This week’s edition of WIG is filled with news link coverage on topics such as Virgin Mobile USA customers are vulnerable to a password security flaw, Google Chrome will use a single profile on Windows 8, the Raspberry Pi gets a turbo mode, and more.

Weekly News Links

• Ubuntu 11.04 Natty Narwhal approaches end of life
  In a post on the project’s security announcements, Ubuntu Release Manager Kate Stewart has reminded users that version 11.04 of Canonical’s Ubuntu Linux distribution, known as “Natty Narwhal”, will reach its end of life on Sunday, 28 October.
• New Cinnamon 1.6 Release Adds 2D Session, New Applets And More Customization Options
  Cinnamon, the GNOME Shell fork used by default in Linux Mint 13 (Cinnamon Edition), has reached version 1.6, getting many new features: a new 2D session, workspace OSD, new applets and lots more!
• Ubuntu will use GRUB 2 for its Secure Boot implementation
  In a blog post, Canonical’s VP of Professional & Engineering Services, Jon Melamut, has announced that the company now plans to use GRUB 2 for its UEFI Secure Boot implementation in the next version of Ubuntu, 12.10 “Quantal Quetzal”.
• The Raspberry Pi gets a turbo mode
  The Raspberry Pi Foundation has performed testing on the effects of overclocking and overvolting, and is now providing what it calls a “turbo mode” for the Raspberry Pi mini-computer.
• ZTE’s first Firefox OS devices to launch in first quarter
  The company also says it will launch Windows Phone 8-based smartphones later this year or early next.
• Second-Gen Acer Chromebook Coming October
  Acer are reported to be prepping a second-generation Chromebook for release in mid-October, based on news given to Taiwanese hardware blog DigiTimes.
• Windows 8 pricing for system builders said to be roughly the same as Windows 7
  If you want to build your own Windows 8 PC, expect to pay just under $100 per copy for the consumer version, according to the latest scuttlebutt.
• Mozilla Firefox for Windows 8 Detailed
  A dedicated version of Mozilla Firefox aimed at Windows 8 users isn’t quite a new thing, as Mozilla programmer Brian Bondy has already announced it almost one month ago. Bondy however revealed more details of the upcoming browser, explaining that the currently “Metro”-codenamed browser would come with several keyboard shortcuts and plenty of other changes.
• Google Chrome Will Use a Single Profile on Windows 8
  Google rolled out a fresh update for the dev channel of Chrome browser, incrementing the build number to 23.0.1270.0. Great progress has been made for the Windows 8 release, as the browser will use a single profile regardless if it runs on the desktop or in the modern UI.
• SkyDrive files get redundant protection from your stupid self
  This past Tuesday Microsoft announced it has added recycle bin functionality to its SkyDrive cloud storage and collaboration suite, adding yet another layer of redundancy to the service to make sure the unthinkable doesn’t happen and you actually delete a document.
• Google+ signs up 400 million users, with 100 million active
  In a first, Google reveals the number of people visiting plus.google.com as a distinct destination.
• Dropbox replaces JavaScript with CoffeeScript
  The Dropbox cloud storage service has completely rewritten its browser-side codebase to migrate from JavaScript to CoffeeScript. In a post on the Dropbox Tech Blog, the developers say that they were able to reduce the lines of code needed by more than 20 per cent.
• HTML5 to be completed by the end of 2014
  The chairs of the W3C’s HTML Working Group have presented a plan to approve a stable HTML5 specification before the end of 2014. The plan proposes to formally define a stable set of features as HTML 5.0, but when the HTML Working Group will approve this plan is as yet unknown.
• Outlook.com Sign-in Page Already Broken
  Outlook.com may be a good-looking email service, but several users have already expressed their frustration when it comes to several built-in utilities.
• That didn’t take long: iOS 6 already jailbroken — with a catch
  Apple’s latest mobile operating system has been jailbroken, but only for the iPhone 4, iPhone 3GS, and fourth-generation iPod Touch.
• Apple hiring developers to fix iOS maps
  Apple is assembling a crack team of developers to help improve its issues around iOS, making several job postings in the past week for those that like…bunnies.
• Will a household license convince you to go with Office in the cloud?
  Microsoft has gone public with pricing for the consumer and small-business versions of the next Office suite, which will be available both ‘for rent’ and ‘for purchase.’
• Your searches on Facebook to show up in activity log
  Along with what you read, post and Like, Facebook now tracks what you search. Facebook is tracking what searches you’ve made and displaying it in your activity log, the company noted in a blog post this past Friday.
• Apple accused of ripping off famous Swiss clock design
  The iPad maker could be in hot water for reportedly using a trademarked design it does not own the rights to as part of its iOS 6 clock app.
• Wikipedia honcho caught in scandal quits, defends paid edits
  High-placed editors at Wikipedia’s U.K. site were caught in a simmering paid-PR scandal. After news broke, one resignation and a little backpedaling has done little to solve the problem.

Security News

Image courtesy of IT Sec. This link leads to the original, technical analysis/report.

• Security Vulnerability in Windows 8 Can Lead to Malware Infection
  Security researchers at Italian firm ITSEC discovered that Windows 8 comes with a security flaw that could allow hackers to install malware on a vulnerable computer. It’s all possible because of the Unified Extensible Firmware Interface (UEFI), an updated version of BIOS, which is available on Microsoft products since the debut of the 64-bit version of Windows 7.
  
• Microsoft releases critical updates for Internet Explorer flaws
  Microsoft has released two eagerly awaited updates for Internet Explorer, both addressing serious security issues. One covers a zero-day flaw in IE9 and earlier versions, the second updates Flash in Windows 8.
• New Kernel Vulnerabilities Affect Ubuntu 12.04 LTS
  This past Friday Canonical published a security notice with details about a new Linux kernel update for its Ubuntu 12.04 LTS (Precise Pangolin) operating system.
• New Kernel Vulnerabilities Affect Ubuntu 10.04 LTS
  This past Tuesday Canonical announced in a security notice that a new Linux kernel update for its Ubuntu 10.04 LTS (Lucid Lynx) operating system is now available. The update fixes three security vulnerabilities discovered by various developers in the Linux kernel packages.
• Virgin Mobile USA customers vulnerable to password security flaw
  Virgin Mobile USA’s method of making customers use a mobile number and a 6-digit password to log in to their accounts makes them easy to hack, according to one of the company’s customers.
• Oracle Database suffers from “stealth password cracking vulnerability”
  A weakness in an Oracle login system—used in the company’s databases which grant access to sensitive information—makes it trivial for attackers to crack user passwords and gain entry without authorization, a researcher has warned.
• iOS 6 allows tweets, Facebook posts from locked device
  Disable Siri in the Passcode Lock settings if you don’t want strangers to use your phone while it’s locked.
• Security experts hack and refresh US transit cards with Android app
  The researchers say they have identified a flaw in the paper-electronic ticketing systems used on the San Francisco Muni and New Jersey PATH networks. They say the transit authorities haven’t been using the basic security functionality of the NXP chips used in the cards.
• Pwn2Own lesson: Don’t thumb nose at mobile security threats
  As you move data around your mobile device it’s important to understand that these can be hacked — even in a mass-attack using a compromised ad-network — and try to keep the damage to a minimum.
• Android under fire again for poor vulnerability patching
  Carriers and device managers continue to be slow at patching Android devices, as the number of malware targeting the mobile operating system soars, recent studies show.
• Malware Dragnet Snags Millions of Infected PCs
  Last week, Microsoft Corp. made headlines when it scored an unconventional if not unprecedented legal victory: Convincing a U.S. court to let it seize control of a Chinese Internet service provider’s network as part of a crackdown on piracy.
• ID Theft Service Tied to Payday Loan Sites
  A Web site that sells Social Security numbers, bank account information and other sensitive data on millions of Americans appears to be obtaining at least some of its records from a network of hacked or complicit payday loan sites.
• Web attacks on big US banks originated in Iran, unconfirmed reports say
  Iranians have mounted a series of denial-of-service attacks over the past year that target major US banks and other companies, according to two published reports that cite unnamed US officials.
• Cyberspying effort drops ‘Mirage’ on energy firms
  Malware targets individuals at organizations in Philippines, Taiwan, Canada and elsewhere via “spear-phishing” e-mails bearing tainted PDF files.
• Pre-Infected Computers Were Compromised by a Transporter – Microsoft
  Microsoft recently announced that several new computers manufactured in China were infected during the manufacturing stage, revealing that Nitol, a program that steals sensitive information, is one of the detected malware. It turns out however that Nitol and the other malicious files were installed by “a distributor, a transporter or a reseller,” according to a Microsoft spokeswoman who talked to BBC.
  
• Cyberweapon choice boils down to intent, capabilities
  Cybercriminals often decide on their tool of choice based on the objective of their attacks, as well as what best fit their skills.
• FBI renews broad Internet surveillance push
  The FBI is renewing its request for new Internet surveillance laws, saying technological advances hinder surveillance and warning that companies should be required to build in back doors for police.
• Study finds web developers undertake too little vulnerability testing
  Software vendor Coverity has released its Software Security Risk Report, which claims that less than two fifths of web development companies carry out testing during the development cycle and that more than half decline to check their code for bugs and security vulnerabilities prior to integration testing.
• Microsoft Blocks Antivirus Software on Windows RT
  When Microsoft launches the brand new Windows RT, the Windows version specifically designed to be installed on tablets, it won’t allow users to install third-party antivirus software.
• Malwarebytes steps up to protect large enterprises
  Malwarebytes has established its reputation as a supplier of free anti-malware software to more than 150 million home PC users. Now it has announced its first Enterprise Edition.

TinyHacker Links

• Awesome: SkyDrive gets a Recycle Bin!
  The SkyDrive service from Microsoft keeps getting better. A new SkyDrive recycle bin is now available and Excel surveys are coming soon.
• Looking for a thorough review of BitDefender Internet Security 2013?
  Look no further. The folks at 7 Tutorials have resumed their series of reviews. Their articles are now even longer than before and their testing even more thorough.

How-To Geek Weekly Article Recap

• How To Remote Control Your Home Computer From Anywhere With VNC
• The HTG Guide To Speeding Up Your Virtual Machines
• What Does My BIOS Do After Booting?
• Are Modern Computers Still Vulnerable to Damage via Magnets?
• HTG Explains: Why You Shouldn’t Disable UAC
• How To Create Your Own Custom Google Search Engine
• Desktop Fun: Big Cats Wallpaper Collection Series 2
• How To Enlarge a Virtual Machine’s Disk in VirtualBox or VMware
• The Best Websites for Downloading and Playing Classic and New Text Adventure Games
• HTG Explains: Why You Shouldn’t Log Into Your Linux System As Root

Geeky Goodness from the ETC Side

• Flightradar24 Maps Global Air Traffic in Real Time
• A Cruel but Effective Incentive to Purchase the Full Version of the Software [Humorous Image]
• The Problem with Stores in the Cloud [Comic]
• Turn a Kindle into a Weather Display Station
• Generate Unique Abstract Backgrounds with Ablaze
• Welcome to the Jungle [Humorous Image]
• Every Facebook Invite You Have Ever Made [Humorous Image]
• The History of Digital Storage [Infographic]
• Social Media Explained with Bacon
• Watch Awesome CGI Effects from ‘Game of Thrones – Season 2′ Unfold in Front of Your Eyes [Video]

One Year Ago on How-To Geek

• How To Thoroughly Clean Your Dirty Desktop Computer
• How to Use a Single Mouse and Keyboard Across Multiple Computers
• What File System Should I Use for My USB Drive?
• How to Automatically Cool Your Entertainment Center When It Gets too Hot
• How to Make Your Android Phone Tell You Where You Lost It
• Boost Your Android Device’s Sound Quality With an Equalizer

How-To Geek Comics Weekly Roundup

• He Needs a Better Password
• A Truly Complete Home Theater
• Short Messaging Session
• The Martian’s New Car
• So Many Friends and no Emergency Contact
• Old School Spyware
• No Evidence of Climate Change

How-To Geek Weekly Trivia Roundup

• What Was The First Modern Collectible Card Game?
• The Largest Tire Manufacturer In The World Is?
• Before The USB Port, Computer Users Plugged Their Peripherals Into What?
• What Is The Most Popular Successor To The Ubiquitous Bar Code?
• What Is The Most Widely Released Graphic Adventure Video Game Of All Time?
• What Size Were The Original Floppy Disks?
• Which Computer Was The First To Sport A GUI Desktop?