Computer World

Hewlett-Packard hasn't declared the Mini 210 Net book yet--but a reseller has.

Here are the Mini 210 specs as listed by eCost:

    * Operating System: Win7 Starter
    * Processor:1.66GHz Intel Atom N450
    * Display: 10.1" Flush Glass
    * Memory: 1GB
    * Hard disk drive: 250GB 7200RPM
    * Video Card: Intel Graphics Media Accelerator 3150
    * Battery: 6 cell
    * Wireless Connectivity: 802.11 b/g/n
    * Other Device: Integrated Webcam & Mic
    * Price: $398.99

The most salient feature of the new set of Netbooks based on Intel's latest ("Conifer Tag") Atom element is not show but bombardment account. CNET got solon than cardinal hours of bombardment aliveness from Asus' new Eee PC 1005PE (see exercise) with the Corpuscle N450 processor and new practice sites are claiming over ten hours.

Also of commentary is the new graphics break that Stuff uses: the Intel Graphics Media Pedal 3150. This is a edition of the graphics engine that was victimised in full-fledged laptops that prototypal debuted hinder in the summer of 2007 (supported on Intel's "Santa Rosa" movable field). The 3150 supports 720p HD recording playback.

For many graphics tough, Intel is advising PC makers to use the Broadcom BCM70015 Protection HD chip that allows higher-resolution 1080p recording playback. Nvidia also offers its Ion graphics chipset for 1080p HD playback and games. The Ion chipset is utilized in the HP Mini 311 and is potential to be misused in upcoming HP Netbooks.

Above Diagram shows a Koobface attack message on a Twitter page.
(Credit To: Trend Micro)

Twitter has the same malware, phishing and social issues that Facebook has, and the solutions for those problems would be almost same. Because users don't provide much individualised information to Twitter, and can even create accounts using fake information, and because anyone can follow anyone, there aren't the same issues with privacy, either. But that makes easy for spammers.

security does seem to be a difficult with Twitter. The site has various problems from employee accounts got compromised. In Jan, someone hacked into the Twitter's internal network -- just by guessing the password -- and gained access to the Twitter accounts of President Obama, CNN Anchor Rick Sanchez, and 31 other high-profile Twitterers. In May, someone broke into Twitter's network and gained access to 10 accounts, which appeared to include Britney Spears and Choreographer Kutcher. In that severance, a hacker was competent to make way to a Chirrup employee's Character declare through the arcanum feat grouping and from there get message from separate sites, including gain to the employee's Cheep calculate. And antepenultimate hebdomad, the legal invoice of a Twirp employee was utilized to highjack the site and redirect visitors to an external a

Meanwhile, Chirrup was lame (and Facebook and separate sites also agonistic) by a rarefied politically impelled denial-of-service knock targeting one someone in Honourable. Still, that incident reflects author on Cheep's cognition to rest the place up in the face of an criticism and convenience than it does nigh warranty risks to users.

Twitter users are susceptible to getting their accounts hijacked, and the site has been targeted by clickjacking pranks. In these social engineering attacks, users were encouraged to click on links that distributed the original tweet to all of the Twitter user's followers.

Users with large numbers of followers have an added responsibility to be careful, particularly when setting accounts to automatically post items from news feeds. A malicious post on an unmoderated news feed that venture capitalist Guy Kawasaki was re-tweeting distributed a Trojan to more than 139,000 followers in June.

Kaspersky offers a Krab Krawler tool that analyzes tweets as they get posted on Twitter and blocks any malware associated with them. Trend Micro has technology that monitors Twitter posts for malicious URLs, as well as looks for attack patterns in the posts, such as use of popular terms to indirectly lead people to malicious links. And Finjan offers a free browser plug-in dubbed SecureTweets that warns users when they encounter a malicious URL in Twitter, as well as Blogger, Gmail, Google and a host of other popular sites. To keep up with security issues on Twitter follow Twitter's Spam Watch account.

Social networks are also susceptible to other serious security problems that can hit any type of Web site. For instance, last week passwords of 32 million stored in plain text on the RockYou site were exposed by a SQL injection attack, according to security firm Imperva. Because the passwords are used on other affiliate sites to the social networking application maker, the breach jeopardized other accounts, like Gmail, Hotmail, and Yahoo.

Problems: Malware, account hijacking, phishing, and social engineering

The greatest malware venture is Koobface, (an anagrammatic of Facebook), which is a insect that targets friendly networking sites and affects Windows-based computers. Erst a machine is septic, it hijacks the Facebook reason and sends messages to new friends of the mortal, enticing them to utter on a connectedness. The link redirects to a Web tract where they are prompted to download software ostensibly to see a recording. Nevertheless, there is no recording; only malware that infects the grouping, blocks access to warranty sites, and can be old to move susceptible message from the computer, much as approval salutation numbers. Purulent machines can then be old to condiment the louse to others on Facebook, send spam and administer artificial antivirus alerts, said Rik Ferguson, a safeguard researcher at Taste Micro. Koobface now can automatically create new profiles using putrid machines, he said.

Facebook accounts can be hijacked in several structure. A brute-force criticize can be used to view passwords. Users can pin for phishing attacks by clicking on course in messages or e-mails purportedly coming from friends that airt to a fake Facebook log-in industrialist. Or malware such as Koobface can steal passwords.

Social engineering is a huge problem for social networks because the trust that users have for messages and posts from friends can be easily exploited by scammers. Hijacked accounts are used to send everything from spam touting weight loss plans to links that install malware and steal passwords to fake emergency messages saying a friend is stranded in another country and needs someone to send money. Scammers are also sending e-mails that look like they come from Facebook and include an attachment that contains a Trojan.

Solutions: Use antivirus and anti-malware software and keep it up-to-date. Install security updates for operating system and other software. Use software like AVG Linkscanner or McAfee Site Adviser to protect against phishing and malware attacks. Become a fan of the Facebook Security page, which has posts related to all sorts of security issues, tips, resources and other information. If you think you've been infected with Koobface or other malware you should reset your password and notify friends who may have been affected.

Use an up-to-date browser that features an antiphishing black list, such as Firefox 3.0.10 or Internet Explorer 8. Be aware of where you enter your password. Check to see that you are logging in from a legitimate Facebook page with the Facebook.com domain. Be wary of unusual stories or offers that are too good to be true. Verify information with sources directly. Be cautious of any message, post or link that looks suspicious, requires an additional log-in or asks you to download or upgrade software. If a link seems odd or lacks context, don't click on it. Don't click on links or open attachments in suspicious e-mails. You can add a security question from the "Account Settings" page if you would like an additional layer of protection.

Problem: Rogue applications

Facebook doesn't vet every app that appears on the site, which means there is a risk that some apps will have bugs in them or will violate Facebook's privacy policies. Facebook has proven diligent in removing rogue and problem apps quickly when it is notified, but unlike iPhone apps, pretty much anyone can write a Facebook app. "Because the code is not always of professional standard or hosted or audited by Facebook, we've seen innocent apps compromised externally and used to deliver malware, such as fake antivirus," Ferguson said. One rogue app that appeared early in the year sent notifications to Facebook users reporting them in violation of terms of service and offering a link that lead to an application called "facebook -- closing down!" which then spammed all the friends of affected users, according to Trend Micro.

Solution: See solutions above, and be cautious about adding applications. Research the developers and perform Web searches to see if anyone has complained about the app. And ask yourself, what value does the app provide? Do I really need to play zombie?

Problem: Privacy leaks due to user error

Because people control who they are friends with on Facebook it is easy for users to have a false sense of security about the privacy of their data and activities on the site. Social engineering attacks, lax security practices by users like using weak passwords and design or implementation problems with the site itself can undermine the privacy protections users rely on. Users who fall for phishing scams and get their accounts hijacked have everything in their account exposed to strangers who can then use the different types of data for identity fraud or to target the victim's friends with social engineering attacks.

Solution: See solutions above. Also, use unique logins and passwords for each Web site you access. Use strong passwords, change them often and don't share them with anyone.

1.Click on Profile on the top of the screen

2.scroll down to beginning of your friendslist and click on the pencil to the right of the word friends

3.Uncheck the box that says "show Friend list to every one".

Problem: Privacy leaks due to design or implementation issues

Privacy advocates contend that Facebook's lenient apps approval process, privacy policies and confusing privacy settings put users at risk. Two weeks ago, Facebook asked users to configure their privacy settings. The options were confusing and many people were inclined to just keep the default settings, which are set to make the data visible to the Web rather than opting to use the old settings established by the user. Screenshots and descriptions are detailed on this photo gallery.

Many people have complained that it is difficult to figure out how to change the privacy settings, that they are not intuitive and that there doesn't seem to be one central place for that. And using Facebook Connect with outside apps, like the iPhone app Foursquare, can expose more information than a user expects to share. The new privacy changes at Facebook have prompted the Electronic Privacy Information Center to ask the Federal Trade Commission to investigate.

Facebook encourages people to share their full names, date of birth, home town and other information, all pieces of information that are commonly used in identity fraud. Scammers on underground sites even refer to Facebook as a "free date-of-birth look up service," according to Ferguson. People don't realize that their profile information can be accessed by total strangers who happen to be in the same groups or networks unless they specifically change the settings. People who don't trust random apps--which in general have access to profile information even if it isn't necessary to the function of the app--don't realize that the apps their friends are using also have access to their data. "Friends apps can access most of your profile, interests and groups. There is no way to prevent them from accessing your name, profile, photo, town and gender," said Joseph Bonneau, a PhD candidate in security at the University of Cambridge. In response to user feedback, Facebook made a change that allows users to hide their friend lists from everyone but their friends, a Facebook spokesman said.

Solution:Our Blog has a tutorial on how to hide your Facebook friends list by clicking on the pencil in the friends box on your profile. Detailed instructions and tips on dealing with Facebook privacy settings are available on the DotRights.org site and on the All Facebook blog. Facebook also has a blog post about the privacy changes.

Problem: Privacy leaks related to marketing

The relationship between the apps and advertisers can also cause problems. Adding an app allows the app to show ads inside the Facebook domain, and that can leak a user's profile information to the advertiser, said Peter Eckersley, a staff technologist at the Electronic Frontier Foundation. Meanwhile, cookies and other browsing tracking technology combined with data from social networks can be used by marketers to identify users for targeted advertising and other purposes, Eckersley said, providing details in a blog post on different ways data can be leaked from social networks to third-party tracking firms. Once marketers know a specific person's user name, they can use that identifier in the URL to get to a user's public profile page, according to Eckersley. "They can create a social graph of your date of birth, city, employment, relationship status, all uniquely codified in a way that can be automatically sucked into a database," he said.

Solution: Pick a good cookie policy for the browser, such as manually approving all cookies or only keeping cookies until the browser is closed. Disable Flash cookies. Use Firefox extensions such as RequestPolicy and NoScript to control when third-party sites can include content or run code in the browser page. Use the Targeted Advertising Cookie Opt-Out plugin or AdBlock Plus to block ads. To hide your IP address and other browser characteristics, use Tor via Torbutton.

Problem: Information used to suppress dissent and target political activists

As with e-mail, blog postings and other public expressions of dissent, Facebook and Twitter have been used by governments to target protesters. The Wall Street Journal reported earlier this month that family members of Iranian Americans had been arrested or questioned because of anti-Iranian government posts on Facebook by members outside the country. In other instances, Iranians living abroad were forced to log into their Facebook accounts or reveal passwords to government officials as they arrived at the Tehran airport and some even had their passports confiscated because of their political posts. In the U.S., the EFF says, officials have taken actions against U.S. citizens based on information discovered on their social networks; the group has sued the CIA and other agencies for allegedly refusing to release information about how they are using such sites in surveillance and investigations.

"Basically, every time you post something to Facebook you should assume that the whole world will know what you've posted, your family, employer, the government, people you don't trust," Eckersley said.

Solution: Think carefully about what information you want to share about yourself and consider only posting information you would want to let the general public see.

Intel is launching the biggest makeover of the atom processor since the seminal chip made its debut in 2008, and consumers can judge a crash of new Net-books.

As previously announced, Intel's latest N450 processor and NM10 Express chip-set--technology that had been previously referred to as "pine trail"--will be used in a new raft of Netbooks that will be launched at the Consumer Electronics exhibition in January. Hewlett-Packard, Acer, Dell, Asus, Toshiba, Lenovo and others are likely to either declare their new systems before the exhibition or launch their new models there.

Intel said there will be more than 80 new Netbook designs on the way, with systems will be available by January 4.

To the consumer this means better battery life and thinner designs. "We'll see sleeker designs coming into the market and longer battery life," said Nanduri, adding that average power consumption has dropped 20 percent over the previous generation of Atom technology.

"We got more than eight hours of battery life out of this system," said CNET Review's Dan Ackerman, after testing the new Asus Eee PC 1005PE Netbook, which is equipped with the updated Atom silicon

Intel has integrated the graphics function onto the CPU, resulting in lower overall power consumption resulting in overall power consumption.

Atom-based systems will be sold primarily with Windows 7 Starter or Home Basic. "These are the ones that hit the right price points," Nanduri said. "The kind of applications you load up as you go into Home Premium--with a much more richer experience--more performance is needed for that," Nanduri said, referring to higher-price Windows Home Premium.

Windows XP Home and Intel's Moblin Linux operating systems will also be supported. Moblin offers some benefits over Windows. "You will get a very snappy experience on Moblin and faster boot times because it's very purpose-built for this category," Nanduri said.

Intel expects robust growth ahead for Net-books. Nanduri cited numbers from ABI Research that show Net-book annual shipments reaching 100 million units sometime in the next three years. Since introduction, Intel has shipped more than 40 million Atom chips for Net-books to major PC makers.

Intel is also launching a new Atom processor with two processing cores, the D510, which it is targeted at entry-level desktops and replaces an existing dual-core Atom. Also, a new single-core D410 design is being introduced.

New Atom processors:

* N450: 1.66GHz, 512KB cache, DDR2-667, TDP: 5.5W
* D510: 1.66GHz, 512KB cache, DDR2-800/667, TDP: 13W (2 cores)
* D410: 1.66GHz, 512KB cache, DDR2-800/667, TDP: 10W

Note: "DDR2" refers to memory speed; TDP refers to Thermal Design Power; W indicates watt.

Though radically redesigned, the gigahertz ratings and cache memory specifications of the new Atom chips have not changed from the previous generation. The N450 runs at the same 1.66GHz speed as the current N280 Atom and cache memory sizes are the same.

Nvidia claims consumers will need its Ion chip-set coupled with the new Atom processor to get a mainstream laptop-like experience.

Pricing and availability for the new Atom will be announced in January as systems become available from Netbook suppliers.

Mozilla Messaging hopes that the conclusion of Thunderbird 3.1
will be in first week of April, a meeting that reflects a new frequent-release strategy adopted from the better-known Firefox endeavour at Mozilla.

Dan Mosedale, a engineer for the open-source e-mail software, publicised the affiliate in a Thunderbird scheduled Thursday.

"If we're lucky, we relabel 3.1RC1 [release candidate 1] as final and ship it on Tuesday, April 6.

Otherwise, there's an RC2," Mosedale said in the planning document. The new version is due to get an updated Web browser engine. Using the same Gecko project that Firefox is built atop means Thunderbird messages can integrate with Web activity such as Google Calendar.


Another possibility for 3.1 is a revamp of the Thunderbird start page, Mozilla Messaging CEO David Ascher said Friday. That redesign, which Ascher described in May, could show more useful information than the present splash screen--for example, information about what activity people has been up to help pick up where they left off. "The 'start page,' which makes a lot of sense in Firefox, never made a huge amount of sense to me in Thunderbird. In particular, it's shown only when a folder is selected, and no message is selected. That's hardly a logical time to show the (colorful, pretty, but fairly useless) page we show now. Instead, why not show information about the selected folder and help people who clearly intended to select a folder, so most likely wanted to do something related to that folder," Ascher said in the blog post.

The faster Thunderbird release cycle is just one attribute the Thunderbird team is trying to adopt from Mozilla's higher-profile Firefox effort. Also on the longer-term plan is financial self-sustenance. Those are big challenges, though. An easier adoption will be fun names. Starting now, Thunderbird versions will be named after beaches, Ascher said in a blog post this week. "Firefox releases have cool code names while in gestation," Acher said. "Firefox picks national parks as code names, as metaphors for the values that go into making a Firefox release.

The idea made a lot of sense to us, so we decided to follow suit for Thunderbird. Rather than parks, we picked beaches." First up: Hawaii. Thunderbird 3.1 gets the name Lanikai, Ascher said, adding that he misspelled it "Lanakai" in the blog post.

Social-networking sites like Facebook and Twitter can wait much tending from cybercrimes in 2010, according to a new news (PDF) released Tuesday by McAfee Labs. Also at peril are users of Adobe Systems products including Acrobat Reverend and Bit. And propose over Microsoft; the department steady predicts that Google's Plate OS testament "create added chance for malware writers to beast on users."

The visitor also anticipates smarter and solon serious Trojans that "copy the money," as asymptomatic as a "significant disposition toward a more diffuse and resilient botnet fund that relies some statesman on peer-to-peer technologies."

In a canned interview (scroll down for frequence) David Marcus, McAfee Labs' administrator of warranty research and communications, said that he expects "an release of Facebook and additional services targeted by cybercriminals." In plus to malware equivalent Koobface that spreads among Facebook users' friends recite, Marcus expects an amount in rapscallion Facebook applications.

"When you occlusive yes to 'do you poverty to provide this covering to accession your Facebook chronicle,' you're giving that programme reach to all the assemblage in your Facebook chronicle," he said. Facebook vets the third-party applications that it distributes, but makeup developers are judgement remaining shipway to get group to establish unauthorised apps.

"A lot of the spammers and scammers faculty transport faux Facebook travail requests to users' inboxes," he said. Marcus recommends that you exclusive set apps from within Facebook by clicking "search writer applications" in the Facebook covering installer."

Twitter vulnerabilities
According to McAfee, Twitter is threatened mostly because of URL-shortening services equal bit.ly and tinyurl.com. There's null misconduct with Sound or these services, but when you penetrate on a abridged URL you bed no tune where you're leaving until after you get there. I would equal to see a URL-shortening union that vets each URL for certificate and rejects those that are potentially harmful. Chirrup, according to the McAfee study is "also serving as a manipulate object for botnets."

Criminals are now existence writer postoperative in their attacks, singling out individuals and corporations as targets. The describe points to the 10-month inquiry of "GhostNet," which McAfee Labs describes as a "meshing of at slightest 1,295 compromised computers in 103 countries" that "primarily belonged to governing, aid groups, and activists." The spiteful cipher was delivered by e-mail with case headings concerned to the Dali Lama and Xizang, according to the information.

The informing also sites "a rattling targeted motion of attacks against the management of subject companies," as asymptomatic as attacks carried out against "journalists from various media organizations, including Agence Author Machine, Dow Jose and Reuters based in China."

Brick products and Google Chrome unguarded
Brick products, especially its Acrobat Clergyman and Instant, are likely to exchange Microsoft Office as the No. 1 software point, according to McAfee. It's zilch they've (Adobe) done wrong," Marcus said. "The bad guys go where the mass go" and because of the progressively widespread use of Brick products, "that tends to be what the bad buys testament commencement hunt to apply. It really is naught much polished than that."

Criminals are infecting PDF files and leveraging exploits in the initiative of PDF documents, according to Marcus.

"Instead of viewing a PDF you're actually assumed to a website that downloads many type of malware to your organisation." Brick plans to restore a carping mess in Client and Acrobat on Jan 12.

There is also occupy most Google's Chrome operative grouping, which is awaited to be officially free in 2010. Plate, which gift run Web-based applications, is prospective to be penetrable to attacks in HTML 5--the newest type of the hyper-text markup communication that, says the estimate, "holds all the promises that today's Web group seeks--primarily blurring and removing the lines between a Web curative and a desktop usage."

McAfee also warned of banking Trojans with "new tactics that went fit beyond the kinda unlobed keylogging-with-screenshots" that were misused early. Trojans now use rootkit techniques to hide on a victim's group to injure antivirus software.

"Oftentimes the dupe's computer becomes conception of a botnet and receives malware configuration updates," the estimation said.

Justification for optimism
The estimation did end with whatever optimism, line 2009 a close year for law enforcement. In Nov 2009, the U.S. Department of Magistrate indicted nine individuals "from Empire, Moldova, and Esthonia who were allegedly obligated for $9 meg in consumer amount information compromises at RBS WorldPay."

The gathering also "saw the belief of the disreputable "Godfather of Spam," Alan Ralsky of Lake, and his wrong gangdom, which was prudent for generating a noteworthy component of the concern's uninvited e-mail," McAfee said.

"You started to see that not a lot of rebound was stacked into some of those botnets, they were embezzled feather, and poof they disappeared for very lasting periods of period," Marcus said. He said he thinks "the bad guys give instruct from that and flesh in several redundancy," but he relic cheerful. "The good guys and routine users are effort footsore of effort misused and we're eventually turn to see more loathsome and truculent fuck position the Cyberspace."