The Thing I hate most about MSN Wnidows Live Messenger

 

Unauthorised laptop software causes security breach at Pfizer

Pfizer has admitted that the identities of 17,000 current and former employees were compromised when an employee’s spouse installed unauthorised file-sharing software on a company laptop where the data was stored.

Pfizer attorney Bernard Nash said in a letter (.pdf) to attorneys general in states where affected employees live that names and Social Security numbers were exposed and that the pharmaceutical company will offer them a free year of credit monitoring.

“This software allowed outsiders access to a number of files that included the names and Social Security numbers of the affected employees.” Nash said in the letter. “Based on Pfizer’s thorough investigation to this point, it appears that the affected employees can be grouped into two categories — approximately 15,700 who actually had their data accessed and copied, and approximately 1,250 who may have had their data accessed and copied.”

Nash’s letter included copies of notices being sent to employees.

“Our investigation revealed that certain files containing your data were accessed and copied,” the letter to those exposed said. “Based on our investigation to date, we have no reason to believe that any other personally identifiable information was exposed. Also, because the laptop was being used to access the Internet outside the Pfizer network environment, there are no associated risks to any other data systems maintained by Pfizer. We apologise for this incident and sincerely regret any inconvenience that these events and responding to this notice may cause you.”

The company recommended employees call 866-274-3891 to get the credit monitoring services.

Connecticut Attorney General Richard Blumenthal (305 Pfizer employees in Connecticut) has asked Pfizer to provide details on whatever security policies were in place before the breach, as well as information about when the breach was discovered and how Pfizer responded. Blumenthal also wants the company to explain how it was able to determine which information was actually exposed. The company has until June 22 to answer those questions.

Content provided by TechTarget

 

US may require European visitors to register online

Europeans who visit the U.S. will be required to fill out an online questionnaire two days before they enter the country under a proposal being studied by the U.S. Department of Homeland Security.

The department has been discussing the idea internally for about a month, said Hugo Teufel III, chief privacy officer for the DHS, in a meeting with journalists in Paris on Thursday. He could not say when the registration system might be introduced.

The proposal will likely increase tensions between the U.S. and Europe at a time when the two sides are already in heated debate over U.S. demands for data about air passengers flying from Europe to the U.S.

The U.S. says it needs access to more data to prevent suspected terrorists from entering the country, while European regulators counter that the demands are excessive and worry how the data will be used.

The online registration would complement the Automated Targeting System, or ATS, a program disclosed by the DHS in November that assigns a “risk assessment” to people entering and leaving the U.S. , to determine the likelihood that they pose a security threat.

The registration system would likely require approval by the U.S. Congress before it could be introduced, Teufel said. “It’s a fairly new initiative in that we’ve been discussing it internally for about a month,” he added.

He offered few other details Thursday, but Homeland Security Secretary Michael Chertoff discussed the proposal earlier this week in an interview with the German newspaper Der Spiegel. Chertoff said the U.S. wanted to “elevate the security level generally” for foreign visitors, particularly in light of its looser visa requirements for some countries.

The online registration “would be similar to what they do in Australia where visa waiver travelers would register online in advance, and they would, therefore, know before they arrive in the United States whether there was going to be a problem with their being admitted,” Chertoff told the newspaper. “The registration would have a shelf life of some years. It wouldn’t be something you do every trip, you would do it periodically,” he added.

The DHS will prepare a “privacy impact assessment” on the registration plan, Teufel said Thursday. Such assessments cover issues like how data is used, who can access it and for how long it will be retained.

Teufel suggested that the assessment report would be made available to the public, although U.S. law makes exceptions for reports about systems used by the intelligence community, he said.

Teufel was appointed by Chertoff in July last year and is responsible for the DHS’s privacy policies.

 

Wireless networks: What impact will 802.11n have?

What impact will 802.11n have? Which security threats are scariest? What of wireless VoIP?

How will 802.11n high-throughput wireless LANs affect the corporate net?

A surprising number of wireless LAN vendors have recently announced enterprise access points based on the draft IEEE 802.11n standard, promising throughput of 100M to 200Mbps per frequency band, or from three to six times that of today’s 11g and 11a nets.

Whether network managers opt for the draft 11n products, certified interoperable by the Wi-Fi Alliance, or wait for the final IEEE ratification in late 2008 or early 2009, they could face any of these four issues: overloading part of the wired infrastructure; overloading existing, older wireless LAN switches; forcing an upgrade to higher-powered Power-over-Ethernet ; and repositioning and rewiring some number of existing wireless access points.

Most of the new access points will come with one or even two Gigabit Ethernet ports. “We’re mostly ‘100 meg’ to our buildings,â€? says Michael Dickson, network analyst at University of Massachusetts at Amherst . “[For 11n,], we’ll need gigabit switches in the closet with 10-gigabit uplinks. That’s a definite cost, almost a necessary cost for 11n.â€?

“11n adds an incentive to go to ‘gigE’ [in the wired infrastructure] ,� says Craig Mathias, principal with Farpoint Group.

One related issue with upgrading a cable plant, given the capacity of 11n, is whether to upgrade the Ethernet wall jacks, a decision about whether the wireless infrastructure becomes the principal means of network access.

If existing wireless LAN controllers also lack the net capacity, and the needed processing power and memory to handle the increased traffic, they’ll have to be replaced, especially if the vendor has a purely centralized architecture with every packet running from each access point to the controller. Vendors have been upgrading their controllers over the past year with 11n in mind, sometimes also offloading the packet switching functions to the access points, creating a distributed data plane.

“With this kind of distributed data plane, there’s no bottleneck at the controller,� says Mathias. “If you have Meru or Extricom, you have centralized data and control planes. But if you design the box to handle whatever is thrown at it, it’s not a problem.�

Benchmarking wireless performance to verify such things as workloads and traffic conditions is likely to become much more important for 11n nets. To do this, enterprises or systems integrators will use complex performance- testing tools, such as those from VeriWave and Azimuth Systems, which previously had been used mainly by radio chip makers and equipment manufacturers. “This will be a big thing down the road,� Mathias predicts.

The Power over Ethernet (PoE) issue may catch some users by surprise. “The PoE infrastructure may have its upper limits tested by 11n deployments [that are] used to their maximum capabilities,� says Chris Silva, analyst at Forrester Research.

PoE lets you run just one cable between switch and access point, instead of two, potentially a big cost saving. But the 11n access points draw more electricity than the 15.4 watts maximum provided by power injectors based on the IEEE 802.3af standard. That will at least double with a new standard, 802.3at, now being finalized. At least one vendor, Trapeze, has created new code that can let its just-announced 11n access point make use of existing PoE injectors, but there are tradeoffs in terms of performance.

“The promise of 11n is more than simply going faster,� says Phil Belanger, managing director for Novarum. “The increased range of 11n will make it more practical to deploy large systems using the 5-GHz band, which has many more channels than the 2.4-GHz and has not been used very much to date. That, in turn, will enable much higher capacity wireless LANs. For many enterprises, a wireless network that delivers hundreds of megabits of capacity everywhere will be good enough to be the only network.�

We’ve identified three, but we’ll treat one of them (denial of service)

The other two threats are emblematic of two very different human dynamics: one springs from the increasing cunning of attackers, the other from the continuing ignorance of users and even IT professionals about the nature of wireless threats.

In 2006, researchers identified problems with wireless interface device drivers that could be exploited in various ways by attackers. Drivers function at the level of the operating system kernel, where malicious code potentially has access to all parts of the system.

Typically, these driver vulnerabilities involve manipulating the lengths of specific pieces of information contained in the wireless management frames, causing a buffer overflow where a malicious payload can be executed, according to Andrew Lockhart, security analyst with Network Chemistry.

“A driver will process these data elements whether or not [the adapter is] associated with an access point. So the combination of simply having a powered-on wireless card with a vulnerable driver can leave a user open to attack,� he says.

The obvious solution is to replace the vulnerable drivers. But that is an ad hoc process. “In the Windows world, most wireless drivers are part of a third-party software package, so they don’t get updated with a Windows update, which makes it troublesome to eliminate the problem, and it will likely be a problem for a while,� he says.

Attackers are becoming smarter about what and how they attack, increasingly using evasion tactics to sidestep or confuse wireless intrusion detection/preventio n applications (IDS/IPS). The long-term solution is smarter IDS/IPS systems that can more comprehensively monitor and analyze wireless traffic and behaviors. But researchers, such as those at Dartmouth College ’s Project MAP (for measure, analyze and protect) are only in the early stages of such work.

The second wireless threat is related to the fact that many mobile users seem to be not getting smarter about wireless security.

“The biggest threat is people who use open Wi-Fi access points and don’t use encryption or VPNs,� says David Kotz, Dartmouth professor of computer science and one of the lead Project MAP researchers. “They trust some random hot spot operator or open access point somewhere with their personal or professional data. People are careless.�

That’s putting it diplomatically.

Security consultant Winn Schwartau likes to tell how his then-12-year- old son used a Windows-based Palm Treo to wirelessly eavesdrop on business executives using laptops or PDAs on an airport or other public Wi-Fi net. He routinely collected username/password combinations to corporate nets. “My son had passwords to 40 of the Fortune 100 [nets],� he says.

The key vulnerability was these users, even if they used an encrypted VPN tunnel to access the corporate net, repeatedly used an unencrypted wireless link to access Internet mail or other Web sites in the clear, allowing the younger Schwartau to collect information to access the user’s Web mail account. He then used it to send the user an e-mail from his own account. “I can then infect that machine [with malicious code], and have access to your VPN account,� Schwartau says.

The inverse of this problem is allowing personal mobile devices, which have been exposed to the Internet in the wild, to connect to corporate nets. “Normal security standards and procedures are often ignored when users are allowed to connect their own devices,� says Lora Mellies, information security officer at Hartsfield-Jackson Atlanta International Airport . “For instance, there may be no scheme to regularly back up the information, no firewall or antivirus protection installed, and no use of encryption for confidentiality or [of] tokens/certificates for strong authentication.�

“No one can define the perimeter [of the corporate net] anymore,� says Schwartau. “The rule is: ‘Thou shalt connect nowhere except to the corporate network; once you’re there, you can do whatever you want, but we’ll be watching you.’�

This threat will only get worse as the number of ill-trained mobile users grows, along with the ballooning amount of sensitive or proprietary corporate data on their mobile devices.

Is wireless [Wi-Fi-based] VoIP worth the bother?

Judging from the market, where enterprises vote with their dollars, the answer so far is, “Generally, no� at least for large-scale deployments.

There are exceptions, though rare, and they tend to prove the rule. One of the most often cited is Osaka Gas, in Japan . The utility used Meru Networks’ WLAN infrastructure to support 6,000 mobile phones that were equipped with cellular and Wi-Fi network interfaces. The price tag for the whole project: $10 million.

The reluctance to embrace large-scale wireless VoIP isn’t suprising. Enterprisewide wireline VoIP deployments have only fairly recently found traction, and many of these have been angst-ridden. To be fair, often the angst is created by specific issues or problems at a given enterprise site.

But using a wireless connection in place of a wire adds lots of complexities, solutions to which are only slowly maturing. Access points have to be pervasively distributed to support voice traffic, while radio interference can easily affect voice quality or call sessions. Wireless eavesdropping on unsecured VoIP sessions is another worry for enterprise managers.

And it’s difficult to pinpoint savings, says Forrester’s Chris Silva. “Wireless VoIP has been positioned as a way to replace cellular minutes of use,� he says. “But corporate IT doesn’t have a good handle on what they’re actually spending on this: It’s often just expensed. So it’s hard to make a case for savings and hard therefore to make a case for investing in VoIP over WLAN.�

Over the course of three months we tested WLAN switches and access points from Aruba Wireless Networks, Chantry Networks (now Siemens), Cisco and Colubris Networks in terms of audio quality QoS enforcement, roaming capabilities, and system features.

Among his findings:

* With QoS enforcement turned on, and with only voice traffic on the net, calls nearly matched toll-quality audio.

* With even a small amount of data traffic, dropped calls became common and audio quality was poor, even with QoS still enabled.

* Roaming from one access point to another either failed or took so long, from 0.5 to 10 seconds, that calls dropped.

Those findings reflect some of the experience at Dartmouth College , which embraced a limited VoIP deployment on its pervasive Aruba-based campus wireless LAN four years ago. Initially, some college staff used the wearable mobile VoIP phone from Vocera. There were some problems with roaming, according to David Bucciero, Dartmouth director of technical services, who despite these teething pains is one who says wireless VoIP is worth the hassle.

More recently, the college has added just under 100 Cisco 7920 wireless VoIP handsets which “were flawless,� though latency was an issue early in the deployment, says Bucciero. Reducing those delays has been an ongoing tuning process, working closely with both Aruba and Cisco, the wireline net vendor for the college.

Things have changed in two years, including the advent of the 802.11e QoS standard, augmented by continued proprietary QoS tweaks, and faster handoffs between access points.

But the real change has been the growing interest in, and products for, shifting call sessions automatically between cellular and Wi-Fi nets. At the enterprise level, this convergence entails an IP PBX, usually a Session Initiation Protocol (SIP) server, the WLAN infrastructure, new specialized servers from start-ups like Divitas and established players like Siemens, and accompanying client code running on so-called dual-mode handsets, which have both a cellular and a Wi-Fi radio.

Dartmouth is doing exactly this, running a pilot test with the Nokia E61i, a dual-mode mobile phone recently introduced in the United States as part of its convergence partnership with Cisco. The handsets use SIP to talk to the Cisco CallManager IP PBX.

“Cellular and Wi-Fi convergence is the real pull for VoIP over wireless LANS,� says Farpoint’s Mathias. “Once that [convergence] happens, then we can converge dialing directories, voice mail, other services, and have one phone that works everywhere.�

Will my organization need to change to support enterprise mobility?

Yes.

A growing number of companies are moving beyond or even ignoring mobile e-mail in favor of mobilizing line-of-business applications.

“When you start rolling out these applications over a wider expanse, the questions become ‘how can I lower costs of existing operations’ or ‘how can I provide new opportunities to grow revenue,’� says Bob Egan, chief analyst with TowerGroup, a Needham, Mass., consulting company. “These questions force you into thinking in a strategic mode versus an ad hoc mode.�

In a 2006 TechRepublic survey, 370 U.S. IT and business professionals said they were targeting the following applications for mobilization (respondents could pick more than one answer): intranet access (chosen by 23%), field service/data entry/data collection (21%), personal information management (19%), customer relationship management or sales force automation (16%), supply chain management (12%), and ERP (nearly 10%).

The justification for making these applications mobile is increased worker productivity and efficiency, which was cited as “extremely significant� by 35% of the same respondents. The two other top justifications (“extremely significant�) were reduced costs, cited by nearly 30%, and improved data collection and accuracy, cited by 28%. In all three cases, larger percentages cited these justifications as “significant.�

Successfully exploiting such applications and achieving these goals requires changes in such diverse areas as employee and manager responsibilities and accountability, network access and authentication, mobile device management, end user and wireless networking tech support, and security and data-protection policies and enforcement.

“If you don’t actively manage [mobile] workforce issues, including human resources and psychological issues as well as technology, you don’t get the full value,� says John Girard, vice president for Gartner. “In the end, the most important parts are the human parts: How do you monitor work, how do you assign responsibility, and do you understand what your team is doing?�

To make this possible, Gartner recommends consolidating an array of mobile provisioning, management and security functions (such as vulnerability assessment, security configuration, standard software image control, security and performance monitoring), shifting routine functions from the security group to the operations group, and forging joint policy development between those groups. One goal of this approach is to minimize the number of individual software products that target subsets of mobility issues but can’t share information and aren’t part of a strategic mobility plan.

“If you have different policies for different platforms [desktops, notebooks, smartphones] , how do you maintain consistency?� Girard asks. “Most companies have a software distribution plan that works well for the desktop but less well for notebooks, and even less well for smartphones.� Or a well-developed method for backing up desktop PCs may ignore mobile devices completely, despite the growing amount of corporate data on them and the greater likelihood of loss, theft or hacks.

“[Organizational changes] are all about controlling the flow of the company’s intellectual property – how to provision and protect the data on the net and on the devices - and all the responsibilities that go along with that,� says TowerGroup’s Bob Egan.

Mobility becomes a system, or a system of systems that has to be viewed and treated as a whole. “With more and more users being mobile every day, we are paying a lot of attention not only to the uptime but also to the health of the system,� says Daver Malik, telecom engineer at Hartsfield-Jackson Atlanta International Airport . “Careful watch on the system usage, capacity and trends is kept so as to prevent any undue disruption to the users.�

One related aspect in preventing undue user disruption is tech support and the enterprise help desk. “Very few companies do a good job in supporting mobile workers,� says Jack Gold, principal of J. Gold Associates. “Their support infrastructure today is for desktop support: You can’t send a technician into the field to fix a [mobile] problem.� The tech support team needs new training, new tools, new policies and procedures to be able to effectively and quickly respond to mobility problems.

One emerging alternative is to outsource some or all of these tasks to a new breed of managed services supplier. One example is Movero Technology, an Austin company that handles all aspects of cellular-based device and application deployments for an enterprise.

How do I control costs in an expanding mobile and wireless environment?

Get a grip.

There are lots of costs in mobility: wireless and wired infrastructures; cellular voice and data plans, including roaming charges; the usage patterns of those plans; mobile device purchases; applications; software for device management; training; tech support.

“Viewing this from a strategic perspective means these costs become more visible,� says TowerGroup’s Egan. A strategic mobility plan for the enterprise uncovers, identifies and quantifies the true costs of the typical piecemeal approach to enterprise mobility, and creates the possibility for systematically controlling and minimizing them, he says.

This can be a shock to organizations that have handled mobility in an ad hoc way, Egan says. “Viewed from a strategic viewpoint, costs become more visible, so it seems like they’re much greater,� he says. “But the ad hoc approach to mobility hid the real costs, and those costs are much greater in my view than they are for a strategic approach.�

A strategic plan can also make more visible the potential benefits of mobility, in terms of saving money or increasing revenues, an essential element in evaluating the needed investments.

Egan says one of his biggest surprises was talking with auto rental giant Avis, which was one of the first to have employees equipped with wireless handhelds, to meet customers in the parking lot as they returned their automobiles. “I said ‘what a great thing for customer service,’� Egan says. “The Avis guy started laughing.� The real benefit of the system was that it let Avis make an instant, on-the-spot decision about whether to keep the car for servicing, which costs money, or send it to auction. It was about where not to spend Avis’ cash.

With a strategic plan, centralized and standardized device and software purchases are possible, a key element in rationalizing and reducing mobility costs. At the same time, changes in network infrastructure and in business processes can be budgeted and planned for. A mobile deployment can be frustrating and investments wasted if, say, an increase in data or transactions overwhelms back-end systems.

“Utilize your fixed infrastructure to its maximum potential to support the expanding wireless/mobile environment,� says Hartsfield-Jackson Airport ’s Malik. “A carefully developed plan for the fixed portion of the network (for example fiber) that is capable of supporting future expansions both in terms of size and technology is the key component of controlling the cost related to such expansions, as and when they happen.�

Acquisition costs have to be managed for mobility just as they are for corporate desktops. “It’s very important to know the costs and ownership implications of everything you buy [for a mobile deployment],� says Gartner’s Girard. “Figure out what platforms you’re willing to support, and provide business groups and users the incentives for adopting those.�

Girard recommends a thorough inventory of the relevant tools, systems and services you already have, including software licenses. “Where have you already spent money?� he says. “Then apply Occam’s Razor, simplify. Ask yourself, ‘How do I reach fewer products, both to reduce complexity and reduce costs?’�

A hidden element in cost calculations, according to Venture Development Corp. (VDC), is the impact of downtime and tech support if the mobile device, or some other part of the mobile system, fails. In an October 2006 report, VDC estimated that the failure rates of some consumer-grade mobile devices can exceed 20% per month. “In fact, the overall cost of downtime/lost productivity can represent up to 30% of the TCO (total cost of ownership) of a mobile device,� according to the report.

VDC notes that device vendors are introducing new features and technologies to boost the durability and ruggedness of laptops and other handhelds. This class includes the semi-rugged laptops, which can endure a lot more rough handling and accidents than their consumer-grade cousins, even though they can’t match the military-grade devices designed for the harshest conditions. The higher initial capital cost for such devices is worth it, because the company avoids the much higher costs of downtime due to equipment failures.

A strategic plan makes it possible to negotiate more aggressively with wireless carriers, refining cellular data plans tuned for various groups of users, minimizing overage charges in terms of rates and shared minutes or megabytes, and keeping international roaming charges in check, says consultant Jack Gold.

What can I do to stop wireless denial-of-service attacks?

Not much.

There are two kinds of DoS attacks emerging. One uses radio waves to jam a wireless LAN (WLAN) access point or network access card. The other, more sophisticated, manipulates the 802.11n protocols to accomplish the same thing – blocking a radio from sending or receiving.

A good example of jamming, though it’s unintentional, is caused by the microwave trucks used by TV stations covering the Boston Red Sox home games at Fenway Park . In some cases, the tightly focused beams are not a problem for the baseball park’s unlicensed band 802.11 WLAN because they’re aimed away from the park to one of several towers. But in one case, the beam shot across the park, bounced off a bank of newly installed metal bleachers, and reflected back into the park, wiping out the WLAN.

Red Sox IT Director Steve Conley says he could stand right next to a WLAN access point with a wireless notebook and still not be able to connect to it.

Few homemade or commercial jammers come with the power of these commercial microwave systems. But for short distances, they don’t need a lot. Products available include a $400 pocket-sized jammer that can disrupt three frequencies, including 2.4 GHz, up to 90 feet. It’s advertised as a way to disable “spy cameras� running on wireless links. Another palm-sized model with a range of about 30 feet costs about $290.

There’s even the Wi-Fi Hog project, complete with its own philosophical justification for “liberating� public wireless nets from the concept of shared use. The Hog, mounted on a notebook PC, uses selective jamming to lock out other clients from an access point and stake an exclusive claim on its use.

But a recent article on the Web site of the Instrumentation, Systems and Automation Society, a nonprofit professional group focusing in industrial automation, puts the jamming threat into perspective. The article, by Richard Caro, chief executive of CMS Associates, lays out several reasons why jamming is not as easy to pull off effectively as some claim and others fear.

(Caro mentions that the tactic of battlefield radio jamming by German forces in World War II led to the invention of frequency hopping spread spectrum communications as a countermeasure, an innovation patented by Hungarian-born Hollywood actor Hedy Lamarr and her associate George Antheil.)

“Interference is definitely an issue,� says Farpoint Group’s Craig Mathias. “We were able to construct some bad interference scenarios and show their impact. It was quite interesting to see how much damage could be done.�

“You’re toast,� says Winn Schwartau, of The Security Awareness Company, who wrote about the threat in his 2000 book CyberShock.

Currently, there’s no real countermeasure for a deliberate, focused jamming attack, except to quickly detect it, with a tool like Cognio Spectrum Analyzer, which Cisco is offering as part of its wireless LAN management tool set. Once it’s located, you can use “crowbar remediation, to beat the crap out of it,� says Mathias.

Less amenable to crowbars is the second type of DoS attack, the abuse of the 802.11 media access control (MAC) layer protocols by creating changes in drivers or firmware. “It causes the network card to misbehave with respect to the MAC protocols,� says David Kotz, professor of computer science at Dartmouth College , where this is one of the areas under study by Kotz’s MAP Project (for measure, analyze, and protect), a joint effort with Aruba Networks. “Because the card isn’t being ‘fair’ in following the rules, it makes the net unusable to others.�

One example would be to send de-authentication frames to a specific client, or broadcast them to all the clients, of a given access point. Obediently, the clients will disconnect from the access point. “Now most of them re-authenticate right away,� Kotz says. “But if the attack repeats, you’re getting these interruptions on your [Wi-Fi] phone or video stream.�

For now, the response is the same as for jamming attacks: detect the problem as quickly as possible, find the offender as quickly as possible, and send in “police with guns,� says Kotz.

“But fundamentally, the long-term solution is to fix the protocol itself,� he says.

More than 1bn PCs in use by 2008

More than 1bn PCs will be in use worldwide by the end of 2008, said analyst Forrester, with the number exceeding 2bn by 2015.

The growth is being driven in emerging markets and high-profile programmes to reach previously untapped markets, said the analyst.

While it took 27 years to reach 1bn PCs, Forrester says it will take only around five years to reach the next billion, due to advancing technology, lower prices, and global demand from a technology-aware population.

According to Forrester, emerging markets in Brazil , Russia , India and China will account for more than 775m new PCs by 2015.

Forrester analyst Simon Yates said, “The industry can probably survive selling incrementally better hardware and software to the people who already have technology in their lives, but the vast majority of growth in the PC and related industries will come from emerging markets.”

 

Movie of the Week (1st Jan. 2008)

 

Next week I’ll be adding Indian Bollywood Movie “Welcome” and an English Hollywood Movie “The Kingdom”

Welcome : So far I have heard that Welcome movie is comedy. Katrina Kaif is heart breaking for everyone. She has got beautiful smile and looks. Akshay had already worked with her in the movie before and this time they are back again with a new good movie.

 

Download Free Welcome (2007) DVD Rip Indian Bollywood Movie
Download Free The Kingdom (2007) DVD Rip Movie Good Quality Print

from www.GLOOMX.com next week (i.e. 01.01.08)

 

 

Benazir Bhutto killed in attack

 

Pakistani former Prime Minister Benazir Bhutto has been killed in a presumed suicide attack.

News of her death was confirmed by a military spokesman and members of her Pakistan People’s Party (PPP).

Ms Bhutto had just addressed a pre-election rally in the town of Rawalpindi when the attack occurred.

At least 15 other people are reported killed in the attack and several more were injured. Ms Bhutto had twice been the country’s prime minister.

She had been campaigning ahead of elections due in January.

(more…)

 

AMD has recently adjusted its triple-core CPU model numbers and launch dates, according to sources at motherboard makers.

AMD will launch two B2 stepping triple-core CPUs, Phenom 8600 and 8400 in March of next year, while in the second quarter, the company will launch three more models, Phenom 8700, 8650 and 8450.

The Phenom 8400 and 8600 will feature core frequencies of 2.1GHz and 2.3GHz, respectively, while the Phenom 8700 will clock at 2.4GHz. Phenom 8650 and 8450 will be based on B3 stepping cores, and will have frequencies of 2.3GHz and 2.1GHz, respectively. All five CPUs will have a 95W TDP.

The high price/performance ratio of the triple-core CPUs could force Intel to cut prices of its quad-core products which could cause higher-end models to cut into sales of lower-end CPUs, noted the sources. However, AMD could also face the same problem, they added.

AMD declined to comment on unannounced products, but noted that the triple-core CPUs provide consumers with more choices and will extend the market’s acceptance of multi-core technology.

If you’ve had an e-mail account for more than a couple of years, or even just a couple of months, you’ve probably received an e-mail hoax promising you the opportunity to make millions working from home, asking you to donate money to a fraudulent fund, or just passing along a fascinating (but false) story to elicit a widespread response from the public. While many, truly damaging scams are designed to covertly steal hundreds of thousands of dollars from innocent people, this list is mostly comprised of those hoaxes that are just downright ridiculous.

1. Lonelygirl15: One of the most popular Internet hoaxes in recent years, the lonelygirl15 teenager named Bree turned out to be nothing more than an actress named Jessica Rose. The YouTube sensation assuredly broke many lonely hearts who thought they shared a special connection with the web cam princess, the show is still going strong with an average of 70 million viewers, all of whom (hopefully) now know that lonelygirl15 isn’t real.
2. Disney Hoax: Could you imagine receiving a real live e-mail from Walt Disney, Jr. himself? Well, we couldn’t either, but enough people did to make this Disney hoax a real problem. The fraudluent e-mail claims to work with Bill Gates and Microsoft to try out a new e-mail tracing program. The e-mail asks people to forward the e-mail to as many people as possible, and “if it reaches 13,000 people, 1,300 of the people on the list will receive $5,000, and the rest will receive a free trip for two to Disney World for one week during the summer of 1999 at our expense.� We wish.
3. Show Your Bum Joke: According to Hoax-Slayer.com, this hoax “warns that a man supposedly conducting a survey may come to your door and ask to see your bum.� While this hoax is more of a spoof of a hoax, we just had to include it on our list.
4. Internet Wedding Scam: Irish and Scottish folk singer Marc Gunn posts on his website a warning for other musicians about the Internet Wedding scam. A person claiming to be a soon-to-be married man named Pitt Andre wanted to book Gunn’s band at their wedding. Agreeing to pay the 50% deposit upfront, the scammer instead sent a check for nearly double the amount, and then asked for a refund making up the difference. A couple of days later, the man e-mailed Gunn to tell him the wedding was off, and that he wanted all of the money back. According to Gunn, the first check “seemed to have cleared� after three days, and his group sent back the $2500. Of course, the original check inevitably bounced, leaving Gunn and his group “miserable…and $2500 poorer.�
5. Citibank Scam: This scam is pretty tricky. Online banking sites often promise tight security settings and password-protected account access, but even top companies aren’t immune to Internet scams. In 2003, the Citibank website was under siege from a scam artist that designed a pop-up, which “appears to be a Citibank page� and “comes up and asks you to verify your information,� which then “goes to a server in Russia that has nothing to do with Citibank.�
6. Nikki Leotardo: When the immensely popular HBO series The Sopranos planned its final episode during the summer of 2007, there was much speculation as to how America’s favorite mobsters would end their run on television. After the finale, viewers were left hanging, scratching their heads over what could have happened during the blackout from several suspicious characters looming over the Sopranos’ family dinner. A rumor started circulating on the Internet that the man standing at the counter was Nikki Leotardo, Phil’s nephew who had been on the show before and who could have been out to kill Tony. As it turns out, the whole thing was just a joke, and Sopranos fans are still left in the dark about how the show really ended.
7. Killer Bananas: In 2000, an Internet hoax about imported bananas containting flesh eating bacteria that “spread faster than the flu,� according to Kathy Means, vice-president of the Produce Marketing Association. Despite efforts to squash the rumor, people panicked, inciting investigative stories in the LA Times and from the Knight Ridder news service.
8. Neiman Marcus Cookie Hoax: Would you pay $250 for a cookie recipe? What if it came from Neiman Marcus? We hope that you answered no to both of those questions, but one woman claims to have been tricked into paying the absurd amount and then seeks revenge by sending the recipe out in an e-mail blast. As it turns out, Neiman Marcus never put its cookie recipe up for sale and now publishes the recipe on its website, free of charge of course.
9. Money-at-Home.com: How great would it be to manage your own company from home by turning your computer “into a money-making machine?� Unfortunately, the scammers are the only ones making money with this system. An e-mail invites people to send them money so that they can receive “instructions on where to go and what to download and install on your computer� so that you can run the business and start making lots of money. Even if the instructions actually come, you also have to give the scammers access to your PayPal account, where they can control your online funds.
10. Deodorant Causes Breast Cancer: Several years ago, a popular e-mail chain circulated the Internet claiming that antiperspirants caused breast cancer. Thankfully, experts debunked the ugly rumor, and women felt comfortable enough to continue using their deodorant.
11. Don’t Pump Gas on May 15: In May of 2007, an e-mail hoax pleaded with American drivers, “Don’t pump gas on May 15!� The hope was that large oil companies would suffer great financial losses if millions of people refused to fuel up on one single day. An article on CNN reveals that “the chain e-mail urging the gas boycott has been around for several years, surfacing most years in the springtime� and that “many of the numbers in the e-mail are either misleading or flat out wrong.�
12. Bill Gates Hoax: Poor Bill Gates has found himself involved in another e-mail scam, this time with AOL. As with the Disney hoax, people are rewarded for passing along the chain e-mail in $5.00, $3.00, and $1.00 increments. No Disney vacation included in this one, though.
13. ATM Security Hoax: Who needs 911 when you’ve got your trusty PIN number? This scam reports that if you need to call the police at an ATM machine, you can subtlely make the call by typing in your PIN number backwards. The website Hoax-Slayer.com reports that the scam “stated that this method of calling the police is very seldom used because people don’t know it exists,� and assures customers that “the machine will still give you the monies you requested,� despite having typed in your code backwards. Um, we don’t think so.
14. KFC Hoax: Despite what this Internet hoax wants you to believe, the Kentucky Fried Chicken franchise does not genetically engineer chicken-related organisms to maximize the amount of meat collected from each creature. This disgusting scam attempt to explain why Kentucky Fried Chicken is now referred to as just KFC, “because they can not use the word chicken anymore. Why? KFC does not use real chickens.�
15. Internet Auctions: Internet auctioning is a legal business, but it can also be a breeding ground for clever scams and identity theft. The Federal Trade Commission cautions people against phishing e-mails which attempt to steal important passwords and banking information.
16. The Helius Project: This popular scam is still believed by many people to be concrete evidence that intelligent aliens do exist. The Helius Project pretends to originate from “an alien species� trying to reach out to humans via the Internet. Where are Mulder and Scully when you need them to debunk your online alien rumors?
17. “Send An Email Ad to 10,000 Opt-in Subscribers�: Number 7 on the “Top 10 Internet Marketing Scams� list from the Real Estate Marketing Tools blog involves a scam that tries to convince innocent people to engage in illegal marketing tactics by sending advertisements to allegedly opt-in e-mail clients. Instead of falling for one of these scams, the author advises readers to start an e-mail campaign themselves, because “that way, you will know for sure that they are opt-in, and you will be able to manage the results.�
18. 419 Scam: This infamous network of scams is also known as the Nigerian Scam because of its West African origins. About.com reports that “in every variation� of the hoaxes, “the scammer is promising obscenely large payments for small unskilled tasks,� like paying legal and transfer fees out of your own pocket.
19. Snowball the Monster Cat: You wouldn’t believe a photo of an oversized cat if it was published on the front cover of National Enquirer, would you? If that’s the case, we’re wondering why so many people believed the picture of an 87-pound monster cat that surfaced on the Internet. Unbelievably, the photo was even talked about on The Tonight Show with Jay Leno and Good Morning America. Supposedly, the cat’s mother was rescued after being found “abandoned near a Canadian nuclear lab� in Canada; however, the cat’s owner admitted to doctoring the photo and starting the hoax.
20. Dead Fairy Hoax: “If you believe in fairies, then clap your hands!� As with Tinker Bell, clapping your hands won’t bring these little garden fairies back to life, probably because they never existed. An Englishman created and photographed small models of dead and mummified fairies to trick people into believing that fairies once existed. After e-mailing the pictures to friends as an April Fools’ joke, fairy lovers all over the world continue to believe that the photos are real, “even though [the] creator has long since admitted to the hoax,� according to Snopes.com.

If you suspect an e-mail of trying to solicit money or personal information from you, delete it immediately or report it to the Internet Crime Complaint Center, which is a federal organization comprised of a joint partnership with the FBI and the National White Collar Crime Center. While some of these hoaxes seem altogether ridiculous, Internet scamming is no joke.

Dating 2.0 Picks Up Speed

By JENNA WORTHAM
Dec. 20, 2007
It’s Friday night, and your date for the evening just appeared on your computer screen. He’s shifting awkwardly in his chair as he adjusts his webcam, and a comment about American Idol makes it immediately clear you haven’t found your soul mate. You promptly click “End date” and — after a few moments — your next date appears, and you’re ready to begin again.

Welcome to Dating 2.0. A bevy of new services is banking on the booming popularity of web video, text messaging and social networking to amp up online matchmaking for the Web 2.0 crowd.

“We’re the antithesis of sites like Match and eHarmony,” says Stephen Stokols, co-founder of speed-dating site WooMe. “It’s instant gratification.”

A handful of next-gen dating services updates the original online-dating sites’ standard mix of exhaustive personality surveys and poring over profiles in search of a potential mate. They’re the latest twists on internet dating, which drew in 22.6 million people this year, according to data collected by comScore.

(more…)