Cookies are short reports that are sent and stored on the hard drive of the user's computer through your browser when it connects to a web. Cookies can be used to collect and store user data while connected to provide you the requested services and sometimes tend not to keep. Cookies can be themselves or others.
There are several types of cookies:
Technical cookies that facilitate user navigation and use of the various options or services offered by the web as identify the session, allow access to certain areas, facilitate orders, purchases, filling out forms, registration, security, facilitating functionalities (videos, social networks, etc..).
Customization cookies that allow users to access services according to their preferences (language, browser, configuration, etc..).
Analytical cookies which allow anonymous analysis of the behavior of web users and allow to measure user activity and develop navigation profiles in order to improve the websites.
So when you access our website, in compliance with Article 22 of Law 34/2002 of the Information Society Services, in the analytical cookies treatment, we have requested your consent to their use. All of this is to improve our services. We use Google Analytics to collect anonymous statistical information such as the number of visitors to our site. Cookies added by Google Analytics are governed by the privacy policies of Google Analytics. If you want you can disable cookies from Google Analytics.
However, please note that you can enable or disable cookies by following the instructions of your browser.
Microsoft has one more time proove that even If You have a lot of money, a lot of talented programmer it is impossible to improve security in an existing huge codebase like windows....
Trustworthy Computing This is a first: the Internet Storm Center is recommending trustworthy computing. They want you to trust that the unofficial patch for the Windows Metafile Volunerability that is currently being exploited by an IM worm. No patch from Microsoft at this time, and the exploit is arranged in such a manner that it cannot be detected by most intrusion detection systems (the snort rule will peg the CPU on your router) nor filtered by packet-inspecting firewalls (it spans two or more ethernet frames). Not really a whole lot of choice about this one.
It's probably a hard problem to patch. From what I've gathered, this is a feature of WMFs, not a bug. They were designed before people even knew what the Internet was. WMFs, apparently, have the ability to specify code to be run on a failure to render. So the bad guys give you a bad WMF file, cleverly renamed as JPG, and stick it in an ad banner. You browse a site (with any browser), Windows fails to render the WMF (which it will recognize even if the filename says JPG), runs the specified failure code, and you're hacked. That fast.
Changing code that's this deeply buried in Windows is risky. The interpreter for WMF is one of the remnants of code left over from single-user computers, and they'll have to test changes very thoroughly. They're GOING to break things with this patch, because they're removing a designed-in feature. They're probably working feverishly to figure out how to minimize the damage, but some damage is inevitable. And the problem could be far worse than it appears; that DLL could be riddled with problems. It may not have been audited in many years.
This is yet another example of how you can't retrofit security; the first Windows versions were designed when security wasn't even an issue, when the Internet was barely a twinkle in Al Gore's eye. There's a mountain of code that was written just to work, not to worry about being handed malicious data. If a user passed bad values to a system call and it crashed, oh well. It was their fault for doing it. It's not like they had anything to gain from it, after all. They owned the computer. Why on earth would the computer need to protect itself from its owner?
With the advent of the Net, Microsoft decided to both stay backward-compatible and extend what they had onto the Internet. And their focus for many years was on new features, not security. Essentially every security person at the time warned them -- stridently -- against the choices they were making. It was obviously going to be a trainwreck. This is just the latest in that ongoing collision between a single-user operating system and exposure to every computer in the world.
Even worse, it is sooo bad that some people open source tool to increase invisibility of this issue... (News Here) We released a new version of the metasploit framework module for the WMF flaw, this one uses some header padding tricks and gzip encoding to bypass all known IDS signatures. Consider this "irresponsible" if you like, but it clearly demonstrates that a run-of-the-mill signature-based IDS (or A/V) is not going to work for this flaw. If anyone has any questions about why we are releasing these types of modules so early after the disclosure, feel free to drop me an email.
Microsoft Open XML has been approved by ISO, corruption and money talk in action! Irregularities during the vote are popping up "Microsoft's embattled Office Open XML document format received ISO fast-track approval after receiving support from approximately 86 percent of the national bodies that participated in the vote. ISO approval will be broadly perceived as a sign of validation for the document format which has received widespread criticism from technical experts and standards advocacy groups." read more HERE From the …
A good article with a lot of points against OOXML, and why this file format MUST BE REJECTED by the ISO National Bodies. Microsoft’s position is hardening as the ISO vote on OOXML (DIS 29500) in Geneva approaches at the end of this month. We know more clearly now how Microsoft and its proxy group, ECMA, will position Microsoft’s OOXML specification in advance of the vote. In short, Microsoft is betting that its influence with National Bodies will allow it …
"Windows Live Messenger goes beyond the traditional instant messaging (IM) service, enabling people to connect and share, with free PC-to-PC calls and inexpensive calls from a PC to phones around the world, video calling, easy sharing with Sharing Folders, and more. "it use a highly proprietary protocol, that has been reversed engineered in many opensource variant. If you want to use all advanced features, you will be disapointed by open source IM...As soon as You install MSN Live, your desktop …
Vista Transformation Pack will give to your Windows XP system the new and cool look of Microsoft's future operating system: Windows Vista. Prooving one more time, that with the right bunch of software (existing since years like windowsblind skinning, Yahoo widget) Vista is nothing more more than Windows Xp after a lifting...Download Here …
Hilarious...."George Ou writes in his blog that he found a remote exploit for the new and shiny Vista Speech Control. Specifically, websites playing soundfiles can trigger arbitrary commands. Ou reports that Microsoft confirmed the bug and suggested as workarounds that either 'A user can turn off their computer speakers and/or microphone'; or, 'If a user does run an audio file that attempts to execute commands on their system, they should close the Windows Media Player, turn off speech recognition, and …
The Specification of both format are currently being reviewed, OpenXML is containing a lot of details about Office features bugs (sorry any developer can not call them differently). Extract of the OpenXMl specifications are popping up on the web, one site is trying to bring a view on the problem. "The Open XML specification comes in 5 different PDF files with an 6 accompanying electronic annexes in excess of 43 megabytes. For comparison the ODF specification is a single 11 …