Tuesday, March 29, 2011

Iranian hacker claims credit for SSL certificate theft

'ComodoHacker' splits security research community, downplays political motivation

Forget Social Security numbers -- cyber criminals want your intellectual property

A report warns companies to drop reactive approach to network security or risk losing data to increasingly sophisticated hackers

McAfee's website full of security holes, researcher says

The portion of the site that could be used for cross-site scripting attacks host some of McAfee's files for downloading software

Amazon's cloud new offers dedicated hardware

Amazon is aiming to lower entry barriers for its cloud services, says an analyst

Monday, March 28, 2011

Java founder Gosling joins Google

Java legend James Gosling decided to leave Oracle after it purchased Sun Microsystems

Analysis: How MySQL.com and Sun.com got hacked

Hackers broke into the MySQL.com and Sun.com websites using, of all things, a SQL injection technique

Yahoo to release code for selected technologies to open source community

Yahoo is seeking support for technologies that will provide significant value outside of company

 

Yahoo plans to release some technologies, including storage technologies, to the open source community, a senior executive of the company said.
These are systems that Yahoo built to help it handle large numbers of users on its websites, but that don't necessarily give it a competitive advantage, said David Chaiken, chief architect at Yahoo, in an interview in Bangalore on Friday.
[ Get your websites up to speed with HTML5 today using the techniques in InfoWorld's HTML5 Deep Dive PDF how-to report. | Learn how to secure your Web browsers in InfoWorld's "Web Browser Security Deep Dive" PDF guide. ]
In 2009, Yahoo donated its Traffic Server scalable caching proxy to the Apache Software Foundation.
A working group on open source at Yahoo is currently evaluating technologies that could qualify to be released to open source.
The company has to first make sure that each of the technologies will really be useful and provide significant value outside Yahoo, before releasing it to open source, Chaiken said. It takes time and effort to go through the open source process, and to build a community around open source, so the company has to first make sure there will be interest from developers, he added.
Releasing technology to the open source community helps Yahoo build recognition and a technical brand in the technical community, as well as develop relationships with universities and companies, Chaiken said. There could also be some financial benefits in getting community developers to work on a project, he added.
A large part of Yahoo's IT infrastructure is built around open source software, including the Hadoop scalable distributed computing platform, which helps Yahoo execute at a very large scale, Chaiken said.
Yahoo said earlier this year that it is discontinuing its distribution of Hadoop and will instead focus on Apache Hadoop, a project of the Apache Software Foundation.
Hadoop is likely to be critical as Yahoo attempts to reduce diversity and unify its IT infrastructure. The company is for example standardizing its asynchronous or batch computation and storage using Hadoop, Chaiken said.
As a result of acquisitions and in-house projects that were rushing to bring new products and technologies to market, Yahoo over the years ended up with a lot of different systems that in some cases are fulfilling the same purpose, Chaiken said.
Each of the different science groups that were writing algorithms for extracting signal from the company's data were essentially operating on their own dedicated analytics infrastructure and storage, each building different models in a slightly different way, and each operating on different data sets, Chaiken said.
In the last four years, Yahoo has integrated the infrastructure for the science groups across the world, and removed the data and algorithm silos, he added.
Yahoo is also working on unifying its content and communications systems, on top of a "content agility platform" that depends to a large extent on Hadoop, Chaiken said. The company is in the process of unifying its media and communications properties.
John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's email address is john_ribeiro@idg.com.

 source:http://www.infoworld.com/d/open-source-software/yahoo-release-code-selected-technologies-open-source-community-888

Tuesday, March 22, 2011

Top 10 presentation tool

1. AuthorSTREAM


authorstream
With AuthorSTREAM, you can take your PowerPoint presentations and upload them to be shared with others. You can download the presentations that you create to embed them in blogs and send them to your favorite video hosting site. The basic service is free, the premium services boost the number of presentations you can have.

2. Empressr


empressr
This application takes your slides, video, audio and photos and allows you to Empress your colleagues with cool looking presentations. You can share your work on all of the social media sites, or keep it private. The on-line library helps you to manage your media assets quickly.

3. Google Docs Presentation


google docs
With Google Presentation, you can import video, slides, and tables to make a show. You can collaborate with others all over the world using this application. After creation with this no frills program, you can download your finished project as a PowerPoint file, PDF or text document. You can also upload it to YouTube.

4. myPlick


myplick
Import most of the major file formats including PDF, OpenOffice, PowerPoint, Word, JPG, MP3 and WMA. You can synch audio with video on your ‘plicks’ and share them with users worldwide. Presentations have to be kept to 150 slides and uploads to 50MB. This is a free service.

5. PreZentit


prezentit
Prezentit is a free presentation application. It offers online editing and collaboration, where you can make changes simultaneously. There is a 250MB upload limit on PreZentit, and you can bring as many people as you want in on a presentation. You can edit your presentations by hand since they are all stored as web pages.

6. Prezi


prezi
Using Prezi, you can collaborate with others to produce high quality flash documents. The web-based program has an editor that is designed to be intuitive. The basic level of Prezi is free, but there are two levels of subscription which offer you more than the 100MB of disk space that the public license offers.

7. Sliderocket


sliderocket
You can upload almost any file format to your presentation, including video from YouTube and information from Google Docs. You can put transitions and effects into your presentations and download the finished product for later viewing. The basic service is free. With a monthly subscription, you can get a good collaboration tool.

8. Spresent


spresent
You can take content from YouTube or Flickr and create a flash presentation. By embedding your presentations into blogs, emails and web sites, you can get your message across quickly and easily. For $29.95/yr, you can import more file formats and have a copy of Spresent on your desktop.

9. VCASMO


vcasmo
VCASMO allows you to upload all kinds of audio and video formats into your presentation. Two of its cool features are video seeking and the ability to add subtitles to your slide. You can keep your presentation public or private, synchronize video and audio, and bring that slideshow to your blog of web page.

10. Zoho Show


zoho
Zoho offers a wide range of online document applications. Show is a fully collaborative presentation program which can import a wide range of file types. You can export your slide shows to HTML, PowerPoint and PDF. One great feature of Zoho Show is that the presenter can use online chat to communicate with the viewers.
Whether it is from a small cafe in London, or a Starbuck’s in Seattle, you can access your presentation files from anywhere using these web-based applications. Eliminate travel and boarding costs by making your presentations on the internet.

This article is taken from http://aext.net/2010/06/10-leading-presentation-tools/

Sunday, March 20, 2011

Mozilla: A new Firefox every 16 weeks

After Firefox 4's release next week, Mozilla hopes to put out new browser versions every four months

Saturday, March 19, 2011

Experts see wide use of flash-hard disk hybrids by 2016

Hybrid drives will keep costs down while approaching solid-state drive performance, two storage experts said

EMC: RSA SecurID info swiped via sophisticated hack attack

Company exec warns customers that stolen information could be used to more easily penetrate customers' systems

Tuesday, March 15, 2011

Executive Support System

Executive Support System (ESS) is a reporting tool (software) that allows you to turn your organization's data into useful summarized reports. These reports are generally used by executive level managers for quick access to reports coming from all company levels and departments such as billing, cost accounting , staffing, scheduling, and more.

In addition to providing quick access to organized data from departments, some Executive Support System tools also provide analysis tools that predicts a series of performance outcomes over time using the input data. This type of ESS is useful to executives as it provides possible outcomes and quick reference to statistics and numbers needed for decision-making.

The exact reporting tools and outcome of an Executive Support System completely depends on the ESS developer and it's intended industry use. For example, Cambridge Systematics has ESS to support the investment planning process for the Ministry of Transportation. The features and functions of this Executive Support System are entirely different from the Executive Support System developed by Meditech, which is useful to health care organizations.

Several companies offer pre-designed Executive Support System packages (usually suited to one particular industry), while others offer packages which can be customized your your organization's needs.



Reference: http://www.webopedia.com/TERM/E/Executive_Support_System.html

What is decision support system

Abbreviated DSS, the term refers to an interactive computerized system that gathers and presents data from a wide range of sources, typically for business purposes. DSS applications are systems and subsystems that help people make decisions based on data that is culled from a wide range of sources.

For example: a national on-line book seller wants to begin selling its products internationally but first needs to determine if that will be a wise business decision. The vendor can use a DSS to gather information from its own resources (using a tool such as OLAP) to determine if the company has the ability or potential ability to expand its business and also from external resources, such as industry data, to determine if there is indeed a demand to meet. The DSS will collect and analyze the data and then present it in a way that can be interpreted by humans. Some decision support systems come very close to acting as artificial intelligence agents.

DSS applications are not single information resources, such as a database or a program that graphically represents sales figures, but the combination of integrated resources working together.



Reference: http://www.webopedia.com/TERM/D/decision_support_system.html

MIS

Short for management information system or management information services, and pronounced as separate letters, MIS refers broadly to a computer-based system that provides managers with the tools for organizing, evaluating and efficiently running their departments. In order to provide past, present and prediction information, an MIS can include software that helps in decision making, data resources such as databases, the hardware resources of a system, decision support systems, people management and project management applications, and any computerized processes that enable the department to run efficiently.

Within companies and large organizations, the department responsible for computer systems is sometimes called the MIS department. Other names for MIS include IS (Information Services) and IT (Information Technology).




Reference: http://www.webopedia.com/TERM/M/MIS.html

Transaction Processing System

A transaction processing system is a type of information system. TPSs collect, store, modify, and retrieve the transactions of an organization

A transaction is an event that generates or modifies data that is eventually stored in an information system. To be considered a transaction processing system the computer must pass the ACID test.

The essence of a transaction program is that it manages data that must be left in a consistent state. E.g. if an electronic payment is made, the amount must be both withdrawn from one account and added to the other; it cannot complete only one of those steps. Either both must occur, or neither.

In case of a failure preventing transaction completion, the partially executed transaction must be 'rolled back' by the TPS. While this type of integrity must be provided also for batch transaction processing, it is particularly important for online processing: if e.g. an airline seat reservation system is accessed by multiple operators, after an empty seat inquiry, the seat reservation data must be locked until the reservation is made, otherwise another user may get the impression a seat is still free while it is actually being booked at the time. Without proper transaction monitoring, double bookings may occur.

Other transaction monitor functions include deadlock detection and resolution (deadlocks may be inevitable in certain cases of cross-dependence on data), and transaction logging (in 'journals') for 'forward recovery' in case of massive failures.



Reference: http://en.wikipedia.org/wiki/Transaction_processing_system

Monday, March 14, 2011

New attacks leverage unpatched IE flaw, Microsoft warns

The bug was disclosed in January, but it's now being used in targeted attacks

By Robert McMillan
March 12, 2011 01:32 AM ET
 
IDG News Service - An Internet Explorer flaw made public two months ago is now being used in online attacks.
The flaw, which has not yet been patched, has been used in "limited, targeted attacks," Microsoft said Friday in an update to its security advisory on the issue.
Google concurred, and offered a few more details. "We've noticed some highly targeted and apparently politically motivated attacks against our users," Google said in blog post. "We believe activists may have been a specific target. We've also seen attacks against users of another popular social site."
The attack is triggered when the victim is tricked into visiting a maliciously encoded Web page -- what's known as a Web drive-by attack. It gives the attacker a way of hijacking the victims browser and accessing Web applications without authorization.
The flaw lies in the Windows MHTML (Mime HTML) parsing software used by Internet Explorer, and affects all currently supported versions of Windows. It was disclosed on the Full Disclosure mailing list in January.
Microsoft has released a Fixit tool that users can download to repair the problem, but has not said when, or even if, it plans to push out a comprehensive security update to all users.
Google isn't saying who exactly was targeted in this latest incident, but Chinese activist groups have been the focus of cyber attacks in the past. This may be another example of an ongoing and methodical effort to track and steal information from pro-democracy and Tibetan activists.
Now that the flaw is being exploited in attacks, the pressure is mounting on Microsoft to produce a reliable patch for the issue that can be pushed out to hundreds of millions of customers.
"For now, we recommend concerned users and corporations seriously consider deploying Microsoft's temporary Fixit to block this attack until an official patch is available," Google said.

source:http://www.computerworld.com/s/article/9214259/New_attacks_leverage_unpatched_IE_flaw_Microsoft_warns
 

Wednesday, March 9, 2011

Window Defender


Ish!!!! Why my laptop always appears a statement about update window defender….I felt impatient..… what is the window defender actually?? Is it important to our system??

Windows Defender is software that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware.
Benefit  of Window Defender:
Improved Internet browsing safety
  • Windows Defender helps stop spyware before it infiltrates your computer. Windows Defender also offers a continuous safeguard designed to target all the ways that spyware can infiltrate your computer.
Protection against the latest threats
  • To help protect your computer from the latest threats, you can choose to have updates that counteract new spyware automatically downloaded to your computer.

Is the window defender important??

In my opinion, Windows Defender detects and removes known spyware only. It cannot to give full protect  to our system. For example, it cannot protect from malicious software(viruses, trojan horses, and worms). So I think it is not really important to our system and it can be replace by other antivirus. Such as Norton Antivirus, Kapersky Anti-Virus, ZoneAlarm Anti-virus, Shield Deluxe and more. All of these anti-virus can protect from spyware, malware and more.

In a conclusion, it is better to have a good anti-virus than window defender!!!

                                                               




                        

Tuesday, March 8, 2011

Kaspersky Internet Security 2011 Wins Top Marks for Treating Malware in AV-Test's Q4 2010 Report

Kaspersky Lab, a leading manufacturer of secure content and threat management solutions, announces that Kaspersky Internet Security 2011 has earned a top award in tests performed in the fourth quarter of 2010 by AV-Test.org, an authoritative German research center. Kaspersky Internet Security 2011 was the only solution to earn top marks for successfully treating infected computers during the test.
Twenty-three popular antivirus solutions were tested in order to determine the level of protection they offer against malicious programs, their usability and their ability to restore infected machines to working condition. During protection testing, the programs' levels of static and dynamic detection was evaluated, i.e. the capability of each solution to detect threats with and without executing the suspect code. During restoration testing, the competing solutions were assessed for their ability to neutralize malicious programs introduced onto the test machines prior to each security product being launched. During usability testing, the security products were tested for their ability to operate without producing false positives or making a noticeable impact on the test computer's performance. All solutions used their default settings on computers running 32-bit Microsoft Windows Vista SP2.
Kaspersky Internet Security 2011 achieved top scores in all of the tests and received a prestigious award certificate from AV-Test.org. The solution's security performance was the best of all the solutions tested, with an exemplary 5.5 points, and was the only solution to earn a straight 6 points out of 6 for restoring previously infected machines.
Kaspersky Internet Security 2011 far exceeded the average performance of the tested products in all aspects of malware treatment, including deleting active and inactive malware components, eliminating unwanted modifications to the system and detecting and deleting hidden rootkits and other dangerous programs.
"The malicious programs that penetrate a user's computer can change the system settings or make changes to various files," says Nikita Shvetsov, Director of Malware Research at Kaspersky Lab. "Aside from deleting the malicious programs it detects, a security solution must also repair modified files and disk system areas. Kaspersky Internet Security 2011 perfectly handles these important tasks, as this test has clearly demonstrated." For details of the testing performed by AV-Test.org, please visit: http://www.av-test.org/certifications
16 Feb 2011 

source:http://www.kaspersky.com/news?id=207576274

A short story about Microsoft Word 2010 Part

Today, i would like to recommand the function of setting a budgets on Microsoft Word 2010. Before i describing the steps, i would like to add some point about the benefit of setting a budgets. Firstly, a good budgets can helps us to save money. As we know, as the increasing of standard living, the cost of living also increased, so to be survive in this situation, a good budgets planning a required. Secondly, good budgets also can control our expenses. This because the budgets setting as the guideline when we expenses on something, so we did not spend our money on unimportant things. Here, i would like to describe the steps taken on setting budgets through Microsoft Word.
    Step 1: Download the form of budgets on Microsoft Word, which located the page of new templates
    Step 2: The form you download will display at the word as shown at the figure below

    Step 3: Fill in your expenses on each category and summarizes it
    Step 4: Finally, your upcoming budgets will display and printing is needed if you want to keep the expenses on track

*Good budgets is depend on good planning, so plan before you expense.

Malware in February: Cybercriminals Perfect Drive-By Tactics


03 Mar 2011

Kaspersky Lab’s latest monthly report on malware activity highlights the current popularity of using drive-by attacks to infect users’ computers. These attacks are particularly dangerous because they take place without the user’s knowledge and can be initiated from legitimate websites that have been hacked by cybercriminals. Visitors to infected sites are redirected to web pages containing script downloaders. Various types of exploits that launch script downloaders are quite often used to download malware to users’ computers.
In February, the majority of drive-by attacks made use of Cascading Style Sheets (CSS) to store some of the data for script downloaders. This new, enhanced method makes it much harder for many antivirus solutions to detect malicious scripts and allows cybercriminals to download exploits without them being detected.
Three entries in the Top 20 most malicious programs detected on the Internet in February corresponded to pages containing CSS data and a malicious script downloader. One of them claimed 1st place, while the others came in at 13th and 19th places. The script downloaders on these malicious web pages download two types of exploits. One of them, which targets the CVE-2010-1885 vulnerability in Microsoft Windows Help and Support Center, took 4th place in the same top 20 ranking. On average it was detected on approximately 10 thousand unique computers every day. The second type of exploit uses vulnerability CVE-2010-0840 in Java Virtual Machine and accounted for three entries (3rd, 7th and 9th places) in the rating of Internet-borne threats.
February showed that there are still potentially dangerous PDF vulnerabilities out there. The number of unique computers on which PDF exploits were detected exceeded 58 thousand in February. One such PDF exploit entered the Top 20 malicious programs on the Internet in 8th place.
A malicious packer that is used to help protect the Palevo P2P worm was detected on more than 67 thousand unique computers throughout the month. This worm was responsible for the creation of the Mariposa botnet that was shut down by Spanish police a while ago. It seems likely that the recent spread of this packed worm is linked to an attempt by cybercriminals to create a new botnet or restore the old one.
February saw the discovery of a number of new malicious programs for the Android platform. Malware for the J2ME platform was also popular among cybercriminals, with Trojan-SMS.J2ME.Agent.cd, for example, entering the Top 20 most widespread malicious programs on the Internet at 18th place. Its main function is to send SMSs to premium-rate numbers.
More detailed information about the IT threats detected by Kaspersky Lab on the Internet and on users' computers in February 2011 is available at: http://www.securelist.com/en/analysis/204792166/Monthly_Malware_Statistics_February_2011



source:http://www.kaspersky.com/news?id=207576288

Monday, March 7, 2011

A short story about Microsoft Word 2010 Part 3


Today, I would like to introduce about publishing a new post by Microsoft Word. The step are simply and easy, that is
    Step 1 : Same as the calendar templates, you need go to the page templates and click on the "Blog Post"
    Step 2 : After that, you will move to a new page and ask to register your blog account
    Step 3 : After registration, you can type you post in the word as shown in figure


    Step 4 : Click the button publish at the left-hand side
    Step 5 : Your blog are successful publishing.


*The post are publish by Microsoft Word 2010

Sunday, March 6, 2011

A short story about Microsoft Word 2010 Part 2

Did you face problem when you want to do citation on the text you took from web or on the book? Here, the Microsoft Word 2010 had offered the function to help the students making the citation. Here is the step on marking the citation
Step 1 : At the command bar, you select the "References" option
Step 2 : At the  "References" option, you click the "Mark Citation" on right-hand side
Step 3 : A toolbox will be pop up as shown in the figure
Step 4 : Type your text or highlight your texts into "Selected texts" box and then key in your key term you want to citated into "Short citations" box 
Step 5 : Mark all you item that you already citation and finally type your references in the endnote of the article

*Hopefully this informaton can help us to produce more effective words

Saturday, March 5, 2011

A short story about Microsoft Word 2010 Part 1

As the Microsoft Office 2010 are introduced by the Microsoft Corporation in the year 2010, the are many new features are install in the Microsoft Word, such as the file extension, templates and so on. Now, i would like to share about the new form of template that are provided by Microsoft Word, that is calendar. Today, many work are needed to scheduling, so Microsoft Corporation offer a easy step to us to set up the time table according the date. Now, i would like to show the step that how download the templates and how to use it.
Step 1 : Open the Microsoft Word, and at the command bar click the "File" button as shown in Figure


Step 2 : Select "new" button and click on the calendar template
Step 3 : Select the calendar you want and then click download on the right hand side
Step 4 : Finally you can scheduling you work on the Microsoft Word

*P.S : You need to online when download the calendar templates



Wednesday, March 2, 2011

Find trojan horse virus on PC

Q&A: What is DRM?

EMI has announced that it will be offering its back catalogue online without software locks, called digital rights management. The songs will be sold at a higher price to those currently with the digital locks but will also be at double the audio quality.




What is DRM?
Digital Rights Management, or DRM, is a class of technologies that allow rights owners to set and enforce terms by which people use their intellectual property.

Rights owners are typically copyright-holding companies like music, film, book or software publishers. They use DRM to control how documents, entire software programs, or even e-mails are used.

Most often media companies use DRM to curb piracy of their content by restricting users' ability to copy it, though it can also be used to create new business models like subscriptions to a large library of music.


How does DRM work?
DRM is a two-part scheme. It relies on encryption to protect the content itself and authentication systems to ensure that only authorised users can unlock the files.

When applied, DRM scrambles the data in a file rendering it unreadable to anyone without the appropriate unlocking key.

Authentication systems stand between users and the decryption keys, ensuring that only people with the proper permissions can obtain a decryption key.

Without a username and password or if a file has been decrypted too many times, the system will not provide the key. This means music files with DRM, for example, can be swapped over the internet and remain unusable to those who have not paid for them.

It also means only authorised programs and portable players can use the tracks.

Music without DRM, like the popular MP3 music format, retain the ability to be played regardless of the number of times or to whom they have been copied.



Who is using DRM and why?
The most common commercial use of DRM is copy prevention. The technology gives rights holders some assurance that their intellectual property will not be pirated, and helped to create a legal digital download industry.

Film studios were some of the first large companies to adopt DRM.

When the DVD format was launched it included an encryption scheme called the Content Scrambling System, which prevented users from making digital copies of films off the disc.

Recording labels have also adopted DRM to prevent copying.

With the advent of peer-to-peer file sharing networks and the MP3 music compression format in addition to the proliferation of broadband internet access, they claimed music piracy drastically increased.

CD publishers reacted by making discs in a way that lets them play in a regular machine, but not in a computer. This prevents users from copying the music and distributing it over the internet.

Many record labels have also released DRM-protected music for sale and download in online stores like Apple's iTunes and Roxio's Napster. These tracks can play on a set number of computers and portable devices.

DRM video downloads are just beginning in the UK. Channel 4 and Sky have on-demand services that include films.


What are the problems with DRM?
Some consumer groups and internet commentators vociferously argue against the use of DRM.

One of the most often cited problems with the technology is that competing systems are not compatible. For example, users of the Napster service cannot play a track on the iPod.

Changing music download providers or portable players could mean already purchased tracks are unusable.

Because tracks have to be authenticated to play, they may also become unusable if a download company goes out-of-business.

Both cases force purchasers to either forfeit their music or re-purchase it, and for this reason has been characterised as anti-competitive.

Unlike brick-and-mortar shops selling records, cassettes, or CDs, digital download companies can lock consumers into their service.

Critics also argue that many DRM systems go far beyond the rights the law gives rights holders to protect what they create.

DRM is also an imperfect technology. Hackers and software companies engage in a constant back-and-forth battle where any given system is broken, patched, and broken again.

DVD copy prevention was cracked in part by the then 15-year-old Jon Lech Johansen.

Still others object to DRM on philosophical grounds. Art, they contend, is often a collaborative process that builds off the work of others.

For digital media, this is referred to as the "rip, mix, burn" culture.

As music, film, and literature is increasingly expressed in digital form, many worry that restrictions on the use of this content will limit creativity.



Source: http://news.bbc.co.uk/2/hi/technology/6337781.stm

10 Tips for Creating Secure Passwords

If you do anything with computers, you deal with passwords and you probably have a handful of different passwords for different sites and systems. The best password is something that you will never forget, but even your family or closest friend would never guess.


In my experience people either have extremely secure passwords like J!*xurQ1# that are so difficult to remember that they have to write them down (which defeats the security of a password) or extremely unsecure to start with, like Jonny (the name of their spouse). The goal of this post is to give you some ideas on how to generate secure passwords. The tips start out with some simple ways to come up with terms and end with ideas of how to combine these terms into secure passwords.

It should be obvious that you shouldn’t directly use any of the examples shown here. However, some of these ideas should be useful in generating your own secure passwords.

Here are a collection of tips for creating useful passwords.

1. Use Different Character Classes - Many systems require that your password be from a variety of character classes. The letters a to z are one character class, A to Z is another, 0 to 9 is another, and the symbols are a fourth. In general the more character classes you use in your password, the more secure it is. So “guitar” is less secure than GuiTar which is less secure than Gu1T&r. One simple way to add different character classes is to capitalize all vowels or consonants.

2. Use Letters from a Phrase – Use the first letter from each word in a phrase, line from a song, etc. “There’s a hole in the bottom of the sea.” could become Tahitbots.

3. Numbers From Word - Use your phone keypad to convert a word to its numerical equivalent to use as part of your password.

4. Keyboard Patterns – Creating terms from rows of adjacent keys. 12345 is not very good, but \][po combined in the ways specified below can make for a secure password that would be very difficult to guess and is fast to type.

5. Use More Than One Word - Single word passwords are easy to break. If a hacker runs a program to try a bunch of words from the dictionary they shouldn’t be able to figure out your password. Choose words that you will remember, but that someone else won’t be able to guess. So a password like shinynail or flyingrock or tallwater are more secure than single word passwords.

6. Ideas for Passwords – Sometimes coming up with a password can be pretty difficult. Keep in mind you need to choose terms that you won’t often talk about. Here are a list of ideas to help come up with words:
* Choose two objects from a picture that you’ll always remember. For example: a drawing at your grandparents house, the illustration from a children’s book, a painting at an art museum, etc.
* Choose two terms from a memorable purchase. For example: bluev6 (first car), thinibm (first computer), gold3crt (engagement ring), 7ftgrand (piano), pinedoor (first house), sunshore (honeymoon destination).
* Look through a catalog and choose terms based on something you see.
* Look up a random article on Wikipedia and choose a word found or related to a word you find in the article.

7. Separate Your Two Words With Symbols and Numbers- For example: pine&1&door, kit!2!cat, etc.

8. Modify the Password For Each Site- In theory, the most secure password strategy is to use a completely different password for each system. In practice, this means you’ll have to write them down. By choosing a secure password and modifying it based on where it will be used, you can keep from having to write passwords down, but still have a slightly higher level of security. Here are some examples showing how they were created
* blue.Mv6 for Amazon.com – blue and v6 from first car. M from the second letter in site name.
* blue.Av6 for SAP logon – same as above.
* thin!5!ibm for Amazon.com – thin and ibm from first computer. 5 from the number of letters in the site name.

9. Multiple Passwords for Different Types of Sites – Another option to keep from using the same password on every site is to use two or three passwords based on how secure the site is. For example, your banking sites might all use derivations of the bluev6 password. Ecommerce sites might all use a derivation of a different password and community type sites might use a third. The goal is to make sure that a rogue administrator at a forum you frequent isn’t able to get to your 401k.

10. Date Based Component – Some systems require you to change your password every 180, 90, or 60 days. (One client had set up their system to require a password change every 30 days!) If you are familiar with the cycle, you can add a date based component to your password and change it each time it is required. For example J10 could be added when you need to change your password in June of 2010.



Source: http://www.productivity501.com/10-tips-for-creating-secure-passwords/253/

Computer Virus

Different Kinds of Biometric Devices

Personal identification methods have been advancing through the study of biometrics. As technology progresses, inexpensive, user-friendly identification techniques are becoming the norm. Permanent identification applications are being relied upon for business and private use which focus on distinguishable traits that cannot be lost or stolen. Networks that communicate and share single-person identification data are being developed, eliminating the need for passwords and decreasing the problem of identity theft.


Fingerprint and Hand Scanners

Fingerprint scanning eliminates the need for multiple passwords.
Biometric fingerprint scanners capture and process a person's fingerprints. Each person's fingerprints are unique and can only be used to identify that person. Fingerprint scanners allow a person to imprint their fingerprint into a device that stores and is able to compare it against other fingerprints. Fingerprinting technology has advanced allowing fingerprint scanners to be installed in laptop computers, at ATMs, in real estate lockboxes, as employee recognition in schools and businesses and for national security purposes.

Hand scanners are similar to fingerprint scanners except they authenticate features of the complete hand, measuring lengths and thickness of fingers, curves and bone structures of fingers and surface area of palms. Because many hand traits can be disturbed by injury, hand scanning is often used with other types of biometric identification.



Facial Recognition Cameras

Cameras are used in facial recognition biometrics.
Cameras are used in biometric facial recognition technology. Main features of the face are captured, while expressions, piercings and facial hair like beards and mustaches are not. Infrared cameras are used to detect heat patterns in the face. Some facial recognition devices incorporate several cameras to capture more detail and reduce light interference. Facial recognition is not reliable for identifying people through photographs and cannot identify people wearing masks.



Voice Recognition Microphones

Microphones record unique voice characteristics.
Microphones tape the acoustics and inflections in a person's voice. Voices are distinguished by physical shape and build of the mouth and throat, age and learned behavior related to culture, tone, pitch and volume. Voice recognition software usually uses a password to digitize a person's voice, filtering out unique characteristics. It is used for security purposes and has also become an invaluable tool for physically disabled people, making it easier for them to use computers and function in society.



Iris Scanners

Portable iris scanners detect distinguishable traits in eyes.
Iris scanners detect individual traits of a person's eye. They are often portable devices used mainly to track people. Recent software developments have been improved so that iris detection works when a person is wearing contacts or glasses. Prison guards use iris scanners to track prisoners, strengthening security and monitoring inmate arrivals and departures.



Signature Pads

Computerized signatures protect against forgery and identity theft.
Signature pads are becoming commonplace in retail outlets. They capture and process a person's signature. These biometric devices perform handwriting analysis, pauses during writing, rate of speed used when writing and pressure applied when writing. Advancements in signature pad technology limit forgery of documents, lessening the chances of identity theft. Signature pads are used with increasing frequency in Internet business.




Source:http://www.ehow.com/list_6652449_different-kinds-biometric-devices.html