PrivacyScan, Privacy Protection for Your Mac, is now available on the Mac App Store. PrivacyScan protects online and offline privacy by shredding files that can be used to track your web browsing and computer usage. Going above and beyond United States DoD (Department of Defense) government standards, PrivacyScan’s shred feature...

Jailbreakers may find it more difficult to find pirated apps from the App Store thanks to Apple’s latest legal maneuvers. The company has reportedly been sending DMCA takedown notices to Apptrackr, a popular service for tracking down cracked apps, in order to try and cut off pirated app downloads at the source.

According to Apptrackr developer “Dissident” (via Cult of Mac), Apple has apparently scraped links from the Apptrackr service and sent “huge takedown notices” to cut off access to pirated apps. To try and work around the copyright issues, Apptrackr has moved its servers outside the US and is using a form of redirection to avoid “direct” links to infringing content.

To what level piracy affects App Store developers remains a matter of debate. Some developers have used checks built in to their apps to determine piracy rates as high as 80 percent. If each pirated copy were counted as a sale, it would add up to a significant amount of money—on the order of millions of dollars given the sales volume of the App Store. Still, every pirated copy doesn’t necessarily equal a sale, and many developers don’t feel it’s worth the effort to work against pirates, many of whom would never have bought the app in the first place.

“Dissident” echoes these sentiments on the Apptrackr website. He claims the service is meant to allow users to test apps before buying, as Apple offers no mechanism to do so via the App Store, but he acknowledged that Apptrackr is often used to simply avoid paying for apps.

“It’s undeniable that a portion of our community pirates rather than tests the applications that they install,” Dissident wrote on the site’s “about us” section. “They were very, very likely never potential customers in the first place. Piracy’s conversion rate is absurdly low, and developers know that.”

In insecurity expert has shown how it is a doddle to hack your way past Windows 8′s controversal boot-up security and gain root access.

Austrian independent developer and security analyst Peter Kleissner is scheduled to release the first known “bootkit” for Windows 8 which can load from a hard drive’s master boot record and reside in memory all the way through the startup of the operating system, providing root access to the system.

Windows 8′s boot loader is designed to stop malware and security breaches, including a measure that requires any software loaded at boot time to be authenticated with a valid digital signature. Vole thinks this will kill off malware because it would block any unsigned software from loading into memory before startup. The software angered open-saucers who think that it is designed to kill Linux distributions such asRed Hat and Ubuntu which don’t come with a digital signature.

Kleissner said that his exploit defeats the security features of Windows 8′s new Boot Loader which has angered Open Saucers who claim it will prevent them running dual booted systems.

Kleissner told Ars Technica that the exploit did not currently target the Unified Extensible Firmware Interface (UEFI), but instead went after legacy BIOS. He is going to share his hack with the people at Microsoft.

Kleissner is famous for his Stoned bootkit which was a proof-of-concept exploit that could attack Windows XP, Vista, and 7, as well as Windows Server 2003. Stoned could install itself into the Windows kernel and gain unrestricted access to the entire system, even on systems with encrypted drives.

Kleissner said his bootkit, called Stoned Lite, has an infector file that is only 14 kilobytes in size, and the bootkit can be started from a USB drive or CD.

He is also considering adding in “in-memory patching of msv1_0!MsvpPasswordValidate.” That would make it possible to change the password validation routine in Windows to accept any password as valid for an account.

Microsoft is telling Windows users that they’ll have to reinstall the operating system if they get infected with a new rootkit that hides in the machine’s boot sector.

A new variant of a Trojan Microsoft calls “Popureb” digs so deeply into the system that the only way to eradicate it is to return Windows to its out-of-the-box configuration, Chun Feng, an engineer with the Microsoft Malware Protection Center, said last week on the group’s blog.

[ Windows 7 is making huge inroads into business IT. But with it comes new security threats and security methods. InfoWorld's expert contributors show you how to secure the new OS in the "Windows 7 Security Deep Dive" PDF guide. ]

“If your system does get infected with Trojan:Win32/Popureb.E, we advise you to fix the MBR and then use a recovery CD to restore your system to a pre-infected state,” said Feng.

A recovery disc returns Windows to its factory settings.

Malware like Popureb overwrites the hard drive’s MBR (master boot record), the first sector — sector 0 — where code is stored to bootstrap the operating system after the computer’s BIOS does its start-up checks. Because it hides on the MBR, the rootkit is effectively invisible to both the operating system and security software.

According to Feng, Popureb detects write operations aimed at the MBR — operations designed to scrub the MBR or other disk sectors containing attack code — and then swaps out the write operation with a read operation.

Although the operation will seem to succeed, the new data is not actually written to the disk. In other words, the cleaning process will have failed.

Feng provided links to MBR-fixing instructions for XP, Vista, and Windows 7

Rootkits are often planted by attackers to hide follow-on malware, such as banking password-stealing Trojans. They’re not a new phenomenon on Windows.

In early 2010, for example, Microsoft contended with a rootkit dubbed “Alureon” that infected Windows XP systems and crippled machines after a Microsoft security update.

At the time, Microsoft’s advice was similar to what Feng is now offering for Popureb.

“If customers cannot confirm removal of the Alureon rootkit using their chosen anti-virus/anti-malware software, the most secure recommendation is for the owner of the system to back up important files and completely restore the system from a cleanly formatted disk,” said Mike Reavey, director of the Microsoft Security Response Center, in February 2010.

Since then, Microsoft has added a check for the Aluereon rootkit to all security updates so that when the malware is detected, the updates are not installed.

Microsoft today released four patches as part of its regularly scheduled patch cycle, including a critical fix to a flaw that could allow attackers to launch a dangerous worm.

This month’s patches affects all versions, including Windows 7 and Windows Server 2008 R2, with two patches rated important and one rated moderate. All three patches require a restart.

The update labeled MS11-083 fixes a problem with the TCP/IP stack in Windows, or what Microsoft describes as “an externally found reference counter issue in TCP/IP stack.” The good news is that exploiting this vulnerability isn’t easy.

“Since this vulnerability does not require any user interaction or authentication, all Windows machines, workstations and servers that are on the Internet can be freely attacked. The mitigating element here is that the attack is complicated to execute,” says Amol Sarwate, manager of vulnerability labs for patch management vendor Qualys. “But otherwise this has all the required markings for a big worm.”

An attack that would take five hours

Essentially, the attack involves sending a large number of UDP packets to an unprotected port. When the system is deluged with network packets, the reference counter in the stack will keep incrementing and eventually wrap around. At that point, the system could crash, or if the attacker has planted other malware, the hacker could own the system.

Notes Joshua Talbot, security intelligence manager, Symantec Security Response: “We estimate an attack attempting to leverage it would take a considerable amount of time; perhaps four to five hours to complete a single attack. However, if an attacker can pull it off the result would be a complete system crash or compromise if the attacker develops a reliable means of exploitation.”

Among the important patches is one that fixes a DLL preloading vulnerability in Windows Mail (MS11-085). This class of attack has been around since August 2010, Sarwate says.

“The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained,” Microsoft says.

No zero-day patch yet

Microsoft has also fixed another vulnerability in Active Directory, Active Directory Application Mode (ADAM) and Active Directory Lightweight Directory Service (AD LDS) via MS11-086. It could allow elevation of privileges “if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain,” Microsoft says. However, Active Directory is not configured to use LDAP over SSL by default.

“Since this vulnerability does not require any user interaction or authentication, all Windows machines, workstations and servers that are on the Internet can be freely attacked. The mitigating element here is that the attack is complicated to execute,” says Amol Sarwate, manager of vulnerability labs for patch management vendor Qualys. “But otherwise this has all the required markings for a big worm.”

An attack that would take five hours

Essentially, the attack involves sending a large number of UDP packets to an unprotected port. When the system is deluged with network packets, the reference counter in the stack will keep incrementing and eventually wrap around. At that point, the system could crash, or if the attacker has planted other malware, the hacker could own the system.

Notes Joshua Talbot, security intelligence manager, Symantec Security Response: “We estimate an attack attempting to leverage it would take a considerable amount of time; perhaps four to five hours to complete a single attack. However, if an attacker can pull it off the result would be a complete system crash or compromise if the attacker develops a reliable means of exploitation.”

Among the important patches is one that fixes a DLL preloading vulnerability in Windows Mail (MS11-085). This class of attack has been around since August 2010, Sarwate says.

“The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained,” Microsoft says.

No zero-day patch yet

Microsoft has also fixed another vulnerability in Active Directory, Active Directory Application Mode (ADAM) and Active Directory Lightweight Directory Service (AD LDS) via MS11-086. It could allow elevation of privileges “if Active Directory is configured to use LDAP over SSL (LDAPS) and an attacker acquires a revoked certificate that is associated with a valid domain account and then uses that revoked certificate to authenticate to the Active Directory domain,” Microsoft says. However, Active Directory is not configured to use LDAP over SSL by default.

Sometimes, girlfriends drag their doting but unwilling boyfriends to department stores. It’s a fact of life. What could make this situation better? An iPad probably.

Call it strategic marketing, but at least one Macy’s men’s department has recently added vending machines stuffed with alluring gadgets, such as cameras, GPS devices, headphones and yes, even iPads. This is something we’ve only recently started seeing in airports. It’s at least a bit surprising to see in a Macy’s, if only because there are many electronic stores steps away. After all, it is a mall. Ben Popken, a writer for the Consumerist, came across one recently. Surprised, he wrote, “I kind of hate it, and I kind of love it.”

The machine was against the wall, to the side of several round tables stacked with dress shirts. It was an unexpected sight. I guess impulse buys aren’t just for Skittles anymore. Yes, the iPad vending machine. Perfect for those times when you’re running late and need to pick up a 3-pack of Hanes and a $499 multitouch WiFi-enabled tablet computer in the same trip.

The writer actually had to make two trips to the mall that day: once to drop off his laptop for repair at the Apple Store, again to pick it up. The experience was frustrating: finding parking twice, walking the many steps to get there. “Why does it take so long to get from one part to the other? Why do I feel like I’m moving so slowly?,” he pondered. He concludes this chapter with some deep reflection.

So, maybe a vending machine with a gadget that I want right by the door of the anchor store’s men’s section, letting me dash in and out of the mall’s event horizon without getting sucked into its singularity, isn’t just not the worst idea ever. It’s a kiosk of convenience, dispensing mercy.

I just hope my hundred dollar bills aren’t too wrinkled for the machine to accept.

Now you have the best sign we’ve entered a new age, the future: Vending machines take hundred dollar bills and most major credit cards.

The Mac Security Blog from Intego, a Mac security software developer, has posted a security memo warning users of a new Trojan, dubbed Flashback, that is infecting OSX based systems. The Flashback Trojan masquerades as an Adobe Flash Player installer, and if an unsuspecting user downloads the file package and ultimately installs the Trojan, it will deactivate some security software, delete the installation package itself, install auto-launch code, and place a library in the /Library/Preferences/ folder that’s used to inject code into applications launched by the user. The Trojan then connects to a remote server and sends information about the infected Mac, including the machine’s MAC address.

From the Intego post, “Malware: OSX/flashback.A

Although Intego’s article says they’ve received only a single report of an infected machine so far, comments on the blog post seem to indicate that numerous users are infected and that some of the infections could be about a month old.

Analysis of the malicious code is still ongoing, but the latest definitions for Intego’s VirusBarrier X6 application can detect, prevent, and eliminate the Flashback Trojan and others are sure to follow suit.

In other news, Steve Ballmer was seen driving by a local Apple store blowing rasberries and screaming, “Neener, Neener, Neener!”

While there had been hints of a new look earlier, the Windows 8 code delivered to developers at Microsoft’s Build conference in Anaheim yesterday includes a Blue Screen of Death the likes of which users have not seen before.

After expressing emoticon-style sadness, the new screen reads:

Your PC ran into a problem that it couldn’t handle, and now it needs to restart.

You can search for the error online: HAL_INITIALIZATION_FAILED

One could argue that it is the Microsoft operating system that failed, not your PC, but let’s not quibble.

The change is beginning to attract more attention. Pocket-lint reports:

Yep, even the dreaded BSOD has been reimagined, making it much more friendly and less scary. Sure, your computer is probably knackered if you’re presented with it, but look at that emoticon – Windows 8 has a personality, it’s sad for us in our time of need.

And this blogger notes that the color blue no longer has exclusive domain over the notification of doom:

You no longer have to stare at a depressing blue screen of death. Win8′s new xSODs come in a variety of attractive colors and patterns, including mauve, chartreuse, and gingham.

That report comes from a humor site called eSarcasm, so be forewarned before getting your heart set on the Chartreuse Screen of Death.

And if it seems as though the Blue Screen of Death has been a part of our lives forever, that’s because it has essentially been a part of our lives forever. Wikipedia has a page devoted to the BSOD, of course, and while the Wikipedia police suggest it is need of better documentation, the history entry gives us a clue as to the BSOD’s origins:

The term Blue Screen of Death originated during development of the IBM OS/2 operating system at Lattice Inc, the makers of early Windows and OS/2 compilers.[citation needed] Developers encountered the error screen when bugs in the operating system’s software (typically null pointers) slipped through the net during beta testing. In feedback to IBM, a company known informally as ‘Big Blue’, the developers humorously described the Stop screen as the ‘Blue Screen of Death’ in consequence of its color, of the association of that color with IBM, and of the finality of the error (which caused the computer to hang without any possibility of recovery, requiring a manual restart).[citation needed]

Gingham? Who would want a Gingham Screen of Death?

It’s the most exciting release by Microsoft in years. Windows 8 is actually making the Apple-loving blogosphere open their eyes and cheer out loud. Will it be successful? Will it come out too late?

In the coming months we will see how this pans out, but for the first time in a long time, Microsoft ishot. You can see the entire keynote on BuildWindows, but here are the highlights. Below it is some of the feedback coming around the web.

All the attention is on Microsoft right now as the tech world tunes in to see what Windows 8 and its funky Metro UI is all about. Maybe that’s not sitting right with Apple, who’d prefer to hog the limelight for itself. If that’s the case, it would make perfect sense to refresh its MacBook Pro line this month, as is rumored to be the case.

Citing “people with proven insight into Apple’s future product plans,” AppleInsider reports Apple is hot-to-trot with refreshed MacBook Pro models later this month rather than waiting for Intel’s next generation Core i mobile processors to appear in the second quarter of 2012.

It’s unclear what parts Apple is planning to shove into new MacBook Pro models, though it’s worth mentioningIntel recently introduced a handful of new Core i7 processors, including:

• Core i7 2960XM: Quad-core, 2.7GHz, 8MB cache, $1,096
• Core i7 2860QM: Quad-core, 2.5GHz, 8MB cache, $568
• Core i7 2760QM: Quad-core, 2.4GHz, 6MB cache, $378
• Core i7 2640M: Dual-core, 2.8GHz, 4MB cache, $346

Currently the fastest processor available on 15-inch and 17-inch MacBook Pro models is a Core i7 2820QM (quad-core, 2.3GHz, 8MB cache), while the 13-inch model is available with a Core i5 dual-core chip clocked at 2.3GHz or a Core i7 dual-core part clocked at 2.7GHz.