Windows XP Twenty Useful Tips and Tweaks

1) Cracking Windows XP Login Password
download the nice and easy Nt/2k/xp password cracker from
http://www.astalavista.com/
or other way is
if u get acess to the computer then go to Start>Run and type
“control userpasswords2” without Quotes and a new pop up windows
will open and u will reach
to user account properties.
Here u can Reset the Administrator and any Users password so
anytime when u Want to use the
Computer start it in safemode pressing F8 at Booting get into the
xp as u have Administrator password and go to
Controlpanel>Useraccounts and create a New Account .Start
Computer
Normally and get into WinXP with ur newely made account and do
ur job.
(Don’t forget to Delete ur newely made account Otherwise u will
be in trouble)
Delete ur account again starting the computer in Safemode as
Administrator and Delete ur Accoun

Windows 7 Leaked To The Internet

A trial version of Microsoft (NSDQ: MSFT)'s forthcoming Windows 7 operating system showed up on the Internet over the weekend, according to numerous blog reports.
The beta version of the OS, reportedly Windows 7, build 7000, can be downloaded from several infamous torrent sites often used to share pirated content.

Microsoft isn't planning to officially release beta copies of Windows 7 until its MSDN developers' conference in January. A final version of the OS isn't expected until late 2009 or early 2010.

Microsoft may not be overly displeased with the leak.

The company is urging partners to begin work on Windows 7 product development as soon as possible to avoid the sort of compatibility problems that plagued the launch of Windows Vista in January 2007.

Earlier this month, Intel (NSDQ: INTC) released a pre-production version of Windows 7 drivers for graphics chipsets. The WDDM1.1 graphics driver is designed for "enabling the full Windows 7 experience," Intel said, noting that the driver is the result of ongoing collaboration with Microsoft.

Drivers allow hardware components to communicate with a computer operating system.

When Vista launched in January of last year, many hardware makers -- including Intel -- didn't have fully compatible drivers ready. The problems marked the beginning of a slew of bad press for Vista that ultimately led many businesses and consumers to reject the operating system.

To avoid a repeat of those problems, Microsoft earlier this year ordered computer and other hardware makers to begin testing their devices on Windows 7 as soon as the first beta version becomes available.

Microsoft for the first time unveiled Windows 7 features at its Los Angeles Professional Developers Conference in October and appears anxious to release the OS as soon as possible. The company has formally said that Windows 7 won't ship until early 2010, but the January release of a beta disk is the latest sign that Windows 7 could debut in late 2009.

Microsoft is hoping Windows 7, which includes native support for touch screens, will help erase memories of Vista, which has been a disappointment for the company.

Microsoft Scrambling To Thaw Zune Freeze

A surge of online complaints suggests widespread freezing problems with 30-GB version of Microsoft's Zune music player.

Online forum threads have sprawled to thousands of messages detailing what some Zune users are calling "Zune 2K9," a reference to the Y2K bug based on the as-yet-unconfirmed belief that the freeze is a time- or calendar-related programming flaw.

Others are referring to it as the Midnight Meltdown. A handful of YouTube videos uploaded on Wednesday attempt to document the problem. One of the better titles is "The Day The 30 G Zune Stood Still."

"My 30 GB Zune froze out of sleep mode," complained one Zune user. "It wasn't on the charger or connected to my computer. I turned it and rebooted, which isn't all that uncommon when I've turned it off. However, this time it didn't complete. I wonder how Microsoft is going to provide a fix for this because my computer doesn't recognize it as connected when I plug it in."

Microsoft has confirmed that its 30-GB Zunes are crashing and said it is addressing the issue.

"Early this morning we were alerted by our customers that there was a widespread issue affecting our 2006 model Zune 30-GB devices (a large number of which are still actively being used)," Microsoft said in an e-mail. "The technical team jumped on the problem immediately and isolated the issue: a bug in the internal clock driver related to the way the device handles a leap year. That being the case, the issue should be resolved over the next 24 hours as the time change moves to January 1, 2009. We expect the internal clock on the Zune 30-GB devices will automatically reset tomorrow (noon, GMT). By tomorrow you should allow the battery to fully run out of power before the unit can restart successfully then simply ensure that your device is recharged, then turn it back on. If you're a Zune Pass subscriber, you may need to sync your device with your PC to refresh the rights to the subscription content you have downloaded to your device."

The company added that customers can stay informed by monitoring the support page at Zune.net.

"We know this has been a big inconvenience to our customers and we are sorry for that, and want to thank them for their patience," the company said in its statement.

The incident is unlikely to help Microsoft gain ground against Apple's iPod, which accounts for about three-quarters of the digital music player market. And it may undo Microsoft's effort to restore consumer confidence in its hardware following problems with its Xbox 360 in 2007. That year, the company took a $1 billion charge to cover the cost of repairing its problem-plagued game consoles.

Microsoft Windows, IE Usage Declined In 2008

Microsoft (NSDQ: MSFT)'s browser and operating system market share suffered in 2008 while competitors' products thrived.

According to statistics provided by Net Applications, Microsoft Internet Explorer's global market share fell from 78.58% in December 2007 to 68.15% in December 2008.

During that same period, the 10.43 percentage points lost by Microsoft accounted for almost all the gains among competing browser makers. Mozilla's Firefox market share rose from 14.95% to 21.34%, an increase of 6.39 percentage points. Apple's Safari market share rose from 4.85% to 7.93%, a gain of 3.08 percentage points. Google (NSDQ: GOOG)'s Chrome browser, introduced in September, reached the end of 2008 with 1.04% market share.

Microsoft Windows remains the dominant operating system among the Internet users tracked by Net Applications, but it's a bit less so now than a year ago. The metrics company reports that the global market share for Windows fell to 88.68% in December 2008, down from 91.79% in December 2007.

Windows Vista use grew 16.06 percentage points during this period, from 5.06% in December 2007 to 21.12% in December 2008. Windows XP, however, lost 16.27 percentage points, dropping from 81.49% in December 2007 to 65.22% a year later. Windows 2000 went from 3.9% to 1.47%.

Apple's Mac OS X, meanwhile, gained 3.23 percentage points over the same period of time, rising from 6.4% to 9.63%. Simultaneously, the company's iPhone -- which, like the iPod touch, runs a version of Mac OS X -- saw its market share rise from 0.04% to 0.44%, taking Mac OS X as a whole past the 10% mark.

In terms of its share of the U.S. search market, Microsoft also fared poorly, declining from 9.8% in November 2007 to 8.3% in November 2008, according to ComScore. Yahoo (NSDQ: YHOO)'s search share also declined over the same period, from 22.4% to 20.4%. Google saw its search market share grow from 58.6% to 63.5% over the same span of time.

Recession Slams Global Semiconductor Sales

Worldwide semiconductor sales fell in November, as the economic downturn continued to hammer chipmakers, industry figures released Friday showed.

Sales of semiconductors declined 9.8% to $20.8 billion from November 2007, when revenue hit $23.1 billion, the Semiconductor Industry Association reported. Sales were 7.2% lower than the $22.4 billion in October.

Excluding memory products, which have suffered all year from overproduction and weak demand, the industry did much better, but still saw revenue fall. Sales excluding memory fell 4.8% year to year to $17.3 billion from $18.2 billion.

"The worldwide economic crisis is having an impact on demand for semiconductors, but to a lesser degree than some other major industry sectors," SIA president George Scalise said in a statement.

Overall sales for the first 11 months of 2008 were $232.7 billion, an increase of 0.2% from the same period last year, the SIA said. Excluding memory products, year-to-year sales for the same period rose 5.6%.

The SIA numbers were just the latest bad news for the semiconductor industry, which is reeling from a worldwide drop in consumer electronics and PC sales because of the economic recession.

The industry is expected to see its first revenue decline in seven years in 2008, according to market researcher iSuppli. Global revenue is expected to fall by 2% to $266.6 billion from $272 billion in 2007.

The new figure is a dramatic drop from the research firm's September forecast of 3.5% growth and will be the first year-to-year decline for the industry since the dot-com bust of 2001 that sent revenue plummeting by 28.7%.

Microsoft Confirms New SQL Server Threat

Microsoft (NSDQ: MSFT) has confirmed the existence of a new and potentially serious security threat to users of its SQL Server database software.

"Microsoft is aware that exploit code has been published on the Internet for the vulnerability addressed by this advisory," the company said in a bulletin published Monday.

The threat is essentially software code that hackers could use to access or alter corporate databases built with SQL Server. The malicious code could allow what's known in IT security as remote code execution, a process by which hackers could, for instance, alter figures in a bank account without ever setting foot on the bank's premises.

Microsoft said SQL Server 2000, SQL Server 2005, SQL Server 2005 Express Edition, SQL Server 2000 Desktop Engine, and Windows Internal Database (WYukon) are all potentially vulnerable to the threat. It added, however, that it's not aware of any attacks having actually been carried out.

The threat does not affect SQL Server 7.0 Service Pack 4, SQL Server 2005 Service Pack 3, or SQL Server 2008, Microsoft said.

"This vulnerability is not exposed anonymously. An attacker would need to either authenticate to exploit the vulnerability or take advantage of a SQL injection vulnerability in a Web application that is able to authenticate," Microsoft noted in its security bulletin.

Microsoft said it's continuing to investigate the problem and will issue a security patch if necessary -- either as a special download or as part of its regular monthly security update cycle.

In the meantime, Microsoft is urging customers who believe they've been targeted by hackers using the vulnerability to contact Microsoft customer service, as well as the Federal Bureau of Investigation and the Internet Crime Complaint Center.

Consumers Don't See Mobile Banking As Secure

Mobile banking is a common service in countries like Japan, though less than 10% of U.S. consumers use their cell phones to perform banking transactions. The single biggest factor for the low adoption rate is concerns over security, according to a new report by Javelin Strategy & Research.

The report, titled "2008 Mobile Banking Security Standards," said 47% of nonparticipants did not sign up because of security. Despite the lack of large-scale mobile phone attacks, 73% of consumers fear hackers could remotely access their phones. Those surveyed also expressed concern that their sensitive mobile banking data could be stolen with a wireless signal despite encryption, and more than half were worried about what would happen if their phone was stolen.

The report found these perceptions could possibly be improved, and the most effective way is by guaranteeing reimbursement of any fraudulent use of financial accounts. Other ways to tackle the security concerns include using a login method beyond user name and password, and providing e-mail alerts for particular conditions like a large withdrawal.

"With a well-designed security program in place, mobile has inherent safety advantages that make it one of the most protected channels for remote banking," the report said. "It can be used to improve overall security via the inherent speed and notification advantages of always-on, always-present mobile access."

Visa and MasterCard have ambitious mobile plans, and mobile banking is a major part of the companies' strategy. Both are already piloting programs across the country, and they are entering the mobile application space as well.

"While convenience is great, we want to make sure our moves in the mobile market cause no damage to the brand," said Simon Pugh, head of MasterCard's global mobile payments strategy. "We have, and will continue to implement, a comprehensive end-to-end security model."

The group identified a weakness in the public key infrastructure used on the Internet to issue digital certificates for Web sites that employ the secu

A municipal network held hostage, the hacking of a public official's private e-mail account, court battles to gag security researchers, and dire warnings about the Internet's Domain Name System were just a few of the highlights of the IT security landscape in 2008.
In separate but related incidents this year, Massachusetts Bay Transportation Agency and NXP Semiconductors lost court battles to gag security researchers. MBTA wanted to keep three MIT students from talking about security flaws in Boston's transit fare card system known for its "Charlie Card." NXP wanted to prevent researchers at Radboud University in the Netherlands from publishing details about security flaws in NXP's MIFARE Classic card, on which the Oyster card used by the London transit system is based.

Neither group succeeded in silencing the security researchers who identified holes in their respective systems, proof that the judicial system, often criticized for being out of step with technology, understands the value of security research. That bodes well for the future.

As Counterpane CTO and security rock star Bruce Schneider explained in an op-ed piece in The Guardian about the NXP case, "The notion that secrecy supports security is inherently flawed. Whenever you see an organization claiming that design secrecy is necessary for security -- in ID cards, in voting machines, in airport security -- it invariably means that its security is lousy and it has no choice but to hide it."

Hiding it, however, doesn't work anymore; only openness offers any real measure of security.

Sarah Palin's Rogue E-mail Account Hacked

In a case that highlighted the insecurity of online password recovery schemes, the risk of public officials going rogue and relying on consumer services for official communication, and the deductive power of the crowd, Alaska Gov. Sarah Palin saw the contents of herYahoo (NSDQ: YHOO) Mail account published all over the Web.

It didn't take long for Internet sleuths to link online nicknames associated with the person claiming responsibility for the breach with a suspect, 20-year-old David Kernell, son of Tennessee Democratic state Rep. Mike Kernell. Coming at a time when the contentious presidential election had yet to be decided, the compromise of Palin's e-mail account stoked partisan passions, stirring interest in the case far beyond the significance of the crime.

Kernell's trial has been pushed back from December 2008 to May 2009. The indictment against him looks shaky. In the end, he's likely to plead to a misdemeanor and face no serious punishment, apart from a hefty legal bill.

200 Sony PS3s Harnessed To Crack Secure Site Certification

Using 200 Sony (NYSE: SNE) PlayStation 3s for crypto cracking, a group of security researchers has found a way to forge certain digital certificates used to identify secure Web sites, a technique that could be used to create fake versions of popular e-commerce and banking sites.

The researchers -- Jake Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Alex Sotirov, Marc Stevens, and Benne de Weger -- presented their work Tuesday at the Chaos Computing Congress, a four-day computer hacking conference held annually in Berlin.

The group identified a weakness in the public key infrastructure used on the Internet to issue digital certificates for Web sites that employ the secure HTTPS protocol.

"Our attack takes advantage of a weakness in the MD5 cryptographic hash function that allows the construction of different messages with the same MD5 hash," the researchers said on their Web site. "This is known as an MD5 'collision.' Previous work on MD5 collisions between 2004 and 2007 showed that the use of this hash function in digital signatures can lead to theoretical attack scenarios. Our current work proves that at least one attack scenario can be exploited in practice, thus exposing the security infrastructure of the Web to realistic threats."

Discussing the research, Princeton computer science professor Edward Felten explained on his blog that the hash is a 128-bit code that's supposed to represent a unique digest of the digital certificate in question. "To be secure, the hash method has to have several properties, one of which is that it should be infeasible to find a collision, that is, to find two values A and B which have the same hash," he wrote.

But as the researchers have shown, it's not infeasible. In theory, at least, that means someone could create a fake HTTPS banking site, for example, using a forged certificate to hijack a trusted brand name.

The group identified six certification authorities that issued certificates signed with MD5 in 2008: RapidSSL, FreeSSL, TC TrustCenter AG, RSA Data Security, Thawte, and verisign.co.jp.

Shortly after the research was presented, Tim Callan, a product manager for VeriSign's SSL business, said in a blog post that his company had taken steps to eliminate the vulnerability. He said that VeriSign has "been in the process of phasing out the MD5 hashing algorithm for a long time now."

Microsoft (NSDQ: MSFT) also responded, issuing a security advisory Tuesday. "This new disclosure does not increase risk to customers significantly, as the researchers have not published the cryptographic background to the attack, and the attack is not repeatable without this information," Microsoft's advisory says. "Microsoft is not aware of any active attacks using this issue and is actively working with certificate authorities to ensure they are aware of this new research and is encouraging them to migrate to the newer SHA-1 signing algorithm."

The research group goes further, advising that certification authorities stop using MD5 and move to more secure hash functions, such as SHA-2. While collision attacks have not yet been shown to be practical against SHA-1 hashes, work along these lines is progressing.