Xegben

Dracula:
This is a song that I never thought I would write
On the night that I'm dying
Sorry for all the wrong I've done.
I'm finished trying.
It was a wonderful dream...
Now let him come and slay me.

Van Helsing:
There he is!
The demon who haunted the streets of London!
I've come to slay you,

Dracula:
Here I am!
I'll leave you bleeding in my dungeon...
I'll never obey you,
I'll rip out your oesophagus!

Dracula's Lover:
Please, Mr Van Helsing,
Listen to me.
He is just a man
Who wishes to be free!

Female Villager:
Lay him in a hearse
You must end this curse!

Male Villager:
He is the worst!

[ Dramatic fight, Van Helsing stabs Dracula with a stake into his heart. ]

Dracula's Lover:
Don't go, my love.
I can't say goodbye...

Dracula:
My reign is done!
It's time to die.

Dracula's Lover:
I'm pregnant.

Chorus:
Dracula ...

Van Helsing:
What have I done!
Who killed Dracula!

Chorus:
... Has flown above,
But he found a taste
A taste for love.

Van Helsing:
My life is a lie...

Dracula's Lover:
Sweet Dracula,
I miss my undead prince.
I'll never see him again,
Until my death.

Chorus:
... What a wonderful dream,
To find a taste for love,
A taste for love.

---

Please Stop Using IE6 and save a lot of time for the web developers.

This project aims to upgrade microsoft web browser to higher platform from IE 7 to IE 8 or download alternative browser. IE7 has been arounb but majority of the web browser used by user is still IE6. many of these are Universities and School, who has XP installed and not yet upgraded to Vista, or waiting for the release of Windows 7 later this year.

The problem is IE6 dont follow web standards, many sites are messed up through IE6 browser. I personally hate to create a second css file to hack IE6 rendering.
save us some time to be more productive...or go to this site

The main problem is i have to install IE tester on vista just to simulate IE6, IE 5.5, IE 7, IE 8 for my projects, removing IE lower versions would be a real relief. heheheXD...

---

Charlie Miller defends his title; IE8 also falls on Day One of hacking contest

March 18, 2009 (Computerworld) Charlie Miller, a security researcher who hacked a Macintosh in two minutes last year at CanSecWest's PWN2OWN contest, improved his time today by breaking into another Macintosh in under 10 seconds.

Miller, an analyst at Independent Security Evaluators in Baltimore, walked off with a $5,000 cash prize and the MacBook he hacked.

"I can't talk about the details of the vulnerability, but it was a Mac, fully patched, with Safari, fully patched," said Miller on Wednesday, not long after he had won the prize. "It probably took five or 10 seconds." He confirmed that he had researched and written the exploit before he arrived at the challenge.

The PWN2OWN rules stated that the researcher could provide a URL that hosted his exploit, replicating the common hacker tactic of enticing users to malicious sites where they are infected with malware. "I gave them the link, they clicked on it, and that was it," said Miller. "I did a few things to show that I had full control of the Mac."

Two weeks ago, Miller predicted that Safari running on the Macintosh would be the first to fall.

PWN2OWN's sponsor, 3Com Corp.'s TippingPoint unit, paid Miller $5,000 for the rights to the vulnerability he exploited and the exploit code he used. As it has at past challenges, it reported the vulnerability to on-site Apple representatives. "Apple has it, and they're working on it," added Miller.

According to Terri Forslof, manager of security response at TippingPoint, another researcher later broke into a Sony laptop that was running Windows 7 by exploiting a vulnerability in Internet Explorer 8. "Safari and IE both went down," she said in an e-mail.

TippingPoint's Twitter feed added a bit more detail to Forslof's quick message: "nils just won the sony viao with a brilliant IE8 bug!"

Forslof was not immediately available to answer questions about the IE8 exploit.

TippingPoint will continue the PWN2OWN contest through Friday, and will pay $5,000 for each additional bug successfully exploited in Safari, Internet Explorer 8, Firefox or Google's Chrome. During the contest, IE8, Firefox and Chrome will be available on the Sony, while Safari and Firefox will be running on the MacBook. The researcher who exploited IE8 will, like Miller, be awarded not only the cash, but also the laptop.

"It was great," said Miller when asked how it felt to successfully defend his title. "But I was really nervous for some reason this time. Maybe it was because there were more people around. Lucky [the exploit] was idiot-proof, because if I had had to think about it, I don't know if I'd had anything."

This year's PWN2OWN also features a mobile operating system contest that will award a $10,000 cash prize for every vulnerability successfully exploited in five smartphone operating systems: Windows Mobile, Google's Android, Symbian, and the operating systems used by the iPhone and BlackBerry.

Miller said he won't enter the mobile contest. "I can't break them," said Miller, who was one of the first researchers to demonstrate an attack on the iPhone in 2007, and last year was the first to reveal a flaw in Android. "I don't have anything for the iPhone, and I don't know enough about Google."

CanSecWest, which opened Monday, runs through Friday in Vancouver, British Columbia.

---

Everyone seems to have a “go to” geek among their extended family or group of friends — someone who handles all their tech problems for them. But that go-to geek doesn’t necessarily live close enough to drop in whenever there’s a problem. Symantec’s new “Project Guru” service, which it’s announcing today, gives those geeks a way to provide tech support to friends and family members remotely.

This project — Symantec’s third presentation at the DEMO show in recent years — is a work in progress aimed at setting up a trusted network for family members.

Brian Hernacki, an architect at Cupertino, Calif.-based Symantec, said the service is run through a portal, where the go-to “guru” can log in to create a trusted group, invite the family member or friend needing help to join that group, and then take remote control of that person’s computer to see what the problem is.

In that sense, the service is just like CrossLoop and other remote-help technologies that allow someone to see what’s happening on someone else’s desktop and take control of it. But Project Guru is different in that users simply click yes to accept a remote help session. That is, the guru has fancy computer commands at his or her disposal, but the dummy on the other end simply has to click with a mouse once.

On the guru’s desktop, Symantec will provide a bunch of data about the other PC that can help the guru diagnose any problems from afar. The exact details on this data have yet to be announced, Hernacki said. The connection between the guru and the friend or family member is secured via encryption technology.

Project Guru will include software-as-a-service features, such as the Norton Live online support service. And while some remote desktop services are clunky and slow, Symantec intends this one to operate at high speed. It’ll be interesting to see if the company can deliver on that goal, since commands sent over the internet naturally suffer from time lag. The company has a closed pilot in progress now and will open it up to a public beta test later this year.

The DEMO 2009 conference starts today and runs through Tuesday in Palm Desert, Calif. We will be covering it live throughout the show.

---

Mozilla Firefox users are being targeted by a new Trojan that steals online banking passwords.
According to security researchers at BitDefender, Trojan.PWS.ChromeInject.A identifies banking and money transfer websites such as Barclays and PayPal though JavaScript, and then collates the logins and passwords before forwarding them to server in Russia.

firefox_logo_100_sqThe malware, which is being spread by drive-by downloads or by duping users into downloading it, is stored in the Firefox add-on folder and is registered as 'Greasemonkey', which are scripts that add extra functionality to Firefox. It starts working as soon as the browser is opened.
However, the malware is not being obtained from Mozilla's official Firefox add-on site and the software manufacturer ensures all new add-ons are scanned for threats before being published.
Viorel Canja, the head of BitDefender's lab, explained that Firefox's increasing market share may be one reason why malware authors are targeting the browser.
Canja urged Firefox users worried about the Trojan to only download signed, verified software.
The Open Sourcerer said on Saturday, 06 December 2008
This story is so bad... First the malware only gets inserted once your computer has already been compromised by something else first.
Secondly - this ONLY affects Windows (surprise surprise). If you use Firefox on Linux or Mac, you are fine.
Hell Noire said on Monday, 08 December 2008
Would you like to name the add-on so we know to avoid it?
redstringuitar said on Wednesday, 10 December 2008
Bitdefender shares a business interest with Microsoft, you can only access their online scanner using active-x through IE. They're just doing Big Daddy a favour!

---

Microsoft researchers are developing a new Web browser that they say could offer a far greater degree of security than Google's Chrome, Mozilla's Firefox or Microsoft's own Internet Explorer.

The browser, called Gazelle, relies on 5,000 lines of C# code called a "browser kernel" that helps enforce security rules to prevent malicious access to the PC's underlying operating system, according to a recently publishedpaper.

So far, Gazelle is just a prototype, with other parts of the browser based on Microsoft's IE. Due to the complex nature of the way it processes Web pages for better security, the browser's performance is more tortoise than gazelle, but the researchers think a few tweaks can make it faster.

Gazelle is different from some other browsers in that it considers each part of a Web site - such as iframes, subframes and plugins - as separate elements. Some of those elements can pull in malicious content from other Web sites. Google's Chrome runs a Web page and its elements in a single process.

The Microsoft researchers argues that their approach brings more reliability and better security since processes can't interact with the underlying system and are mediated by system calls supplied by the browser kernel.

In the paper, the Microsoft researchers are surprisingly critical of the company's forthcoming Web browser, IE8, which uses an approach similar to Chrome by using tabs to isolate processes.

"This granularity is insufficient since a user may browse multiple mutually distrusting sites in a single tab, and a web page may contain an iframe with content from an untrusted site (e.g., ads)," the paper reads.

Gazelle goes so far as to separate elements of a Web page that come from the same registrar-controlled domain. For example, content from ad.datacenter.com and user.datacenter.com would be considered separate, whereas Chrome "puts them into the same site instance," the paper said.

Blocking race condition attacks

Another interesting feature of Gazelle is aimed at blocking so-called race condition attacks. In that scenario, an attacker creates a Web page aimed at making a user click on an area of the page. But just before the predicted click happens, an overlay is drawn into the page, which could cause a user to be attacked.

Gazelle will ignore any clicks in newly exposed screen areas for about one second until a user can see the new screen areas.

Gazelle also aims to limit the dangers posed by programming flaws in browser plugins. Plugins are small bits of code that enable other programs to run within a browser, but they've also been known to contain vulnerabilities that can allow a PC to be hacked.

In Gazelle, the plugins are sandboxed, or isolated from the rest of the system, so that a bad plugin would only affect the particular Web page's plugin process and not the whole PC.

But one huge problem with Gazelle's approach is that existing plugin code would have to be rewritten or ported to interact with Gazelle's browser kernel system calls. That's difficult since plugins are written by a wide variety of software vendors whose development schedules don't necessarily work in perfect sync with those of browser developers.

Other parts of Gazelle borrow from IE code not related to security. For example, the researchers said they didn't want to write a new HTML parser, so they used IE7's Trident renderer and JavaScript engine.

In compatibility tests, Gazelle correctly rendered 19 of the top 20 sites ranked by Web survey firm Alexa.

The paper warns that the new security of Gazelle does introduce "performance overhead" - especially for sites such as the New York Times Web site - but further work should be able to make it faster.

---

Last december I uploaded this photo as an avatar in my forum. As you can see it resembles Obama's Iconic Poster. well you could have the same avatar and customize it using the online editor from this site, you must have the latest flash. no need to be photoshopped guru..just picture upload then download youre obama icon now.

---

---

Yesteday is the square root day
03/03/09
fun on dates math fans.

the last square root day dates back in 02/02/04
and the next square root day will be held seven years from now.
04/04/16

looks like the planets have aligned...lols

---