Our last edition of WIG for September is filled with news link coverage on topics such as a beta of Mozilla’s new Persona login system has been released, a SourceForge mirror has been compromised, the Nintendo Wii U will be region-locked, and more.

Weekly News Links

Image courtesy of Identity at Mozilla Blog.

• Mozilla’s “just works” Persona login system hits beta
  First released earlier this year, Persona offers a secure way to eliminate individual passwords for users while offering developers a simple way to add support and authenticate requests—think of it as OpenID without the headaches.
• Mozilla Plans More Non-Invasive Health Reporting in Firefox
  Since at least Firefox 7 with something called Telemetry, Mozilla has had an opt-in mechanism for monitoring the performance of the open source browser on user machines. Telemetry is opt-in. Now Mozilla is going to the next level with something called the Firefox Health Report. (Note: Health Report can be disabled too.)
• Mozilla Changes Firefox Release Schedule
  The timeline for Firefox releases around the end of the year has been modified and versions scheduled for that period will roll out with a delay of one week. The reason for this is not technical or development issues, but the winter holidays.
• Thunderbird’s address book official prototype published
  Mozilla’s Mike Conley is, at the moment, working on an upcoming Thunderbird address book that, judging by its prototype, seems to bring an interesting change to the address book.
• Google Chrome 22 Adds Support for More Natural Gaming on Web Apps
  Google has updated the stable channel for their browser to version 22.0.1229.79. It is available for all supported platforms (Windows, Mac, Linux, and Chrome Frame) and it introduces Pointer Lock JavaScript API (Mouse Lock).
• Windows 8 to Taste a Host of Updates Before Release
  According to a recent article on ZDNet, the Windows 8 team is currently working on a series of updates for the software, and should release them before the official launch on October 26th. These updates should include bug fixes and other improvements, though specifics on the matter are still unavailable.
• Unity Webapps Available in the Ubuntu 12.10 Official Repositories
  Starting September 29th the webapps that were available in the preview PPA are available in the official Ubuntu 12.10 repositories, but as separate packages so you can install only the webapps you want and use.
• Ubuntu’s Amazon search feature gets kill switch
  Ubuntu Community Manager Jono Bacon has announced revised plans for Canonical’s controversial Amazon shopping lens that was included in the first beta version of Ubuntu 12.10 released earlier this month. According to Bacon, the developers are working on a toggle in Ubuntu’s Privacy Manager which allows users to switch all online searches off.
• Unity Shopping Lens Returns NSFW Images
  Users have encountered an interesting problem when they used the new search feature from Ubuntu 12.10, which will also integrate with an Amazon lens. It seems certain terms can return NSFW images.
• Open WebOS 1.0 arrives for those who dare to port
  Hewlett-Packard made good on a promise to offer up the erstwhile mobile operating system to the open-source community.
• Jolla: The market wants an alternative to iOS and Android
  The ex-Nokians are almost ready to reveal their MeeGo-based smartphone, but how are they planning to break into the two-horse mobile race? According to CEO Jussi Hurmola, Jolla has a plan for getting operators and other co-branding partners on board.
• Open source hardware answers the problem of mobile device obsolescence
  From the post – Frustrated with Apple’s decision to mothball my iPad 1 with no future iOS updates, I’ve come up with a solution: Open source hardware.
• Adobe’s new open source font for coding
  Adobe has released “Source Code Pro”, a new open source font designed for software developers who require mono-spaced, high-quality fonts for editing their code. This is the second font family released by Adobe: Source Sans Pro, a font for the user interface elements of Adobe’s Brackets editor, was released in August.
• Your YouTube original videos now available in Google Takeout
  Previously, you’ve been able to download individual transcoded videos from your YouTube Video Manager. But starting this past Wednesday, you also have a more efficient way to download your videos from YouTube. With Google Takeout, you can download all of the original videos that you have uploaded in a few simple clicks.
• Google’s ‘spring cleaning’ hits features in search, news
  The company announces it will no longer support lesser-used features in a variety of products.
• Facebook gets involved with cloud storage via Dropbox integration
  Now even Facebook is jumping into the cloud storage game thanks to Dropbox, and it could present an interesting challenge in the enterprise space.
• Minecraft maker says he won’t certify his game for Windows 8
  Markus “Notch” Persson says he wants Microsoft to stop “trying to ruin the PC as an open platform.”
• Use the Calculator to reveal a Mac’s firmware password
  In Mac systems prior to 2011, you can uncover the Mac’s firmware password using the Calculator’s ability to manipulate binary numbers.
• Gamers beware: Nintendo Wii U will be region-locked
  The company told famed Japanese gaming magazine Famitsu that gamers in different parts of the world won’t be able to play games available in other regions.
• Europe ready to charge Microsoft over browser choice, eyes Google action
  Europe’s competition chief has said the European Commission is preparing to charge Microsoft over its failure to offer some Windows 7 users a choice of browser, and may begin formal antitrust proceedings against Google too.

Security News

• Yet another Java flaw allows “complete” bypass of security sandbox
  Flaw in last three Java versions, 8 years worth, puts a billion users at risk. Researchers have discovered a Java flaw that would let hackers bypass critical security measures in all recent versions of the software (Java SE 5, 6, and 7).
• SourceForge mirror compromised, backdoor slipped into phpMyAdmin
  One of SourceForge’s mirrors was compromised this week, unwittingly serving users a version of phpMyAdmin containing a backdoor.
• Adobe code signing infrastructure hacked by ‘sophisticated threat actors’
  The eyebrow-raising hack effectively gave the attackers the ability to create malware masquerading as legitimate Adobe software and signals a raising of the stakes in the world of Advanced Persistent Threats (APTs).
• Chinese Hackers Blamed for Intrusion at Energy Industry Giant Telvent
  A company whose software and services are used to remotely administer and monitor large sections of the energy industry began warning customers last week that it is investigating a sophisticated hacker attack spanning its operations in the United States, Canada and Spain. Experts say digital fingerprints left behind by attackers point to a Chinese hacking group tied to repeated cyber-espionage campaigns against key Western interests.
• Twitter users may be victims of direct message malware
  Security analysts say that suspicious direct messages from Twitter friends with links to Facebook, which have been popping up lately, could be malicious “backdoor trojans.”
• Lost+Found: iPhone crashes, malware families and a Firefox hack
  Too short for news, too good to lose; Lost+Found is a roundup of useful security news. This time: crashing iPhones, dumping network traffic from iOS devices, ZeroAccess botnet distribution, visualising malware and its variants, silently installing malicious Firefox extensions, and Gamma International suggests someone is trying to torpedo its trojan business.
• Ubuntu 12.10 Home Lens User Data Still Exposed, Despite Canonical Claims
  As the Ubuntu 12.10 privacy blunder continues, more and more people find that integrating online searches into Unity Dash has a lot more ramifications than initially thought.
• Researcher says 100,000 passwords exposed on IEEE site
  Info on workers at Apple, Google, NASA, Stanford, and elsewhere was easily accessible owing to an oversight by the association for tech pros, a computer scientist in Denmark says.
• Multiple Samsung handsets vulnerable to remote wipe hack
  The Galaxy S3 is among a growing list of Samsung models susceptible to remote wipe attack.
• Why Flash updates might need to be delayed for IE, at least briefly
  IE’s Flash problem was communication not security, but there are reasons why Flash updates might sometimes take longer. The bigger question is how long Flash stays around.
• Secret Microsoft policy limited Hotmail passwords to 16 character
  For years, Microsoft engineers have quietly limited Hotmail passwords to 16 characters, a revelation that has surprised and concerned some users who have long entered passcodes twice that long to access accounts.
• Why is Open Source WebKit the Weak Link in Apple Security?
  To be fair, updating WebKit isn’t as easy for Apple on iOS as it might be on the Mac. Sure, Apple could *simply* update Safari whenever new WebKit issues arise, but the reality is that WebKit’s usage extends beyond the browser and is an integral part of iOS itself in a different way than WebKit on Mac OS X. Simply put, it’s not just about the browser.
• Android control code issue affects almost all manufacturers
  An Android control code vulnerability originally reported as a Samsung problem in fact appears to affect most smartphones and UMTS tablets running Ice Cream Sandwich (version 4.0.x) or earlier versions of Android. Google updated the dialling software code in version 4.1.1 so that control codes are no longer executed automatically.
• Malware programmers start using Go
  Google’s Go programming language has a growing number of users and, according to a report from Symantec, that number now includes some malware writers. The company says it recently found a trojan, Encriyoko, which included Go-based components, specifically a file named GalaxyNxRoot.exe.
• Espionage Hackers Target ‘Watering Hole’ Sites
  Security experts are accustomed to direct attacks, but some of today’s more insidious incursions succeed in a roundabout way — by planting malware at sites deemed most likely to be visited by the targets of interest. New research suggests these so-called “watering hole” tactics recently have been used as stepping stones to conduct espionage attacks against a host of targets across a variety of industries, including the defense, government, academia, financial services, healthcare and utilities sectors.
• Rent-to-own firms settle computer spying charges
  Rented computers had software on them that was used to surreptitiously log key strokes, capture screen shots and take photos of people who were late on payments, FTC says.
• Feds snoop on social-network accounts without warrants
  Justice Department report shows real-time surveillance targeting social networks and e-mail providers jumped 80 percent from 2010 to 2011. The ACLU says current law doesn’t protect Americans’ privacy.
• Cyberespionage skills go beyond technical ability
  Attackers may write good malware but their skills are worthless if they are not able to deceive employees into unknowingly deploying these programs onto corporate networks.
• Iran deploys domestic Internet system, blocks Google
  Country announces plans to move citizens to its local Internet system after connecting government agencies to the platform, and said it will block access to Google’s search and e-mail services.

TinyHacker Links

• Microsoft Office 2013 Will Bring Changes
  Microsoft Office 2013 will bring a lot of changes from a licensing and price perspective. You will find more details in this analysis by Ed Bott.
• Kaspersky Internet Security 2013 – Is it Any Good?
  Kaspersky has launched their 2013 suite of products. If you would like to know what is new and how well it performs, read this thorough review.
• EasyBCD: Bootload Editing Made Easy
  Whether you’re a dual booter or just need to manage or tweak some settings, freeware app EasyBCD is the tool you need. *Always* make a backup before making changes and if you ever need assistance, the EasyBCD forums are populated with some of the friendliest folks on earth.
• How You Can Benefit by Using a VPN
  This infographic discusses what a VPN is, the different types of VPNs, benefits, and more.

How-To Geek Weekly Article Recap

• 8 Deadly Commands You Should Never Run on Linux
• 14 Special Google Searches That Show Instant Answers
• Should I Leave My Laptop Plugged In All The Time?
• The Best Ways to Make Use of an Idle Computer
• HTG Explains: What Are the Sys Rq, Scroll Lock, and Pause/Break Keys on My Keyboard?
• Desktop Fun: Autumn 2012 Wallpaper Collection
• Stupid Geek Tricks: How To Download Firefox On a New Computer Without Using Internet Explorer
• How To Easily Back Up Your Gmail and Perform Scheduled Backups With GMVault
• How To Create a Full Android Phone or Tablet Backup Without Rooting or Unlocking Your Device
• Restore Recently Closed Tabs in Chrome, Firefox, Opera, Internet Explorer 9, and Safari

Geeky Goodness from the ETC Side

• The Most Common and Least Used 4-Digit PIN Numbers [Security Analysis Report]
• Star Wars: An Infographic Flowchart
• Life Before the Computer [Humorous Image]
• Liquid Nitrogen + 1500 Ping Pong Balls [Video]
• How Does a Touch Screen Phone Work? [Chart]
• Launch Photography Is a Beautiful Collection of Shuttle Photos
• How DNS Works [Video]
• 32 Stunning Movie Tributes in LEGO
• Superman’s Bad Day [Video]
• 50 Years After The Jetsons

One Year Ago on How-To Geek

• How to Dual-Boot Windows 7 and Windows 8 On the Same PC
• How to Dual Boot Windows 7 and 8 Without Re-Partitioning (Using VHD)
• How to Test Drive Windows 8 in VirtualBox
• Windows 8 Screenshot Tour: Everything You Possibly Want to Know
• Beginner: How to Extract .RAR Files on Windows 7 and Mac OS X
• Online Safety: Understanding Hackers, Phishers, and Cybercriminals

How-To Geek Comics Weekly Roundup

• The Babysitter Search App
• Technology is a Beautiful Thing
• The ‘Cash for Clunkers’ Program
• Different Methods to Track Reader Reactions
• The Road Less Traveled
• Non-Traditional Media Members
• A Different Kind of Myspace

How-To Geek Weekly Trivia Roundup

• Which Video Game Had The Highest Per-Copy Cost?
• What Does The Longest Laser Ranging System In The World Measure?
• What Was The First Computer With Internally Stored Programs?
• Who Is The Longest Serving Voice Actor In Video Gaming?
• Who Was The First U.S. President To Use Email?
• What Was The Most Expensive Computer Of All Time?
• Who Was The First Space Tourist?