RSS Worms

Yahoo! News reports that Trend Micro believes RSS will be the next big target for worms.

David Sancho, senior anti-virus research engineer at Trend Micro, warned that RSS feed hijacking will become commonplace when Microsoft Corp. ships Internet Explorer 7, a browser refresh that will feature built-in RSS support.

In a white paper titled "The Future of Bot Worms," Sancho said the IE7 release "will open some interesting possibilities to worm creators."

"The easy way of taking advantage of the popularity [of RSS] is to hijack the existing configured feed clients to automatically download new copies of worms and other threats to the infected computers. This is accomplished by pointing the already-configured client to different and malicious Web content," Sancho wrote.

I don’t really understand it myself probably because there have never been RSS bot worms to date.

Via Digg

TUX Magazine & Music DRM

Came across TUX Magazine today. It’s a free, downloadable monthly Linux magazine. You need to hand over some details to subscribe, and then they’ll email you the PDF file whenever a new issue is released. Seems like quite an interesting read.

Ars Technica reports on music DRM

A Businessweek article suggests otherwise, documenting how Van Zant’s Get Right with the Man fell in Amazon’s rankings from 887 to 1392 to 25,802 to "unavailable" in less than three weeks after the rootkit was revealed. Consumers are waking up, and they don’t like what they see.


Tooltip.js is a Javascript library (annoyingly everything is described as Web 2.0 now) which makes it easy to add tooltips to your webpages. It’s built on top of prototype.js and Scriptaculous. There is a lot of flexibility in customizing your tooltips, it’s mainly accessible and uses unobtrusive javascript.

All you need to do is to add the "tooltip" class to a div element and it’ll add a tooltip to the element which came before it. It’ll automatically add a "Close" link.

You can also manually register tooltips if you prefer to have more control or to do it the old way. Click on the Star Wars image on the Tooltip.js site for an example of what tooltip.js does. 


I don’t know if anyone else has noticed this – I’ve noticed it on blogs that I read as well as from a personal experience. Generally, people blog frequently for about 1 month (sometimes 2 months) and then stop blogging or start blogging a lot less. Probably about half of the blogs on my RSS reading list haven’t had posts recently; about 10% don’t even work anymore.

On this blog, I used to blog about twice or thrice a day. At the moment, it’s down to once a day and I’m struggling to do that. I’m either blaming it on a slow news week or exams. There are some really interesting blogs that I’ve got on my feed list but haven’t been updated in ages.

How should bloggers be encouraged to keep blogging? Can blogging be made more rewarding? Perhaps the cost of blogging needs to be lowered. For example, when you wish to write about a news link or interesting article, you’d often be expected to write several paragraphs on your opinions. Perhaps one way to make blogging easier to sustain would be to have some kind of "BlogLinks" system where you could enter a link and a short one line thought on the topic. The blog system could automatically create an entry every day or every week with those links. (Perhaps some or Digg integration)

Browsers such as Flock could theoretically also make it easier and more interesting to blog but my personal experience has been quite the opposite. Getting Flock’s blogging feature working in the first place wasn’t fun and it doesn’t seem to offer much more than a nice editor.  

GUI Gallery

Came across this GUI gallery today. The site has quite a comprehensive collection of screenshots of different Operating Systems. I’ve seen many sites with Windows screenshots, but I haven’t come across many with Chicago (Windows 95 early builds) which is interesting. There are also some screenshots from a pre-1.0 version of Windows.

There are also screenshots of obscure operating systems such as RISC, Deskmate and Mac OS X.

I also came across ReactOS, a free software clone of Windows. I’ve tried it before quite a while ago and the screenshots look pretty good, although to me ReactOS seems like not much more than a way to get WINE without Linux.

Free version of Microsoft Word


Microsoft is just giving away Word. Yup, they’ve gone crazy!

Or not.

Its Word 5.5 For DOS.

Heh. If anyone decides to try it out, let me know. Perhaps Microsoft should release the 9x version of Windows (95, 98 and ME) for free with source code. The technology should be pretty much redundant but perhaps some of the open source community would work on it and produce a decent free operating system. If it’s under a liberal license, Microsoft could take this code and incorporate it into their commercial offering, XP/Vista.


Asa points to Songbird, a new media player built on Mozilla technology. The application interface is built with XUL, similar to Firefox and Thunderbird. It’s from the same people who built Winamp 5 and Y! Music Engine. It looks great. It has iPod support and the developers say the program will eventually contain everything you’d expect from a media player.

See the screenshots at the Songbird blog. Kinda feels like Itunes. I’m not sure if Songbird is going to be open source; I suspect possibly not as there is no mention of it on the website.


SymphonyOS is a distribution of Linux which does things a bit differently. It doesn’t use KDE or GNOME like most distributions – they use their own window manager called Mezzo. The concepts of beauty and simplicity behind Mezzo are great; although I wouldn’t say that it’s particularly aesthetically pleasing at the moment.

I think I gave the distribution a test run when it was in Alpha 2. It was interesting but only available as a live CD. It was also buggy and ugly. It’s probably improved quite a bit since then since it’s now in the beta stage.

When I first tried Mezzo, I found it pretty confusing. Unlike KDE and GNOME, Mezzo does not try to emulate Windows. Mezzo has UI rules of its own – for example it doesn’t use one start menu but four distinct buttons in each of the four corners to access documents, devices, etc. It doesn’t use menus but uses the whole screen. Mezzo ensures that content on these buttons fits one screen exactly so no scrolling is required. It also shows a thumbnail of the windows in the "taskbar". Widgets are an integrated part of the desktop – you can not put files and folders on the desktop.

I haven’t tried the beta release yet so I can’t formulate any opinions on it but from what I’ve seen in previous releases and on the website, it is going to be an interesting distribution. May be worth downloading if your a distribution enthusiast 🙂

Critical Internet Explorer Vulnerability

It seems like 28% of you guys still use Internet Explorer  (stats for my blog); a critical zero-day exploit for Internet Explorer was released today.

The exploit allows a remote attacker to take complete control of a Windows system if the victim visits a malicious website – not hard with pop unders, iframes, and spam.

There is proof of concept code at FrSIRT.

The group said IE users should immediately disable "Active Scripting via the Tools > Internet Options > Security tab > Custom Level feature.

You can also try an alternative browser such as Firefox.