The de-facto standard for Web animation and interactive Web is Adobe Flash. That may change, though.

On April 16, Microsoft has unveiled Silverlight, its answer to Flash, at National Association of Broadcasters (NAB) Show.

On its way to world domination, Microsoft has upped the ante when it has announced at Mix 07 the Silverlight extensibility by adding support to .Net and dynamic scripting languages.

Aside from allowing .Net developers to create applications for Silverlight, Microsoft has developed a Dynamic Language Runtime to support creation of .Net applications using scripting languages.

These languages include IronRuby, the .Net flavor of Ruby, and IronPython for Python.

Anyway, what does this extensibility means? Microsoft intends to conquer interactive Web beyond Windows. When will Microsoft say “All your interactive Web are belong to us?”

NOTE: In the Microsoft Silverlight page, you need to install Silverlight first before you can view the main animation. Here’s another site for Silverlight.

Now that Tina’s about to get her Nokia 6233 from Smart, should I get my hopes up? Will I get that Nokia E61 from Smart?

In my frustration for that retention nonsense, I began looking for a laptop. Mid-to-high spec’d laptops are expensive, so I began hunting for a Dopod 838 Pro. Yikes, Dopod costs like a very decent laptop (Php 47k is the cheapest price I found). So I told myself I should get a laptop instead.

And while looking, I found that Nokia E61i is now released. I was ready to get one that time, only that the stores that had dummy units don’t have stocks yet (silly).

Cmon, Smart. I’m waiting. I’ve been waiting. For two months.

McAfee Avert Labs Blog is currently having a series of blog posts. Entitled Breakdown/Breaking It Down (the branding is not yet established), the series attempts to explain security applications, how-things-work style. The posts are clear, using easy-to-understand analogies.

Here are the latest posts in the series:

Breaking It Down: What’s a Firewall, and Why Do I Care?

Breakdown: How Does AV Software Deal With Software Exploits?

Monitor the series. The blog URL is http://www.avertlabs.com/research/blog/. If you have questions, you can leave a comment there, or ask and I will try to clarify.

In its quest for world domination, Google is looking for talent (read: employees) at a highly-unlikely place: a hackers conference.

CNet’s Tech News blog reports about Google looking for talent at CanSecWest, a conference concentrating on applied digital security.

Google was also present at Shmoocon last month. Shmoocon is “an annual East coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues.”

Google looking for haxors?

PS: I am using Trend Micro’s Trend Protect, and it seems that the SchmooCon Web site is marked as unsafe.

(Click image to enlarge)

Microsoft is now ready to take on software security giants like Symantec and McAfee on its way to world domination.

Steve Ballmer has announced that its Forefront Client Security software is ready for final release in a few weeks.

Money quote from CNet News.com report:

Microsoft is ramping up its efforts to convince businesses that it’s the solution to, and not the source of, their security woes.

There was a joke, circulating when Microsoft announced OneCare, that comes to mind. Microsoft will earn money from security software; after all, its operating system is the source of majority of security woes in the world. With monthly patches to Windows (with the latest vulnerability being exploited in the wild), the joke is not that unfounded.

Sure, most security software have their own problems. But with Windows installed on loads of machines everywhere, the holes in the OS are security headaches. Microsoft’s entry in the security business was met with raised eyebrows.

As for me, as long as WGA remains (which is a spyware in my opinion), Microsoft is a nobody at the security business.

In a speech in Beijing today, Microsoft’s Bill Gates announced (CNet News, New York Times) its plan to further its way to world domination.

Earning an average of US$45 billion per year, Microsoft is aiming to corner the five billion people who are not using MS products by offering a so-called Student Innovation Suite, a US$3 bundle of MS Windows XP Starter Edition, Office Home and Student 2007, and other utilities.

Don’t get your hopes high, you of stingy nature: this bundle will only be available through partner governments, who must shoulder at least 50% of the cost of the computer where the bundle is to be installed.

With open source alternatives out there, I wonder why governments should be interested.

Those who are itching for less costly MS apps should be contented by finding free and open source alternatives. Or go to their friendly pirate stores. Ooops.

(This is the beginning of a series of posts that will monitor the attempts of big software companies to dominate the world.)

iDefense has released a report about a vulnerability in McAfee VirusScan. This vulnerability manifests itself when the On-Access Scanner component scans a file with a long file name that contains multibyte characters, and only on computers with East Asia language files installed, and the Unicode default codepage is set to multibyte language character set.

When the vulnerability is succesfully exploited, the On-Access Scanner component of the app is disabled or remote code execution happens.

This vulnerability is hard to exploit, as there are lots of conditions that must be fulfilled:

1. The file must have a long file name
2. The file name contains multibyte characters
3. East Asia language files must be installed on the target computer and Unicode codepage is set to multibyte character language
4. The attacker must be able to place the file in the target computer (as an attachment to an email message, probably, but the user has to save the attachment first)
5. The file must be opened or the user hovers the mouse over the file

There is no workaround for this vulnerability, so McAfee VirusScan users are advised to install Patch15. View the McAfee Security Bulletin.

Free (licensed under GPL) antivirus Clam AV is an alternative to other antivirus apps out there. Like any other application, it is also vulnerable.

iDefense has recently reported a vulnerability in Clam AV when scanning (either malformed or maliciously malformed) CAB files. Successfully exploiting this vulnerability results to remote code execution. When the exploit fails, the application crashes. Versions 0.9x are affected.

Since there is no workaround for this vulnerability, Clam AV users are advised to upgrade to 0.90.2. Get it at Clam AV Downloads page.

NOTE: Remote code execution is dangerous because user intervention is unnecessary in this case. Crashing an app is considered as a denial of service.

Now that Team Unity has launched its Web site, it is now time to compare it with the Web site (or blog) of the Genuine Opposition.

ABS-CBN News is first to bat with this comparison of the two site (although MLQ3 was probably the first to make a very short comparison, although he is wrong on TU Web site as static one – it has a content management system based on the URLs).

The Jester-in-Exile also carried this, plus he collated the Web sites of senatorial candidates.

Now that the battle is being waged in the Internet, it’s time to have a GO vs. TU Web site smackdown. Let’s use the criteria set for the just-concluded Philippine Blog Awards with some modification:

Content – 40%
Is the content informative, relevant and well thought through?

Design – 20%
This refers to the site’s design in relation to its content. Design takes into consideration the look and feel of the site, from the placement of links, use of images, feeds, headers and ads (if any). Is the design suitable to the subject/content?

Appeal and Context – 15%
This refers to the site’s engagement factor with readers.

Accessibility – 15%
Is the Web site usable on different computers and by people with disabilities? Can visually impaired users increase the font size? Is there alternative text (ALT text) if the images are turned off? Are sections of the site clearly separated so anyone will understand them? (Taken from Web Design Challenge)

Alpha Factor – 10%
Why do you think the Web site is better than the other one?

Leave your breakdown and explanation at the comments.

Two vulnerabilities regarding Kaspersky security products have been disclosed by iDefense.

There is a heap overflow vulnerability in Kaspersky Internet Security Suite. This vulnerability allows for a remote code execution.

Kaspersky’s response is here.

An information disclosure vulnerability is discovered involving Kaspersky Antivirus (version 6). This vulnerability could allow malicious Web sites to obtain files from a user’s computer. The danger here is that in this vulnerability, no dialog nor warning window is shown when a malicious script starts a file transfer.

Kaspersky’s response for this vulnerability is here.

Kaspersky users are advised to install Maintenance Pack 2 to patch these vulnerabilities.

NOTE: Remote code execution occurs when an outsider is able to execute a program on a remote computer through holes in the computer, either via vulnerabilities or backdoors. An information disclosure occurs when a vulnerable application allows an outsider to gain/steal any information.