Monday, July 30, 2012

UAC differences between Windows Vista and Windows 7

In Windows 7, Microsoft made changes that improve users' User Account Control (UAC) experience but don't decrease the overall security posture of UAC. They increased the number of tasks that a standard account user can perform and that don't prompt for administrator approval in Windows 7. For example, standard account users can now install updates from Windows Update and reset network adapters without receiving a UAC prompt. In Windows 7, Microsoft disabled the built-in administrator account by default. The admin account also can't log on to a computer in Safe Mode.
A very visible Windows 7 UAC change is the new User Account Control Settings dialog box, which is available from the User Accounts Control Panel applet. This dialog box lets an administrator account user configure the UAC experience with settings ranging from Always notify to Never notify. Windows 7 includes four UAC configuration levels. Windows Vista offers only two options: UAC is either on or off.

Finally, in Windows 7, Microsoft provides additional Group Policy Object (GPO) options to let administrators change the behavior of the UAC messages for privileged-account users and for limited-account users.


Source: Jan De Clercq(Windows IT PRO)

Saturday, July 28, 2012

Web inventor Tim Berners-Lee stars in Olympics opening ceremony

Summary: 'This is for everyone', Berners-Lee says in a tweet as London 2012 organisers honour the inventor of the web in the Olympic Games opening extravaganza

Sir Tim Berners-Lee, the inventor of the web, was greeted by cheers on Friday as the opening ceremony of the London Olympic Games celebrated his work.


Sir Tim Berners-Lee live-tweets during the 2012 Olympics opening ceremony

The event showed how digital communications have become part of everyday life via the story of Frankie and June, a pair of kids who hook up via social networking on their mobile phones. At the end, Berners-Lee sat in the middle of the Olympic Stadium live-tweeting a message for the occasion:

As well as appearing on Twitter, the message flashed around the stadium, with the letters made up of 'pixel' paddles held by 70,500 members of the audience. It reached a television audience estimated at one billion.

Olympics organisers' decision to honour Berners-Lee placed the digital revolution he helped spark on a level with the Industrial Revolution in changing ordinary lives.

The opening ceremony took British creativity, eccentricity, daring and openness as its theme, and the technological shifts these have generated. It looked at how the invention of iron smelting led to factories, cities and prosperity, and how Berners-Lee's creation of the web was just as far-reaching.
 
The British inventor now works with the UK government on open data, and previously on the data.gov.uk project to share public data. He was also at one time lined up to be a director at a new Institute for Web Science at Southampton University, but this plan was shelved by the coalition government when it got into power.

“The values and achievements of the Olympics will be amplified by the World Wide Web. It will be like millions of digital torches carrying the spirit of the Games to every corner of the world," Berners-Lee said, according to a report in Pocket-Lint.

The fading line between Personal and Official life

‘Keep your personal and official life different’ is the guideline we have been hearing from our previous generations. But is this practiced anymore? Today, it is truly difficult find someone of such sorts.

Hereon, I will list few trends that have made such a practice rare and more difficult to follow

Trend 1: ‘Dear. My boss /client has called. Give me a minute’ Official phone calls spilling into non-official time. However simple it may sound, but its impact cannot be ignored. For most of us, it all began with having official con-calls after office hours.

Trend 2: ‘Hey dear! Yippee. I got a laptop from my office’….. ‘But I did’nt know it was going to take a piece of my personal time’ Offices started providing laptops to required employees. The intention was to provide mobility within office and when on an official trip. Unfortunately, the work mobility with the laptops got extended when at home. This coupled with ‘Work from home’ which is mostly by employee’s choice is one more reason.

Trend 3: ‘Blackberries, Smartphones, Tablets and BYOD’
The device explosion is one of the last in this sequence. I am pretty sure that most of us reading this blog would be using a Smartphone or iPhone and Tablet trend is just following. For the sake of simplicity, let me call them Smart devices. Every day, we check our official data like emails, presentations, business documents on our Smart devices. These same devices are also used for our personal work and have our important contacts, credit card numbers, passwords, personal sms’es on it.

The above may not be all, but are few of the major trends that have caused the line between personal and official life to fade.

Source: One of my blogger friend

Battery-saver app on Android is malware



A new piece of malware is trying to take advantage of poor battery life on Android smartphones.Cybercriminals have created an app that is supposed to reduce battery use, but in reality steals the user's contacts data stored on the device. Symantec, which first discovered the malware, is calling this particular threat Android.Ackposts. Here's the official description Android.Ackposts is a Trojan horse for Android devices that steals the Contacts information from the compromised device and sends it to a predetermined location. The Trojan may arrive as a package with the following name: BatteryLong.apk.

As opposed to using third-party app stores or even the official Google Play store, this app is pushed via Japanese spam e-mail that includes a link to download and install it. Although the messages claim the app reduces battery use by half, the app does nothing to save battery power. It does, however, send the user's contacts data (name, phone number, e-mail address, and more) to an external website for safe keeping.

As you can see in the screenshot in the top right, this malicious app only requests two permissions when it installs: "Network communication" (to access the Internet and upload the personal data) and "Your personal information" (to read and acquire the user's contacts data in the first place). The developer may have limited the number of required permissions as much as possible to avoid suspicion.

Once the app is installed and launched, a setup screen appears for a second, followed by a message stating that the device does not support the app. That is when the app steals the user's contacts data in the background. The developers of this malicious app are most likely trying to harvest e-mail addresses for spamming purposes. Symantec traced the spam message back to the sender, and discovered that the cybercriminals are also operating various social networking and dating sites already notorious for sending spam.
   
Source: ‐ Emil Protalinski, Security journalist, ZDNet Publication