Blog Feeds Provide New Security Threat

How are we going to fix this one? Just keep turing off java, flash and every other cool web service that makes the net great?

Blog Feeds Provide New Security Threat

How are we going to fix this one? Just keep turing off java, flash and every other cool web service that makes the net great?

Blog Feeds Provide New Security Threat
From XBIZ

By Steve Javors

LAS VEGAS — Exploiting the vulnerability of blog feeds, hackers have found a new medium to surreptitiously attack PCs.

Bob Auger, a security engineer with SPI Dynamics, said that hackers could insert malicious JavaScript in blog updates that are delivered to subscribers’ machines via Really Simple Syndication (RSS) or Atom feeds. Auger presented his findings during the annual Black Hat Briefings, an Internet security conference.

Auger said blog feeds can be compromised in two ways: hackers setting up a corrupted blog and getting users to subscribe to its RSS feed, or more likely, inserting malicious code into a popular blog’s comments section, which often have their own feed.

Attackers also can send malicious code to mailing lists that offer feeds to attack compromised systems, Auger said. Feeds have risen to prominence because they allow users to consolidate information from websites into a single interface. This eliminates the need for clicking on a plethora of different websites.

Many RSS or feed readers do not include security software that can filter out malicious code. Auger said these applications should prevent JavaScript from running.

“A large percentage of the readers I tested had some kind of an issue,” Auger said. Vulnerable feed readers include Bloglines, RSS Reader, RSS Owl, Feed Demon and Sharp Reader, according to Auger.

Filtering out JavaScript at the feed reader level can get complicated because many readers use the code to deliver ads like one would see if they accessed the blog homepage.

Download Google Videos As AVI Files

An excellent article and bookmarklet to allow google video files files to be saved as AVIs; very cool, big thanks to google system at blogspot for sharing

Download Google Videos As AVI Files

If you want to save videos from Google Video and you use Windows, you have the option to download them as GVI files and play with Google Video Player.

If you want to save the videos as AVI and view with any video player on any platform, use this bookmarklet: Google Videos As AVI. You can save it as a bookmark in your browser or drag and drop it to the link toolbar. Next time when you see a video you like on Google Video, click on the bookmarklet and you can save the video.

Explanation: The location for the AVI file can be found in the source of Google Video pages, but it’s hidden for Windows users.

If you can’t see the videos or you player gives errors, try Media Player Classic.

http://prdownloads.sourceforge.net/guliverkli/mpc2kxp6490.zip?download (for 2000/XP)
http://prdownloads.sourceforge.net/guliverkli/mpc98me6490.zip?download (for 98)

MobileCrunch – Cingular Mobilizes TV Guide’s TV Guide Channel

An idea that may help save TV from digital doom. Getting tv guide on your cell may get people to watch more tv…

MobileCrunch » Cingular Mobilizes TV Guide’s TV Guide Channel
In a deal reported by Broadcasting and Cable as well as Southcaltech.com, Cingular Wireless has struck a deal with Gemstar TV-Guide the parent company of TV-Guide Mobile to provide Cingular with content for the wireless giant’s streaming mobile video service.

According to the Broadcasting and Cable report, Gemstar’s Senior Vice President and General Manager of Digital Media, Rich Cusick says:

“As part of our goal to become the leading cross-platform consumer hub for video guidance, we are excited to be partnering with Cingular to offer consumers, who are passionate about television, access to exclusive TV Guide Channel content almost whenever and wherever they want it. Enhancing the personal mobile entertainment experience of Cingular users across the country is in keeping with our strategy to integrate the TV Guide brand, content and technology across multiple platforms.”

Personally, I’m still on the fence about streaming video to mobile devices. While I’ve certainly enjoyed being able to watch the odd partial DVD on a smartphone from time to time, I’m not sure I’d pay the extra monthly fees currently required for a subscription to any of the services currently offered. So let me ask; what about MC readers? Do YOU subscribe to Mobi-TV? How much are you willing to pay? Are you satisfied with the service? At what price point would you buy (or cancel) your Mobi-TV service?? I’d love some replies to this informal poll.

TechCrunch » Evoca Sounds Off to Odeo

Techcrunch discusses a new contender in the online audio recording space, Evoca. Evoca’s online audio recording features stand out among the crowd, it’s user friendliness is better than most.

From: TechCrunch » Evoca Sounds Off to Odeo

Savannah, Georgia based Evoca’s new service to record and publish voice recordings has a number of features that allow it to stand out from the “click, record” crowd. I have been in contact with founders Muren Sharpe and Diego Orjuela since December, and tonight they gave me a complete overview of the service.

This young space is already crowded – competitors include Odeo, Springdoo, YackPack, Waxmail and others (of these, Odeo clearly has the branding lead). I can see each of these companies struggling to find the right business model, feature mix and consumer messaging. Evoca has a strong case for getting it at least mostly right.

To read more about Evoca and it’s competition at Techcrunch, click here.

Adware backers named and shamed | The Register

Follow the money
By John Leyden

Article originally found via digg

Adware backers named and shamed | The Register
Large corporations and dot.com firms are funding the distribution of software that loads invasive pop-up ads with their advertising dollars, according to a report by the Centre for Democracy and Technology.

The US consumer rights organisation named and shamed a number of firms over the practice, including Club Med Americas, uBid, PeoplePC and GreetingCards.com. It is calling on mainstream firms to become more vigilant about policing their advertising practices.
Click Here

In its report Following the Money: How Advertising Dollars Encourage Nuisance and Harmful Adware and What Can be Done to Reverse the Trend, CDT explains how the adware works through a complicated series of middlemen to persuade advertisers to pay for ads generated by unwanted advertising software or “adware”.

In most instances, surfers unintentionally install adware after visiting maliciously constructed websites or responding to online solicitations. The CDT report (PDF) documents the financial relationship between one unscrupulous adware distributor and mainstream firms.

“Knowingly or not, these companies are fueling the spread of unwanted programs that clog people’s computers, threaten privacy, and tarnish the internet experience for millions,” CDT deputy director Ari Schwartz said. “Because the adware financing model is willfully convoluted, many companies may not know where their advertising dollars are ending up. We’re urging those advertisers to be more vigilant to ensure that they aren’t unwittingly bankrolling one of the internet’s fastest-growing problems.”

Several organisations, including the Interactive Travel Services Association, Dell and Verizon, have established policies that prohibit or discourage the use of nuisance or harmful adware in serving ads. CDT wants to see these policies adopted by other advertisers. It also wants corporates to monitor the advertising practices of their marketing affiliates.

Earlier this year, CDT filed a complaint with the Federal Trade Commission alleging that 180solutions, engaged in a “pattern of unfair and deceptive trade practices”. In its latest report, CDT looked at firms that advertised through 180solutions, and enquired about why their marketing messages were been propagated using 180solutions’ advertising software.

Two of the firms identified responded to CDT’s requests by establishing ad placement policies, and five more said they already had policies in place. Eleven others – Altrec, Club Med Americas, GreetingCards.com, LetsTalk.com, NetZero, PeoplePC, PerfectMatch, ProFlowers, True.com, uBid and Waterfront Media – failed to respond to CDT’s request for information about their ad placement policies. CDT said firms that support nuisance or harmful adware with their advertising dollars deserve increased scrutiny.

“The time is now for companies to take a more active role in policing their own online advertising activity,” CDT deputy director Schwartz said. “Although unscrupulous adware companies bear the greatest blame for the spread of the unwanted programs, those programs wouldn’t exist without advertising dollars to fund them. We need to cut that revenue stream off at the source.”

180Solutions rejects CDT’s criticism over its business practices. “We object to the overall premise that consumers are duped into installing our software,” 180Solutions chief executive Keith Smith told The Washington Post. “It’s no different from what’s on television. People are paying for this content by agreeing to some ads.”

Daily Show with Jon Stewart Now on iTunes

“We are excited that ‘The Daily Show’ and ‘The Colbert Report’ are now available to download on the iTunes Music Store,” said Michele Ganeless, executive vice president and general manager, Comedy Central. “Fans of the most trusted names in fake news can now take Jon Stewart and Stephen Colbert with them everywhere they go.”

Daily Show with Jon Stewart Now on iTunes

Comedy Central’s series “The Daily Show with Jon Stewart” and “The Colbert Report” are now available on the iTunes Music Store. The series are available at $1.99 per episode or via a new “Multi-Pass” feature on iTunes that lets fans buy the next month’s worth of 16 new episodes for $9.99.

“We are excited that ‘The Daily Show’ and ‘The Colbert Report’ are now available to download on the iTunes Music Store,” said Michele Ganeless, executive vice president and general manager, Comedy Central. “Fans of the most trusted names in fake news can now take Jon Stewart and Stephen Colbert with them everywhere they go.”

“Our newest feature ‘Multi-Pass’ gives fans the ability to purchase a block of 16 episodes of these hit programs during the current season and have them delivered automatically to their computer after they air on TV,” said Eddy Cue, Apple’s vice president of iTunes.

Source: Comedy Central

AtomFilms Intros Podcast and Services for Portable Media Players

AtomFilms has announced AtomFilms To Go, a new service that makes its original short film and animation content available for download and playback on various mobile platforms, including the PSP (PlayStation Portable) system, Apple iPods and PCs.

AtomFilms Intros Podcast and Services for Portable Media Players

AtomFilms has announced AtomFilms To Go, a new service that makes its original short film and animation content available for download and playback on various mobile platforms, including the PSP (PlayStation Portable) system, Apple iPods and PCs.

AtomFilms To Go is premiering with 10 titles, including Street of Pain, a comedy starring Steve Carell (The Forty Year Old Virgin). The site plans to add weekly.

The films are available for direct download, and are also available formatted for video iPods as the AtomFilms to Go video podcast.

“Eight years ago, AtomFilms began building a library of the best bite-sized entertainment, recognizing that it was perfectly suited for digital distribution,” said Atom Entertainment, Inc. CEO Mika Salmi. “AtomFilms To Go enables consumers to extend that AtomFilms “entertainment snacking” experience so they can enjoy our shorts on every device.”

The company has partnered with the entertainment industry’s most innovative and entertaining talent including JibJab, Aardman Animations, Joe Cartoon and more, to acquire and develop many of the Internet’s biggest hits, building a monthly audience of more than 5 million consumers.

The following shorts are among the 10 titles currently available for download via AtomFilms To Go: Street of Pain — a dodgeball comedy featuring “The 40 Year Old Virgin,” Steve Carell; Consent — a “safe and legal sex” comedy by Jason Reitman, director of the upcoming feature film “Thank You For Smoking”; Your Face — a classic, Academy Award nominated animation from Bill Plympton; Rockfish — action-packed computer generated animation; being developed into a feature film voiced by Vin Diesel; Cheney’s Got a Gun — a musical parody chronicling the Veep’s recent hunting misadventure.

Upcoming AtomFilms To Go releases will include a selection of AtomFilms’ hits, current film festival favorites, and worldwide premieres of original projects developed by AtomFilms Studio.

Sources: AtomFilms to Go, originaly found via podcasting news rss feed.