From: ZDNet News > Security –

Microsoft (MS) addressed 20 flaws, in its Windows operating system and other software applications, in a collection of 11 separate patches released yesterday under its regular monthly ‘Patch Tuesday’ Security Bulletin.

As ZDNet’s Robert Vamosi reports, MS rates four of the patches ‘critical’.

As part of its new policy to share details of patches and the flaws they address, MS this month inaugurated a new ‘exploitability index’ in its patch report – a further refinement of its existing danger rating system which labels threats ‘critical’, ‘moderate’ or merely ‘important’. The new index indicates, on a scale of one to three, how likely MS feels that a given flaw will be exploited by hackers, as opposed to the ‘Critical / Moderate / Important’ system, which indicates how serious the damage might be if the flaw is exploited.

As usual, all the new MS patches are available at the Windows Update Web site. If you haven’t set your Windows computer to auto-update, you can get the patches manually by clicking on Windows Update in your Start menu.

The Microsoft Security Response Centre (MSRC) today warns of a new security threat to Windows users.

Hackers are apparently mass-emailing millions of computyer users with a fate notification that includes an executable attachment. Far from being a legitimate MS patch or update, the file is actually a hacker tool known as Backdoor:Win32/Haxdoor. If run by the email recipient, this file installs software on their computer that allows hackers to remotely hijack the system and use it, undetected, as a platform to broadcast spam or to assist in taking over other computers.

MSRC spokesperson Chris Budd assures users that the infection is detected by Windows Defender, the Microsoft Malicious Software Removal Tool (MSRT) and the Windows Live OneCare system. But the best defense is to avoid letting the bug onto your system in the first place.

Late last week, a similar hacker scam surfaced, hiding a system-hijacking download in a fake YouTube notification email.

A new report commissioned by the European commission warns that millions of European children and youths are at risk of permanent hearing loss if they listen to portable music players at high volume levels for as little as five hours per week. Researchers point out that the risk of hearing loss is increasing in direct proportion to advances in portable player technology which allow music to be played at higher and higher volumes.

The report, released yesterday, notes that between 50 and 100 million European residents use portable music players daily. Hearing damage figures were estimated at between five and ten percent of that total.

Researchers also cited cell phones as a hearing loss risk, since some models can also be used to play digital music at high volume levels. They roll all types of potentially-damaging, high-volume sound to which young people may be exposed into a new category dubbed ‘leisure noise’.

From: NEWS.com and Reuters –

U.S. President George W. Bush signed two new bills into law yesterday, both of which tighten monitoring of Internet predators.

As NEWS.com correspondent Stephanie Condon points out, one of the bills has definite political overtones. The Protect Our Children Act contains a variety of provisions, some introduced by none other than Democratic VP nominee Joe Byden, Democratic Presidential primary candidate Hillary Clinton and Republican Presidential candidate John McCain.

The other new law, the Keeping the Internet Devoid of Sexual Predators [KIDS] Act, requires all convicted U.S. sex offenders to register all of their Internet ‘identifiers’ with the U.S. National Sex Offenders Registry.

Reuters reports that Bush also signed into law a controversial new anti-piracy law (the PRO-IP Act), which tightens existing laws designed to fight piracy and counterfiting, and creates an intellectual property ‘czar’ to report directly to the U.S. President on matters relating to the security of the international copyright system.

The Recording Industry Association of America, the Motion Picture Association of America and the U.S. Chamber of Commerce all backed the new anti-piracy act, the chamber of Commerce noting that media piracy costs the U.S. economy an estimated 4260 billion annually.

That’s right! The big news in the digital universe this morning is that Miscrosoft — perhaps after enduring increasing ridicule and criticism over the ‘asperational’ names it’s attached to recent versions of its flagship operating system — has decided to simply call the next full version ‘Windows 7’.

Mike Nash, Corporate Vice President, Windows Product Management, officially leaked the decision this morning via a post at the official Windows Vista Team Blog.

Quoth Nash:

“The decision to use the name Windows 7 is about simplicity. Over the years, we have taken different approaches to naming Windows. We’ve used version numbers like Windows 3.11, or dates like Windows 98, or ‘aspirational’ monikers like Windows XP or Windows Vista. And since we do not ship new versions of Windows every year, using a date did not make sense. Likewise, coming up with an all-new “aspirational” name does not do justice to what we are trying to achieve, which is to stay firmly rooted in our aspirations for Windows Vista, while evolving and refining the substantial investments in platform technology in Windows Vista into the next generation of Windows.”

Now, if only they can extend their commitment to simplicity to streamlining the code and making Windows 7 a lot faster to start and run…

Based on past experience, Windows watchers aren’t holding their breath.

For some children the Internet is a valuable tool to help with homework, for others its entertainment and, unfortunately, for some it’s also the babysitter. As a parent, what do you need to know?

When it comes to email, instant messengers, and chatrooms, the technology varies, but the safety issues are much the same: Do you, or your children, actually know who they are communicating with? Talking to friends from school, who they already know in person, is generally safe. However, the other ‘twelve-year-old’ that your child ‘meets’ in an online chat room may in fact be someone playing a practical joke or a pedophile intent on luring children.

Some online games are great for kids, but others aren’t. Parents need to take the time to understand what the game is about, how it is played, who the other players are, and how these other players interact with their children.

Downloading music and videos presents two problems. First — although not the issue that strikes fear into most parent’s hearts — a lot of the music floating around the Internet is there illegally through copyright violations. Second, most of these files are traded using so-called ‘peer-to-peer’ software. These packages have been known to contain viruses, trojans, and other malware. And that’s a problem.

People who wouldn’t even consider permitting their child to play with the contents of their filing cabinet do precisely that electronically. Allowing your child to use the same computer that you use for work or to manage your personal finances is just asking for trouble. If you think that you’re saving money by not buying a family computer, consider this: If your child accidentally deletes your accounting files or other important business information, it could easily cost you upwards of two thousand dollars to have your data recovered, if it is even possible.

Then there’s the Web. Is it an amazing source of educational information on just about every topic you can imagine, or is it a cesspool of ignorance, hatred, obscenity, and misinformation? The answer, of course, is ‘yes’. Compared to print media, publishing on the Web is dirt cheap. Just about anyone can set up their own Web site and publish their own version of reality. For parents and educators, this is both a curse and an opportunity. On one hand, we need to exercise constant vigilance to ensure that our children are getting credible and correct information. On the other hand, it’s also an opportunity to help children understand that, just because it’s been written, doesn’t mean it’s true. These lessons apply equally to television, radio, books, magazines and newspapers.

So what can parents do? First and foremost, supervise your children. Explore the Internet with them. No piece of hardware or software takes the place of a parent sitting beside their child, using the Internet together. Second, consider content filtering software like NetNanny or CyberPatrol. While it’s true that these applications won’t catch everything that your child shouldn’t see, they certainly help. Third, set limits and enforce rules. Whether you should do that with a signed agreement, a written set of rules or verbally depends on your child and parenting style. However, as a parent, it’s your child and your responsibility.

Next Monday, I’ll post my Internet Safety Tips for parents.

A nefarious new hacker tool now circulating on the Net lets baddies create ‘perfect’ replicas of YouTube pages which can allow the hackers to enslave the computers of unwitting video fans.

Online security watchdogs warn users to beware of certain e-mails containing links to YouTube videos. Such e-mails are commonly used to advise friends and subscribers to YouTube sites of the availability of new videos. But the hacker version of the e-mail advisory links recipients to a fake YouTube error page saying that the video requested cannot be viewed without new or updated software. The new software is actually a hacker kit allowing the baddies to recruit the user machine as a secret slave, to blast out mass e-mails or help the hackers invade more computers.

After the hacker software is downloaded and installed, the fake YouTube page finally displays the video that the e-mail advertised in the first place. And users are totally unaware that their computers have been hijacked.

There are some simple ways to avoid this new wrinkle on an old hacker trick.

First, once you’re at the fake site, you’ll notice that the browser destination bar doesn’t show the real YouTube URL.

And it’s just generally a good idea to avoid downloading any software on an on-the-fly basis, especially stuff that’s being pushed at you via unsolicited e-mails!

From: CNet News > WebWare –

Google has launched a new service that inserts ads into games. AdSense for Games is still in beta, but the buzz in the game industry is already building.

Observers had been wondering what Google was going to do with AdScape, the small company that developed the core technology behind AdSense for Games, which Google acquired for a cool $23 million over a year and a half ago.

AdSense for Games can insert a variety of types of ads into Flash-based games. Demonstrations showed casual games aimed at both kids and adults.

Adobe has issued a security advisory describing a Flash Player bug that could let hackers take over control of users’ Web cams and computer microphones. Adobe cautions that the bug effects all browsers and all operating systems.

The problem starts with what’s known as a ‘clickjacking’ attack, in which baddies lure users to click unknowingly on hidden links or buttons in doctored Web pages.

At the time this story was written, Adobe had come up with a work-around to help users avoid getting victimized by intruders but had not yet issued a patch for Flash Player to fix the underlying problem.

The workaround is explained in the advisory.

Remember that promotional spot, for a certain cable TV network, which popularized the slogan, “Merlot and e-mail don’t mix”?

Now, GMail has instituted a new ‘feature’ for its users designed to save you – whether you’re in the heat of passion, the depths of a depression or the throes of exhaustion – from sending messages you might regret later.

The Official GMail Blog brings word today of Mail Goggles, designed to make you pause for sober second thoughts before actually sending a message.

When you enable Mail Goggles, it’s set by default to keep an eye on you during the wee small hours of the late night/early morning. But users can specify the days of the week and times of day when they want to be protected from themselves.

The operational concept behind Mail Goggles is simple. The system simply jumps in after you hit the send button making you solve what the lottery people call a ‘skill-testing question’ – a series of simple mathematical problems designed to make you focus mentally and give you a few moments to reflect on the advisability of the e-mail you just tried to blast out.

Mail Goggles is currently in beta. If you’re a GMail user, go have a look and give it a try. You may well thank yourself later!

From: The Daily Telegraph –

In a (relatively) rare interview, Apple’s other Steve – co-founder Wozniak – opens up to the UK’s Daily Telegraph on a wide range of issues including his relationship with Apple’s iconic CEO, Steve Jobs, his take on the iPod and iPhone phenomena and how the current economic situation is effecting the technology community.

Wozniak says he’s amazed that the iPod almost instantly became the ‘Xerox’ of the portable media player market and has managed to stay on top of that game so long. On the iPhone, Apple’s other break-out, non-computer product, Wozniak lauds its revolutionary touchscreen interface but also points out what he considers limitations in the latest 3G model. But he’s still a big fan. Back when the iPhone first came out, he enthused that it was the first device he had tried that made Web surfing on a handheld comfortable.

Woz, as he’s commonly known among associates and hard-core Apple fans, has styled himself as ‘retired’ for some time, now. Always the quiet, retiring partner in the early history of Apple Inc., he let Jobs do the talking but didn’t always agree with his flamboyant partner. In fact, the two Steves have been described by journalists and associates as ‘polar opposites’ in character. Nevertheless, he credits Jobs for building Apple into a billion-dollar business legend that’s made Jobs and Woz very wealthy men.

But Apple has not escaped the effects of this year’s economic slump. In fact, its shares have fallen in value by almost fifty percent, from a high earlier this year of about $170 to around $100 currently. And Woz admits that he fears the so-called Web 2.0 revolution may fall flat — too much capitalization producing too few real products or services, possibly leading to a tech market crash.

On a more optimistic tack, Woz looks forward to a bright future overall for the tech sector, provided the leaders, such as Apple, listen to their customers and continue to offer new products that users consider both desirable and useful. Though he doesn’t reveal any details of the next big product Apple is currently developing, Woz does hint at an even smaller, wearable iPhone – perhaps in wristwatch format.

Woz may officially be retired, but his creative imagination is still working overtime.

The TECHLife Post is your daily window on technologies that matter to you!

We’ll bring you news, reviews, opinion columns and editorial commentaries on the technology issues that impact you, your family and your life.

We’ll post TECHLife news as it happens, daily, Monday to Friday.

Each of our regular columnists will look in at least once a week to address key issues that affect our digital lives:

Danielle Donders will share her adventures in digital-age parenting Without a License.

Eric Jacksch will keep us informed on digital privacy, safety and data security issues under the InSecurity banner.

And Senior Correspondent Fred Ennis — The Cranky Man — will wax critical on economic, political and regulatory issues relating to the technology ‘cloud’.

We’ll bring you news of new digital products and services as they’re released and all of our correspondents will pitch in, as appropriate, with in-depth reviews of the best new products and services in their respective areas of expertise.

Every day, we’ll skim the cream off the top of the news churn, spotlighting the Daily Best Of… the Web’s leading tech news and comment voices.

Occasionally we’ll bring you Editorials on important issues on which the Post takes a stand. More often, under the Editorial banner, I’ll share personal perspectives reflecting my fifteen years on the tech news beat.

And… If there’s a tech issue that’s important to you that we’re not already covering, let me know directly via: editor@techlifepost.com

-30-