Monthly Archive: December 2008

Interesting Paper on Trojan Keyloggers

A team from University of Mannheim has published a case-study about trojan keyloggers and their dropzones. What I found particularly interesting is the analysis of configuration mechanisms: The two examined families of keyloggers (Limbo/Netshell and ZeuS/Zbot) both contact servers for updated configuration, whereas the ZeuS family is more advanced and even allows to take screenshots to defeat virtual keyboards.

Simulated Headshots

TN Games, a company that already sells a haptic body vest to “feel the impact of punches, kicks, bullets and blasts” within computer games, has annouced a Force Feedback helmet that is supposed to make you feel as if you’re being shot in the head.

Projekte, Strukturen und Herzblutenergie

Auszüge aus dem Artikel [url=http://www.springerlink.com/content/ut6488123j028270/fulltext.pdf]Projekte, Strukturen und Herzblutenergie[/url] von Gunter Dueck, IBM Distinguished Engineer, aus der aktuellen “Informatik Spektrum” Dezember 2008: [quote]Wer beginnt heute einfach mal so ein Projekt – aus unternehmerischer Lust? Das kann sich vielleicht ein mittelständischer Unternehmer leisten, der das Sagen hat und das eigene Geld gibt und dazu noch alles gut selbst überschauen kann. (…) Wer aber blickt bei großen Projekten noch durch? Etwas Neues muss überall genehmigt werden. Jeder sagt etwas dazu. Stellen Sie sich vor, Sie haben eine große Idee und besitzen nicht zufällig die Firma oder die Unversität selbst. Sie können das Projekt...

The Music Room

A 3D world, filled with music coming from different sources, blended together in surround sound (5.1/7.1). Similar music is closer together (for example, based on last.fm information). You can freely move around, with distant sources fading out, until you only hear the closest source (standing “inside” it).

Eliminate Form Spam Using Behavioural Analysis and Individual Forms

Do you really need CAPTCHAs? Spam bots are so effective today mostly because there’s only a handful of different publishing software used (forum, blog, CMS). This is very convenient, because all information required to write and tweak a bot is identical for all installations. All the bot software has to do is query Google for parts of a particular URL (eg. [url=http://www.google.com/search?q=inurl%3Ayabb.pl]inurl:yabb.pl[/url] or [url=http://www.google.com/search?q=inurl%3Aphpbb%2Fposting.php]inurl:phpbb/posting.php[/url]) and continue with algorithms to circumvent the specific protection (if any).

Five Good Programming Habits in PHP

[quote]Just like any language, developers can write code in PHP that ranges in quality from truly awful to very good. Learn good programming habits that can help you bridge the productivity gap. Depending on whom you ask, the difference between a good developer and an excellent developer, in terms of productivity, is a factor of 10 to 20. An excellent developer is more productive because of his experience and good habits. When poor programming habits sneak into your code, they’re a drain on productivity. This article demonstrates some good programming habits that can make you a better programmer.[/quote]

Croudsourcing Bugs

[url=http://www.utest.com/]uTest[/url], a new startup, pays users for harvesting bugs in products.

Srizbi Botnet Resurrects Itself. Interesting Technique.

Despite several efforts to bring it down (including the takedown of a major hoster, McColo, which hosted the primary server), the Srizbi network, comprising half a million “zombie PCs” and accountable for approximately 40% of all spam traffic, resurrected itself using an interesting technique: Its bots try to reach domains based on some (not yet disclosed) algorithm.

What Sun Should Do

Tim Bray, Director of Web Technologies at Sun, wrote an interesting article about the company future, from his point of view. His main statements: Focus on web technologies (you probably guessed that) and give the Java Community Process (JCP) to the community in full.