White House backs petition for unlocking of phones after contract expires

Posted by:
Date: Monday, March 4th, 2013, 14:05
Category: iPhone, Legal, News

If you were looking for a bit of positive news today, this might be it.

Per Engadget, a recent ruling that effectively bans third-party phone unlocking has elicited 114,322 electronic signatures to the White House. Now a petition to the White House, which asks that DMCA protection of phone unlockers be reconsidered, has finally received an official response. R. David Edelman, Senior Advisor for Internet, Innovation and Privacy, had this to say:

“The White House agrees with the 114,000+ of you who believe that consumers should be able to unlock their cell phones without risking criminal or other penalties,” Edelman writes. All told, the response matches that of the National Telecommunications and Information Administration (NTIA), which wrote a letter to the Librarian of Congress in support of extending the exemption last year.

Edelman went on to state: “The Obama Administration would support a range of approaches to addressing this issue, including narrow legislative fixes in the telecommunications space that make it clear: neither criminal law nor technological locks should prevent consumers from switching carriers when they are no longer bound by a service agreement or other obligation.” We’re not going to see immediate change, but it appears that a chain of events is now in motion in which the FCC and Congress potentially play a huge role.

Stay tuned for additional details as they become available.

Researcher locates HTML 5 exploit, floods hard drive with cat images in proof of concept video

Posted by:
Date: Monday, March 4th, 2013, 07:32
Category: News, security, Software

HTML5_Logo_256

In as much as Java and Adobe Flash Player have taken recent beatings where security is concerned, apparently no platform is safe.

Per the BBC, a recently discovered flaw in the HTML 5 coding language could allow websites to bombard users with gigabytes of junk data, with a number of popular browsers being open to the vulnerability.

According to developer Feross Aboukhadijeh, who uncovered the bug this week and posted it to his blog, data dumps can be performed on most major Web browsers, including Apple’s Safari, Google’s Chrome, Microsoft’s Internet Explorer and Opera, the BBC reported. The only browser to stop data dump tests was Mozilla’s Firefox, which capped storage at 5MB.

If in doubt, this proof of concept video sorta says it all…:



The problem is rooted in how HTML 5 handles local data storage. While each browser has different storage parameters, many of which support user-definable limits, all provide for at least 2.5 megabytes of data to be stored on a user’s computer.

Aboukhadijeh discovered a loophole that bypasses the imposed data cap by creating numerous temporary websites that are linked to a user-visited site. Because most browsers don’t account for the contingency, the secondary sites were allowed local storage provisions in amounts equal to the primary site’s limit. By generating a multitude of linked websites, the bug can dump enormous amounts of data onto affected computers.

In testing the flaw, Aboukhadijeh was able to dump 1GB of data every 16 seconds on his SSD-equipped MacBook Pro with Retina display. He noted that 32-bit browsers like Chrome may crash before a disk is filled.

“Cleverly coded websites have effectively unlimited storage space on visitor’s computers,” Aboukhadijeh wrote in a blogpost.

The developer has released code to exploit the bug and has created a dedicated website called Filldisk to highlight the flaw. In true internet meme fashion, the site dumps images of cats on to an affected machine’s hard drive.

Bug reports have already been sent to makers of the affected Web browsers, and Aboukhadijeh said malicious use of his code has yet to been seen in the wild.

Stay tuned for additional details as they become available.

Apple catches up with demand, now offering 21.5-inch, 27-inch iMac models at 1-3 day ship times

Posted by:
Date: Monday, March 4th, 2013, 07:06
Category: iMac, News, retail

It never hurts to catch up.

Per 9to5Mac, Apple seems to have finally caught up with demand for its latest iMac models. Both the new 21.5-inch and 27-inch iMacs are now shipping from Apple’s online store in 1-3 business days. Up until earlier today, Apple’s new iMacs were quoted as having a shipping time of 2-3 weeks for the 21.5-inch model and 3-4 weeks for the larger 27-inch configurations.

Apple’s redesigned iMacs models have been supply constrained since their November and December launches. Apple CEO Tim Cook noted multiple times during earnings calls and other public appearances that the iMacs are seeing significant shortages. During an internal “Town Hall” meeting with employees, Cook blamed low Q1 Mac sales on low supply of Apple’s newest Mac lines.

Apple’s new iMacs feature a much thinner chassis compared to the previous generation’s design in addition to a new screen lamination process that may contribute to the time it takes to produce each unit.

Stay tuned for additional details and if you’ve seen an improved turnaround time on a new iMac you ordered, please let us know in the comments.

CrossOver updated to 12.1.2

Posted by:
Date: Monday, March 4th, 2013, 07:47
Category: News, Software

You can’t knock a decent update.

CrossOver, the popular virtualization program from CodeWeavers, has been updated to version 12.1.2. The new version, a 76 megabyte download, is available as a demo, offers the following fixes and changes:
- Fixed a bug which caused Steam to get stuck in a loop while trying to update.

- Fixed a bug which caused performance to suffer badly in Skyrim, and possibly some other games, on certain Linux systems.

- Fixed a bug which caused Outlook 2010 to fail to open .xlsx, .pptx, and .docx attachments.

- Fixed a bug which caused Quicken to fail to connect to Chase Bank online.
Office 2007 and 2010 will now display help topics!

Mac OS X:
- We have improvements to windowing in the Mac Driver.

- We are hopeful that changes in this version of CrossOver will mean that gaming performance will improve when Apple releases its upcoming OS X 10.8.3.

CrossOver 12.1.2 retails for US$59.95 and requires Mac OS X 10.6 and or later and an Intel-based Mac to install and run.

If you’ve tried the new version and have any feedback to offer, please let us know in the comments.

VirtualBox updated to 4.2.8

Posted by:
Date: Monday, March 4th, 2013, 06:17
Category: News, Software

virtualbox.png

VirtualBox, an open source x86 virtualization project available for free has just hit version 4.2.8. The new version, a 109 megabyte download, features the following fixes and changes:
- VMM: fixed guest crash with huge amount of guest RAM on VT-x hosts (bug #11306)

- GUI: fixed a layout bug in the Mac OS X clone VM dialog (bug #10982).

- GUI: not all the translation tags were taken into account during the language switch (bug #11342).

- GUI: take guest screenshot dialog sometimes had no keyboard input available on Windows host.

- Main/Machine: fix generation of spurious event for inaccessible VMs which triggered an endless event generation loop in cooperation with the GUI which became unresponsive (4.2.6 regression, bug #11323).

- Main/Display: fix for an access violation under certain conditions in multi-monitor configurations (bug #10539).

- Main/Metrics: network metrics are now collected for active (up) interfaces only, the state of an interface being evaluated when the associated metric is enabled via setupMetrics.

- Snapshots: reduce the time for merging snapshots under certain conditions.

- Storage: fixed data corruption after resizing a VDI image under certain circumstances (bug #11344).

- Storage: fixed non working online merging of snapshots (4.2.6 regression, bug #11359).

- Storage: fixed crash when connecting to certain QNAP iSCSI targets.

- Storage: fixed incompatibility of VHD differencing images with Hyper-V (bug #5990).

- Bridged Networking: fixed TCP pseudo header checksum computation for IPv6 (bug #9380).

- 3D support: fix Battlefield 1942 game crashes (bug #11369).

- Settings: really sanitize the name of VM folders and settings file, the code was disabled before (bug #10549).

- Settings: allow to change VRDE settings for saved VMs.

- VBoxManage: don’t crash during screenshotpng if there is no display (bug #11363).

- Linux hosts: work around gcc bug 55940 which might lead to wrong kernel module code if gcc 4.7 is used to compile the 32-bit Linux host kernel (bug #11035).

- Linux hosts: fixed inconsistent lock state and deadlock warnings on module load and VM startup when CONFIG_PROVE_LOCKING is enabled (bug #11318).

- Linux hosts: made “]” key work again on Japanese keyboards.

- Mac OS X hosts: don’t crash the kernel during dtrace if the VBox kernel extensions are loaded (10.6 hosts only; bug #11273).

- Solaris / Mac OS X hosts: machine CPU load metrics now report 100% when all cores are fully utilized (used to be a single core).

- Solaris 11 host installer: wait for any services left over from a previous installation to be terminated to avoid confusing SMF.

- Guest Additions: don’t block signals for processes executed via guest control.

- Guest Additions: fixed a small memory leak in VBoxService (bug #10970).

- Windows Additions: fixed shared folder issue with large reads/writes on 64 bit Windows guests (bug #11115).

- Linux Additions: Linux 3.8 compile fixes (bug #11036).

- X11 Additions: fixed blocked SIGALRM in 3D desktop sessions (bug #10987).

- X11 Additions: fixed an unresolved reference in vboxvideo_drv for X.org 6.8 guests and before (e.g. RHEL4; 4.2.0 regression).

- X11 Additions: fixed screen automatic resizing for guests with X.org 1.3 or older (4.2.0 regression).

VirtualBox 4.2.8 is available for free and requires an Intel-based Mac running Mac OS X 10.6 or later and an Intel-based Mac to install and run.

If you’ve tried the new version and have any feedback, please let us know.