According to a security researcher who walked away with a cool 10000 dollars after hacking a MacBook Air in less than 2 minutes, he chose the Apple Inc operating system for a simple reason, it was easy.

Charlie Miller, works as an analyst at Independent Security Evaluators and stated “It was the easiest one of the three.”

He won the first place prize at the “PWN to OWN” hacker challenge at CanSecWest, winning the computer that he hacked, as well as the cool 10 grand.

All of the updated security patches had been installed on the MacBook, which was loaded with the current version of Mac OS X. The other 2 computers that were up for grabs were the Sony Vaio VGN-TZ37CN, and the Fujitsu U810 notebook.

“We sat down about three weeks ago and decided we wanted to throw our hats into the ring,” said Miller, referring to himself and ISE colleagues. “It took us a couple of days to find something, then the rest of the week to work up an exploit and test it.

“It took us maybe a week altogether,” Miller said.

~

The Mac went down in two minutes. The Vista SP1 PC made it two days. Only the Sony VAIO VGN-TZ37CN laptop running Ubuntu 7.10 survived the CanSecWest PWN to OWN PC hacking contest.

The rules were simple. Hackers had to "read the contents of a designated file on each system through exploitation of a zero-day code execution vulnerability" through a direct wired connection. The successful hacker system would get to keep it, hence the PWN to OWN name, and a cash prize. The competition was sponsored by TippingPoint Technologies' (a network security company) ZDI (Zero Day Initiative).

While neither the hackers nor TippingPoint revealed the details of the hacks, we do know which programs were cracked. In the case of Mac OS X running on a MacBook Air, the Safari Web browser proved to be the crack in Mac OS X's armor. With Windows Vista SP1 on a Fujitsu U810, Adobe Flash proved to be its Achilles' heel.

In theory, the Flash vulnerability is cross-platform. In other words, the same hole might be used to crack Linux or other operating systems.

Since we don't know exactly how the security breach works, we can't be certain, though, that the same problem could be used successfully against Linux.

What we do know is that with cash money on the line, not to mention ownership of a nice new PC, Linux came out untouched.

Microsoft nixes HD DVD drive for Xbox 360

Microsoft will end production of the external HD DVD drive for its Xbox 360 video game console, according to a report by the Associated Press.

The company said it would, however, continue to offer warranty support for the peripheral.

"HD DVD is one of the several ways we offer a high definition experience to consumers and we will continue to give consumers the choice to enjoy digital distribution of high definition movies and TV shows directly to their living room, along with playback of the DVD movies they already own," Blair Westlake, a corporate vice president of Microsoft's media and entertainment group, said in a statement.

The drive, which currently costs about $130, was intended as Microsoft's answer to Sony's PlayStation 3 console, which contained an integrated Blu-ray Disc drive.

Microsoft is just the latest top-tier tech company to abandon the failed high-definition disc format. Along with Toshiba, Intel, and NEC, Microsoft was one of the most prominent supporters of the standard. Toshiba said last week it would no longer make HD DVD players. Wal-Mart Stores, Best Buy, and all the major movie studios have all now said they will exclusively support Blu-ray.

The biggest proponent of Blu-ray, Sony, now stands poised to become the standard bearer of HD video mostly because of its strategy in including Blu-ray playback capability into the PS3. It's unclear if Microsoft now plans to make an attachable Blu-ray player for the Xbox 360.

Teen hacks tram system, derails trains

In yet another "innocent prank" that turned out to have very real-world effects, a 14-year-old Polish boy has admitted to modifying a TV remote in order to manipulate the junction-switching devices on the Lodz tram system, resulting in four derailed trains and 12 injuries. According to reports, the teenager snuck onto tracks to study the switching mechanisms, and used the resulting knowledge to re-direct trains "like any other schoolboy might a giant train set," as a police spokesman put it. The young man now faces charges in juvenile court for endangering public safety.

PC Retailer CompUSA plans to close all its stores after the holidays, part of a sale of its assets to Gordon Brothers Group, a restructuring firm.
CompUSA, owned by the Mexican based firm Grupo Carso SA, has 103 stores in 68 markets.

Reports said that Gordon Brothers would look to sell individual stores in certain markets and close those that it could not sell.

In recent years, CompUSA has struggled against other big-box retailers such as Best Buy and Internet-based companies such as CDW. Earlier this year, CompUSA had tried to ignite some interest with small businesses by reaching a deal with Microsoft to offer the services of Microsoft's Small Business Specialist Community (SBSC) to CompUSA's small-business customers.

Under the plan, CompUSA would refer customers that needed services to the 3,750 Microsoft SBSC partners in the United States, providing the partners had registered as a CompUSA TechPro Business provider.

A typical opportunity with CompUSA might have involved resolving a server or an application issue for a current customer or helping a new customer set up an office, said Gregory Geodakyan, managing partner at SoftNet Technology, an Iselin, N.J.-based solution provider, in an interview with CMP Channel earlier this year.

"This is a good market. Until this point, it's been up to us to shake the business out of [CompUSA's] business services guys for the leads. Now with the formalization of the program and with Microsoft throwing some might behind it, it will raise the profile of the program," Geodakyan said.

Many solution providers also used CompUSA as an alternative sourcing option, but it was clearly not enough to support the company, which had already closed more than 100 stores earlier this spring as part of a restructuring.

CompUSA was founded in 1984 and rose to national prominence under the guidance of Nathan Morton. As chairman and CEO, Morton led CompUSA from two stores and $60 million in sales as SoftWarehouse to its standing as a multibillion-dollar national retailer in less than five years. He was posthumously honored as a member of CRN's Industry Hall of Fame in 2006. He succumbed to cancer at the age of 57 in 2005.

AMD has introduced its first Quad-Core Opteron processor, which promises a 50% increase in performance, energy efficiency, virtualization, and investment protection.

Quad-Core AMD Opteron processors are claimed to be the world s most energy-efficient x86 architecture, which include power-saving technologies such as:

- CoolCore Technology, which reduces energy consumption by turning off unused parts of the processor;
- Independent Dynamic Core Technology, an enhancement to AMD PowerNow! Technology, which allows each core to vary its clock frequency depending on the system load and performance requirement; and
- Dual Dynamic Power Management (DDPM), which independently supplies power to the cores and the memory controller, allowing them to operate on different voltages, determined by usage. DDPM is available in most Quad-Core AMD Opteron processor-based platforms being introduced.

The new Opteron processors feature Direct Connect Architecture that, in presence of the integrated memory controller, enables reduced memory latency, and Rapid Virtualization Indexing. Rapid Virtualization Indexing takes functionality that was previously performed in software. It greatly accelerates it by performing those functions within the CPU to help enable near-real time application performance.

The processors also maintain compatibility with the socket and thermal envelopes of second-generation AMD Opteron processors to enable a seamless upgrade.

Meanwhile, AMD claims that Opetron processors outperform the competition on several industry-standard benchmarks (within comparable thermal bands) like SPECfp_rate2006, SPECint_2006, SPECompM2001Base, STREAM, Fluent, and LS-DYNA.

Along with the new processors, AMD has also introduced a new metric - Average CPU Power (ACP), which represents processor power usage, including cores, integrated memory controller, and HyperTransport technology links, while running a suite of typical, high-utilization workloads to be more indicative of the power consumption that end-users can expect. These processors are 55- and 75-watt on the ACP metric. The company also promises to state the processors Thermal Design Power (TDP) specifications as well.

The systems based on Quad-Core AMD Opteron processors from global Original Equipment Manufacturers (OEMs) and system-builder partners have already started shipping. Besides, some manufacturers, including Appro, Egenera, Gateway, Rackable Systems, Supermicro, and Verari have announced their Quad-Core range at the launch.

In addition, AMD Phenom processor solutions, which would leverage many of the same benefits of this innovative, next-generation architecture, should be available for the desktop market in December this year.

A report by the Associated Press (AP) reveals that cancer experts were concerned when they reviewed a collection of animal studies suggesting that implanted RFID microchips may cause cancer.

Although the experts said there is a considerable difference between humans and animals (it's easier to cause cancer in a laboratory mouse than a human said one veterinary oncologist for example), there was sufficient concern for them to call for more long term controlled studies to be done on larger animals and possibly humans as well.

RFID, short for Radio Frequency ID, microchips are identity chips used in a range of applications from identity tagging library books to cars to pets and now more recently, people. In animals and people they are inserted under the skin.

RFID chips usually contain two parts: an integrated circuit that stores information and a receiver-transmitter (also called a transponder) that senses when an appropriate scanning device is nearby and then transmits a radio frequency message to the device. The scanner picks up the radio signal and reads the information on the chip.

First used in animals, for instance to help find lost pets, RFID chips were approved for use in humans by the Food and Drug Administration (FDA) in 2004. They were hailed as a medical breakthrough, because they could be used to provide access to important medical information in situations where the patient is not able to do that for themselves.

A typical example that is cited is the case of an Alzheimer's patient who gets lost and ends up in a hospital where the staff scan the patient's arm and get an immediate readout of their essential medical information.

The devices used in humans are made by VeriChip Corp. a subsidiary of Applied Digital Solutions, of Delray Beach, Florida. Some 2,000 chips have been implanted in humans worldwide to date, and according to AP, the company, who insists the devices are safe, sees its target market for medical monitoring as 45 million Americans.

Scott Silverman, chairman and CEO of VeriChip Corp. said in a response to questions posed by AP that the company did not know about any studies that "resulted in malignant tumors in laboratory rats, mice and certainly not dogs or cats." He said millions of pets have RFID implants and there have been no reports of significant problems.

The articles cited by AP that were reviewed by the cancer experts were studies on lab mice and rats that sometimes developed sarcomas, or malignant tumours, after being implanted with microchips. The sarcomas sometimes encased the implants, said the AP report.

The articles were published in toxicology and veterinary journals between 1996 and 2006 and included:
A study conducted in 1996 by (now retired) toxicologic pathologist Keith Johnson at the Dow Chemical Co. in Midland, Michigan. Johnson said in a phone interview with AP "the transponders were the cause of the tumors".

A study conducted in Germany in 1997 that found 1 per cent of over 4,000 RFID chipped mice had cancer which the authors concluded were "clearly due to the implanted microchips".

A study conducted in Ridgefield, Connecticut, in 1998, on 177 mice that suggested the incidence of cancer was raised by just over 10 per cent.

A study conducted in France in 2006 where tumours were detected in 4.1 per cent of mice with microchip implants. The scientists were not looking for cancer induced by microchips when they started the study. They were testing chemicals but they ruled them out as the cause of the tumours.
There were several shortcomings to the studies reviewed by the cancer experts. For instance not one of them had a control group that had not been implanted with RFID chips to compare the rate of tumour development in non-chipped with chipped animals. And the other obvious shortcoming is that animal studies do not necessarily translate to humans.

However, according to AP, the reactions of the scientists who came from "pre-eminent cancer institutions" when they reviewed the studies were revealing.

For example, Dr Robert Benezra, who is head of the Cancer Biology Genetics Program at the Memorial Sloan-Kettering Cancer Center in New York said that:

"There's no way in the world, having read this information, that I would have one of those chips implanted in my skin, or in one of my family members."

Others said the studies raised "red flags" and that further studies using dogs and non-human primates were needed.

Google has issued a patch for a serious vulnerability involving Google Desktop that would have allowed attackers to steal personal information and possibly take control of a system remotely.

Researchers at Watchfire found the product was susceptible to cross-site scripting attacks that hijack the Google Web interface in order to jump from the Internet to the desktop Web environment. The attack works by getting users to click on a link that loads malicious JavaScript.

Google Desktop serves as a fast search mechanism for documents, e-mails, instant messaging transcripts, archived Web pages and other data on PCs. A Google executive once described it as "the photographic memory of your computer." An attacker with control of Google Desktop can search for virtually anything on the computer, including Office documents, e-mails, media files and Web history cache.

Dan Allan, director of security research at Watchfire, said the tight integration between desktop and Web-based applications can be dangerous.