Google Chrome and Chromium add protection against malicious downloads

google chrome malicious download
Google Chrome already sports a number of security-minded features, from Incognito mode to a software sandbox which makes exploiting the browser a Herculean task. Now, Google has announced additional protection for Chromium and Chrome users.

Built upon the Safe Browsing API, the new feature introduces protection against malicious downloads. If a download link appears in the Safe Browsing blacklist, Chrome and Chromium will warn users against downloading -- a save button is still presented, of course, in case you're convinced a file is perfectly safe to download.

We'd like to see something a bit more eye-catching than the red warning icon -- like perhaps painting the entire bar red. Many of the people a feature like this aims to protect probably won't notice the icon or change in wording as they'll be focused on clicking the save button.

Google is initially making download protection available to Chrome dev channel users, and you'll likely see it in Canary and Chromium snapshot builds as well. After thorough testing, beta and stable users will be next in line.

Google Chrome and Chromium add protection against malicious downloads originally appeared on Download Squad on Tue, 05 Apr 2011 15:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/04/05/google-chrome-and-chromium-add-protection-against-malicious-down/

UNISYS TRIQUINT SEMICONDUCTOR TRIMBLE NAVIGATION LIMITED TRIDENT MICROSYSTEMS

Windows 8 App Store images leaked?

windows 8 app store
Windows 8 images continue to leak onto the Internet, despite Microsoft's wallpaper-based pleas to those with access to the early releases. Today's installment courtesy CNBeta shows the upcoming Windows App Store, which will likely feature prominently in Windows 8.

We've got our doubts about the authenticity of the image. In addition to showing several of the built-in games which already ship with Windows, Opera is listed -- and a competing browser seems like an odd inclusion this early on. Of course, with the browser ballot still in place in the EU for quite some time, Microsoft would probably need to include rivals like Opera and Firefox to stay out of trouble. We're also not sure why Clickgamer is shown beneath Angry Birds instead of Rovio -- the game's actual publisher.

It's still early, of course, so it's entirely possible that the Windows App Store image is genuine but merely using placeholder images and text for now. Anyone else thinking Windows Marketplace might be a more logical name? You know, to keep things consistent with Windows Phone and keep Apple's legal eagles at bay.

Windows 8 App Store images leaked? originally appeared on Download Squad on Mon, 11 Apr 2011 10:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/04/11/windows-8-app-store-images-leaked/

AMERICA MOVIL AMKOR TECHNOLOGY AMPHENOL ANIXTER INTERNATIONAL

LEGO Moleskine = Happiness

I started thinking that folks at Moleskine might be losing their minds when I recently heard they were offering a notebook entirely devoted to chocolate. But today my faith in them has been restored because I discovered their soon to be released limited edition Moleskine LEGO notebooks. These journals feature fun artwork on the cover [...]

Source: http://the-gadgeteer.com/2012/02/25/lego-moleskine-happiness/

ORACLE OPENWAVE SYSTEMS ON SEMICONDUCTOR NVIDIA

Deal of the Day ? 27? Planar PX2710MW 1080p 2ms LCD Monitor

Saturday’s LogicBUY Deal is the 27″ Planar PX2710MW 1080p 2ms LCD monitor for $211.50.  Features:  thin black bezel, HDMI, 1200:1 contrast ratio, built-in stereo speakers, and more. $469.99 – 55% coupon code = $211.50 with free shipping. This is the lowest price LogicBUY has seen for this monitor. This deal expires February 27, 2012 or [...]

Source: http://the-gadgeteer.com/2012/02/25/deal-of-the-day-27-planar-px2710mw-1080p-2ms-lcd-monitor-2/

ELECTRONIC DATA SYSTEMS ELECTRONIC ARTS ECLIPSYS EASTMAN KODAK CO

Gargantuan SQL injection infects 3.8 million URLs, installs rogue antivirus

LizaMoon SQL injection rogue AV
Over the last few days, a mass SQL injection attack has been quickly gathering speed. Just three days ago only 28,000 URLs were affected, but at the time of writing, there could be up to 3.8 million infected URLs.

Websense
has a complete write up the attack, dubbed 'LizaMoon,' but here's the basic gist: it looks like someone is exploiting a vulnerabilty (or vulnerabilities) in hundreds of thousands of websites running on Microsoft SQL Server 2003 and 2005. It's not yet known whether this is a vulnerability in SQL Server, or simply a case of outdated, unmaintained, and easily-exploitable CMSes.

The attack takes the form of an SQL injection, which then inserts a link to a JavaScript file hosted on the attacker's server. This is repeated over and over until every Web page in the SQL database has been infected -- and considering 3.8 million URLs have been infected, you can see that this is a very easy, and automated, attack.

Fortunately, the JavaScript isn't particularly malicious: it pops up a rogue AV program called Windows Stability Center, but that's it. Better yet, the rogue antivirus is already recognized by a bunch of real antivirus suites, including Avast, Panda and Microsoft Security Essentials.

The real problem with SQL injection attacks is that there's nothing we surfers can do about them. There will always be old and unmaintained websites, and thus SQL injections will remain one of the easiest and most lucrative tools of hackers and spammers alike. All you can do is keep your antivirus and anti-malware software up to date, and pray.

Gargantuan SQL injection infects 3.8 million URLs, installs rogue antivirus originally appeared on Download Squad on Fri, 01 Apr 2011 05:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/04/01/massive-sql-injection-infects-3-8-million-urls-installs-rogue-a/

FIRST SOLAR FINISAR FEI COMPANY FAIRCHILD SEMICONDUCTOR INTERNATIONAL

Sprint's Board Won't Touch MetroPCS with an $8 Billion Stick [Wireless]

Sprint was reportedly just hours away from an multi-billion dollar acquisition of the MetroPCS network. Then the company's board got involved. Now, Sprint CEO Dan Hesse might be running for his professional life. More »


Source: http://feeds.gawker.com/~r/gizmodo/full/~3/8AVEeMNwxcA/sprints-board-wont-touch-metropcs-with-an-8-billion-stick

RESEARCH IN MOTION ROGERS COMMUNICATIONS SAIC SATYAM COMPUTER SERVICES

Nova Launcher hits Android Market, custom grid and scrolling effects in tow

Nova Launcher hits Android Market, custom grid and scrolling effects in tow
We know how much you love tweaking that Android handset, so we figured we'd let you know about a fresh 4.0-friendly UI customizer. The Nova Launcher, which has dubbed itself "everyone's favorite Ice Cream Sandwich launcher," just hit the Android Market in free and paid flavors. Those looking to take the freeloadin' road will get tidbits like a customizable homescreen grid, scrolling effects (pictured above), as well as custom folders and icons. If you do, however, decide to unleash the four bucks for premium status, you'll get extra features, including personalized gestures and dock "swipe-actions." Tickle your fancy enough to take it for a spin on that shiny new G-Nex? Both variants are up for grabs from the source links below.

Nova Launcher hits Android Market, custom grid and scrolling effects in tow originally appeared on Engadget on Fri, 24 Feb 2012 18:09:00 EDT. Please see our terms for use of feeds.

Permalink Android Central  |  sourceAndroid Market (1), (2)  | Email this | Comments

Source: http://www.engadget.com/2012/02/24/android-ics-nova-launcher-available-now/

SI INTERNATIONAL SEAGATE TECHNOLOGY SCIENTIFIC GAMES SANDISK

Color vulnerable to simple GPS hack, lets you spy on anyone, anywhere

Color, the $41-million-in-funding location-oriented photo sharing startup, is susceptible to simple GPS spoofing. With nothing more than a jailbroken iPad or iPhone, you can use FakeLocation to trick Color into thinking you're somewhere else. Within seconds you can be browsing photos that were snapped thousands of miles away. With a little digging, you can pore through photos not intended for your eyes.

Of course, such a hack isn't illegal as such -- every photo you take with Color is public. With FakeLocation you are simply circumventing Color's very limited location-oriented security mechanism. It does undermine Color's usefulness (and uniqueness), though -- if nefarious types can sit in their bedroom or basement and eavesdrop on classy dinner parties and wild night club soirees, people might be less inclined to share personal photos with those around them.

Fortunately, both for Color and its users, this is an easy security hole to plug -- at least in the short term. The app (or server-side) code simply checks to see if the user has 'teleported' an impossibly large distance, without any intermediate steps in between. In the long term, though, Color's users must be aware that its social graph is completely public. Color's users must realize that every photo they upload is visible by anyone, from any place.

After the break, just to elucidate a little on Color's actual business model and ultimate intention, we have two amazing quotes from Bill Nguyen, Color's founder.

Continue reading Color vulnerable to simple GPS hack, lets you spy on anyone, anywhere

Color vulnerable to simple GPS hack, lets you spy on anyone, anywhere originally appeared on Download Squad on Tue, 29 Mar 2011 05:36:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Source: http://downloadsquad.switched.com/2011/03/29/color-vulnerable-to-simple-gps-hack-lets-you-spy-on-anyone-any/

FINISAR FEI COMPANY FAIRCHILD SEMICONDUCTOR INTERNATIONAL FAIR ISAAC