Before you drop in on the American Express website to see how much damage you did to your credit line with holiday shopping, you should know it's vulnerable to an XSS (cross-site scripting) exploit. As The Registerreports, this news comes after a bungled attempt to fix the problem. As El Reg puts it,
The cross-site scripting (XSS) error that makes it trivial for attackers to steal americanexpress.com user's authentication cookies is alive and kicking. The confusion stems from a mistake made by many application developers who incorrectly assume that the root cause of a vulnerability is closed as soon as a particular exploit no longer works.
So far, only proof-of-concept exploits have been written to show how easy it would be to pilfer login credentials, but until AmEx really eradicates this problem, keep a careful eye on your website transactions. For a list of precautions you can take to stop XSS exploits, see our 2007 article.
Have you been victimized by an XSS error? Join us after the jump and sound off.
Doubts have been cast on the success of the Blu-ray format ever since it debuted. Initially, the format appeared to be doomed due to a poor adoption rate, thanks mainly to a host of factors, including the PS3’s initial tribulations, popularity of the DVD format, and the steady rise in the popularity of digital downloads.
However, it soon appeared that the tide had turned as PS3’s sales picked up and the rival HD DVD format ran out of steam and met its sorry fate. The latest good news has come in the form of sales data released by research firm Futuresource, which indicates that Blu-ray sales during the ongoing holiday season have been promising.
Another sinister portent for the Blu-ray format happens to be the grim sales picture of the PS3; strong sales of the console surely could have gone a long way in popularizing the format. I expect Blu-ray to share the same mediocre fortunes as the PS3 during the remainder of its lifetime.
According to DigiTimes, AMD will launch half a dozen 45nm Athlon processors by June of 2009. The quad-core Athlon X4 615 and 605 and triple-core Athlon X3 420 and 410 are expected to ship in April 2009, with the company's dual-core Athlon X2 240 and 235 coming a bit later in June 2009.
AMD has also been busy planning last order notices for its upcoming 45nm AM2+ Phenom II X4 920 and 940 Black Edition processors, which the company plans to issue in May 2009. Meanwhile, the Santa Clara chip maker will no longer take orders for its quad-core Phenom X4 9650. More Phenom last order notices aren't far behind, with AMD's Phenom X4 9950 (140W) and 9850 (125W) getting theirs in March of next year, and the Phenom X4 9750, 9850 (95W), and 9950 (125W) in June 2009.
But wait, there's more! DigiTimes says AMD's triple-core Phenom X3 8450 and 8550 are nearing their end of life in the market place, while the Phenom X3 8650 will have its last order notice issued in March 2009. The Phenom X3 8850 and 8750 CPUs will follow the same fate in June. And finally, AMD's Athlon X2 4450e chip, a low-power CPU, will be phased out in March 2009.
Phew! That's a lot of chips getting ready to head to the chopping block. Plan accordingly, AMD fans.
Protip: If you're doing something highly illegal involving millions of dollars in embezzled funds, don't leave all the incriminating details laying around on your desk unattended. Such might be the downfall of Ausaf Umar Siddiqui, VP of Fry's Electronics, who now stands accused of embezzling over $65 million after another Fry's executive discovered a suspicious spreadsheet laying on Siddiqui's desk.
After turning over the spreadsheet to the authorities, the IRS called shenanigans on Siddiqui's business practices, accusing him of cutting deals with some of Fry's largest suppliers to buy larger orders of goods in return for kickbacks and inflated commissions. According to the allegations, Siddiqui made a practice of buying goods at higher prices in exchange for kickbacks of up to 31 percent of the total sales prices. These kickbacks where then funneled into a company Siddiqui set up called PC International, the IRS claims.
According to the report, five unnamed vendors deposited more than $65 million into accounts owned by PC International, a hefty portion of which was used to fun Siddiqui's gambling habits. The IRS found $17.9 million paid out to Las Vegas Sands Corp, the operator of the Venetian Casino Resort. The report notes that the casino would often fly Siddiqui out to Vegas via private jets.
Siddiqui, who was arrested at Fry's headquarters, is currently being held on $300,000 bond. No court date has yet been set, though a judge in the case has given the government 20 days to file formal chargers of wire-fraud, which prosecutors plan to do.
According to jkOnTheRun, a UK law firm representing Psion Teklogix has begun sending out cease & desist letters to various websites demanding that the sites stop using the term 'netbook.' The trademark attorney whose John Hancock appears on the letters claims that Psion retains full rights to the term based on a pair of laptops the company used to sell called the netBook and netBook Pro. In the letter, Langley says companies "inadvertently mis-using" the term have until the end of March 2009 to comply.
"Psion places significant value on its trademark registrations and your use of the term 'netbook' could damage those registrations," Peter Langley, a trademark attorney writes. "We are therefore asking you to cease use of the term 'netbook.'"
Psion may have a tough time enforcing its cease & desist order, as the company no longer sells either the netBook or netBook Pro, and the term 'netbook' has been widely adopted all across the web to describe a low power sub-notebook. Moreover, it was Intel, and not enthusiast sites, who reintroduced the term. Intel's Atom platform dominates the netbook landscape, and the chip maker even purchased the netbook.com domain, which currently redirects to Intel.com.
Do you think Psion will prevail in protecting the term netbook? Hit the jump and post your thoughts.
What happens when you pit the 3G networks run by AT&T, Sprint, and Verizon against each other in a coast-to-coast battle royal? That's exactly what Gizmodo purported to find out as it put the three companies' networks to the test in a variety of locations. Using 3G USB dongles, Gizmodo FedExed its testing package from one staff member to another in eight different cities across the U.S. map, each of which tested the networks in three to five areas, including a suburban spot.
As might be expected, the testing results were mixed. When looking at download speeds, Gizmodo's roundup showed AT&T coming in a distant last place in Boston, but topping the charts in Raleigh and Austin. On average, Sprint put on the best showing, particularly in New York.
When switching gears to upload performance, Sprint pulled a 180 and lagged behind both Verizon and AT&T on average, while AT&T "kicked ass here, winning six cities and barely losing to Sprint in the other two."
According to Gizmodo, AT&T would be the best choice for sending big files or running a mobile torrent service. The site also breaks down its results into fairly detailed summaries by location.
When working with something called a quantum cascade laser, eggheads from Princeton University managed to discover a new type of double-beam laser not yet explained by existing theories, and the findings appear to prove the second laser beam to be more powerful and efficient than the primary.
Quantum cascade lasers are small and efficient sources of mid-infrared laser beams, with the conventional portion of the laser operating like those found in CD players. When enough electricity passes through, electrons enter a 'quasi-equilibrium state' almost entirely devoid of quantum momentum. It's in this state that they start to emit laser light in the mid to far infrared range.
While researching quantum cascade lasers, scientists discovered a slightly smaller wavelength, even though no existing quantum cascade theory of laser operations indicated that a second beam should exist. Because the second laser has proven more powerful and efficient, researchers are studying the technology at a breakneck pace. The mid to far infrared class of laser is useful in detecting minute traces of water vapor, ammonia, nitrogen oxides, and other gases that absorb infrared light, and the Princeton team says future applications could include air monitoring, medical diagnostics, and even homeland security. Rock on.
Remember when your great-great-great grandparents used to trek barefoot through miles of freezing snow in the scorching hot desert just for the privilege of purchasing a music CD from the music store that sat on top of a mountain? Maybe that's slightly exaggerating the situation, and while many of you still prefer to own physical media, downloading tracks has become the norm when it comes to purchasing groovy tunes. According to statistics compiled by Will Page, chief economist of the MCPS-PRS Alliance, and Andrew bud, the head of mobile software company mBlox, there are roughly 13 million songs available for download. But only a small fraction make up the majority of downloads.
With so many songs to choose from, you might think the wealth is being spread around. But surprisingly, just 52,000 songs make up for 80 percent all music purchased online. The distribution becomes even more lopsided when looking at albums, with 85 percent of bands and singers who released an album in 2008 not having sold a single copy.
"There is an eerie similarity between a digital and high-street retailer in terms of what constitutes an efficient inventory and the shape of their respective demand curves," Andrew Bud told the Times. "I think there's something more going on there: a case of new schools meets old schools."
What are you listening to that might be off the beaten path? Post your favorite non-mainstream hits below and help your fellow readers expand their music collection.
Stop. You had us at oil submersed motherboard, CPU and GPUs. You didn’t even have to dunk the SSDs, PSU or create a custom motherboard and bullet resistant tank too to convince us that you’re really hard core, umm, Hardcore.
Of course, if you stare too hard at the tank, you’ll miss all the heavenly glory that the Hardcore PC truly is. From its beautiful aluminum case, to its top port routing and the easy to access hard drives, every centimeter of the machine oozes custom computing. And we can honestly say that after tinkering with the most exotic PCs available on Earth for a decade now. What Hardcore is trying to do is so over the top that no one has ever tried it before on a production machine.
But before Hardcore can ascend to take its place among the top performance PC makers, there are an awful lot of questions to answer. Like can they really make and sell these babies for how much the company claims it can? Does it really work? To find the answer to that read on.
Maximum PC intercepted the following memorandum from a high-level Comcast executive to the company’s Board of Directors. We suggest you read it once, and then immediately delete all traces of this text from your PC. This is seriously twisted stuff.