: iVirtua Official Topic, Analysis, Live Coverage in Apple
WWDC 2008 is currently taking place from June 9 to June 13 at Moscone West, San Francisco.

Applereported that, for the first time, this conference is sold out. Thereare three tracks for developers, iPhone, Mac, and IT.

Announcementsat the keynote included the App Store for iPhone and iPod Touch, thestable version of the iPhone SDK, a subsidized 3G version of the iPhonefor Worldwide markets, version 2.0 of the iPhone OS, Mac OS X v10.6,and the replacement/rebranding of .Mac as MobileMe.
Mac OS X version 10.6 "Snow Leopard" is the presumptive designation of Apple's next major version of Mac OS X. It was announced by Apple  CEO Steve Jobs at  WWDC on June 9, 2008. It is scheduled to ship "about a year" from the announcement.
Mac OS X v10.6 will not introduce any major new features, ratherfocusing on improving performance, stability and reducing the footprintof Mac OS X. However, full support for Microsoft Exchange will be included.
Snow Leopard

MobileMe
Difference between .Mac and MobileMe
While mostly replacing .Mac (which was primarily centered aroundInternet services for Apple's desktop and notebook computers), MobileMeprovides Internet services for both Mac OS X and the iPhone OS as well as the iPod touch device and Microsoft Windowsusers. This means that now you are not restricted to a Mac runningsoftware like Mail and iCal, but can access your personal data from anycomputer connected to the internet.

Features
Storage
20GB of online storage featuring 200GB of monthly transfer. Thefamily pack includes this for the main user as well as 5GB of storageand 50GB of transfer for each sub user (up to four additional users)

Mail
Free Push Mail. Includes a @me.com email address. When a message is received it is sent directly to all the user's devices.

Address Book
Address Book (Push). When a contacted is added or amended it is updated immediately on all the user's devices.

Calendar
Calendar (Push). When a calendar appointment is added or amended it is updated immediately on all the user's devices.

Gallery
Public photo gallery. Photos can be uploaded in the web browser or synced by iPhoto on a mac

iDisk
iDisk, which is accessible via a web browser, the Finder on a Mac, or as a remote disk in Microsoft Windows.The iDisk can also share files by emailing a link to the intendedrecipient. Another feature is to set an expiration on the link. Thismeans access to file will stop after a set number of downloads or aftercertain time period.

Web 2.0
MobileMe uses web 2.0 technologies to provide the look and feel of desktop-class applications in the user's web browser.

Pricing
An Individual purchase of a MobileMe account for one-year is $99 USD (£59), while a Family Packsubscription (which includes one individual account and four familyaccounts with a specific email address for each one) is $149 USD (£89)for one year. The Individual account will have 20GB of combined emailand file storage and 200GB of monthly data transfer, while the FamilyPack will have, for each account in the Pack, 5GB of combined email andfile storage, and 50GB of monthly data transfer.

Competitors
MobileMe is supposed to comprise Microsoft Exchange-like features for consumers.

Browser Support
MobileMe's online services can be accessed in Desktop Applications.MobileMe also allows access to the user's data in desktop-likeenvironment in a web browser. Featured browsers are:

  • Safari 3 or later (Mac + PC)
  • Firefox 2 or later (Mac + PC)
  • Internet Explorer 7 (PC)
iPhone 2.0


  • Microsoft Exchange ActiveSync support
  • Push email
  • Push contacts
  • Push calendar
  • Global Address List
  • Certificates and Identities
  • WPA2/802.1x
  • Enforced security policies
  • Extra keyboard languages including Chinese and Korean
  • Cisco IPsec VPN support
  • Device configuration
  • Remote wipe
  • Ability to view PowerPoint attachments
  • Mass email delete
  • Mass email move
  • Bonjour service discovery protocol
  • Support for SVG
  • Parental controls
  • Ability to search contacts
  • App Store (To manage third-party applications)
  • New "Calendar" menu in "Settings"
  • Updated calculator with extra features in portrait mode, a scientific calculator in landscape mode and an updated icon.
  • Updated iTunes with a new icon and reordered category icons within iTunes application.
  • Ability to save or open images from websites in Safari
  • Support for Traditional and Simplified Chinese handwriting recognition
  • Geotagging
  • Norwegian, Swedish, Danish, Finnish, Polish, Korean and Brazilian Portuguese language interface in iPhone, previously these languages were only in the iPod Touch since 1.1.1



Workers hang Apple's logo outside Moscone Center, where the Worldwide Developers Conference kicks off Monday.
(Credit: James Martin/CNET News.com)
Expect to hear new details about the future of Apple's Mac OS X andWeb business next week at the Worldwide Developers Conference--and wethink there might be a new iPhone, too.
On Monday, Apple CEO Steve Jobs will take the stage at the Moscone WestConvention Center in San Francisco to address a gathering of Apple'sdevelopers and the media. This year's WWDCis sold out to the development community, who will be hearing formalpresentations by Apple on both Mac and iPhone development during theweek's sessions and meetings.
Anyone with even a passing interest in consumer electronics is probably aware that Apple is expected to unveil the next generation of the iPhone in the near future. The older version has been sold out for weeks as we approach the anniversary of the first model's debut, and anticipation of a model that can connect to 3G cellular networks has been building almost since that date last year.
One of the primary drawbacks of the first iteration of the iPhone hasbeen its reliance on the slower EDGE network outside of Wi-Fi hotspots, which can make downloading a Web page an exercise in patience.Upgrading to a faster connection should encourage people to do more Webbrowsing outside of Wi-Fi connections and could open up a whole newclass of applications that need a faster pipe to work effectively.
Apple is also expected to include GPS technologyinside the latest version, another development that could pique thesoftware development community's interest in the iPhone. Location-awareservices are available on several phones that use GPS technology, andthe iPhone developers could soon be ready to join the party.
Will the new iPhone be available immediately following Jobs' keynote?It's not clear. There have been conflicting reports, but Brian Tong ofCNET TV is hearing from his sources that Apple Retail employees havenot yet been told whether they'll need to report early on Monday for aspecial training session, which the company has done in the past beforemajor announcements.

Next Monday, Apple CEO Steve Jobs could announce a new iPhone and a new operating system.
(Credit: Apple)
While the iPhone gets all the attention as the new kid on the block,WWDC is always, in large part, about the Mac. Apple chose a picture oftwo Golden Gate bridges branching off in different directions toillustrate its WWDC invitation, and while the iPhone branch mightaccount for the sold-out conference, the Mac branch is the bread andbutter of this conference.
The Unofficial Apple Weblogreported on Wednesday that Apple would be providing developers with anearly version of Mac OS X 10.6 during the conference. It's unclearwhether that means Apple is ready to start demonstrating features fromthat release, but the report said the new version is expected to focuson "stability and security."
Apple released Leopard, Mac OS X 10.5, last October after a delay needed to make sure the iPhone arrived on time. At the time, Jobs told The New York Times that he wants Apple to stick to an operating-system deployment cycle of 12 to 18 months.
TUAW's report says Apple could be eyeing a Macworld 2009 release forMac OS X 10.6, which would certainly nestle within that time frame.Microsoft recently said it wants to get the next version of Windows out by the end of 2009.
Another interesting part of that report is the notion that 10.6 will bean Intel-only release. Users of older Macs running PowerPC chips wereable to upgrade to Leopard, but the report suggests that Apple willdrop PowerPC support with the next release.
Apple will likely spend a healthy portion of Jobs' keynote discussingMac OS X, but it remains to be seen how much of a peek we'll get at thenext version. One question on the minds of many Apple users: afterwhich big cat will Apple choose to name the next release?
Ars Technica's Infinite Loopreported Wednesday that "Snow Leopard" was the name slated for the nextversion, which sounds like it could be somewhat confusing, given thefact that the current version is called Leopard. In a poll on TUAW'ssite, "Cougar" was in the lead, trailed by "Lynx" and "LOLcat," the last of which we can probably eliminate.
The third leg of the WWDC presentation could involve Apple's .Macservice. There have been a number of recent signs that Apple isrethinking its presence on the Internet, with new domain names beingsnapped up by the company and code strings in the iPhone SDK suggesting that a new name is on tap.
One interesting thing to watch for concerning any new version of .Macis how much of the service Apple keeps in-house, as opposed to bringinga Web-savvy partner like Google into the mix. The .Mac service is a good idea, but it isn't widely used among Mac users due to issues with its stability, feature list, and price tag.
Any or all of those objections could change, if Apple transfers theback end of the service to a huge Internet services provider likeGoogle, and uses the service to bring Macs and iPhones together ininteresting ways.
As usual, Apple is very tight-lipped about what may or may not bearriving during this year's WWDC. The latest iPhone may or may not beready for an actual release on the first day of the show, but expectthe topic to be the highlight of the day's announcements.

WWDC 2007 Keynote Live Coverage here at iVirtua Community
Posted by Editorial Team Mon Jun 09, 2008 1:23 pm
Manchester band uses CCTV to music video in Film, Photography, Digital Animation, Broadcasting / Production
MANCHESTER BAND the Get Out Clause have come up with a noveland cheap way of filming a promo for their new single release, Paper.
The jangly four-piece dragged their equipment, including a drum kit, to 80locations in Manchester's city centre and played in front of security camerasowned by the local council and private businesses.
Members of the band then wrote to the owners of the CCTV equipment demandingthat they be given copies of the performances under the Freedom of InformationAct.
Apparently about 20 per cent of the organisations approached entered into thespirit of the thing (and followed the letter of the law) and came up with thegoods.
The resulting video is actually pretty good.

TheGet Out Clause on Myspace
Posted by Editorial Team Wed Jun 04, 2008 5:33 am
New RTS Tom Clancy EndWar World War III game footage in Gaming
Tom Clancy's EndWar is a real-time strategy game for the Xbox 360, PlayStation 3, Playstation Portable, Nintendo DS, and PC platforms. It is set during World War III being designed by Ubisoft Shanghai. The special edition of Rainbow Six Vegas 2 included a video with the first live gameplay footage of this game.

Plot:
In 2011, the United States and the European Union sign the historic SLAMS (Space-Land-Air Missile Shield) Treaty, agreeing to co-develop technologies for a comprehensive, interlocking anti-ballistic missile system. Left out of the treaty, Russia accelerates development of its own system. SLAMS is activated in 2014. The US and EU launch test salvos against each other, which the SLAMS weapons completely destroy. Emboldened by the success of the tests, the US and EU pronounce "the end of strategic nuclear war," and the world celebrates a new age of peace and security.However, in 2015 it is found that major oil companies have overstated the amount of recoverable oil reserves. Energy security becomes the explicit priority of governments around the world. Russia, is the world's number one supplier of natural gas and crude oil, there economic stock goes up from the energy crisis, spending its oil profits on modernizing its armed forces and utilizing its returned power to influence world events. A quick nuclear war occurs between Saudi Arabia and Iran in 2016, this makes oil even more scarce and greatly starts causing much panic in the nations of Europe. Once an alliance of individual countries, Europe becomes the "European Fed." (EF). The the now fractured superpowers of the US and EF embark on a costly space arms race with each other.The militarisation of space reaches its peak in 2018, when the United States reveals plans to launch the "Freedom Star" space station into high orbit by 2020, in an effort to regain its position as the premier world superpower. While partly designed for civilian research purposes, the station will also house three companies of U.S. Marines, who can deploy anywhere on Earth within 90 minutes. International reaction is extremely negative, to say the least. In 2020, when the final module of the Freedom Star is set to launch from Kennedy Space Center amid international outcry, it comes as little surprise when a group of terrorists attack the launch site. In investigating the source of the attack, the US, the EF, and Russia find themselves at odds, rolling with unstoppable momentum toward full-scale global war.

Ubisoft has released a bunch of screensand a trailer for upcoming console RTS Tom Clancy's: EndWar, scheduledto be released sometime later on in the year.
The first EndWar trailer shows an overhead map of Europe with only Spain and half of France under US control, while the Russians occupy the rest of the continent. The camera then zooms to an ongoing battle in Paris, where a local Joint Strike Force commander, Major General Smith, directs the action from a mobile headquarters vehicle by touching and moving a holographic map display. Outside, US soldiers armed with modified M8 assault rifles, along with advanced M2 Bradley APCs, DPV Jeeps and M1 Abrams tanks attack Russian forces holding out at the Élysée Palace. Eventually, the US troops call in air support in the form of redesigned RAH-66 Comanche attack helicopters and V-22 Osprey transports, forcing the Russians to fall back. However, the assault is short-lived, as in addition to a mechanized counterattack, the Russian forces launch hundreds of UCAVs that shoot down the helicopters right on top of the soldiers. Realizing the desperate situation, General Smith issues voice attack commands to a Kinetic Strike satellite hovering over Europe. Russian soldiers surround him as he emerges from his vehicle.Just before the Russians take him in as a prisoner of war, the general says, "Now." The satellite fires a kinetic missile down on his position, obliterating himself and the Russians, as well a large section of Paris.The trailer depicts several major cultural icons from Paris, including the Eiffel Tower, a heavily damaged Luxor obelisk in the the battlefield of the Place de la Concorde, and the Louvre museum.






The trailer quickly sets the scene for World War III, before showing off some in-game action. It looks quite sweet.

After trying it ourselves a month ago, we were particularly impressedwith the voice-control and the interface that really made an RTS a joyto play on a console.

You'll have to take our word for it though, as none of that is demoed in the trailer or screenshots.
Posted by Editorial Team Sun Jun 01, 2008 7:04 pm
Aurora threatens US power grid in General Discussion, including Off Topic, Current Affairs
HACKERS could shut down US power stations from the comfort of their own homes, says the Department of Homeland Security.

Almost a year ago, the Department released a video showing how cyber criminals could hack into power plants and blow up generators remotely using a technique known as the Aurora Vulnerability.

Government researchers launched an experimental cyber attack causing a generator in Idaho to self-destruct in a cloud of smoke.

Setting aside the fact that the release of the information was an extremely dumb thing to do, apparently little has been done in the intervening months to prevent such a thing happening for real. Members of the House Committee on Homeland Security are now warning that regulatory bodies aren't moving fast enough.

"I think we could search far and wide and not find a more disorganised response to a national security issue of this import," said the chairman of the Subcommittee on Emerging Threats, Cybersecurity and Science and Technology, James Langevin. "Everything about the way this vulnerability was handled … leaves me with little confidence that we're ready or willing to deal with the cyber security threat," he told Forbes.

Langevin blamed the Department of Homeland Security for not providing enough detail on exactly how the attack was made, hampering efforts by the the power industry to take preventative measures. He also pointed the finger at the power companies for working too slowly and the North American Electric Reliability Corporation (NERC), for not doing its job as the regulatory body tasked with providing the nation's power.

NERC gave evidence to the US House of Representatives last October claiming that 75 per cent of the nation's power plants had made some progress in securing systems against cyber attack. But when the subcommittee checked the NERC survey, it discovered that it had only been thrown together a couple of days before the hearing.

"You are not going to sit there and waste my time telling us you're doing the job you're supposed to do," Bill Pascrell, another member of the House subcommittee, said. "Who do you think we are - a bunch of jerks?"

A number of serious security vulnerabilities at the USA's largest power company, Tennessee Valley Authority, were noted including a failure to implement simple security measures such as updating firewall and antivirus software. Much of the company's network had no password protection and provided links to TVA's power generation systems.

Joseph Kelliher, chairman of the Federal Energy Regulatory Committee, said that the industry's emergency response procedures were designed to protect the grid from the threat of tree branches falling on power lines, rather than cyber attacks.

"A process designed to guard against poor vegetation management is not well suited to guard against national security threats," he said.

New legislation is coming into force in 2010 which threatens power companies with fines of up to a million dollars a day for failing to meet security standards.
Posted by Editorial Team Tue May 27, 2008 6:07 pm
Blackberry give the Indian government email encryption in Entertainment, Film and Music, Mobile devices and media
Research In Motion (RIM), the Canadian company behind the BlackBerryhandheld, has refused to give the Indian government special access toits encrypted email services. Indian authorities have previouslyevinced concern that terrorists or criminals might use BlackBerries tocommunicate free from government interception.
According to the Times of India, the company said in a statement:
The BlackBerry security architecture for enterprisecustomers is purposefully designed to exclude the capability for RIM orany third party to read encrypted information under any circumstances.We regret any concern prompted by incorrect speculation or rumours andwish to assure customers that RIM is committed to continue servingsecurity-conscious business in the Indian market.

Previous reports have suggested that the Indian government hadsought only the ability to read information sent between consumerBlackBerry users, rather than enterprise platforms. There had beenmedia talk of a "master key" to be given to Indian officials.
Regarding the assertion that third parties are completely unable toread BlackBerry messages, this contradicts the view taken by the Frenchgovernment. France recentlybanned the use of BlackBerries by its top officials. French securitytypes had apparently noted that BlackBerry's secure traffic passedthrough servers in Britain and the US, and felt that there was at leastsome chance of interception by the likes of GCHQ and the NSA.
India currently has a little over 100,000 BlackBerry users. Thesecurity/intercept issue became public when Tata teleservices was askedto delay its BlackBerry launch date until the Indian Department ofTelecoms had intercept methods in place.
Posted by Editorial Team Tue May 27, 2008 3:32 pm
Guardian: Hiding data from US customs "use a memory car in General Discussion, including Off Topic, Current Affairs
Is the Guardian encouraging us to smuggle things through UScustoms? Well, an article by security expert Bruce Schneier certainlyis – urging readers to ‘hide all their data’ rather than let them rootaround in your hard-drive.
In an article entitled ‘Taking your laptop into the US? Be sure to hide all your data first’ Schneier, who writes a popular blog  advises people to take extreme measures to hide their data with encryption or even utilising memory cards.
Over-sensitive data?
“Whilecustoms agents might poke around on your laptop, they're unlikely tofind the encrypted partition. (You can make the icon invisible, forsome added protection.) And if they download the contents of your harddrive to examine later, you won't care,” advises Schneier.
“Ifyou can't [encrypt], consider putting your sensitive data on a USBdrive or even a camera memory card: even 16GB cards are reasonablypriced these days. Encrypt it, of course, because it's easy to losesomething that small.
"Slip it in your pocket..."
Quote:
“Slipit in your pocket, and it's likely to remain unnoticed even if thecustoms agent pokes through your laptop. If someone does discover it,you can try saying: "I don't know what's on there. My boss told me togive it to the head of the New York office." If you've chosen a strongencryption password, you won't care if he confiscates it.”

Whetheryou agree or not with Schneier’s point about the US (and the UK forthat matter) allowing this search, surely hiding data on a memory cardto smuggle it through customs either makes it look like you havesomething to hide, or means you actually do…
Posted by Editorial Team Wed May 21, 2008 9:54 am
BBC, ITV, Channel 4, Five, and Sky Free Internet TV compared in Entertainment, Film and Music, Mobile devices and media
BBC
The iPlayer(formerly know as the iMP, or Interactive Media Player) was announcedin 2003 and intended to be an extension to the successful Radio Player,built around RealPlayer. The final iPlayer is, thankfully, shaping upto be a much slicker affair, looking like a cross between Joost and acable/satellite Electronic Program Guide (EPG). As long as you live inthe UK, on launch you will be able to download a selection of programsup to 7 days after broadcast, and you then have 30 days in which towatch it before the DRM kicks in. I’m guessing that the range ofprograms will be similar to the offerings on Virgin Media’s “Replay”feature, i.e. most popular “home-grown” programs such as Eastenders,Doctor Who and Life on Mars.
The iPlayer has come under fire from open source advocatesbecause, at launch, it will only be available for Windows XP users.This goes against the BBC’s charter, restricting the application, andtherefore the programs, to certain systems. The BBC Trust has confirmedthat versions for Apple Mac, Windows Vista and mobile platforms willfollow [Ed. once the BBC can find a platform agnostic DRM solution, which could take some time],and more recently, the BBC’s announced that they are meeting with theOpen Source Consortium (OSC). The OSC are to work with the BBC on the possibility of developing an open source iPlayer.
The BBC also plans to expand the functionality of the iPlayer, suchas adding on-demand streaming, which would allow you to watch a programwithout downloading it first. They are also looking to add seriesstacking (allowing you to download previous episodes of a series) andintegrating the Radio Player with the iPlayer. The BBC will bepromoting the iPlayer heavily: via the BBC TV channels, links on theBBC website and also on partner websites such as YouTube, AOL andMySpace. There are indications that live streaming of BBC channels mayalso possible.
ITV
ITV are following the BBC’s lead, with the imaginatively titled “ITV Broadband“.They are offering programs that are viewable within the browser, usingWindows Media Player integrated into their web pages. At the momentthey are only offering 10 minutes catch-ups of the last 30 days’episodes of Emmerdale and Coronation Street, which are book-ended byadverts (being popular programs these are probably the two that couldattract the most advertising and therefore generate the most onlinerevenue), but that is set to expand. ITV are promising catch up optionson Drama, Lifestyle, Entertainment, Sport and News programs, plus a“Best of ITV” section too.
The biggest drawback I found was that ITV Broadband (which isPC-only) favors Internet Explorer. The only way I could view content inFirefox was to use the IETab add-on,which allows the current tab to be rendered using the Internet Explorerengine instead of the Firefox one, but fortunately ITV have had thesense to display a link to download IETab where the video normallyappears.
ITV also offers live streaming of their four channels from the website which is of reasonable quality.
It’s also worth mentioning ITV Local, the site for regional ITVbroadcasters such as Granada, Meridian and Tyne Tees. The site streamsnews updates, weather reports and other videos from the region, ondemand.
Channel 4/More4/E4
Channel 4’s “4oD”application has been available since December 2006 and is similar tothe forthcoming iPlayer. You can download a selection of programs fromChannel 4, More4 and E4 for free from the last seven days, or choosefrom the available archives. Again, DRM only lets you watch thedownloaded programs for up to 30 days. They also offer paid content,both television programs (including US imports such as Lost and UglyBetty) and films, from 99p.
Be prepared for long download times although the actual videoquality is very good. The application is sluggish on lower specmachines which may result in slow adoption; another problem may be theway in which the network actually serves the programs. It uses Kontiki,a peer-to-peer platform, to distribute video, which means that evenwhen you are not using the 4oD application, your computer may still beserving files to others, which some security- and bandwidth-conscioususers may dislike. It is also limited to running only on Windows XPsystems with Internet Explorer and Windows Media player, so once againApple Mac and open source fans will be left out in the cold.
Channel 4 too offers streaming through a browser-embedded MediaPlayer, for which you have to register (to make sure you’re a UKresident presumably) but the quality is quite good, even at full screen.
Five
Fivehas always been the black sheep of the UK TV industry. Their contenthas never really been on the same par as that of the other networks andtheir “fivedownload” service isn’t much better. It seems the onlyprograms they offer are Grey’s Anatomy and CSI (three flavours: CSI,CSI:Miami and CSI:NY) and it’s a pay service. With iTunes possiblyoffering a similar feature soon (these shows are available in the USstore so they may come to the UK too) I don’t really see that Five’sapplication will have much of a future unless they improve and increasethe available content.
Sky
Sky offers their “Sky Anytime”feature, which uses Kontiki, similar to Channel 4’s 4oD. To use SkyAnytime you need to register on Sky’s website, and then download theSky Anytime application (one again, PC-only). After installation, youlog in as expected and the first thing that hits you is how slick theapplication is. It’s responsive, looks good and has a large amount ofcontent. I’m not a Sky customer so I was limited to what programs Icould download, but TV subscriptions to entertainment, movies andsports packages unlocks similar content on Sky Anytime.
Its worth noting that Sky also let users program their Sky+ box over the net.
Conclusion
The major UK TV networks are making good ground with TV on the net.Of the dedicated applications on offer, Sky’s seem to be the bestoverall (at the moment) with its clean look, and responsive andintuitive interface. The range of content across the board is growing,with Channel 4 and the BBC ahead — and as advertising and other revenuestreams for internet TV are realized, the content from commercialnetworks will likely increase in quantity, as market forces demand it.
All of the UK networks employ techniques to prevent non-UK viewersfrom accessing their Internet TV offerings, such as geo-blocking, wherethe user’s IP address is used to establish their location. This is,in-part, a world-wide licensing issue (which in the BBC’s case is mademore complicated by its state-funding), but also protects potentialrevenue from overseas sales. However, with many popular UK programsappearing illegally online, and the fact that geo-blocking can becircumvented — moving forward, I think we’re likely to see the networkstake a more global approach to Internet TV programming, especially withregards to older content.
As a side note, it’s also worth mentioning that users can programtheir Sky+ box (the company’s own DVR offering) over the internet andvia a mobile phone. The next logical step would be to allow users tostream programs recorded on their Sky+ box (or any other DVR) over thenet, similar to a Slingbox.This would add another dimension to Internet TV; you could be workingaway in another part of the country, or on holiday abroad, and with adecent broadband connection you can access content that you’vepreviously recorded.
This is an exciting time for Internet TV, and in particular I hopethat the iPlayer lives up to my expectations. I’m fairly convinced thatthe BBC is moving in the right direction and will push the boundariesof Internet TV, not only in the UK but also worldwide.
Posted by Editorial Team Sat May 17, 2008 6:28 pm
Businesses fear emergence of compensation culture in UK in Business and Industry in Gaming, Media, Web, IT and Computing
European and Asian companies believe that a US-stylecompensation culture is already well established, and there is areal danger that boards in these regions lack the experience ofdealing with such a litigious environment," warned the report."Organisations operating there may need to spend substantial timeand resources improving their infrastructure, skills and capabilityto respond to this trend."
The research, conducted among 183 board level executives acrossthe world, found that half of directors feel more exposed to directlitigation against them than they did three years ago.
The survey investigated to what degree companies are being heldmore responsible for their activities and to what extent thatliability stretches to individual directors.
It found that liability and the legal activity surrounding it isincreasingly a part of directors' lives, and that 13% of a board'stime is now spent discussing litigation, a proportion which theexecutives expect to rise.
"There is strong agreement that valuable resources are beingspent on legal issues that could be deployed elsewhere," said thereport. "With 58% of respondents using lawyers more frequently and47% reporting a rise in the cost of directors’ and officers’insurance, one third of companies are passing the cost on tocustomers through higher prices, and even more expect to do so infuture."
"Most significantly of all, about one third of businesses havebecome more risk averse and less likely to invest in new businessopportunities as a direct result of concerns about litigation," itsaid.
"With the development of success fees and third party funding,litigation is becoming big business," said Tom Stocker, alitigation lawyer at Pinsent Masons, the law firm behindOUT-LAW.COM.
Quote:

"There is also a very real fear of personal liability forfailures to comply with the laws that regulate business in the UKand overseas. We are seeing an increasing trend of regulatorstaking enforcement action against directors and senior managers forregulatory breaches," said Stocker.
The report recommended that businesses spend less time dealingwith existing problems and more time dealing proactively withfuture risks.

"Boards already think that they spend too much time on liabilityand litigation issues, but this could be spent more wisely and evenreduced if they switched their focus to emerging risks rather thanconcentrating on issues which are already subject to legal andregulatory activity," it said.
The executives themselves identified the areas of likely futurerisk as being technology and security, environmental liability andcorporate governance.
Quote:

"After a decade of high-profile company failures and thesub-prime crisis currently in the news headlines, boards are notyet convinced that business has fully got to grips with issuesaround transparency and disclosure," it said.
Stocker said that companies should make concrete plans thatassess and provide for risks in their business. "Companies can helpprotect themselves from liability by putting in place riskmanagement procedures and policies, and ensuring that thearrangements for contracting are tight," he said.
Posted by Editorial Team Fri May 16, 2008 4:37 am
China behind recent hack attacks, says Indian government in Business and Industry in Gaming, Media, Web, IT and Computing
The Times of India has accusedChinese hackers, allegedly backed by the Chinese government, ofsystematically attacking Indian online assets over the past 18 months.The goal of these assaults, at least according to the paper, is to mapand discover weak points within India's IT infrastructure. Suchinformation could give China an advantage in any potential conflict,and the article implies that India has been slow to develop aretalitory system in the event of a Chinese attack.
                                        
Related Stories
                                                                                                                   
The degree to which the Chinese government is actually involved in these attacks is still an open question, The Times'rhetoric notwithstanding. A continuing series of sophisticated andmethodical assaults is no longer proof of another nation's malevolentintent, even if such attacks appear to be originating in the country inquestion. The same market forces responsible for the commercializationof the malware industry across the globe promote sophisticated attackvectors and a methodical approach to security probes. So the hackersbehind the intrusion attempts that Indian IT workers are detecting areessentially cyber-casing the country's digital joint, and while theymay be working for the Chinese government they could also just be outto make a buck.

The problem with accusing other countries of attacking one's owncybersecurity systems is that, at least to date, such accusationshaven't proven particularly accurate. As we coveredin January, a series of cyber attacks that the Estonian governmentinitially blamed on the Russian government actually turned out to bethe work of a disgruntled student hacker. The incident did no permanentdamage to Russian-Estonian relations, but it did cause a temporarydiplomatic cooling between the two countries over a set of allegationsthat the Russians vehemently—and apparently truthfully—denied.
Sino-Indian relations are probably better, on the whole, thanEstonian-Russian relations, but the two burgeoning powers have hadtheir share of conflicts, including a brief war in 1962. Since the1980s, however, the relationship between China and India has generallygrown stronger. China recognized Indian sovereignty over the disputedstate of Sikkim in 2003, and the two country's jointly reopened theNathula Pass in 2006, which had been closed since the aforementionedSino-Indian War of 1962.

India's relatively friendly relationship with China may have grown abit more tense of late thanks to the recent Chinese crackdown in Tibet.India is home to the largest group of Tibetan refugees in the world,including the Dalai Lama's government-in-exile. The cybersecurityattacks India detected aren't directly related to the Tibetanriots—evidence indicates that they've been occurring for at least ayear—but the government's decision to release such information at atime when China is under enormous scrutiny is hardly accidental.
The Times notes that "cyber warfare is yet to become a bigcomponent of India’s security doctrine." Even in the US the military'srole in cybersecurity is still in its relative infancy; India is butone of many countries in the process of evaluating how cybersecurity(and cyber warfare) impact its safety.
Posted by Editorial Team Wed May 07, 2008 10:20 am
10 things IT needs to know about Ajax in Programming, Web and Software Design/Development
The introduction of any new Web technology will affect a network's infrastructure in ways that range from inconsequential  to earth shattering. Ajax is one of the more disruptive new Web technologies traveling across networks today. To help you  minimize future surprises on your network, we've outlined the 10 things you should take to heart about Ajax. (Also see our slideshow illustrating tips for deploying Ajax applications effectively.)
1) Ajax is an idea, not an acronym
While Ajax commonly is spelled out as Asynchronous JavaScript and XML, the full name is not entirely appropriate because it oversimplifies  the history of the technology and the implementation options that lie at its heart. More exactly, Ajax encompasses the idea  that Web applications can be built to opt out of the typical post-wait-repeat cycle used in server-side-focused Web applications. Ajax lets Web applications move to a more responsive, continuous, but incremental style of  updating. Ajax provides users a richer, more interactive way of experiencing the underlying Web application. This goodness  for the user might mean that more monitoring and security
oversight might be required of network professionals, as well as, potentially, server and network alterations.
2) It's really all about JavaScript
Ajax applications are written in JavaScript and usually rely on the XMLHttpRequest object for communications, which is making  its way through the World Wide Web Consortium process.Because, like many Web technologies, it now is only an ad hoc industrystandard, notable differences can be found in various browsers'implementations of it. It's also possible to use other data transportmechanisms — with and without widespread industry support — with Ajaxapplications, including traditional frame and image-cookie methods, aswell as the use of binary bridges to Flash or Java.
Regardless of the transport approach used by the developer, Ajax has raised JavaScript to a more important position within  a Web application than it previously held. JavaScript now is responsible for important data-collection, communication and  consumption duties, so it no longer can be treated as a second-class Web technology without serious repercussions.
Developers who think the JavaScript technology is toxic can try to avoid the language by having a tool or framework generate  it from some other language like Java (Google Web Toolkit, for example), or hide the code behind components or tags (such  as with .Net or Ruby). At the end of the day, however, JavaScript still will be in the application. It's better to understand  the language and embrace it directly, because if you are going to use Ajax, you ultimately are using lots of JavaScript.
Ajax is intertwined with the network, so bad code is going to meanlots of troubleshooting by network administrators, as well asdevelopers: The bottom line is to encourage good, network-aware coding!The same organizational "rules and tools" -- coding standards, testingregimes and source-code control — that are in place for other languagesmust be applied to JavaScript to ensure that Ajax applications aresupportable and robust.
3) XML is not required
Despite the "x" in the acronym, Ajax does not require XML. TheXMLHttpRequest object can transport any arbitrary text format. For manyAjax developers, JavaScript Object Notation or even raw JavaScript codefragments make more sense as a data format, given that JavaScript isthe consuming environment. For direct input into documents, otherdevelopers may favor raw text or HTML fragments. Still others will usesuch data formats as the less-known YAML markup language or such oldstandbys as comma-separated values.
Of course, it is possible and certainly reasonable to use XML, butit is far from required. Using binary formats for uploading files isnot supported yet by the XMLHttpRequest object, but considering thatFlash uses a binary format called Action Message Format, it is likelythat similar features will be found in Ajax applications soon enough.You should know which format is being passed around the network,because it isn't always XML. Also, make sure you can analyze the formatfor performance and security.
4) Plan for an increase in HTTP requests
The most obvious issue for the network administrator supporting Ajaxapplications is that the architectural programming pattern has changedthe network utilization of Web applications from a batch-like, somewhatinfrequent response of a few hundred kilobytes, to a more continuousexchange of smaller HTTP responses. This means that network-bound Weband application servers may find themselves even busier than before.What Ajax will do to your server and network utilization certainly willdepend on how the application is built — make sure your developersunderstand the network impact of their applications.


5) Optimize Ajax requests carefully
Web applications should adhere to the network delivery principle of sending less data, less often. That doesn't mean that  this principle is widely followed by developers, however. Fortunately for the network, HTTP compression of Ajax responses  can reduce response size and is supported in all modern browsers. Because of dynamic compression's overhead, however, speed  may not improve much if responses are indeed relatively small. This means that it would be wise for network administrators  to turn on compression on their Web server, but they need to understand that with Ajax applications, their gains won't be  as big as with traditional Web applications.
To send data less often, we generally would employ caching. MostAjax implementations can be openly hostile to caching, however, givencertain assumptions made by browsers regarding not re-fetching URLsduring the same session. Rather than work with caching, many Ajaxdevelopers will work aggressively to defeat caching via the headersetting or URL uniqueness.
It is possible to address caching concerns with a client-side Ajax cache written in JavaScript, but most Ajax libraries do  not implement such a feature. Network professionals should show developers the benefit of caching, because Ajax probably will  benefit more from that than from compression.
6) Acknowledge the two-connection limit
Ajax applications are limited by HTTP to two simultaneousconnections to the same URL. This is the way the HTTP protocol isdesigned, not some browser bug or limitation. The good news is that itkeeps many Ajax developers from swamping a server accidentally, thoughMicrosoft's Internet Explorer 8 is supposed to go well beyond thelimit. Chatty Ajax applications can be trouble, and with browserschanging the rules, network administrators need to keep a close eye onthe number of requests made, and work with application developers toavoid employing such design patterns as fast polling or long-heldconnections.
7) Watch out for response ordering
With traditional Web applications, the network effects of TCP/IP communications — such as the lack of order in which individual  HTTP responses are received — generally are not noticed by developers or users. The base unit, the HTML document, is received  before other objects, and it then triggers the request. Any subsequent request triggers a whole new base document, thereby  guaranteeing order. Ajax takes such implicit ordering away, however, so that an application dependent on proper sequencing  requires a response queue. Ajax frameworks, however, are not consistent in acknowledging this network concern. So, again,  make sure Ajax application developers understand such network-level concerns.
Acknowledge the effects of eliminating "Layer 8" error correction
For years, users have been correcting Web-delivery quality byreloading pages or pressing the Back button. Simply put, users doingthis help mitigate network problems because errors occur generally atexpected moments between page paints. With Ajax, however, applicationfailure is no longer that obvious. Worse yet, users often aremisinformed about errors, because the simple, animated-GIF spinningcircle provides little information about the true status of therequest.


Developers are at a loss because many libraries aren't effective at acknowledging that timeouts happen, retries must occur,  and server and data errors crop up. JavaScript diagnostics showing communication and code errors are rarely in place on the  client side, so blissful ignorance is the norm. More application-level monitoring is required for administrators to support  Ajax properly.
9) Old security threats get a second exposure
If you listen to the pundits, Ajax may appear to produce more attacksurface, but it really isn't any less secure than traditionalWeb-application development environments, because the HTTP inputs tothe trusted server side are the same — headers, query string andmessage body. If implicitly trusting client-side code and entered datais not verboten already in your Web development group, however, Ajaxmay push things in that direction.
Cross-site scripting (XSS) isn't a vulnerability new with Ajax; it is just more common, especially if an application allows  state data to be manipulated with JavaScript. HTML input should be disallowed in most cases, and HTTP Only Cookies should  be applied immediately to reduce cookie hijacking and other attacks via XSS.
Cross Site Request Forgery likewise isn't new with Ajax, but if your application developers aren't checking the HTTP Referer  (sic) header and managing sessions properly within Ajax applications, you've already been open to it, although it might be  worse now.
Hackers, like developers, now are more interested in using and abusing JavaScript, which increases the potential for exploits.  Network professionals should make sure developers are aware that client-side code can be manipulated even with obfuscation  in place, so data inputs should always be filtered and sanitized, Ajax or not.
10) Abide by same origin for your protection
On the positive side of security, JavaScript's same-origin policy(SOP) is fully enforced in an XMLHttpRequest-based Ajax application.This policy makes sure that scripts cannot talk to domains outside ofthose from which they are issued. From the developer's point of view,this can be quite annoying because it means that pages served, forexample, from ajaxref.com can't talk to a URL hosted onwww.ajaxref.com; even if it is the same machine, it isn't the sameexact domain. DNS equivalency doesn't matter here; it is a string-checkemployed by the SOP.
The SOP will severely hamper a developer's ability to perform someWeb-service efforts on the client side as well. Clearly the bestapproach is to use a proxy on the server to bounce requests to otherservers and combine the results. However, many Ajax developers attemptto break the same-origin restrictions. Using the <script&gt; tag asa transport instead of the XMLHttpRequest object introduces dangeroustrust assumptions, and that leads to the origin of much of the concernabout overall Ajax security.
Now, with such browsers emerging as Firefox 3 and Internet Explorer8 employing native cross-domain request facilities, there is certain tobe more trouble on the horizon. As is the case with Java'ssecurity-sandbox concept, SOP restrictions are introduced just to keepdevelopers from destroying security. Go around such safeguards withextreme caution.
Watch what you wish for
With Ajax, rich-application widgets will win a project, but badplumbing may sink it. If the promise of a rich Ajax application isdelivered in a network environment that is occasionally fragile, userswill become disillusioned with the perceived instability of theapplication regardless of its slick interface. To enable desktop-likequality, network professionals must educate Ajax developers aboutcertain network and security fundamentals and provide a solid andconstantly monitored delivery platform that includes client-sidediagnostics on JavaScript functioning and network performance from theuser perspective. Users regularly see rich Web applications done right— like those coming from Google, for example — so anything less is arisky endeavor.
Posted by Editorial Team Tue May 06, 2008 6:57 am
The missing five-minute Linux manual for idiots in Software
So, for the time being, I'm afraid we are all back on re-evaluation-of-Linux duty. Never mind. I've already done the spadework. Let me lead you through a few simple steps to a full-on Open Source experience.
Blog

At any given time, in various places and languages around the world, there are simultaneously 14 blog entries being written by Linux neophytes, documenting their first faltering steps.

This rate is well down from the 2002 peak of 37 such articles generated per hour, but is still impressive, especially when you remember that back in the old days most blog software defaulted to subject line 'I try Linux!!!' .

(Although I believe Google, showing the clever innovation for which that company is justly famous, indulged in word play with their default of 'Bye bye Windblows!!'.)

Anyway, I say the best thing is to get the blog over and done with before going near the software. After all, the text itself rarely varies: it nearly always reports the difficulties the writer had configuring a driver for his sound card. Here is a perfect example to get you started. Off you go.
Choosing your distro

There are many hundreds of Linux distributions, each of which has its own plus and minus points. It can be very confusing.

The conscientious would-be Linux user should take time to mull over the pros and cons of the Red Hat versus SUSE, and Debian versus Gentoo. He will want to evaluate the various package installation schemes - comparing .deb with .rpm - and will spend many hours on the web absorbing great quantities of freely offered advice over whether to go for Gnome or risk post-Trolltech takeover KDE, or just run the whole thing in text mode, like a Real Beard.

After he has done all this, he will install Ubuntu, because that's what everybody does.

'Ubuntu', by the way, is an African word 'too beautiful to translate into English'. The term was first popularised by Alexander McCall Smith in his The No.1 Ladies' Detective Agency series of books, in the following, typically action-packed, scene:

'Mma Ramotswe?'

'Yes, Mma Makutsi? Would you like to boil the kettle to make some more bush tea?'

'No, Mma Ramotswe. I was going to say: there are unpleasant brown stains all over the floor, and also a smell. I wondered if you perhaps had trod in some ubuntu? The Tlokweng Road is covered in it today.'

'No, Mma. I do not have any ubuntu on my shoes. I am very careful. Perhaps you have some ubuntu on your shoes.'

'No, Mma Ramotswe. I do not have any ubuntu on my shoes either. It is a mystery.'

'Perhaps Charlie, Mr J. L. B. Matekoni's unsatisfactory senior apprentice, brought it in on his shoes.'

'Ah yes, Charlie. I am quite sure that this is the correct explanation.'

Precious Ramotswe allowed her traditional build to lean back in her chair and relaxed. Later on, she would go out in her tiny white van and investigate something. Later, but not just yet. The wall lizards basked in the morning sunshine, and flies buzzed laconically around the light fitting.

'Mma Ramotswe?'

'Yes Mma Makutsi, what is it now?'

'Shall I fetch the mop?'

Although modern Ubuntu has come on a long way in the last few years, its default desktop theme is still shaded the same brown colour, as a reminder of its inspiration.

Incidentally, Ubuntu also famously gives its releases hippy alliterative names: 'Feisty Fawn', 'Hoary Hedgehog' and so on. These names are created using the same algorithm that fellow wrinklies will remember as the old CompuServe password generator. This knowledge enables me to predict with confidence that when the current 'Gutsy Gibbon' release is retired, the next four will be called Weedy Willie, Sexy Sadie, Lorelei Lee and Moon Unit Zappa.

Selecting your database
When choosing which of the Big Two to install, one issue dominates.Never mind such concerns as scalability, performance, fitness forpurpose or licensing. The fact is that while MySQL has a fairly awful name, reeking of turn-of-the-millennium marketing, PostgreSQL has a really appalling name, which nobody at all knows how to pronounce. This simple error means that PostgresS PostGRE Pogres that database is inevitably doomed, even if the software were ten times better than anything else. Sorry, guys.
While we are doing databases, a quick mention for SQLite.This is an excellent cross-platform C library, which lets one do properSQL without needing to supply a separate SQL engine. SQLite is publicdomain, and instead of the usual copyright threats, the source code contains a blessing:

  • May you do good and not evil
  • May you find forgiveness for yourself and forgive others
  • May you share freely, never taking more than you give
  • May you never find ubuntu on your shoe

Actually, I suspect my copy of SQLite somehow got corrupted during the download. Must remember to check those MD5s.
Don't inhale
'Running Linux with one foot on the bottom' refers to the practiceof running Linux under a VMware virtual machine, so if that if thingsall go wrong, one can beat a cowardly retreat to the safety of thefamiliar. Also, it avoids the somewhat scary business of scrapingWindows off your hard disk.
Microsoft can take heart that timid persons (like me) lack the confidence to commit fully to Linux in this way.
On the other hand, we are experimenting with Linux instead ofgetting familiar with Vista, so maybe they should not take too muchheart.
Missing
Even if they don't use Firefox already, modern IE has pretty muchthe same user interface, so Windows users should feel completelycomfortable in their web browsing after crossing the great divide.Similarly the OOo'sofferings, despite coming from an outfit whose abbreviation looks likea deflating balloon, are much closer in use to 'proper' Word and Excelthan Office 2007.
But I must be up front about this. You will find that there are core Windows features that are missing from Linux:

  • That silly animation that runs while Windows is copying a file,together with its wild estimations of time to complete: 30 secondsremaining, 2 minutes, 9 minutes, 25 minutes, 37 minutes, 30 seconds.
  • The registry
  • Virus checking software
  • The window that comes up when a program crashes and sends the crashdump to Redmond, to give them a much needed laugh. Linux programsinstead lay a small binary turd file in situ. After a while you end upwith quite a large collection of these, decorating your directories.
  • Automatic updates fixing vulnerabilities in Outlook Express. Who uses Outlook Express these days? Why?
  • Windows genuine disadvantage
  • The Windows pause, by which I mean that increasingly prevalentnothing-happening-for-no-reason delay that intrudes between the userpoking and the software flinching.

I'd like to expand on that last point. For example, if you delete afile from your hard disk - not on the network, not locked - by pressingthe Delete key in Explorer, on some machines that I know the sequenceis 1) the screen freezes and nothing at all happens, 2) after twoseconds the cursor turns to an hourglass, 3) after a further 20seconds, Explorer's window goes blank and is repainted, 4) the deletedfile is missing from the repainted list.
In Nautilus, the Gnome equivalent of Explorer, the file simply disappears and reappears in its 'wastebasket'. As you'd expect.
Where I work, we have an expression to cover this kind of behaviour. We say: Windows is helping you.
Invective
Time for some balance. The most amusing piece of Linux-relatedinvective on the Internet is Netscape/emacs legend Jamie Zawinski'sfamous rant about Linux video players.Never mind that it is wildly out of date - if you haven't read it andyou enjoy swearing, you are in for an audio cock-shaped treat. NSFW.
Still hard work
You may have heard it said that modern Linux is as easy to set up asWindows, requiring three or four clicks to install a file server assecure as a laptop containing a sensitive government database leftovernight on the front seat of a civil servant's Renault Nicole.
For the most part I would say this is true, but there are severalplaces where it is not, and Samba is definitely one of them. Yourcorrespondent recently set up a Samba system on a Windows 2003 domain(the full whack, with proper security and everything, not justhardwired in with root privileges everywhere). Getting it going was hergreatest intellectual triumph since passing Latin O-level.
Editors
By decree of the state of California, there must be at least 17 texteditors installed into each copy of Linux. Some are GUI based, but mostrun in consoles. Some support UTF-8, some include spell checkers orLISP implementations. All have mutually incompatible keystrokes.
Legendary line-oriented relic ed is by no means the most difficult to use. If you think you are hard, try joe, which emulates the dreaded Wordstar, the Wordprocessor that Time Joined the Foreign Legion to Forget.
Ubuntu installs a gnomic thing called gedit,and sets it, Notepad-style, as the default opener of all text files. Inthis case, the gnomes have taken Notepadness rather too far for myliking. Try opening a 4MB database dump - surely not such a huge thingthese days - and watch gedit die on its backside.
Magic LAMP
To be briefly serious, one of the best things to do with a Linux box is run a few LAMPapplications for your intranet. There is something exquisitelysatisfactory about this. It's like buying one of those plants that looklike a tangle of dead roots, and adding water to see it spring to lifein a blur of green shoots.
One excellent LAMP application to try is MediaWiki,the Wikipedia software. It will take you an hour or so to set up, butonce it is done it will not only serve as an excellent way of creatingan ad hoc documentation system across the department, it willalso give the children something to do on rainy afternoons in theschool holidays, as evidenced by Enid Blyton's masterpiece Five set up a database of erotic classics.
With MediaWiki, the only limit is your imagination. For example, Iam using it to organise my collection of notable corporate letterheads.There is a little overkill here, as it is a collection currentlycomprising just one item, but you must admit it is a good one:
Posted by Editorial Team Sat May 03, 2008 7:15 pm
Page 1 of 35 Goto page 1, 2, 3 ... 33, 34, 35  Next
iVirtua Latest
Latest Discussion

Discuss...
Latest Articles and Reviews

Latest Downloads
Subscribe to the iVirtua Community RSS Feed
Use RSS and get automatically notified of new content and contributions on the iVirtua Community.


Tag Cloud
access amd announced applications author based beta building business card case company content cool core course cpu create data deal dec demo design desktop developers development digital download drive email feature features file files firefox flash free future gaming google graphics hardware help industry information intel internet iphone ipod jan launch linux lol love mac market media memory million mobile money movie music net nintendo nov nvidia oct office official online patch performance playing power price product program ps3 pst publish ram release released report rss sales screen search security sep server show size software sony source speed support technology thu tue update video vista war web website wii windows work working works xbox 360 2006 2007 2008

© 2006 - 2008 iVirtua Community (UK), Part of iVirtua Media Group, London (UK). Tel: 020 8144 7222

Terms of Service and Community RulesAdvertise or Affiliate with iVirtuaRSSPress Information and Media CoverageiVirtua Version 4PrivacyContact