Home PCs not as protected as owners think: "While 77% of the survey respondents believed they were safe from online threats, two-thirds lacked current anti-virus software and did not use any firewall protection. More than half said they did not understand the difference between the two.
Yet 84% stored personal data on their home PCs, and 72% routinely used the Internet for sensitive transactions, such as banking and medical data exchanges.
When technicians examined their PCs, they found 80% loaded with dozens of spyware programs that track the user's Web-browsing habits. Cybercrooks also have begun spreading a more invasive kind of spyware, called keystroke loggers, that steal logins and passwords as the user types them in. " [USATODAY.com]
Monday, October 25, 2004
Friday, October 22, 2004
Tabbed Browsers Can Disclose Confidential Info: "Among the affected browsers are Mozilla 1.7.2 and 1.7.3, Firefox 0.10.1, Opera 6.x and Opera 7.x, Safari 1.x, Netscape 7.x, and Konqueror 3.x.
Some of the flawed browsers have already been repaired or will be fixed shortly. Konqueror, for instance, closed the vulnerability in the version shipped with KDE 3.3.1, while the newest versions of the Mozilla/Firefox browsers have been patched against the second of the vulnerabilities. Opera said it will correct the issue in the upcoming version 7.60 (the current version of Opera is 7.54).
According to Secunia, users should either disable JavaScript within their browsers, or not visit trusted Web sites--such as financial institutions or retail sites--when tabs showing untrusted sites are also open. "
Some of the flawed browsers have already been repaired or will be fixed shortly. Konqueror, for instance, closed the vulnerability in the version shipped with KDE 3.3.1, while the newest versions of the Mozilla/Firefox browsers have been patched against the second of the vulnerabilities. Opera said it will correct the issue in the upcoming version 7.60 (the current version of Opera is 7.54).
According to Secunia, users should either disable JavaScript within their browsers, or not visit trusted Web sites--such as financial institutions or retail sites--when tabs showing untrusted sites are also open. "
Thursday, October 21, 2004
Yahoo! News - New IE Bugs Open Up XP SP2 To Attack: "As is its usual practice when it touts critical problems in IE, Secunia recommended that users either disable Active Scripting in the browser, or switch to an alternate, such as Mozilla's Firefox."
Monday, October 18, 2004
XStandard Lite XHTML WYSIWYG Editor: "IE/Mozilla/Firefox/ActiveX control -- The Lite version of XStandard is freeware and can be used in commercial applications. Features not supported in the Lite version include the ability to customize the toolbar, Word clean-up, and features dependent on Web Services (ex: spell checker, communication with third-party content, file drag & drop). "
InformationWeek > Sun Microsystems > Sun's Extreme Makeover > October 18, 2004: "Sun has been standing its business model on its head--transforming its most-important commercial software into open source, embracing standard chipsets, converting rivals into partners, and tailoring subscription-style services.. Next month, Sun is bringing out Solaris 10, an upgrade to its flagship Unix operating system that's more finely tuned for x86 microprocessors. This week, it's unveiling more pay-by-the-drink pricing options for grid computing. By year's end, it plans to finalize a sweeping plan to make its software available as open source, including a version of Solaris. And around the first of the year, it promises interoperability with Microsoft's identity-management and directory-services products.
Sun is betting it can make money from service and support agreements, not unlike Red Hat Inc.'s approach to Linux. "'f you want it fully supported or want input into new features, then you might have to pay for that,' Loiacono says.
It's part of a broader push into a software-as-services model. Sun provides hosted storage on an as-needed basis, and, in January, it established a $100-per-seat model for its Java Enterprise development platform, which has attracted more than 345,000 customers. Sun also introduced in September hosted grid computing for $1 per processor per hour and this week will disclose details of a plan for third-party hosting.
November's Solaris 10 launch comes after much work to optimize the operating system to run on x86 microprocessors from Intel and Advanced Micro Devices Inc. Sun finally hopes to smash the perception that Solaris' quality and performance come at a steep premium. Solaris is 'cheaper than Windows and less expensive than any of the major Linux distributions,' Loiacono contends.
In addition, Sun is almost ready to play its Microsoft card. Having reached earlier this year a $2 billion legal settlement that included cross-licensing of technology and a joint-development agreement, Sun and Microsoft have identified up to 20 areas of potential collaboration. Within the next 90 days, they'll deliver the first fruits of that work.
The companies will provide single-sign-on capability for Microsoft's Active Directory and the Java Enterprise LDAP Directory. Sun's CTO, Greg Papadopoulos, and Microsoft's chairman and chief software architect, Bill Gates, have been working closely the past few months on a road map to bridge the Sun and Microsoft environments. The companies say they'll unveil integration products a few times a year over the next 10 years, concentrating initially on interoperability among their messaging services, applications, and systems management. 'I don't anticipate that Microsoft is going to do any kind of similar deal with any of our major competitors,' Loiacono says. 'We have the inroad into technology and interoperability with them. Red Hat's not going to have this capability.'"
Sun is betting it can make money from service and support agreements, not unlike Red Hat Inc.'s approach to Linux. "'f you want it fully supported or want input into new features, then you might have to pay for that,' Loiacono says.
It's part of a broader push into a software-as-services model. Sun provides hosted storage on an as-needed basis, and, in January, it established a $100-per-seat model for its Java Enterprise development platform, which has attracted more than 345,000 customers. Sun also introduced in September hosted grid computing for $1 per processor per hour and this week will disclose details of a plan for third-party hosting.
November's Solaris 10 launch comes after much work to optimize the operating system to run on x86 microprocessors from Intel and Advanced Micro Devices Inc. Sun finally hopes to smash the perception that Solaris' quality and performance come at a steep premium. Solaris is 'cheaper than Windows and less expensive than any of the major Linux distributions,' Loiacono contends.
In addition, Sun is almost ready to play its Microsoft card. Having reached earlier this year a $2 billion legal settlement that included cross-licensing of technology and a joint-development agreement, Sun and Microsoft have identified up to 20 areas of potential collaboration. Within the next 90 days, they'll deliver the first fruits of that work.
The companies will provide single-sign-on capability for Microsoft's Active Directory and the Java Enterprise LDAP Directory. Sun's CTO, Greg Papadopoulos, and Microsoft's chairman and chief software architect, Bill Gates, have been working closely the past few months on a road map to bridge the Sun and Microsoft environments. The companies say they'll unveil integration products a few times a year over the next 10 years, concentrating initially on interoperability among their messaging services, applications, and systems management. 'I don't anticipate that Microsoft is going to do any kind of similar deal with any of our major competitors,' Loiacono says. 'We have the inroad into technology and interoperability with them. Red Hat's not going to have this capability.'"
Thursday, October 14, 2004
Web Application Performance Management Software: ProactiveNet: "ProactiveNet provides real-time application, SLA and infrastructure performance analytics software. Based on patented analytical technologies, ProactiveNet is an essential and cost-effective addition to traditional systems management and performance monitoring tools. By leveraging existing data collection methods, ProactiveNet provides end-to-end visibility into the source of application performance issues."
Tuesday, October 12, 2004
Software disasters are often people problems
Big software projects -- whether to manage supply chains, handle payroll, track inventory, prepare finances -- tend to begin with high expectations and the best intentions. They're all about efficiency, reliability, cost-savings, competitiveness.
Companies might develop their own programs internally, outsource the job or buy from a company such as SAP AG, Oracle Corp. or PeopleSoft Inc. Regardless of the route, it's usually a major undertaking to get things right. Often, however, the first step toward total disaster is taken before the first line of code is drawn up. Organizations must map out exactly how they do business, refining procedures along the way. All this must be clearly explained to a project's technical team.
"The risk associated with these projects is not around software but is around the actual business process redesign that takes place," said Bill Wohl, an SAP spokesman. "These projects require very strong executive leadership, very talented consulting resources and a very focused effort if the project is to be successful and not disruptive."
A 2002 study commissioned by the National Institute of Standards and Technology found software bugs cost the U.S. economy about $59.5 billion (euro48.35 billion) annually. The same study found that more than a third of that cost -- about $22.2 billion (euro18.04 billion) -- could be eliminated by improving testing.
Big software projects -- whether to manage supply chains, handle payroll, track inventory, prepare finances -- tend to begin with high expectations and the best intentions. They're all about efficiency, reliability, cost-savings, competitiveness.
Companies might develop their own programs internally, outsource the job or buy from a company such as SAP AG, Oracle Corp. or PeopleSoft Inc. Regardless of the route, it's usually a major undertaking to get things right. Often, however, the first step toward total disaster is taken before the first line of code is drawn up. Organizations must map out exactly how they do business, refining procedures along the way. All this must be clearly explained to a project's technical team.
"The risk associated with these projects is not around software but is around the actual business process redesign that takes place," said Bill Wohl, an SAP spokesman. "These projects require very strong executive leadership, very talented consulting resources and a very focused effort if the project is to be successful and not disruptive."
A 2002 study commissioned by the National Institute of Standards and Technology found software bugs cost the U.S. economy about $59.5 billion (euro48.35 billion) annually. The same study found that more than a third of that cost -- about $22.2 billion (euro18.04 billion) -- could be eliminated by improving testing.
Wednesday, October 06, 2004
Style Guide for Online Hypertext: This w3c piece by Tim Berners-Lee goes back to 1992, but has been maintained over the years. It is still a seminal introduction to things a new webmaster needs to remember. When you need an introduction to specific web site technologies, the w3c Tutorials are a good place to look.
What is a URI? It looks like the usage of this term has evolved. Around 1999, an article on URx said that "Uniform Resource Indicators (URI) are in development. URIs are defined as ASCII-based character string network protocols that represent communications streams... Identifiers are proxies for resources. A human being (resource) is labeled by a name (identifier), books are known by ISBN codes."
However the HTML 4.0 Recommendation and Terena's Guide to Network Resource Tools describe URI's as simply the protocol + host + path-within-host. Which leaves me wondering Is a URL any different from a URI? "URLs form a subset of the more general URI naming scheme."
The definitive clarification would be the w3C report URIs, URLs, and URNs: Clarifications and Recommendations 1.0 which "addresses how URI space is partitioned and the relationship between URIs, URLs, and URNs.... URL is a useful but informal concept: a URL is a type of URI that identifies a resource via a representation of its primary access mechanism (e.g., its network "location"), rather than by some other [identifying] attributes it may have. " By adding that "an http URI is a URL, " this puts our minds at rest -- we do not need to look for a distinction in http-space. "urn:isbn:n-nn-nnnnnn-n" is also a URI, but one based on an identifier (ISBN) rather than a location, and hence is not commonly referred to as a URL.
So we may as well just use the term URI universally, but there's nothing wrong with using URL in the context of location-oriented mechanisms like http. Some useful historical context is outlined at the http://www.w3.org/Addressing/.
However the HTML 4.0 Recommendation and Terena's Guide to Network Resource Tools describe URI's as simply the protocol + host + path-within-host. Which leaves me wondering Is a URL any different from a URI? "URLs form a subset of the more general URI naming scheme."
The definitive clarification would be the w3C report URIs, URLs, and URNs: Clarifications and Recommendations 1.0 which "addresses how URI space is partitioned and the relationship between URIs, URLs, and URNs.... URL is a useful but informal concept: a URL is a type of URI that identifies a resource via a representation of its primary access mechanism (e.g., its network "location"), rather than by some other [identifying] attributes it may have. " By adding that "an http URI is a URL, " this puts our minds at rest -- we do not need to look for a distinction in http-space. "urn:isbn:n-nn-nnnnnn-n" is also a URI, but one based on an identifier (ISBN) rather than a location, and hence is not commonly referred to as a URL.
So we may as well just use the term URI universally, but there's nothing wrong with using URL in the context of location-oriented mechanisms like http. Some useful historical context is outlined at the http://www.w3.org/Addressing/.
Subscribe to:
Comments (Atom)