diff options
Diffstat (limited to 'wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri')
15 files changed, 74 insertions, 0 deletions
diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecard1.jpg b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecard1.jpg Binary files differnew file mode 100644 index 0000000..512a5c7 --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecard1.jpg diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecard2.jpg b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecard2.jpg Binary files differnew file mode 100644 index 0000000..8e3c331 --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecard2.jpg diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecard3.jpg b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecard3.jpg Binary files differnew file mode 100644 index 0000000..1c087ce --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecard3.jpg diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecard4.jpg b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecard4.jpg Binary files differnew file mode 100644 index 0000000..7617787 --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecard4.jpg diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecards.jpg b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecards.jpg Binary files differnew file mode 100644 index 0000000..34b13e4 --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecards.jpg diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecards5.jpg b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecards5.jpg Binary files differnew file mode 100644 index 0000000..925fb99 --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/ecards5.jpg diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/gdesk.jpg b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/gdesk.jpg Binary files differnew file mode 100644 index 0000000..1b03667 --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/gdesk.jpg diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/googledesk.txt b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/googledesk.txt new file mode 100644 index 0000000..2c14c6c --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/googledesk.txt @@ -0,0 +1,29 @@ +Just days after vulnerabilities were discovered in Google's toolbar for Firefox, hacker Robert Hansen has discovered that a similar exploit could be launched against Google's popular Google Desktop tool. + +Hansen has posted a [proof of concept attack][1] that shows how malicious crackers could use Google Desktop to launch software on a victim's computer (video after the jump). As zero day exploits go this one is pretty complicated and so far as anyone knows hasn't been used in the wild. + +However, given the growing popularity of apps that bridge the online/offline gap, it's likely that such attacks will become more common. + +In the case of Google Desktop Hansen outlines the steps involved: + +>* User goes to Google and performs a search. +* Man in the middle detects the action and proceeds to inject their own content. +* The attacker injects a piece of JavaScript that creates an iframe to the target URL as well as makes the iframe follow the mouse (typically this would be invisible to the user, but for demonstration purposes I made it visible). +* He then frames another search query to correctly position the content inside the follow mouse script. +* As the evil search query loads, he injects a meta refresh to reload the same page forcing Google Desktop to load. In the example video below I am launching hyperterm, but you could make it any program already installed on the victim machine that is indexed by Google Desktop. +* User inadvertently clicks on evil Google Desktop query which actually runs the associated program. + +Obviously there are easier ways to attack a PC and it doesn't appear that an attacker can install any unauthorized software, but the attack does show the sorts of exploits that become possible with the merging of web-based and desktop software. + +So far Google has not commented on the issue. + +Earlier this week Christopher Soghoian (of [boarding pass exploit fame][3]) showed vulnerability in Firefox add-ons that allow for a similar "man-in-the-middle" type of attack which *could* be used to install malicious software. + +A video of Hansen demonstrating the attack is embedded below. + + +<embed style="width:400px; height:326px;" id="VideoPlayback" type="application/x-shockwave-flash" src="http://video.google.com/googleplayer.swf?docId=2726113702646327649&hl=en" flashvars=""> </embed> + +[2]: http://blog.wired.com/27bstroke6/2007/05/google_yahoo_fa.html "Google, Yahoo, Facebook Extensions Put Millions of Firefox Users At Risk -- Updated" +[3]: http://www.wired.com/science/discoveries/news/2006/10/72023 "Boarding Pass Hacker Under Fire" +[1]: http://ha.ckers.org/google-desktop-0day/ "Google Desktop 0day"
\ No newline at end of file diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/livemail.txt b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/livemail.txt new file mode 100644 index 0000000..a00a6c8 --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/livemail.txt @@ -0,0 +1,16 @@ +Microsoft has released a beta for its new email client intended to replace the barely four month old Windows Mail which debuted with Vista. The new [Windows Live Mail][1] beta (note the addition of "Live" in the name) is now available for download. + +As we mentioned [earlier this month][3], Microsoft intends to replace Vista's Windows Mail with Windows Live Mail (WLM), which offers a Vista Aero interface and, according to Microsoft, better performance. WLM also works on Windows XP where it is intended to replace Outlook Express. + +The new e-mail client handles POP, IMAP and Windows Live Hotmail accounts. + +Microsoft is pushing WLM's integration with other Live services, particularly Windows Live Messenger, Spaces (the little know and little used blogging host and Windows Live Contacts as reasons for users to upgrade. + +At the moment Windows Live Mail is beta software and there have been [reports of problems][2] on the Microsoft discussion boards, including installation crashes and the need for multiple reboots. Should you encounter problems you can always revert back to your old e-mail client since WLM won't delete any existing programs. + +If you're feeling brave, you can [grab the new beta][1] from the Microsoft site. + +[1]: http://get.live.com/betas/maildesktop_betas "Windows Live Mail Beta" +[2]: http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.windows.live.mail.desktop&cat=en_US_0405EAE1-3A5E-559F-59E6-B48513D5B57E&lang=en&cr=US "Discussions in Windows Live Mail Desktop" +[3]: http://blog.wired.com/monkeybites/2007/05/hotmail_joins_w.html "Hotmail Joins Web 2.0 World" + diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/p0.jpg b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/p0.jpg Binary files differnew file mode 100644 index 0000000..6bad879 --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/p0.jpg diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/p1.jpg b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/p1.jpg Binary files differnew file mode 100644 index 0000000..29d2935 --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/p1.jpg diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/p2.jpg b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/p2.jpg Binary files differnew file mode 100644 index 0000000..4de0a65 --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/p2.jpg diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/parallels.txt b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/parallels.txt new file mode 100644 index 0000000..6c968ef --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/parallels.txt @@ -0,0 +1,18 @@ +Parallels has announced the release candidate for the next version of Parallels Desktop for Mac. The final version of Parallels 3.0 is expected to arrive in the next few weeks and will bring support for 3-D graphics as well as two major new features -- SmartSelect and Snapshots. + +The graphics support should be welcome news for gamers as Parallels 3 will offer support for both DirectX and OpenGL graphics in the virtual machine. At the moment Vista's Aero interface is still not supported, though the Parallels site says it's in the works. + +Of the two major new features the most interesting is SmartSelect which allows users to map files on the Mac desktop so that they automatically open in Windows apps. For instance you can set all your .doc files to open in Microsoft Word 2007 and the virtual machine will launch whenever you double clicking a Word document. + +Having to manually launch Windows apps and then open files was the main reason I abandoned Parallels a while back, so I'm look forward to testing the new version when it officially arrives. + +The other noteworthy new feature is Snapshots, which offers the ability to save the state of a virtual machine and roll back to the saved state whenever you get a virus, er, need to. + +There are an additional 50 or so new features in the new release, as well as about a 100 bug fixes, which you can peruse in the release notes. + +If the announcement alone has sold you, Parallels is offering version 3 at the discount upgrade price of $40 until June 6. After that it'll be $50 to upgrade and $80 for a brand new copy. We'll be sure to give the full rundown when the public release arrives. + +screenshots from the Parallels site: + +[1]: http://www.parallels.com/en/products/desktop/upgrade "Parallels 3 release notes" + diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/someecards.txt b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/someecards.txt new file mode 100644 index 0000000..15672b0 --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/someecards.txt @@ -0,0 +1,11 @@ +If all this amazing mapping technology we've seen his week has your head spinning (and your tin foil hat just isn't assuaging the increasing paranoia), it's time to [head over to someecards.com][1] and bombard your friends with hilarious, albeit often insulting, ecards to lighten the mood. + +For the record I really dislike e-cards and had never sent one until I stumbled across someecards.com a couple weeks back. Something about the combination of snarky wit and hilarious illustrations won me over. (I should probably point out that some of the cards may qualify as NSFW or, at the bare minimim, offensive) + +The site appears to be relatively new and in the two weeks since I discovered it the number of cards has more than doubled. The site founders claim "new cards, categories, and features will be frequently added until everyone involved with the site dies." + +With graduations in full swing and Father's day just around the corner why not add a bit of humor to the mix? Or alienate your family and friends, as the case may be. + +My personal favorite is the one at the top of the post, but here's a couple more: + +[1]: http://www.someecards.com/ "someecards"
\ No newline at end of file diff --git a/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/wlive.jpg b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/wlive.jpg Binary files differnew file mode 100644 index 0000000..37dbd07 --- /dev/null +++ b/wired/old/published/Webmonkey/Monkey_Bites/2007/05.29.07/Fri/wlive.jpg |
