Two security researchers on Saturday have warned that if you use cPanel to administer your website or certain Linksys or Netgear routers, you're leaving yourself open to web-based attacks that could potentially take control of your systems.
The attacks are based on CSRF, or cross-site request forgery, which can be exploited simply by surfing to the 'wrong' website, say Russ McRee of HolisticInfoSec.org and Mike Bailey of Skeptikal.org.
"CSRF is bad stuff," Bailey said at the Defcon hacker conference in Las Vegas. "It's a very under-appreciated vulnerability, and it's all over the place. Because it usually gets rated as a pretty minimal issue, it almost never gets fixed, and that means we have these kinds of holes all over."
When visiting a malicous website while logged in to the program, the attack is able to trick cPanel into carrying out sensitive commands by duping the device into thinking they came from the victim. And it doesn't look like this will be fixed anytime soon.
"The response I got from cPanel was we can't fix this because it's a feature," Bailey said. "Apparently, they're worried it's going to break integration with third party billing software, so they can't fix this."
It’s no secret that ATI’s RV770 GPU, which first appeared in the Radeon 4870 and 4850 last year, is a performance beast. The spring refresh of the GPU, which offers increased core and memory clocks, along with a slight redesign of the GPU, tells an interesting story to anyone who isn’t yet running a second-gen DirectX 10 card (GeForce 2xx series or Radeon 48xx series). However, if you’ve already upgraded, there’s not much to get excited about here.
The Radeon 4890 is built on a 55nm process, just like the 4870 and 4850, but the company made significant tweaks to the architecture to accommodate higher clock speeds, which is evidenced by the fact that Diamond overclocks this board from 850MHz to 925MHz out of the box. Diamond also overclocks the card’s 1GB of memory 100MHz faster than the default, to 1,050MHz. The Radeon 4890 sports quad-pumped GDDR5 memory running on a 256-bit bus. The real stars of the Radeon 4890’s show are its pixel shaders, though, with 800 shader units running at the GPU’s core clock speed. The massive number of shader units gives the 4890 a significant advantage over comparable Nvidia cards in shader-limited benchmarks like Crysis.
USB 2.0 rated at 480Mbit/s sounded great when it was released back in April 2000, but more than 9 years later its becoming pretty easy to saturate with our never-ending collection of high speed external drives. USB 3.0 clocks in at a much more respectable 4.8 Gbit/s, but those patiently awaiting hardware will have to cool their heels just a bit longer.
According to the Inquirer, Asus is cancelling what would have been the world’s first USB 3.0 motherboard the P6X58. The company hasn’t given any specific comment on it’s reason for the cancellation, but I would surmise it has something to do with the fact that you still can’t find any devices to pair up with it yet.
Speculation aside, I’m sure Asus still has USB 3.0 on it’s roadmap, but we still have no idea when the first motherboards / devices will hit the market. Want to learn more about the new standard? Make sure to take a look at our comprehensive guide to all things USB 3.0.
Citing un-named "industry sources," news and rumor site DigiTimes says Intel has informed customers that it is no longer accepting orders for its Atom Z processors for use in netbooks, as the chip maker looks to clear out remaining inventory. But more than just an inventory dump, Intel apparently is looking to better distinguish between CPUs targeting netbooks and those aimed at the Mobile Internet Device (MID) market.
Intel is expected to completely cut off supply to netbook makers by the end of 2009, but sources say it will still fulfill orders already placed by Acer, Asus, and MSI, all three of which have been players in the netbook market since early on. There's no mention of Sony and its Atom Z-powered Vaio P, which has been rumored to be getting a refresh in October anyway.
Moving forward, Intel will begin focusing on its next generation netbook (Pine Trail) and MID (Moorestown) platforms, which are slated for a 2009 release.
Adding to its growing power supply line, OCZ this week announced the immediate availability of its new Z-Series Gold power supply line. Each new model boasts 80+ Gold certification, which means they must remain at least 90 percent efficient at 50 percent load, and never drop below 87 percent efficiency at any load level.
The new models are available in 850W and 1000W in either modular or non-modular form. Taking a page from PC Power & Cooling, which was acquired by OCZ in 2007, the Z-Series sports a single, beefy +12V rail (83A on the 1000W and 71A on the 850W) rather than spreading the amperage through multiple +12V rails.
All the other standard essentials are accounted for, including active PFC, a large cooling fan (135mm), oodles of SATA connectors, and SLI certification.
The Z-Series is available now for $300 (Z1000M), $290 (Z1000), $240 (Z850M), and $220 (Z850).
Not all rumors turn out to be true, and according to Intel, recent reports suggesting the chip maker was delaying its next-generation "Pine Trail" Atom until next year are completely false.
"Pine Trail is on schedule," Mooly Eden, general manager of the Mobile Platforms Group at Intel, said at the Intel Technology Summit on Wednesday in San Francisco. "We are going to ship revenue shipments in the second half of the year. You come to IDF (slated for September) and see the maturity of the product."
Pine Trail will consist of an integrated graphics processor built into the same slice of silicon as the main processor, which will also share space with the memory controller. This will shrink the number of chips in the Atom platform from three to only two, which is expected to result in a cheaper platform with a lower power draw.
Showing AMD owners some love, Corsair adds to its Dominator series with the Dominator GT, a line of "ultra-high performance" DDR3 kits the company says have been designed specifically for Phenom II-based platforms using socket AM3 motherboards.
"The new Dominator GT family for platforms with AM3-based AMD Phenom II processors delivers even greater levels of performance, as well as enhanced cooling options, making it the perfect memory for anyone looking for the fastest possible performance from their AM3 AMD Phenom II-based system," said Jim Carlton, VP of Marketing at Corsair.
The new 4GB (2x2GB) Dominator GT kit races along at 1600MHz with 6-6-6-18 latency settings and a 1T command rate. It also supports AMD's Black Edition Memory Profiles (B.E.M.P.), which allows for the aggressive latency settings to be automatically configured in Windows using the AMD OverDrive software utility.
Corsair indicated it would later add to the Dominator GT line by "offering very limited quantities of hand-screen, hand-tuned, extreme performance modules in both lower speed grades and latencies."
Sometimes, you just have to keep things real. Last year, our Dream Machine was a paean to excess, a chrome-plated $17,000 wünder-rig. While we’re still quite fond of that machine, this year we decided to take a different tack and see if we could build a more reasonably priced, but still lust-worthy Dream Machine. Well, actually, we built three of them. While the combined cost of these three machines is about half the price of last year’s rig, we packed a lot of awesome into our relatively tight budgets. The lesson is simple: Dream Machine isn’t about spending a ludicrous amount of cash on a PC, it’s about getting the best rig you can for the money you spend. I think you’ll agree that these three machines pack a ton of power and are all great values.
Without further ado, we give you this year’s crop of Dream Machines.
CoolIT is somewhat notorious for enormous but effective closed water-cooling systems: its Boreas and Freezone Elite kick the pants off of conventional air coolers and are much more user-friendly than piecemeal water-cooling setups. Now CoolIT wants to bring self-contained water-cooling to the masses with the Domino Advanced Liquid Cooling.
The Domino eschews both the large heatsinks and the Peltier thermoelectric coolers of its predecessors in favor of a radiator and single 12cm fan, which gives the Domino less oomph than the Boreas or Freezone Elite, but confers several advantages to the water-cooling newb.
First, the Domino costs a cool $80, compared to $600-plus for the Boreas and $350 for the Freezone Elite. Second, the Domino is much smaller and easier to install; CoolIT boasts that an amateur with no CPU-cooling experience can install it in 10 minutes.
The chip features Fujitsu’s AES encryption/decryption engine that supports data encryption/decryption at a rate of up to 300MB per second. The first PCs equipped with Superspeed USB are expected to become available during the far end of the year, according to the July issue of Nikkei Electronics Asia.