In a harbinger of security threats to come, hackers have exploited a newly announced flaw in Microsoft Corp. programs and begun circulating malicious code hidden in images that use the popular JPEG format.
By Time staff writer
Published October 4, 2004
Software tools to create the malicious images began appearing in August, and last week security experts saw images employing them posted on adult-oriented Usenet newsgroups.
To get the malicious code, a visitor must download the image and view it using Microsoft's Windows Explorer software, said Oliver Friedrichs, senior manager with Symantec Security Response.
The computer then contacts a server to obtain code that would let an attacker take over the machine remotely.
Friedrichs said the current exploit is fairly limited but he expects future attempts to create malicious images that would work on the more popular Outlook and Internet Explorer programs, also made by Microsoft.
Computers with updated versions of antivirus software should be protected, according to the SANS Institute. Microsoft also has a software patch to fix the flaw and said users who have the Service Pack 2 security update for Windows XP are not affected.
Microsoft disclosed the flaw in question Sept. 14. It affects people running Windows XP, Windows Server 2003 and later versions of Office.
People who have earlier versions of Windows or Office also may be affected if they are running some specialized applications, such as Digital Image Pro and Visio 2002. The flaw is in a technology that is used to render JPEG images.
IBM claims fastest supercomputer title
IBM Corp. claimed unofficial bragging rights last week as owner of the world's fastest supercomputer.
For three years running, the fastest supercomputer has been NEC's Earth Simulator in Japan.
"The fact that a non-U.S. vendor like NEC had the fastest computer was seen as a big challenge for the U.S. computer industry," said Horst Simon, director of the supercomputing center at Lawrence Berkeley National Lab in California.
"That an American vendor and an American application has won back the No. 1 spot, that's the main significance of this."
Earth Simulator can sustain speeds of 35.86 teraflops.
IBM said its unfinished BlueGene/L System, named for its ability to model the folding of human proteins, can sustain speeds of 36 teraflops. A teraflop is 1-trillion calculations per second.
Lawrence Livermore National Laboratory plans to install the Blue Gene system next year with 130,000 processors and 64 racks, half the size of a tennis court. The labs will use it for modeling the behavior and aging of high explosives, astrophysics, cosmology and basic science, lab spokesman Bob Hirschfeld said.
Amazon, Microsoft file fraud claims
Amazon.com Inc. and Microsoft Corp. filed lawsuits against U.S. and Canadian companies they claim used their names to commit fraud on the Internet.
One suit accuses Gold Disk Canada Inc. of online forgery known as "spoofing" by sending e-mails that appear to come from Amazon.com and Microsoft's Hotmail.com, the companies said in a statement. Others are accused of using phony Amazon.com e-mail and Web sites to trick consumers into providing personal financial information, a technique known as "phishing."
Microsoft has filed 70 similar suits since June to put financial pressure on companies that send unwanted e-mail, known as spam, and to warn others that spoofing and phishing are illegal, said Tim Cranton, a Microsoft senior attorney. Spam costs U.S. businesses as much as $87-billion a year, according to the Pew Internet and American Life Project.
Phishing attacks increased in each of the first five months of this year, to 1,197 in May from 176 in January, according to the NASD, formerly the National Association of Securities Dealers. Citigroup Inc.'s Smith Barney brokerage unit said its customers have been targeted by a phishing scheme and last week posted an alert and a sample of a phony e-mail on its Web site.
Kodak gets kudos for digital cameras
Digital camera owners gave Kodak, Sony and Canon top marks in a customer satisfaction survey conducted by J.D. Power and Associates. Kodak took the top spots in two categories based on price, $200-$399 and $400-$599. Sony led the $199-and-less group, and Canon rated highest in the $600-and-more category.
The survey polled 4,260 consumers who purchased a digital camera between November and June on four factors: performance, connectivity, cost and appearance.
Companies try to produce better iPod batteries
Music may last forever, but batteries do not. The battery life - and life expectancy - of Apple's iPod has been a hot topic among the faithful since the earliest models began to reach an advanced age.
To help revive iPods with power cells that no longer can hold a charge, Newer Technology and Other World Computing have entered the iPod-parts business, introducing a high-capacity lithium-ion cell that can last longer than the iPod's original battery.
The high-capacity 2100mAh iPod replacement battery has a capacity 70 percent greater than the original, which the company says will add hours to the iPod's original 10 hours of playing time between charges. At $40, it is a smaller drain on the wallet than replacing an old iPod with even the least expensive new one.
The battery works with all first- and second-generation models released in 2001 and 2002, and comes with plastic tools to open the iPod. (Doing so voids its warranty, but if your machine is more than a year old the standard warranty has expired anyway.)
Standard-capacity batteries are also available, as are replacement cells for last year's third-generation iPods. All can be ordered at www.macsales.com/ipodbattery
For those who want to know what they are getting into before they pry the backs off their precious iPods, there is a six-page illustrated manual to download at the site that shows the process in detail.
School needs help installing computers
More than 100 volunteers are needed to install computers and train students at Sligh Middle School in Tampa. The computers are being donated by JPMorgan Chase, and the program is being coordinated by Computer Mentors, a nonprofit group that works with inner-city youth. Each incoming sixth-grade student will get a PC to use at home. Installation is scheduled for Saturday and Oct. 16. For information, call Mary Ann Fullerton at JPMorgan at 813 432-5133, or e-mail mary.a.fullerton@jpmchase.com
Event addresses older people's computer issues
A "Computer Conference for Older Adults" will be held at 9 a.m. Oct. 19 at the Sunshine Multipurpose Senior Center, 330 Fifth St. N, St. Petersburg. Sponsored by the city of St. Petersburg Office on Aging, the conference will include workshops on topics such as Travel on the Internet, Introduction to Computers and the Internet and Digital Photography. The keynote speaker will be professor Nick Cox of the Stetson University College of Law, who will talk about consumer fraud and identity theft. The cost of the conference is $15, and reservations are due by Oct. 15. Send checks to the city of St. Petersburg Office on Aging, 330 Fifth St. N, St. Petersburg, FL 33701. For information, call Nancy Skirchak at (727) 893-7102.
Device matches timing of sports on radio, TV
For years, ardent sports fans have put radios on top of their TVs so they could listen as breathless, biased hometown radio announcers cheered on their teams in time to the video.
But cable and satellite signal delays have turned the custom into a spoiler-laden frustration: The radio play-by-play is virtually certain to precede a first-down rush or a double play throw. What's more, ABC's Monday Night Football is adding a five-second delay this season to head off unexpected surprises like the Janet Jackson costume incident during last season's Super Bowl halftime show.
"It's like being in a time warp," said Ron Sanderson, an avid Washington Redskins fan and owner of Data Design, a computer company. When friends complained about the delay, Sanderson decided to find a way to resynchronize the broadcasts.
The result, the DelayPlayRadio (www.delayplayradio.com) is a $140 device that introduces a variable delay of up to 16 seconds in the audio stream from a radio attached to the unit. A slider bar on its face lets you adjust the delay during the game.
Input and output jacks on the back connect to an AM/FM receiver, stereo components or headphones.
The DelayPlayRadio needs a wall outlet for power, although there are plans for a battery-powered version that sports fans can take to a tailgate party.
NHL video game season unaffected by lockout
Professional hockey may be on hold, but all 1,230 regular season games still will be played.
How, you ask? In the confines of a video game, with results posted on a specialty cable television channel that's devoted to games and high-tech gear.
Starting Oct. 13 with a matchup between the Stanley Cup champion Tampa Bay Lightning and the Philadelphia Flyers, G4techTV will broadcast highlights, scores and stats every day on the sports program Sweat.
Highlights also will be seen on Comcast SportsNet; Comcast owns G4techTV.
NHL teams locked out players after both sides failed to reach terms on a new contract.
It's unclear yet how the games will be played or which of the several hockey video games will be used.
Times compiling list of tech help sites
Do you have a good Web site that you use for free tech help and support? We're starting a list online, based on last week's Personal Tech story, and nominations can be submitted at the Times Talkback site (www.sptimes.com/talkback) Readers also can submit questions for the Solutions column and Times personal technology editor Dave Gussow at the site.
