Last week the blogosphere nearly exploded (see here, here, here and here for only a few examples) with the news of the Flashback trojan, creating a botnet of nearly 600,000 Apple machines. Getting your machine infected is as easy as surfing to a bogus website containing the malware, which installs itself using an exploit in Java. This technique is called a drive-by download. There is no need for you to enter your admin credentials. It’s even worse: the malware will install itself without you noticing it at all. Pretty scary if I may say so.
If you want to know if your Mac is infected with the Flashback trojan, then check out this page on F-Secure’s website to find out and follow the removal instructions if you do find it on your machine.
To make your Mac less vulnerable for this kind of malware attack, I recommend checking out Khürt Williams’ post who explains how to turn off Java in Safari and on OS X level. This makes very much sense when you are not a software developer who has to deal with Java on a daily basis. If you use an other browser like Google Chrome or Firefox, then check out this page for instructions. Khürt also advises to uninstall Adobe’s Flash plugin. This is one bridge too far for me at the moment, but it certainly is a good idea.
Update April 11th, 2012: Apple works on software to release the Flashback malware from infected Macs and is working with ISPs worldwide to bring down the botnet’s command & control servers. Read more about this on arstechnica.com.
Here is a link to a very interesting opinion post on how much money Google makes from Android compared to iOS. Estimation of the earnings from Android have been based on Google’s proposed settlement of the Java patents lawsuit that was started by Oracle. I found the numbers surprising and they are probably not too far from the truth.
A number of reporters visiting the Mastering SAP event in Sydney, Australia, wrote that there is a buzz among SAP customers who run their systems on Oracle databases to think about changing their database strategies in the future.
When asked about which database they would likely be migrating to in the future in an informal survey, the majority answered surprisingly: Microsoft SQL Server.
It’s attractive because it offers technology similar to SAP HANA (features known as columnar and in-memory storage) and its prices start at $11,000 per terabyte. It can run on comparatively lower-cost hardware such as new servers by Dell, too. Microsoft and SAP have been partners for years.
So why not chose SAP’s new HANA database then? ZDNet says the following about this:
When it came around to a discussion on HANA, there was much debate about whether customers will put their OLTP systems on this as yet to be available database. The question in my mind is whether there is any real advantage in moving to HANA which today, can provide huge speed improvements in analytic style scenarios. The answer is a heavily qualified ‘maybe.’ HANA’s columnar store thrives on complex aggregation queries but is slow when trying to replicate what amount to row store calculations where an Oracle performs very well.
The Register published the following news on their website a few days ago:
A new study conducted by IDC and mobile-developer platform and services company Appcelerator has determined that as Google’s open source Android operating system becomes more and more fragmented, fewer and fewer developers are putting it on their “must-code-for” list.
Good news for music addicts and musicians like me!
According to research that has been published in Neurobiology of Aging, music may have a beneficial influence on our aging process. Scientists came to this conclusion by doing experiments with young and old musicians and with people who hardly or never played an instrument.
Musicians of an older age were able to respond faster and better on audio tests with speech than the persons that were still young but never played an instrument. Research suggests that playing an instrument during most of your life has a big influence on your nervous system, which will be better able to process sound and speech on an older age.
Read more about this research on the following pages:
Business Insider has an interesting interview with Vishal Sikka, the SAP engineer that created the HANA database with his team of developers. In the first six months the HANA database generated $200 million in sales. And the claims in speed and performance are quite outrageous. Check out these quotes from the article/interview:
Given a chance, he’s happy to rattle off the happy customers who have already yanked out their old database and replaced it with HANA. He says that two such customers have become members of the “100,000K club” which means that HANA runs 100,000-times faster than their previous database.
One large Japanese retailer used to need three days to process its customers rewards program. With HANA it now takes three seconds.
“The son of the owner of company runs the IT department. He was so psyched he called me,” Sikka laughs. It actually took them longer — five hours — to calculate and verify the performance improvement numbers than it did to issue its rewards. The company can now offer its customers on-the-spot rewards while shopping in the store, based on the items loaded in the shopping cart.
This is hard to believe, but if it is only partly true, this could mean serious competition for Oracle.
Eighty-five years and eight fallen drops later, this surely is a long-running experiment!
The pitch-drop experiment—really more of a demonstration—began in 1927 when Thomas Parnell, a physics professor at the University of Queensland in Australia, set out to show his students that tar pitch, a derivative of coal so brittle that it can be smashed to pieces with a hammer, is in fact a highly viscous fluid. It flows at room temperature, albeit extremely slowly. Parnell melted the pitch, poured it into a glass funnel, let it cool (for three years), hung the funnel over a beaker, and waited.
Read the rest of the story by following the link below.
A number of times I posted links to Android malware news, like this one.
An important lesson in these messages was: don’t download apps from untrusted sources because you risk downloading an app that contains malware.
Every now and then though, the official Android Market gets infected with malware apps. And it happened again recently, where Google had to pull 22 malicious apps from the Market. The post linked below talks about an estimate of 14,000 infected users.
In total, Google took down over a hundred malicious apps already. Since Android phones are very popular with over 500,000 activations a day, I am afraid these malware practices will get worse. I hope I won’t be right and Google invents a mechanism to find and block these apps as soon as they appear.
In the meantime, people should not only be careful when downloading apps from external sources. The Android Market can contain a nasty bug every now and then too.
[Georgia Weidman’s] Android proof-of-concept botnet installs itself in a fashion similar to the DroidDream malware, a trojan that could record phone conversations. The proof-of-concept botnet payload could be spread in several ways—either as part of a malicious application on an app store, or through a Web link sent to the smartphone or clicked in the mobile browser. “It ‘roots’ the phone,” she said, “and it works as a proxy between the cellular modem and the application layer.”
iOS users aren’t safe either. Weidman said that a similar botnet could also be created on iOS devices, but the malware needs to be distributed via a “jailbreak” package.
Adobe moves an other step away from the Flash platform and donates Flex to the Apache Software Foundation (ASF). The ASF will still have to vote whether they will take on Flex and have not yet commented on the matter.
While Adobe states they are still committed to Flex, they also say that HTML5 will be the best technology for developing enterprise web applications on the long term.
Now honestly: would you really care investing your precious time in learning Flex now that Adobe has made this move, even if they say they are still behind the technology and its community? I actually feel sorry for the developers who did, and also for the people who invested their time and skills in Microsoft’s Silverlight which is going the same path as it looks right now.
Here are some links on the subject for your reading enjoyment:
The lesson to be learned here is in the last sentences of the article:
In a related blog post, Juniper said it discovered a “trove of malicious applications aimed at Android users hosted across different Russia-based third party app stores,” which serves as a reminder to only download Android apps from trusted locations, like Google’s Android Market, Amazon, etc.
Fred Langa of Windows Secrets did some interesting research on the effect of registry cleaners on Windows 7. Older versions of Windows were notorious for making a mess of the registry and not cleaning up correctly after uninstalling software. But what about Windows 7? Has this OS improved over its predecessors?
Langa’s conclusion: using a registry cleaner in Windows 7 still has a positive effect on your systems’s performance and bootup time. Of the tools that he put to the test, jv16 PowerTools turned out to be the most effective.
Want to know how he tested this, what other registry cleaning software he used and the statistics he gathered? Then hop over to Windows Secrets to find out.