MS Office Zero-Day Under Attack

"Microsoft is warning users to be on the lookout for suspicious Excel files that arrive unexpectedly — even if they come from a co-worker's e-mail address. In an advisory, Microsoft confirmed a new wave of limited "zero-day" attacks was underway, using a code execution flaw in its Microsoft Office desktop productivity suite. Although .xls files are currently being used to launch the spear phishing attacks, Microsoft said users of other Office applications (Word, PowerPoint, Outlook, Access, etc.) are potentially at risk."

Microsoft late Friday warned users to be on the lookout for Excel files that arrive unexpectedly — even if they come from a co-worker's e-mail address.

In an advisory, Microsoft confirmed a new wave of limited "zero-day" attacks was underway, using a code execution flaw in its Microsoft Office desktop productivity suite. Although .xls files are currently being used to launch the spear phishing attacks, Microsoft said users of other Office applications (Word, PowerPoint, Outlook, Access, etc.) are potentially at risk.

Confirmed vulnerable: Microsoft Office 2000, Microsoft Office XP, Microsoft Office 2003, Microsoft Office 2004 for Mac, and Microsoft Office 2004 v. X for Mac.

The vulnerability cannot be exploited on Office 2007 or on Works 2004, 2005, or 2006.

This is the fourth known zero-day attack against the ever-present Microsoft Office suite since early December 2006. The three previous attacks, all aimed directly at specific targets, used rigged Microsoft Word .doc files.

Anti-virus vendor McAfee has issued an alert explaining the attack characteristics, which require than a specially crafted .xls file is opened:

* Unpack the XOR-encrypted shellcode in memory

* Load KERNEL32.DLL using a hardcoded address specific to Windows XP Service Pack 2. On other versions of Windows, Excel will simply crash.

* Create a new fiile in %Temp% op10.exe using API calls - GetTempPathA, and CreateFileA

* Seeks the opened file handle of the XLS file in memory using API call GetFileSize to match a specific filesize.

* Extract the payload from the XLS file and write it into %Temp% op10.exe

* Execute %Temp% op10.exe

Linux Kernel 2.6.20 Released

"After two months of development, Linux 2.6.20 has been released. This release includes two different virtualization implementations: KVM: full-virtualization capabilities using Intel/AMD virtualization extensions and a paravirtualization implementation usable by different hypervisors. Additionally, 2.6.20 includes PS3 support, a fault injection debugging feature, UDP-lite support, better per-process IO accounting, relative atime, relocatable x86 kernel, some x86 microoptimizations, lockless radix-tree readside, shared pagetables for hugetbl, and many other things. Read the list of changes for more details."

In a widely anticipated move, Linux "headcase" Torvalds today announced
the immediate availability of the most advanced Linux kernel to date,
version 2.6.20.

Before downloading the actual new kernel, most avid kernel hackers have
been involved in a 2-hour pre-kernel-compilation count-down, with some
even spending the preceding week doing typing exercises and reciting PI
to a thousand decimal places.

The half-time entertainment is provided by randomly inserted trivial
syntax errors that nerds are expected to fix at home before completing
the compile, but most people actually seem to mostly enjoy watching the
compile warnings, sponsored by Anheuser-Busch, scroll past. 

As ICD head analyst Walter Dickweed put it: "Releasing a new kernel on
Superbowl Sunday means that the important 'pasty white nerd'
constituency finally has something to do while the rest of the country
sits comatose in front of their 65" plasma screens". 

Walter was immediately attacked for his racist and insensitive remarks
by Geeks without Borders representative Marilyn vos Savant, who pointed
out that not all of their members are either pasty nor white.  "Some of
them even shower!" she added, claiming that the constant stereotyping
hurts nerds' standing in society. 

Geeks outside the US were just confused about the whole issue, and were
heard wondering what the big hoopla was all about. Some of the more
culturally aware of them were heard snickering about balls that weren't
even round.

                      Linus

---
Shortlog since 2.6.20-rc7. Fixes, fixes.

There's a full ChangeLog together with the tar-ball and patches, but let 
me just summarize it as: "A lot of stuff. All over. And KVM."

I tried rather hard to make 2.6.20 largely a "stabilization release". 
Unlike a lot of kernels lately, there aren't really any big fundamental 
changes to some core infrastructure area, and while we always have bugs, I 
really am hoping that we fixed many more than we introduced. 

Have fun. And remember: the thousandth decimal is, of course, 9. There 
*will* be a test on this afterwards.

Adrian Bunk (1):
      [NETFILTER]: nf_conntrack_h323: fix compile error with CONFIG_IPV6=m, CONFIG_NF_CONNTRACK_H323=y

Al Viro (12):
      netxen patches
      fix frv headers_check
      mca_nmi_hook() can be called at any point
      ide section fixes
      endianness bug: ntohl() misspelled as >> 24 in fh_verify().
      fork_idle() should be __cpuinit, not __devinit
      __crc_... is intended to be absolute
      efi_set_rtc_mmss() is not __init
      sanitize sections for sparc32 smp
      radio modems sitting on serial port are not for s390
      uml-i386: fix build breakage with CONFIG_HIGHMEM
      fix rtl8150

Alan (3):
      pata_atiixp: propogate cable detection hack from drivers/ide to the new driver
      pata_via: Correct missing comments
      libata: Fix ata_busy_wait() kernel docs

Andrew Morton (2):
      pci: remove warning messages
      revert blockdev direct io back to 2.6.19 version

Auke Kok (1):
      e100: fix napi ifdefs removing needed code

Avi Kivity (1):
      KVM: fix lockup on 32-bit intel hosts with nx disabled in the bios

Bartlomiej Zolnierkiewicz (1):
      via82cxxx: fix typo ("cx7000" should be corrected to "cx700")

Bob Breuer (1):
      [SPARC32]: Fix over-optimization by GCC near ip_fast_csum.

Brian King (1):
      libata: Initialize nbytes for internal sg commands

David C Somayajulu (1):
      [SCSI] qla4xxx: bug fixes

Evgeniy Dushistov (1):
      MAINTAINERS: ufs entry

Frédéric Riss (1):
      EFI x86: pass firmware call parameters on the stack

Guillaume Chazarain (1):
      procfs: Fix listing of /proc/NOT_A_TGID/task

Haavard Skinnemoen (1):
      Remove avr32@atmel.com from MAINTAINERS

Jean Delvare (1):
      via quirk update

Jeff Garzik (1):
      x86-64: define dma noncoherent API functions

Jens Osterkamp (1):
      spidernet : fix memory leak in spider_net_stop

John Keller (1):
      Altix: more ACPI PRT support

Kai Makisara (1):
      [SCSI] st: A MTIOCTOP/MTWEOF within the early warning will cause the file number to be incorrect

Ken Chen (1):
      aio: fix buggy put_ioctx call in aio_complete - v2

Lars Immisch (1):
      [NETFILTER]: SIP conntrack: fix skipping over user info in SIP headers

Li Yewang (1):
      [IPV6]: fix BUG of ndisc_send_redirect()

Linus Torvalds (3):
      Revert "[PATCH] mm: micro optimise zone_watermark_ok"
      Revert "[PATCH] fix typo in geode_configre()@cyrix.c"
      Linux 2.6.20

Magnus Damm (1):
      kexec: Avoid migration of already disabled irqs (ia64)

Matthew Wilcox (1):
      [SCSI] Fix scsi_add_device() for async scanning

Michael Chan (1):
      [BNX2]: PHY workaround for 5709 A0.

Mike Frysinger (1):
      alpha: fix epoll syscall enumerations

Nagendra Singh Tomar (1):
      [SCSI] sd: udev accessing an uninitialized scsi_disk field results in a crash

Neil Horman (1):
      [IPV6]: Fix up some CONFIG typos

Patrick McHardy (5):
      [NETFILTER]: xt_connbytes: fix division by zero
      [NETFILTER]: SIP conntrack: fix out of bounds memory access
      [NETFILTER]: xt_hashlimit: fix ip6tables dependency
      [NET_SCHED]: act_ipt: fix regression in ipt action
      [NETFILTER]: ctnetlink: fix compile failure with NF_CONNTRACK_MARK=n

Peter Korsgaard (1):
      net/smc911x: match up spin lock/unlock

Randy Dunlap (2):
      [MAINTAINERS]: netfilter@ is subscribers-only
      sysrq: showBlockedTasks is sysrq-W

Tejun Heo (1):
      ahci/pata_jmicron: fix JMicron quirk

Vlad Yasevich (1):
      [SCTP]: Force update of the rto when processing HB-ACK

XML::Simple for Perl Developers

"XML has become pervasive in the computing world and is buried more and more deeply into modern applications and operating systems. It's imperative for the Perl programmer to develop a good understanding of how to use it. In a surprisingly large number of cases, you only need one tool to integrate XML into a Perl application, XML::Simple. This article tells you where to get it, how to use it, and where to go next."

Open Source Advocacy Group Quiet About Launch

"Yet another open source advocacy group is in the offing, but trying to keep the lid on until its official launch at LinuxWorld OpenSolutions Summit. Robin 'Roblimo' Miller ferrets out a few details of the nascent Open Solutions Alliance on Linux.com: 'Our anonymous interviewee says 'at least 10' companies have signed up, and that they are 'talking to dozens more.' While he refused to name any participants, Linux.com has confirmed that SpikeSource and JasperSoft are both involved.'" Linux.com and Slashdot are both owned by OSTG.

Fedora Core 7 Test 1 Released

---

Fedora Core 7 Test 1 has started appearing today on the mirrors worldwide, just as I am writing this:

"Just a quick blurb. Fedora 7 Test 1 has been released today. For this particular release, we only did a Desktop spin of the package collection. We are still fine tuning targetted spins of the collection as part of the merger of Core and Extras. We also produced a LiveCD that has the ability to install to your harddrive should you wish."

Fedora Core 7 is promising new features like:

• Rock solid wireless networking support;
• Wireless firmware;
• Pungi will be used for tree building;
• Fast user switching;
• RandR 1.2;
• KVM virtualization support;
• Boot and shutdown speed-up;
• New init system;
• rpm and yum enhancements;
•

libata will be used for PATA support;
• syslog to be replaced with syslog-ng;
• Improved firewire support;
• Real-time kernel;
• Tickless kernel support;
• Fix wakeups across the distribution;
• Encrypted file systems.

The Fedora Core 7 Schedule:

• 23 January 2007 - F7 Test1 development freeze
• 1 February 2007 - F7 Test1 Release
• 20 February 2007 - F7 FEATURE freeze / F7 string freeze / F7 Test2 development freeze
• 27 February 2007 - F7 Test2 release
• 19 March 2007 - F7 translation freeze / F7 Test3 development freeze
• 27 March 2007 - F7 Test 3 Release / Continual freeze. Only critical bugs fixed
• 5 April 2007 - Final devel freeze.
• 26 April 2007 - F7 General Availability

About Fedora Core:

The Fedora Project is a Red-Hat-sponsored and community-supported open source project. It is also a proving ground for new technology that may eventually make its way into Red Hat products. It is not a supported product of Red Hat, Inc.

The goal of The Fedora Project is to work with the Linux community in order to build a complete, general purpose operating system exclusively from free software. Development will be done in a public forum. The project will produce time-based releases of Fedora Core about 2-3 times a year with a public release schedule.

You can download Fedora Core 7 Test 1 now from Softpedia.

You can download Fedora Core 6 now from Softpedia.

Vagina, Not so Well Protected by Its Shield

Gels containing microbicides have been praised as the miracle weapon against catching HIV infection, as they could have been used by the women in the third world by themselves, without the man's agreement, to protect themselves against infection during the sexual act.

The gels are applied intravaginally.

Now, trials of a new type of gel developed to help women protect themselves from HIV were stopped on Wednesday after women employing it got infected by HIV at a higher level than women not using it, as investigators discovered.

The experiments were made on 1333 women in South Africa, Benin, Uganda and India.

“The microbicide gel apparently made the women more vulnerable to the virus, not less vulnerable as intended,” said its makers Polydex Pharmaceuticals, based in Toronto, Canada.

The microbicide gel was

branded with the name Ushercell, and is a cotton-based product that had been checked in more than 500 women without any adverse effect about the risk of HIV infection.

A second testing experiment for the same product has also ceased its checks in 1700 women in Nigeria, out of concern for the women's life, even if in this case, the analyses did not point a higher-than-expected virus infection.

Women who got infected during the trials will receive anti HIV medication, as announced by the researchers.

"While the findings are unexpected and disappointing, we will learn scientifically important information from this trial that will inform future HIV prevention research," said Lut Van Damme, who was leading the trial of the Polydex product.

This is the second time when trials with a microbicide anti HIV vaginal gel or cream suffer spectacular failure.

The other failed product is spermicide nonoxynol-9, although it is still unclear why the product did not work and moreover, increased the risk of infection.

There are other three products in advanced trials, the last one being based on a seaweed chemical called carrageenan.

10 Years of Pushing For Linux — and Giving Up

boyko.at.netqos writes "Jim Sampson at Network Performance Daily writes about his attempts over a decade to get Linux working in a business/enterprise environment, but each time, he says, something critical just didn't work, and eventually, he just gave up. The article caps with his attempts to use Ubuntu Edgy Eft — only to find a bug that still prevented him from doing work." Quoting: "For the next ten years, I would go off and on back to this thought: I wanted to support the Open Source community, and to use Linux, but every time, the reality was that Linux just was not ready... Over the last six years, I've tried periodically to get Linux working in the enterprise, thinking, logically, that things must have improved. But every time, something — sometimes something very basic — prevented me from doing what I needed to do in Linux."

Biodata

Sebenarnya posting ini terilhami posting dengan judul sama di blog teman ku Arthur Renaldy . Jadi pengen naruh deh biodata ke salah satu postingan.

Berikut biodata ku dengan detail dan keterangan sesuai dengan blog temanku Arthur Renaldy

Nama : Raden Mas Yohanes Januar Sabbathano Sudharsono Saputra
Nama Panggilan : Ari, Januar, kake, Kambing, Mbing, kaleng, kuleng, last but not least sayang
TTL : Balikpapan, 21 Januari 1984
Zodiac : Aquarius
Hobby :Traveling, adventure, dan tak terlupakan Ngopi di warung kopi pinggir jalan ama rokok plus kacang ampe pagi

Cita-cita : Jadi Pilot (standart anak2)

Makanan fav. : Apa aja sikat
Minuman fav. : Apa aja sedot
Aktor fav. : Jarang nonton TV, sekalinya nonton TV nonton gosip

Warna fav. : biru
Motto : Achtung (Jangan Lupa berdoa)
Status : Complicated

Binun apa lagi yang mau dibilang, sama ajah kayak inspirasi nulisnya. Kata orang sih "Guru kencing berdiri, murid kencing berlari" (ndak nyambung gitu, lebih bertolak belakang) Apa seh gw jadi ngelindur.

Microsoft Tops Corporate-Reputation Survey

"Microsoft beat out Johnson & Johnson for the top spot in the annual Wall Street Journal survey of the reputations of U.S. companies. Bill Gates's personal philanthropy boosted the public's opinion of Microsoft, helping to end J&J's seven-year run at No. 1. From the article: 'Mr. Gates demonstrates how much the reputation of a corporate leader can rub off on his company. Formerly chief executive officer and now chairman of Microsoft, he contributed to a marked improvement in the company's emotional appeal. Jeanie Cummins, a survey respondent and homemaker in Olive Hill, Ky., says Mr. Gates's philanthropy made her a much bigger fan of Microsoft. "He showed he cared more for people than all the money he made building Microsoft from the ground up," she says. "I wish all the other big shots could do something like this." To be sure, some respondents still complain that Microsoft bullies its competitors and unfairly monopolizes the software business. But such criticism is less biting and less pervasive than it was just a few years ago.'"

Google (and Yahoo) Using Email to Profile You!

A family member (who we’ll call Bob) sent an email to my wife on the subject of Health. It was one-link to a nutrition-site product (sunflower oil and other vitamins). My wife uses Gmail for all her email needs. Bob uses Yahoo for his needs.

The email contained a single link with no other information and not even a signature. The one-link email was flanked on its right side with sponsored links from Google. Ok, this is normal.

What was not normal, and was terrifying was that the ads where for Illuminati, deep secret governments, and a whole host of underground conspiracy ads. My wife was puzzled by the ads because they had nothing to do with nutrition. She knows how the ads should work because she has an Adsense account.

Our curiosity of the misinformed ads grew quickly.

For the heck of it we decided to call Bob and ask him if he was into these types of websites? He said, “That’s where I mostly visit. And how would we know this intimate information?”

We explained; Google reads email content with electronic robots and delivers ads based on ‘The Emails’ content. So if your email is about cats, ads should appear on the subject of cats. Google has always claimed it does not track content of users email. It simply provides content-based ads.

This came as a shock to Bob! He said he spends his life investigating threats to the U.S. constitution and expects that to remain ‘private’ to his household.

With that, we all felt a chill down our spine. How is it that emails from Bob now reveal where he surfs to his recipients?

This is no mistake on Google’s part. They are beginning to profile its users through toolbars, email content, collaboration with Yahoo databases and where we visit frequently. Then targeting our associates to see if they too are interested in the same subject matter? Or is that all its for?

I have never been into conspiracy before, but this smells rotten. We have clear evidence that Google and Yahoo somehow track our behavior “Personally!”

Look at the facts:

1) Bob only uses Yahoo for all his needs. This includes email, surfing and purchases.
2) My wife received the email from Bob in her Gmail account.
3) Yahoo and Google are two separate company’s right?
4) Bob has never revealed to my wife his personal Internet life.
5) Ads about where Bob visits frequently appear where content ads should have under Google sponsored section in Gmail email.
6) Bob confirmed that these are the primary sites he visits.
7) Gmail ads should only be focused on email content.

It is becoming ever clearer to me that we are heading towards George Orwell’s 1984. By the way, I can thank Google for those conspiracy ads, which lead me to this book. What a freekin’ irony!

Google is becoming the threat that so many predicted. I guess I am just starting to wake up.

~ BigD of reflexologynation.com

How To Taste Beer

Tasting beers may seem simple to many: buy beer and drink it. However, there are an increasing number of people who understand that craft beers can be just as complex as some wines. Because so many brewers are starting to put more thought and effort into brewing beer, we as beer drinkers should also think more about what we taste when we drink beer.

Just like tasting wine, there are a few steps that one must go through to fully appreciate what one is consuming. There are many aspects to beer that makes it what it is - appearance, aroma, flavor, and body - and a beer enthusiast should be able to identify many traits of a beer within these components.

The following four steps aren’t that difficult to implement and can make your beer drinking experience a million times better, especially if you like to drink craft beers. On the contrary, these steps could quite possibly make you hate your favorite macrobrewery’s best offerings.

Observe
There are a few things to note when looking at a freshly poured beer. It is very important to pay attention to a beer’s color, clarity, and head retention. Knowing these characteristics of a beer can give you a pretty good foreshadowing of what the beer will be like when you actually taste it.

Disturb
This is obviously the easiest step but nonetheless important. By gently swirling the beer you can disturb it just enough to allow its aromas to be amplified for a moment. Before swirling your beer make sure you have your nose ready to do some analyzing.

Inhale
Many people don’t think of beer as aromatic (except once you’ve had a few too many and you begin sweating) but a beer’s smell is actually pretty important. When inhaling pay attention to whether the beer’s aroma is sweet, floral, spicy, or otherwise - these aromas often hint at what types of malts, hops, and yeasts were used and how it was brewed.

Taste
Obviously tasting the beer is the most fun and first impressions usually mean a lot, so do your best to get the most out of this step. It is important to figure out what is flavoring your beer so take notice to whether the beer is sweet, bitter, or balanced - do this by intentionally forcing the beer over your taste buds. Within a beer’s balance one can typically identify many sub-characteristics. Don’t forget to note what type of feel or texture the beer has. Along with a beer’s overall taste, body is probably one of the only things most people seem to care about, for example: America’s obsession with “light” beers. Much like a beer’s aromatic characteristics, the different parts to a beer’s taste can also tell you much about the beer’s ingredients and how the beer was made.

Hopefully these beer tasting methods will help the next time you drink a beer. I know that when I was first told about them around a year and a half ago I started noticing so much more about my favorite beers and especially beers I was trying for the first time. Once you have started using these four steps, you will eventually be able to break down each step even further, identifying more and more small details about the beer you are tasting. Good luck on your next beer tasting adventure - make sure you put your new knowledge to good use! Cheers!

Creatine Helps Muscles Grow Back

---

Creatine is an organic acid, found naturally in the body, where it helps supply energy to muscle cells, being commonly used as a popular nutritional supplement by body-builders and sprinters to improve muscular performance.

Now, creatine was found to help strengthening muscles in patients with muscular dystrophies.

Countless studies led to the same result: in subjects who practice sports, muscle strength was 8.5 % higher among patients using creatine, compared to sportsmen who did not take this supplement, and the gain of lean body mass was an average of 1.4 pounds (0.56 kg) higher. “Studies show that short- and medium-term creatine treatment improves muscle strength in people with muscular dystrophies and is well-tolerated,” said lead reviewer Dr. Rudolf Kley of Ruhr University Bochum in Germany.

Creatine

is used by athletes looking for short bursts of intense strength, but it turned more popular after the 1992 Barcelona Olympics, when sprinters, rowers and cyclists recognized their creatine including regimens. “Although creatine has been widely studied as a performance enhancer, it’s still not clear if the supplement makes a difference,” according to Roger Fielding, Ph.D., of Tufts University, who made recently a review of creatine treatments for neuromuscular diseases.

Patients suffering from muscular dystrophies usually have lower-than-normal creatine amounts, associated with increasing progressive muscle weakness as their condition advances.

As creatine increases muscle performance in healthy people, scientists supposed it could also help in treating diseases involving muscle degeneration.

Cochrane researchers made a meta-analysis of 12 studies realized on 266 people suffering from various types of muscular dystrophy. The volunteers took creatine supplements for three weeks to six months.

Muscular dystrophies usually emerge as the proteins that build the muscles themselves are either lacking or impaired. In metabolic myopathies, the compound important for muscle function is damaged.

Creatine seems to be beneficial for many patients with muscular dystrophies, but were not proved efficient in the case of metabolic myopathies.

But by now the results are not very consistent and more research needs to be done.

That Hot 'Terminator' Chick Would Like Some Sperm, Please!

---

Some may not know who Kristanna is by name, but seeing her face certainly brings up memories of how she totally kicked Arnold Schwarzenegger's ass in 'Terminator 3: Rise of

the Machines', she playing the bad guy. Sure, the part didn't require that much acting skills on her behalf, seeing that most of the time she was chasing Arnie and beating the crap out of him.

She might not have had too many lines, but her 'performance' was more than mind-blowing, especially in that naked scene. In fact, Kristanna's case is just another one of model-turned-actress for the sake of saying that she has something new to dedicate herself to. The perfect example in this sense is none other than the horror/thriller 'Bloodrayne', a movie one would go and see only out of sheer boredom.

Anyway, Kristanna is also the one who outed 'Lost' and 'The Fast and The Furious' star Michelle Rodriguez, in a November interview with 'Advocate' magazine. At the time, the gorgeous model spoke for the first time about romancing Michelle, hinting that what began as a flirt on the movie set soon became a serious relationship.

In a more recent interview, Loken said that she plans to start a family really soon, which means becoming a mom and committing herself to someone she loves, be it a man or a woman. Seeing that she's a bisexual who's dating a lesbian, that means she would have to find the perfect donor. And that she did! 'I would definitely like to have a family, and whether that's with a man or a woman doesn't really matter to me. I've already got my friend who's going to be the donor, so that's taken care of. Just give me a few years and we'll go from there', Kristanna explained.

However, her current life partner may not be aware of her intentions. Various media outlets inform that Michelle was partying in Hollywood these past days... with another woman! Eyewitnesses say that the actress was at a nightclub, where she treated the guests with a pole dance (like a professional, they say), after which she began kissing one of the women from her entourage.

'She took lemon wedges and greased the pole so she could slide better. She didn't get naked, but she was hanging upside down and twirling around. It was wild. She then made out with this woman who she came in with.', the source says, adding that the woman in question was definitely not Kristanna.

Strong Passwords

Usually, when creating an account you will have to provide a user name and a password. I say “usually” as sometimes these are generated automatically and sent to you. Most users choose a regular ID (username), something representative (in the case of automatically generated IDs, it will usually be your email address).

With passwords, things are a bit more complicated as the protection of a sensitive content is one feature that should be available.

When it comes to cracking a password, hackers use two methods: password recovery and “brute force” repetitive. The first one consists in making the system believe that the hacker is an authorized user or administrator. Brute force is actually a software that repetitively processes letter, number and symbol combinations for finding the right elements of your password (it can try hundreds of passwords per minute). Given the adequate dictionary (sometimes the hacker may know a little about your habits and way of thinking) and enough time, any password can be cracked.

So why password protection if it is impossible to keep your data safe by simply applying a countersign? The only element that will discourage hackers from cracking your password is time. A weak password can be learned in just a few minutes (that is something any hacker has) while a very strong

one can take up to days. The stronger the password, the more time will be needed to crack it. After a couple of hours, most criminals give up if the "pot" is not important enough.

A weak password is actually any word or expression. But the key to an excellent countersign is for it to be lengthy and incorporate as many symbols (“@”, “#”, “*” etc.) or special characters, period, comma, hyphen, space bar) and letters (both upper and lower case) as possible. The difficulty resides in the fact that one has to use all of these elements in a password that is easy to remember.

Creating a weak password is easy, as you can choose any word you want. Browsing over the Internet I learned that a six characters password is only OK, which in my opinion means it is fallible. A ten characters pass key is considered to be good by the majority, while a 15 characters long countersign is unanimously considered to be the best (at 14 characters and less Windows passwords are scrambled as hashes and stored in hidden Windows system files, but Windows will not store hashed passwords of 15 or longer characters). Even Microsoft acknowledges that a 15-character password with only random letters and numbers is 33,000 times stronger then an 8 characters pass with elements from the entire keyboard.

Unfortunately, some computers or online systems have a limit in what concerns the length of the countersign and a 15-character password is not supported. However, you can use all sorts of tricks for creating a strong, memorable countersign with less then 15 characters (you have the keyboard and your imagination to use).

First of all, think of a word or multi-word phrase that is meaningful to you. It doesn't matter how lengthy it is, but don't turn it into a paragraph. In my example, I will stat from “softpedia”. This password, despite the fact that it has 9 characters, reached only weak level on the strength scale provided by Microsoft. By making different combinations of characters on my keyboard, I will try to pump it up to strong level.

The first step is combining upper case letters with lower case ones, so the result should look like this: “SoFtPeDia”. This simple trick already pumped it to medium level. Combining and replacing the letters with symbols and special characters will contribute to enforcing your password. Changing “e” with “3”, “a” with “@”, “1” or “i” with “!” or turning “g” into “6”, “s” into “$” and “o” into “0” (zero) can result in creating strong passwords.

By following the above mentioned strategy and replacing the letters with other characters I should now get “$0FtP3D!@”. It looks good and the effects of the changes brought my password to strong a level of security. And to get it to best security level all I have to do is add “eez#1”. This way, I have turned a phrase (“Softpedia is number one”) into a very hard to crack password (“$0FtP3D!@eez#1”). There are 14 characters, but by adding spaces between the words, you can ensure it not to be hashed and deposited in Windows hidden system folders.

Generally, you should avoid creating passwords by using repetitive (1111) or sequential numbers (123456). It has been proven that a blank password (no password at all) is more effective. Just misspelling a word or typing it by replacing the letters with symbols or numbers will not fool a good hacker, but used together will definitely concur to creating a strong countersign.

Contrary to the popular belief that passwords should not be stored on paper, it has been proven that countersigns saved this way benefit from a better protection then if stored in password managers or somewhere on the computer. Of course, writing the password on a piece of paper and not keeping it in a safe place will also result in weak security and all the trouble of making it strong will be useless.

7 Ways to Be Mistaken for a Spammer

"The "This is Spam" button popping up on many service providers' email services can be empowering for a user, but it can also be the kiss of death for a legitimate business that gets canned with a click of that button. Dark Reading has a story on seven common missteps that can lead to a case of mistaken spammmer identity for a legit business trying to send its marketing email, newsletters or other correspondence."

Why Is It Beneficial to Have a Stable Sex Partner?

---

Living in couple means investing your genes in just one variant, and, like a gambling, he/she may be the best, right, not right or the worst.

But there must be an advantage in forming a monogamous pair, besides securing a sex partner, because animals have sex just during the mating season. Otherwise, they wouldn’t exist.

This is a scene not very rare in the African reserves: a herd of lions is devouring a zebra corpse, when suddenly, in the middle of the feast, a female jackal appeared, right under the nose of one lion.

The pissed off lion charged roaring towards her, but the little thief avoided it. At the same moment, another jackal appeared, stole a piece of meat and ran with it. A few hundred meters away, the male jackal shared its prey with its partner, which helped it in this diversion. On the way to their den, an eagle attacked the male jackal, thrusting its claws into its back. Then the female rushed, jumped and hit the eagle with such a power, that the eagle released its claws from the jackal’s fur and rolled over the ground.

Few days later, the male was turning back from a hunt while he found a hyena, three times his size, trying to dig up the den and eat the female.

Only the back of the hyena was visible and the male inflicted to powerful bite to the hyena’s bottom.

The hyena jumped like it would have been

burnt and turned around preparing to attack.

The next moment, the female leaped out of the den and together with its partner managed to chase away the hyena.

It’s clear: a pair achieves more food and survives better than the bachelors. That’s why the jackals spend every morning about 30 minutes grooming each other (photo above), an activity that strengthens the bond between the two.

The “married” jackals were found to live on average 3-4 years more than the solitary ones.

Of course, this is available for other mammalian species forming couples, too.

Amongst the monkeys of the Old World, only the gibbons form stable monogamous pairs (photo center).

After the age of 18, for the “married” gibbons the retirement period starts.

They can no longer produce offspring, losing the parents quality, but they are accepted by the “family” of one of their offspring, as grandparents.

This way they profit from the community protection and when it’s about feeding, they can get some scraps.

The solitary gibbons do not pass the retirement age, as they won’t be able to defend and feed themselves.

Couple life is rather rare amongst mammals, being found amongst some carnivores, monkeys and antelopes (dik-dik). In birds is something much more common.

The families can form colonies, which can be huge in the case of the marine birds (like gulls, albatrosses, petrels, penguins, auks and others), but not necessarily (crows, weavers).

In the case of the gulls nesting on steep rocks in the Northern Atlantic, the advantages of a marriage are huge.

There are many gulls looking for the best spot, but only the stable couples manage to keep their nest: while one is gone searching for food, the other remains guarding.

Lone gulls often lose their sleeping place, and the worst places are those where there is the risk of being hit to the rocks during the storms and die.

Some gulls simply can’t find the right partner.

In this case, the marriage is a continuous quarrel and the partners die at an early age.

Growing offspring would be less costly than family fight.

Researchers found that “married” gulls reach the age of 26, while the bachelors and the quarrelsome barely overpass eight.

The macaws (photo below) not only marry, but they also plan raising offspring.

A pair that lives harmoniously can reach 45 years.

Macaw females lay just 2 eggs, once every five-seven years.

This way, a density of three macaw pairs at five square kilometers is maintained naturally.

They are equally peaceful with their neighbors as they are inside their family.

And their croaking, which can last for hours, is not a fight but simply their way of making love declarations, declarations that last till they die.

Why "Yahoo" Is The #1 Search Term On Google

"Google Trends indicates that over the course of the past year the search term "Yahoo" became more popular than "sex", making it the #1 query on Google. Yahoo apparently faces a similar dilemma with roles reversed: When you search for "Google" on Yahoo, Yahoo thoughtfully displays a second search box as if to tell you, "Hey cutie, you have a search engine right in front of you!" A puzzling phenomenon? An strange aberration?"

A New Cyclic Anti Big-Bang Theory

A team at the University of North Carolina has proposed a new theory that shows the universe can endlessly expand and contract, contradicting the Big Bang theories and responding to a thorny modern physics problem.

The new cyclic model is made of four key parts: expansion, turnaround, contraction and bounce.

During expansion, dark energy, the mysterious force provoking the universe to expand at a speedy rate, expands until all matter fragments into patches so far apart that there's no matter to bridge the gaps and everything from black holes to atoms disintegrates, a phase called turnaround.

At that point, each fragment contracts individually instead of pulling back together in a reversal of the Big Bang, turning into an countless number of independent universes that contract and then start bouncing outward, reinflating in a manner similar

to the Big Bang.

Our universe would be one of these patches. "This cycle happens an infinite number of times, thus eliminating any start or end of time," said Dr. Paul Frampton, professor of physics. There is no Big Bang."

“Cosmologists first offered an oscillating universe model, with no beginning or end, as a Big Bang alternative in the 1930s. The idea was abandoned because the oscillations could not be reconciled with the rules of physics, including the second law of thermodynamics,” Frampton said.

The second law says entropy (a measure of disorder) can't be erased; instead, it grows from one oscillation to the next and the universe increases with each cycle. "The universe would grow like a runaway snowball," Frampton said. "Extrapolating backwards in time, this implies that the oscillations before our present one were shorter and shorter. This leads inevitably to a Big Bang," he said.

As this theory says each "causal patch" turns into a separate universe, then each universe would contract essentially empty of matter and entropy. "The presence of any matter creates insuperable difficulties with contraction," Frampton said. "The idea of coming back empty is the most important ingredient of this new cyclic model."

"I suddenly saw there was a new way of solving this seemingly impossible problem," he said.

"I was sitting with my feet on my desk, half-asleep and puzzled, and I almost fell out of my chair when I realized there was a much, much simpler possibility."

The new theory also changes the model about the dark energy's equation of state, describing its pressure and density, assuming for it always a value below -1, in contrast to a 2002 similar cyclic model which stated an equation value never below -1. The negative value of the equation stops the universe from blowing itself apart irreversibly in a "Big Rip."

This way, the density of dark energy is similar to the density of the universe and the expansion phase ceases just before the Big Rip. “New satellites currently under construction, such as the European Space Agency's Planck satellite, could gather enough information to determine dark energy's equation of state,” Frampton said.

Charge your Mobile Phone with your Bike

 

Now this is one to talk about and it comes in the form of pedal power, think about this you are out and about on your bike and you stop for a little while for a break you then get your phone out and the battery is low you get annoyed and you have to pedal all the way back home because you need to charge your phone up, well not any more you can still stay out and enjoy your ride.



Motorola have just recently designed a docking station for your bicycle which attaches to your bike and by pedalling like you do when your out will then charge you mobile phone up. Now that is cool and that is a gadget.

Would you buy one?

The Road to KDE 4: Kalzium and KmPlot

Since not all of the development for KDE 4 is in base technologies, this week features two of applications from the KDE-Edu team: Kalzium, a feature-filled chemistry reference tool, and KmPlot, a powerful equation graphing and visualization program. Read on for the details.
These educational tools have received a lot of work for KDE 4. In particular, Kalzium and KmPlot developments are happening at an amazing rate.
Kalzium (the German word for Calcium) has been a part of KDE since version 3.1 and is now one of the most useful applications developed by the KDE-Edu team. Initially it was just a program that displayed the periodic table, alongside some useful numbers like atomic weights, boiling points, etc. It was later extended to include a lot of background information on the elements, and more detailed chemistry information (such as emission spectra) which made it a very useful chemistry reference.

In KDE 3.5.5 (which I used for these screenshots, even though 3.5.6 was released last week), Kalzium looks something like this when first loaded:

Click for fullsize.

You can see that the interface is pretty simple, and presents a lot of information. If you click on an element it brings up even more information on its properties.

The main user interface in KDE 4 does not look that different, except for the fact that Qt 4 introduces some appearance changes, and there are some more icons (some that haven't been drawn yet) in the toolbar. Here's a peek at Kalzium in the KDE 4 development series:

Click for fullsize.

So Kalzium is visually quite similar between versions at this point. However, the important thing to note in the KDE 4 screenshot is the tools menu. In KDE 3.5.5, this menu contains only Plot Data and Glossary.

Plot Data shows the elements plotted in a variety of useful ways, such as mass, radius, electronegativity, etc. while the Glossary shows definitions for many of the more common chemical terms. It is apparently missing the above mentioned electronegativity, so evidently there is still room for improvement here. Making improvements to the Glossary would be a great opportunity for a chemistry-inclined person to contribute to Kalzium in KDE 4 without having to be a programmer.

Anyway, back to the new tools. I'll focus on a few of the newly developed tools that will make Kalzium even more useful in KDE 4:

The isotope table will display a list of isotopes and their decay methods - as a geologist for example, it is important for me to know that Potassium-40 usually decays by electron capture.

The new equation solver is also quite useful, as seen in the following screenshot provided by Kalzium lead developer Carsten Niehaus:

You basically just punch in a chemical equation leaving letters in place of the numbers you are looking for, and it spits out a response. In high school chemistry, students are expected to be able to solve these sorts of equations manually, but like most equations, once you solve enough of them, it simply becomes tedious. This equation solver can save a lot of time for complex equations.

And finally, the most visible change to Kalzium is the inclusion of the Kalzium 3D work, which turns the program into a 3D molecule viewer. Initially, it was developed by the Kalzium developers for use in this application only, but some collaboration has since happened and it will now be using libavogadro a library jointly developed by the Kalzium and Avogadro developers.

According to the Kalzium developers work is progressing on porting the 3D modeller to use libavagadro, an effort led by Donald Curtis, providing a more general/powerful framework for rendering/manipulating molecules with Qt and OpenGL library. It is shared between Kalzium and Avogadro (and more). Avogadro is a much more advanced molecular modelling programs, useful for creating the actual molecule files, and doing quantum chemistry. Kalzium 3D will simply act as a viewer for files constructed using these programs.

Kalzium developer Benoît Jacob submits the following screenshot showing the 3D molecule viewer in action using the new Kalzium 3D functionality. This functionality is already SVN as this article goes to press, however work continues with libavogadro integration.

Click for fullsize.

Kalzium will likely ship with a library of common molecules ready to view provided by the BlueObelisk project. Thanks to the OpenBabel library, it should also be able to open molecule files in a huge variety of formats (I counted 62 file formats that it already supports).
On to our next KDE-Edu feature: KmPlot. For a while already, this application has had the ability to plot regular functions, parametric functions, and polar functions, as well as show derivatives (or regular functions) and a few other goodies. It has been useful as an equation visualization tool, but the interface has been awkward, with many little cluttered dialogs to fight with.

Below is KmPlot in KDE 3.5.5 with it's default settings, and three functions plotted, one of each type:

The dialogs used to plot these equations look something like this, except there is one unique dialog for each type of plot:

Here's a quick look of the new KmPlot interface with the same three functions plotted. No more dialogs to mess with, and the plots can be in shapes other than square! Plus Qt 4 gives everything a nice anti-aliased touch.

Click for fullsize.

KmPlot has received a huge amount of work, and should be one of the KDE 4's killer apps for students, engineers, and more. It plots differential equations now, has a new equation editor, and (as seen in the above screenshot) gives tips as to how to correct your equations.

The new equation editor is shown below with a differential equation being edited:

As you can see, it's much easier to enter an equation when you can design the functions in a nice syntax checking editor like this one. There is a lot more work going into KmPlot than I can describe in just this article, so if you are interested in more information, check out its development status page.
KDE-Edu is a growing project, with many great applications being developed for a wide variety of age groups. They will have support for Windows and Mac as well, thanks to the improved QT 4 and KDE 4 libraries, and should become more popular programs as a result. Since there is so much great work happening here, expect some other KDE-Edu applications to show up in future articles.