When Will I Get My iPhone?

I know you’re all saturated with iPhone buzz and most of you don’t really care but being an early adopter type, everyone seems to be asking me when I’ll be getting my iPhone.

The answer is probably never. Personally, I don’t have need for an iPhone. The only reason for me to get one is to look cool, and that’s not an issue. If I did plan on getting an iPhone it wouldn’t be today. Most likely the only reason I’d pick up an iPhone is to create some kind of protection software. It won’t be long before someone finds the first iPhone security flaw. I did check and sure enough someone has parked the domain name of iPatrol.com.

There’s more iPhone news online than anyone can handle but my favorite is still a video from my friend David Pogue. He’s a funny guy and while he’s been accused of being a little too Apple friendly, he’s quick to point out the biggest iPhone flaw.

Click here for Pogue Video

Your family member has sent you an ecard

This is actually an old one but for some reason I’ve seen a real surge in someone trying to get me to either download a file called Postcard.exe or visit their website to view a “postcard you’ve received from a family member!”.

I think we’ve taught most people not to download exe’s and Email filters won’t allow downloadable executables. Unfortunately, people still can’t help themselves to click on potentially dangerous sites.

“What if someone really did send me a postcard?” you say? IT’s NOT WORTH THE RISK! This kind of social engineering continues to be the most common source of malware infections. This new postcard threat even targets what ever AntiVirus program you’re using and tries to disable it.

The current rash of Emails appear to be from China because the domain names are all located in Hong Kong. Unfortunately, I can’t blame the communists for this one. It’s most likely some former communists. So far I have traced the criminals to Germany but I’m sure I have a few more hops to go before I find out where they really originate.

How Does the Wii Controller Work?

According to Technology Review

“The key to the Wii's main controller is its three-axis microelectromechanical-system (MEMS) accelerome­ters, which measure movement in three dimensions.”

As some of my readers know I’m a big fan of the Wii, even though it’s caused some old aches and pains. Sales of Nintendo Wii are kicking butt even against the superior graphics of the PlayStation and X-Box.

The tactile and audio response along with the realistic play action makes the Wii a generation ahead of any other video game console. The controller includes a speaker so you hear the whoosh sound of your tennis racket, and includes its own micro processor with both RAM/ROM memory.

The controllers use a combination of both Broadcom Bluetooth and infrared signals to quickly detect distance and motion. The console includes WiFi so the Wii can connect to your local wireless network. I regularly send photos back and forth to my grandkids Wii located in Germany.

Thanks to my CNet newsletter I was directed to a great article in the MIT Technology Review called “Hack: The Nintendo Wii”. This article is the best explanation I’ve seen for how the Wii controllers work.

This reminds me of back when Texas Instruments developed a 10th level LPC voice synthesizer for their Speak & Spell toy. They had no idea the significance of what they created. While this motion-sensitive technology was created for the video game wars I expect to see it adopted for many other applications.

Do All Signatures Come From Kaspersky?

You might think there exists a huge number of anti-malware programs out there. If so, you’d be right but you might be surprised to find out how many use the same anti-virus engine and signature files.

My mailbox was flooded yesterday with a number of freaked out WinPatrol users who had our software removed by Kaspersky Internet Security Suite. It seems Kaspersky was identifying WinPatrol as “pornware not-a-virus:Porn-Dialer.Win32.Agent.aw“.

I was pleased that most folks knew this must be some kind of false-positive error, but I also had my share of users in a panic blaming me for infecting their systems.

By evening, I did hear back from Kaspersky Virus Analyst, Yury Nesmachny who apologized and said,

“Sorry, it's false alarm. Its detection will be deleted in the next update. Thank you for your help.”

According to tests today with VirusTotal.com, Kaspersky has corrected this error.

I had created a standard reply for Kaspersky users but as the day continued it got worse. Apparently, a significant number of other products use signature files from Kaspersky for their products.

It wasn’t long before I received notices that Zone Alarm Security Suite was reporting WinPatrol as a porn dialer. This was followed by a couple F-Secure Internet Security users and a few who use AOL’s Active Virus Shield.

This isn’t the first time this error has occurred. Last December Panda Software tried to tell users WinPatrol was a porn dialer. Panda was pretty responsive and I appreciate the quick action from Kaspersky which hopefully, will be deployed quickly to all their partners. I’ve also been told WinPatrol isn’t alone. AdobeUpdaterInstallMgr, Quicken and many other popular applications were mis-identified.

Update: Thanks to Don Pelotas who pointed me to this list of Kaspersky partners.
http://www.kaspersky.com/oemsuccess

MPack Hacking Creates Italian Job Trojans

When I first heard of the “Italian Job”, I thought it was some kind of new sex activity. Unfortunately, it’s nothing that good. It’s the name Trend Micro has given to an internet threat which started to appear on Italian web sites recently. It’s not a new threat but it’s growing and getting a lot of press coverage this week.

Trend Micro and others have identified the infection and how it works on thousands of web pages. What’s still unclear is how so many legitimate sites have had their top level pages hacked.

The source of the infection appears to have been created using a Russian based hacker tool kit called “MPack”. For under a thousand U.S. dollars, you can install MPack and using its control panel, anonymously monitor the success of your malware around the world. MPack version 0.92 also comes with a number of examples that can help you deploy keyloggers, remote bots and worms using a variety of known vulnerabilities in Windows.

The current threat in Italy is using Javascript code to create an <IFrame> element that redirects users to a new IP which attempts a buffer overflow infecting the users machine. Other examples in MPack use what we’ve called the ANI Vulnerability that Microsoft patched in April as well as Vulnerability in the Microsoft Data Access Components, Vulnerability in Windows Media Player Plug-in, Vulnerability in Vector Markup Language, Vulnerability in Microsoft Management Console, and Vulnerability in Microsoft XML Core Services. New exploits can be purchased as they are discovered.

MPack has been used for a variety of reasons. Everything from capturing passwords from financial institutions to just increasing traffic to a hackers Google Adwords page.

While all the security companies have spent plenty of time analyzing how MPack works, nobody seems to know how so many legitimate website are getting hacked. It sounds like the security companies need to spend more time designing and selling products to Internet Service Providers than just the average consumers.

Achilles WiiItis Injury was predicted

It was last March when I added a Nintendo Wii to our playroom and wrote “Nintendo Wii Replaces PE”. In my post I predicted, “ I’m either going to lose weight or I’m going to pull a muscle.” Well, I was right!

I really expected I would aggravate and old tennis elbow surgery but instead the diagnosis is Achilles Tentonitis. Not only is my Wii usage restricted but I now have a huge black air cast up to my knee. I’ll also be on crutches for the next week or two. Apparently playing a vigorous game of Nintendo Wii Tennis in bare feet may not have been a good idea.

Earlier this month a physician in Spain, Dr. Julio Bonis wrote to the New English Journal of Medicine and coined the phrase “Wiiitis”. I have a feeling more doctors will become familiar with this concept as the popularity of the Nintendo Wii increases.

This is a shot of yesterdays MRI. Apparently, the
black blob above the heel isn’t suppose to be so big

It’s probably impossible to prove the injury was caused by Wii Tennis. I can tell you, as an old guy who spends most of his time in front of the computer it’s still the most strenuous activity I’ve done in the past week.

WGA Crashes Space Station Computers?

It’s nice to have redundant systems but when all three redundant computers fail you know you’re in trouble. This is the predicament facing residents of the International Space Station. Luckily, if their computer problems can’t be fixed the Shuttle Atlantis is currently docked and can bring crews home.

The computers which are failing control the orientation of the space station which is critical for power generation. NASA’s Station Manager Michael Suffredini claims nothing has changed recently in either software or hardware but I have my own theories.

I think one of three things have caused the crashes

1) The Russian based computers have been infected with spyware. I’m sure as bored as folks on the space station get who knows what web sites they visit.

2) Tuesday’s Windows update caused the failure because Microsoft didn’t tested their changes on computers required to control solar panels while in orbit.

3) The Russian computers failed WGA(Windows Genuine Advantage) verification and won’t reboot to Windows.

While these are just theories but I did see a similar problem reported by Engadget; “Russian ATM runs unactivated copy of Windows”.

Seriously though, I’m just very glad that Atlantis is available for a rescue in case the computer problems aren’t resolved. This could have been a tragic situation.

Grocery Shopping on Amazon

When the Internet first became main stream a number of companies tried and failed to create online super markets. About 10 years ago WebVan made a big splash with investors that included Goldman Sachs and Yahoo! but failed to delivered any success.

The most successful online grocer still in business is a company called Peapod. A bit of Trivia... It's original name was actually IPOD or "Information and Product On Demand".

Now Amazon has created an online Grocery store. The key difference appears to be that Amazon is providing bulk non-perishable items which work with their current shipping models.

Amazon Grocery claims to have over 22,000 products and some great prices. I was pleased to find a few items that I can no longer find at my local market. I had to buy a few more than I normally would but I think I'll be using Amazon Grocery again.

Disclaimer: My Blog isn't designed to create any kind of direct revenue but in the interest of full disclosure, I am an Amazon Affiliate. I do make some kind of percentage if you purchase something by clicking on the link above.

Apple Safari 3 Doesn't Really Suck

This week Apple released a public beta of a Window version of its browser software called Safari 3. Apple claims to already have 5% of the browser market share so they’re hoping to expand this by going after Windows competitors like IE, Firefox and Opera.

Now that Apple has so many people running iTunes on Windows they hope it will help them infiltrate other product categories. I’m not a Mac user but there was a time I developed applications for Apple so I have a professional respect. I also like being a know-it-all so I downloaded Safari 3 and decided to give it a shot.

I expected to have a lot of complaints but so far the experience hasn’t been horrible. Apple’s claim that Safari is “up to 2 times faster than Internet Explorer” is hard to test but it wasn’t any slower. It loads up quickly and has a small footprint both on the screen and in memory usage.

My biggest concern was that Apple was going to install some of their other favorite software, including QuickTime which insists on making itself an autostartup program. I was glad to see that including QuickTime was a download option.

My real surprise and thrill came when I saw a setup dialog which allowed me to choose if I wanted their Bonjour service and if I wanted their Auto Update program to be installed. If you’ve read my Blog before you know how I feel about Auto Update programs. Three Cheers for APPLE!!! If the default was Unchecked I’d give them four cheers.

If checked, Apple Software Update will be added to the Run registry and will check for new versions of QuickTime, iTunes and Safari. Unlike QuickTime, it can later be removed without a struggle.

Now for what annoys me…

Apple insists on using their own Human Interface Guidelines even when they create programs for Windows users. While their buttons are intuitive for Mac users, they should adjust the UI for folks used to Windows standards.

Safari Add Bookmark Dialog

Notice the Cancel button is on the
left and Add(the action button) is
on the right most position per Apple
Human Interface Guidelines.


Add Bookmark on Firefox 2

As typical Windows users, we’re all acclimated to
the Cancel button being on the right or bottom.
The “Action” button it to the left of it.

There are still plenty of other tests I need to make but it’s worth the effort. If you’d like to try Safari 3, you can download it yourself at http://www.apple.com/safari/.

Spammers May Need to Communicate Better

Last week U.S Attorneys arrested a guy in Seattle they dubbed the “Spam King”. He’s actually a third Spam King I’ve heard of. In the late 90’s it was Sanford Wallace and a couple years ago it was Scott Richter.

According to Microsoft lawyer Tim Cranton say “He’s one of the top 10 spammers in the world”. Federal authorities said internet users should notice a decrease in the amount of junk E-mail they receive. I don’t know about you, but I haven’t seen any difference.

Not only has my spam continued the spammers don’t seem very organized. Seems like they know my name, where I live and even some of my websites but how come the spam isn’t targeted better?

For instance, I received an Email from a lonely young girl in an internet cafe who said…

I was searching the net few days ago. I am new to this thing.
and saw your profile. I decided to email you cause I found you attrbactive. I might come down to your city in few weeks.
Let me know if we can meet each other in person.
I am attractive girl. I am sure you won't regret it.

If she had communicated with other spammers she’d would have thought twice. Right after her Email was the following message.

The more inches your penis has, the more times you are a man. Make it big with Penis Enlarge Patch.

Perhaps she knew about the shoes I bought online because the next Email titled Re: Bigger informed me

People judge your dick size by your shoes size.
With megadik you dont have to wear
bigger shoes to make women think you have a huge...

It really doesn’t matter because I just won the Netherlands Lottery and Bill Gates is going to send me a million dollars. I just have to be careful not to put my winnings into my non-existent accounts at Regions Bank or Washington Mutual Bank. I received an Email letting me know there’s a technical update that will require me to re-enter my bank information.

It’s going to take a lot more than the arrest of one spammer to make any impact on my inbox.

London Olympic Animation Causes Seizures

My wife always makes fun of me when I talk or yell back to the TV and she had a lot of material this morning. The Today Show reported on a new animation used for the London 2012 Olympics that was removed because it could cause Epileptic seizures. Despite this, some idiots at NBC repeatedly played the animation so everyone, including folks with Epilepsy, could see what they were talking about.

London 2012

Anyone who has been in the computer game or video industry for any length of time knows about photosensitive epilepsy. About 5% of Epileptics are affected by flickering or flashing lights at certain frequencies. While the animation had been pulled, the new logo which was unveiled on Monday has been the subject of severe criticism. Olympic organizers have said the graffiti style logo was create to attract more young people.

In case you’re interested I have posted a copy of the animation here but unlike Today Show viewers, it’s your choice to view it. Consider yourself warned.

Warning * Clink here to see Animation * Warning