roman entertainment: Week in Geek: Microsoft Security Essentials Loses its Certification ...

Our first edition of WIG for December is filled with news link coverage on topics such as the Windows XP countdown clock has dropped to less than 500 days, software pirates have released a tool to crack Windows 8 apps, an online service is offering bank robbers for hire, and more.

Weekly News Links

Image courtesy of the I Love Ubuntu Blog.

Mozilla developers launch per-window private-browsing experimental Firefox functionality
The Mozilla developers have just released an experimental private browsing functionality in Firefox nightly (custom build), bringing the exciting ability of simultaneously using a regular non-private Firefox and a private browsing-enabled Firefox.
Firefox 18 Beta wields an IonMonkey for JavaScript
Mozilla is aiming to deliver faster JavaScript in the new beta version of Firefox 18 by incorporating the IonMonkey just-in-time compiler as a replacement for the SpiderMonkey JavaScript engine.
Mozilla ships Firefox with H.264 support on Android
The Firefox browser is now shipping with support for HTML5 videos compressed with the H.264 codec to users of Android 4.1 (Jelly Bean) and Samsung phones with Android 4.0 (Ice Cream Sandwich).
Mozilla backs HTML5-focused start-up Everything.me
Everything.me has caught the attention of three tech heavyweights who have invested in the company?s HTML5-based mobile platform app, which allows people to use apps they do not have installed on their devices.
Chrome for Android to be On Par with Desktop Starting ?Early Next Year?
The Chrome team at Google have updated a post made on the official Chrome page on Google+ recently, stating that Chrome for Android will on par with its desktop counterpart starting early next year.
Chrome for iOS 23 supports Apple Passbook
Google has updated the iPhone and iPad version of its famous browser, adding support for Passbook and allowing users to open PDF files in other applications. Google Chrome for iOS 23.0.1271.91 also includes a number of tweaks and bug fixes.
With Google readying its own Nexus Chromebook, will it marry Chrome OS to Android?
A report from Taiwan states that Google is working on its own house-brand Nexus Chromebook with a touch screen. This, in turn, suggests that it might run a mixture of Android and Chrome OS.
IE10 For Windows 7 Defaults To DNT As Well
Despite the uproar from various ad agencies and such, it looks like when it came to rethinking its decision to enable the ?Do Not Track? header by default, Microsoft did not flinch for a second.
Windows Blue is Microsoft?s future low-cost OS with yearly updates
Microsoft is busy preparing its next-generation Windows client, shortly after shipping Windows 8 in October. The Verge has learned from several sources familiar with Microsoft?s plans that the company is planning to standardize on an approach, codenamed Blue, across Windows and Windows Phone in an effort to provide more regular updates to consumers.
Microsoft to End Windows 8 Support in January, 2018
Windows 8 was officially launched last month, but the Redmond-based technology titan is already working on its long-term strategy. The company has just announced that mainstream support for Windows 8 will end on January 9, 2018, while extended support will be provided until January 10, 2023.
Microsoft supports Surface until 2017, leaves Windows RT uncertain
This past October Microsoft introduced Surface with Windows RT. The controversial tablet gathered plenty of criticism down the road, but there?s one area where it has the potential to silence the naysayers ? product support lifecycle.
Windows XP countdown clock ticks under 500 days
Windows XP has fewer than 500 days left to live, according to Microsoft and third-party countdown clocks. Microsoft will end support for XP on April 8, 2014, when it will issue a final security update for the 11-year-old operating system.
All Linux Distributions Get the Secure Boot Bootloader
Matthew Garrett, ex-power management and mobile Linux developer at Red Hat, proudly announced on November 30, that a usable release of the Secure Boot bootloader is now available for download.
GNOME Fallback Mode Returns in GNOME 3.8
After all the fuss about the GNOME Fallback mode being removed from the upcoming GNOME 3.8 desktop environment, it looks like the GNOME developers decided to implement a similar mode for all the GNOME 2 nostalgics out there.
Fedora 18 Beta adds MATE and Cinnamon desktops
After almost two months? delay, the Fedora Project has released the first and final beta of Fedora 18. The distribution, which is code-named ?Spherical Cow?, includes the MATE desktop ? a continuation of the classic GNOME 2 interface ? in its repositories for the first time.
Steam Won?t Ban Users If a Hack is Used to Access Beta Client
Steam Linux limited beta is already out and around 6,000 users have been able to participate in it. Those who didn?t get an invitation for the beta program, can still have access to the client using a small hack. (Blog post includes a link to a guide for the hack.)
AbiWord 2.9.4 Free Office Suite Features Huge List of Changes
AbiWord, a full-featured, efficient word processing application suitable for a wide variety of word processing tasks and extensible with a variety of plugins, is now at version 2.9.4. AbiWord 2.9.4 provides great file import and export, with support for MS Word, WordPerfect, and many other formats.
Microsoft?s WLM Retirement Kills Yahoo Messenger Features
Yahoo has just announced that several Yahoo Messenger features would be discontinued next month, some of them because of Microsoft?s WLM retirement.
Do Not Track lands in networking hardware
Router maker adds the controversial technology to its line of hardware for home and small business.
Tech blunders, catastrophes and epic fails of 2012: review
Thanksgiving is over, and we?re heading into December. It?s time for a look back at all the blunders, catastrophes, epic fails and major screw-ups of 2012.

Security News

Microsoft Security Essentials Fails AV-Test, Loses Certification
Microsoft?s Security Essentials is the only free anti-virus software that failed to receive certification after a new round of anti-virus tests conducted by AV-Test on Windows 7 during September and October. MSE results are here and full list of AV Apps tested is here.
New Kernel Vulnerabilities Affect Four Ubuntu OSes
Canonical announced on November 30 that a new Linux kernel update for its Ubuntu 12.10 (Quantal Quetzal), Ubuntu 12.04 LTS (Precise Pangolin), Ubuntu 11.10 (Oneiric Ocelot) and Ubuntu 10.04 LTS (Lucid Lynx) operating systems is now available, fixing two important security vulnerabilities discovered in the Linux kernel packages by various developers.
Hotel room burglars exploit critical flaw in electronic door lock
Attacks affected some 4 million locks; company wants customers to cover repair costs.
Researcher reveals backdoor access in Samsung printers
Samsung printers contain a hardcoded backdoor account that could allow remote network access exploitation and device control via SNMP. Details of the exploit have been published. Some Dell printers manufactured by Samsung also have the admin account backdoor access.
Email hacks router
A whole range of Arcor, Asus and TP-Link routers are vulnerable to being reconfigured remotely without authorisation. On his blog, security researcher Bogdan Calin demonstrates that just displaying an email within the router?s own network can have far-reaching consequences: when opened, his specially crafted test email reconfigures the wireless router so that it redirects the user?s internet data traffic.
Malicious code added to open-source Piwik following website compromis
Backdoor added after hacker exploited vulnerability in mystery WordPress plugin. ? Hackers inserted malicious code into the open-source Piwik analytics software after compromising the Web server used for downloads.
Account theft still possible with latest WhatsApp
Recent changes to WhatsApp, which appears to have captured a position as the popular app-based alternative to texting, have not actually secured the system, at least for Android users.
iOS dictionary app accuses customers of piracy via Twitter
In a blog posting, author Jenn Frank reports that the Oxford Deluxe (ODE & OTE) ? powered by UniDict iPhone/iPad app, which retails for ?37.99 (or ?49.99), accuses legitimate buyers of being software pirates. Apparently, the app?s flawed DRM feature automatically tweets ?How about we all stop using pirated iOS apps? I promise to stop. I really will? to the dictionary user?s Twitter followers.
Fake Windows 8 Key Generators and Activators Found Online
Security company Trend Micro reports that several fake Windows 8 key generators and activators are now available online, all with the purpose of tricking people into believing they could actually activate Microsoft?s new operating system without paying for a license.
Software Pirates Release Tool to Crack Windows 8 Apps
It was only a matter of time, but the inevitable has finally happened: software pirates have just released a downloadable application that allows users to download and run full Windows Store apps. For free, that is.
Hack could let browsers use cloud to carry out big attacks on the chea
Scientists have devised a browser-based exploit that allows them to carry out large-scale computations on cloud-based services for free, a hack they warn could be used to wage powerful online attacks cheaply and anonymously.
Online Service Offers Bank Robbers for Hire
An online service boldly advertised in the cyber underground lets miscreants hire accomplices in several major U.S. cities to help empty bank accounts, steal tax refunds and intercept fraudulent purchases of high-dollar merchandise.
Java Zero-Day Exploit on Sale for ?Five Digits?
Miscreants in the cyber underground are selling an exploit for a previously undocumented security hole in Oracle?s Java software that attackers can use to remotely seize control over systems running the program.
Lost+Found: Anonymous surfing, dubious DRM and a stuck stock exchange
Too short for news, too good to lose; Lost+Found is a roundup of useful and interesting security news. In this edition: the latest edition of Nmap arrives, a router to route everything over Tor, an Autorun pest, a PDF autopsy, Stockholm?s stuck stock exchange, and a rather breakable unbreakable DRM.
A patched browser ? false feeling of security or a security utopia that actually exists?
Kaspersky Lab?s recently released ?Global Web Browser Usage and Security Trends? report sparks several important questions from a security perspective.
I Was Just Friended By Myself On Facebook (And It Only Gets Weirder From There)
From the blog post: I got a friend request from Bianca Bosker on Wednesday night. I?m Bianca Bosker, one of just three on Facebook, so the notification took me by surprise. What followed spooked me: When I finally scoped out this new Bosker at 8:30 a.m. on Thursday, I found myself staring back at me.
EU plans to implement mandatory cyber incident reporting
To improve cyber security, the EU is considering making it mandatory for businesses to report cyber attacks. Although a big supporter of self regulation, Neelie Kroes, the EU Commissioner for the Digital Agenda for Europe, told German S?ddeutsche Zeitung newspaper that she did not think there would be much progress with it in this case.
?Six-strike? anti-piracy campaign postponed until 2013
The Center for Copyright Information ? a venture between ISPs, music labels, and film studios to crackdown on illegal downloads ? says Hurricane Sandy delayed the November kick off.
Clueless officials hamper cybersecurity law-making
Governments need to know what problems the cybersecurity legislation is meant to address, or they will face public backlash over the possible intrusions to their personal rights.
Why whitehats don?t want to help businesses at risk
Well intended hackers might discover plenty of security vulnerabilities during their travels across the internet, but when businesses sue them or make it hard to pass the information along, it?s no wonder that they don?t even bother.