These are the details of Microsoft patch update :

ID: MS10-006
Title: Vulnerabilities in SMB Client Could Allow Remote Code Execution
Microsoft Severity: Critical

Summary: The update addresses a pool corruption issue and a race condition issue with the Server Message Blocks (SMB) client. The SMB client is responsible for client requests to network file shares. An attacker can obtain remote execution by hosting and directing a user to a malicious SMB share.

Recommendation: The attack requires the client to establish an SMB connection outbound. If you enforce proper egress rules on your firewall, blocking outbound SMB traffic, you are mitigating external threats and the update is less critical. If you allow all ports outbound, apply this patch across all Windows versions as soon as possible.

ID: MS10-007
Title: Vulnerability in Windows Shell Handler Could Allow Remote Code Execution
Microsoft Severity: Critical

Summary: A validation input bug exists in the ShellExecute API in Windows 2000, Windows XP, and Windows Server 2003. The vulnerability can allow attackers to execute code as the logged-in user.

Recommendation: For Windows XP, Windows 2000, and Windows Server 2003, update as soon as possible as this vulnerability allows for remote code execution and there are no workarounds outside of the update. For Windows Vista, Windows 7, and Windows Server 2008, please see MS10-002.

ID: MS10-008
Title: Cumulative Security Update of ActiveX Kill Bit
Microsoft Severity: Critical

Summary: A vulnerability in the Data Analyzer Active-X Control can lead to remote execution. An attacker can host a malicious website to exploit the vulnerability and execute code with the privileges of the logged-in user. In addition, this update includes several kill bits (prevention of loading the ActiveX control) recommended by software vendors, such as Symantec, Google, and Facebook.

Recommendation: Update Windows XP and Windows 2000 as soon as possible. Server platforms have tighter default browsing restrictions, but should still be updated during your next server patch cycle, especially in Terminal Server / Citrix environments. There is a registry setting available to prevent the browser from instantiating the COM object (known as setting the kill bit), but this requires entering the Class ID of the object, therefore the simpler approach of installing the update is recommended.

ID: MS10-009
Title: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution
Microsoft Severity: Critical

Summary: This update addresses several issues in Windows TCP/IP. Two of them a vulnerabilities in ICMPv6 which allow remote code execution, one is a vulnerability when using custom network drivers that support header MDL fragmentation, and lastly a denial of service vulnerability in TCP/IP due to mishandling malformed selective acknowledgement (SACK) packets. These vulnerabilities affect Windows Vista and Windows Server 2008 (R1 only).

Recommendation: Microsoft calls this update critical due to the remote execution but there are many “ifs”. The ICMPv6 vulnerabilities can only be affected if you allow ICMPv6 traffic through your firewall and if your network infrastructure supports IPv6 or the tunneling of IPv6 over the IPv4 network. The incorrect handling of malformed SACK packets causes a denial of service. An attacker would have to host a service to accept the TCP connection, such as a website, and send the malformed SACK packet to the connecting client. With these caveats, the rating should be moderate or important. If you meet the requirements for the ICMPv6 vulnerabilities, then you should update as soon as possible.

ID: MS10-013
Title: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
Microsoft Severity: Critical

Summary: A vulnerability exists in the way that DirectShow parses AVI files. An attacker can lead a victim via phishing techniques or a malicious website to open a specially crafted AVI file. The attacker can gain remote execution with the same rights as the logged-in user.

Recommendation: All versions of Windows are affected by this vulnerability and should be patched as soon as possible. Since it is less likely that AVI files would be played on server platforms, the workstations and terminal server / Citrix environments should be the priority.

ID: MS10-003
Title: Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution
Microsoft Severity: Important

Summary: A vulnerability exists in Office XP and Office 2004 for Mac which can lead to remote code execution. A victim would need to open a malicious Office file to be attacked.

Recommendation: This is rated critical due to the remote code execution. Vulnerabilities like this remind us how important user awareness training is for firms. A victim would have to open an Office file that is sent via email by an attacker or hosted on a malicious site. In a browser, the user would be prompted if they want to open the Office file in cases where they are sent a link or redirected. User awareness is important in that users must be trained not to open attachments sent from unknown sources. The criticality of the update may depend on how diligent your users are in prompting IT support before opening suspicious content. Note that only Office XP and Office 2004 for Mac are affected.

ID: MS10-004
Title: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution
Microsoft Severity: Important

Summary: This update addresses six remote code execution vulnerabilities in PowerPoint versions included in Office XP, Office 2003, and Office 2004 for Mac.

Recommendation: Similar to MS10-003, this is rated critical due to remote code execution. The victim would need to open a PowerPoint document with an affected version to be compromised. In environments where these versions are in use and users are likely to open PowerPoint files from unknown websites or emails, the recommendation is to patch as soon as possible.

ID: MS10-010
Title: Vulnerability in Windows Server 2008 Hyper-V Could Allow Denial of Service
Microsoft Severity: Important

Summary: This update addresses a denial of service vulnerability in Hyper-V in Windows 2008 64-bit and Windows 2008 R2 Server versions. The denial of service affects the host operating system, which in turn would bring down any guests.

Recommendation: The recommendation is to apply the patch during your next patch cycle. This vulnerability would be difficult to exploit in properly managed server environments and would require valid credentials to the Hyper-V server.

ID: MS10-011
Title: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege
Microsoft Severity: Important
My Severity:

Summary: This update addresses a bug in CSRSS (Client/Server Run-time Subsystem) which leads to local privilege elevation.

Recommendation: The potential with this vulnerability is for a user who has credentials and is logged in can gain kernel or system level privileges. The vulnerability can not be executed remotely. This update can be included in your normal patch cycle and is not deemed critical.

ID: MS10-012
Title: Vulnerabilities in SMB Server Could Allow Remote Code Execution
Microsoft Severity: Important

Summary: This update addresses four issues in the SMB protocol across all versions of Windows. The Pathname Overflow vulnerability can lead to remote code execution but requires authentication. The memory corruption and null pointer vulnerability can lead to denial of service, and the NTLM authentication lack of entropy can lead to unauthenticated elevation of privileges.

Recommendation: Keeping patches up to date is important in any environment, but these SMB updates provide a very important reminder that egress firewall rules should be just as important to firms as ingress rules. The SMB protocol (port 445) as a best practice should be blocked inbound and outbound. Many of the recent SMB vulnerabilities affect the SMB client, which means the attacker will direct the victim to attampt a SMB client connection to a malicious server. This is not possible if your firewall blocks SMB outbound.

ID: MS10-014
Title: Vulnerability in Kerberos Could Allow Denial of Service
Microsoft Severity: Important
My Severity:

Summary: This update addresses a denial of service vulnerability due to improper handling of Ticket-Granting-Ticket renewal requests by a client on a remote, non-Windows realm in a mixed-mode Kerberos implementation. Only Windows Server operating systems (2000, 2003, 2008) are affected and only domain controllers.

Recommendation: This vulnerability requires the client sending the malformed request to be on a remote and non-Windows kerberos realm, which is very a specific setup. If your environment has a non-Windows based kerberos realm, this update can be included as part of your regular patch cycle, and is not critical for immediate action.

ID: MS10-015
Title: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
Microsoft Severity:Important

Summary: This update addresses two issues in the Windows kernel affecting all version of Windows except Windows 7 64-bit and Windows Server R2. The vulnerability leads to elevation of privileges.

Recommendation: A user must be authenticated to with valid logon credentials to exploit this vulnerability; a remote or anonymous exploit is not possible. This update can be included as part of your regular patch cycle, and is not critical for immediate action

ID: MS10-005
Title: Vulnerability in Microsoft Paint Could Allow Remote Code Execution
Microsoft Severity: Moderate

Summary: This update addresses a vulnerability in MS Paint which can lead to remote code execution. Windows 200, Windows XP, and Windows Server 2003 are affected. A malicious JPEG can be crafted to exploit this vulnerability.

Recommendation: By default, Windows uses the Windows Picture and Fax Viewer when opening JPEG files. An attacker would need to convince the user to open the specific malicious JPEG file in Microsoft Paint.

Uses of Business Event System include such as :

• Message-based system integration
  Propagate business event messages from one system to another. Messages can be propagated to other Oracle Databases through AQ propagation or consumed by external middle tier applications from the AQ.
• Business event-based workflows
  Trigger workflows as a result of a business event occurrence and consume the business event parameters and data in the workflow process.
• Non-invasive customization of packaged applications
  Loose coupling between the application raising the business event and the application subscribing to the event. Custom subscriptions can be added for seeded business events without modification to packaged applications. With above features, Business Event System is a lightweight and powerful layer that enables seamless integration between application within E-Business Suite and with applications outside E-Business suite. Following are some of the SOA based features built on top of Business Event System.

Business Events in EBS Adapter

E-Business Suite Adapter is a component of Oracle SOA Suite 10g and 11g that is available from JDeveloper and SOA Suite middle tier to help integrate with E-Business Suite 11i and R12. EBS Adapter can consume a variety of E-Business suite interfaces that are defined in Integration Repository in R12.

Business Event is one of the EBS interfaces that EBS Adapter can consume inbound. A business event occurrence in E-Business Suite can be communicated to Oracle SOA Suite through EBS Adapter that can in turn be used to initiate a BPEL process or an ESB routing service.

PULL Mechanism

From SOA processing perspective, the usage of business event by EBS Adapter can be considered a PULL mechanism wherein the EBS Adapter dequeues the message from WF_BPEL_Q in E-Business suite database to SOA processing in Oracle SOA Suite.

Business Events in Integrated SOA Gateway

As described in earlier posts in this blog, Integrated SOA Gateway is an integral part of Oracle E-Business suite R12.1 that service-enables E-Business suite by exposing E-Business suite interfaces such as PL/SQL, XML Gateway, Concurrent Program and so on as Web Services. Integration Repository is the source of truth for E-Business suite interfaces and also a console for service enablement.

• Business Event as an Interface in Integration Repository
  In Oracle E-Business Suite R12.1, business events are exposed as interface in Integration Repository that Integration Administrators can subscribe to for integration with external systems. By clicking Subscribe button in the business event interface details page in Integration Repository, an event subscription is automatically created as follows.
  Source Type – Local
  Rule Function – WF_RULE.Default_Rule
  Out Agent – WF_BPEL_QAGENT
  In Business Event System this means when that event occurs, enqueue it to WF_BPEL_QAGENT. As to what dequeues from WF_BPEL_QAGENT is left to the implementers. For example, if there is a SOA Suite deployment, AQ Adapter could be used to dequeue the event message and used in SOA processes.
  This use-case is synonymous to how business events are dequeued from EBS Adapter but the purpose of exposing business events in Integration Repository and providing ability to create an event subscription is generic in nature. The target consumer in this case could be any AQ client like AQ Adapter or a simple Java program.
• Business Event as enabler for Web Service Invocation
  Integrated SOA Gateway in Oracle E-Business Suite R12.1 provides ability to invoke web services that could reside anywhere on the intranet or internet. This is called Service Invocation Framework (SIF) that has capability to consume a web service given the location of the WSDL and invoke a selected operation on a service defined in that WSDL. SIF essentially is a SOAP client available within E-Business Suite R12.1 that can be used by E-Business Suite products to invoke any standard web service.

How is SIF implemented ?
SIF is a layer within Oracle Workflow Business Event Sytem. Given that the business event system is a proven integration methodology in E-Business Suite, the SIF is implemented using event-subscription model as follows.

• Create an invoker business event
• Create an Invoke Web Service subscription by consuming the WSDL
• Raise the invoker business event with appropriate payload to invoke the Web Service

The usage of business event here is purely as a SOAP client to invoke a web service that resides elsewhere.

PUSH mechanism
From SOA processing perspective, the usage of business event sytem here is to send a SOAP request to a web service. This can be considered a PUSH mechanism wherein the business event system initiates SOA processing by acting as a SOAP client within E-Business suite.

( Originally Posted By vijayakumar.shanmugam at blogs.oracle.com )

FBI Director Robert Mueller supports storing Internet users’ "origin and destination information," a bureau attorney said at a federal task force meeting on Thursday.

As far back as a 2006 speech, Mueller had called for data retention on the part of Internet providers, and emphasized the point two years later when explicitly asking Congress to enact a law making it mandatory. But it had not been clear before that the FBI was asking companies to begin to keep logs of what Web sites are visited, which few if any currently do.

The FBI is not alone in renewing its push for data retention. A survey of state computer crime investigators found them to be nearly unanimous in supporting the idea. Matt Dunn, an Immigration and Customs Enforcement agent in the Department of Homeland Security, also expressed support for the idea during the task force meeting.

Greg Motta, the chief of the FBI’s digital evidence section, said that the bureau was trying to preserve its existing ability to conduct criminal investigations. Federal regulations in place since at least 1986 require phone companies that offer toll service to "retain for a period of 18 months" records including "the name, address, and telephone number of the caller, telephone number called, date, time and length of the call."

At Thursday’s meeting (PDF) of the Online Safety and Technology Working Group, which was created by Congress and organized by the U.S. Department of Commerce, Motta stressed that the bureau was not asking that content data, such as the text of e-mail messages, be retained.

"The question at least for the bureau has been about non-content transactional data to be preserved: transmission records, non-content records, addressing, routing, signaling of the communication," Motta said. Director Mueller recognizes, he added "there’s going to be a balance of what industry can bear. He recommends origin and destination information for non-content data."

Motta pointed to a 2006 resolution from the International Association of Chiefs of Police, which called for the "retention of customer subscriber information, and source and destination information for a minimum specified reasonable period of time so that it will be available to the law enforcement community."

Recording what Web sites are visited, though, is likely to draw both practical and privacy objections.

"We’re not set up to keep URL information anywhere in the network," said Drew Arena, Verizon’s vice president and associate general counsel for law enforcement compliance.

And, Arena added, "if you were do to deep packet inspection to see all the URLs, you would arguably violate the Wiretap Act."

Another industry representative with knowledge of how Internet service providers work was unaware of any company keeping logs of what Web sites its customers visit.

If logs of Web sites visited began to be kept, they would be available only to local, state, and federal police with legal authorization such as a subpoena or search warrant.

What remains unclear are the details of what the FBI is proposing. The possibilities include requiring an Internet provider to log the Internet protocol (IP) address of a Web site visited, or the domain name such as cnet.com, a host name such as news.cnet.com, or the actual URL such as http://reviews.cnet.com/Music/2001-6450_7-0.html.

While the first three categories could be logged without doing deep packet inspection, the fourth category would require it. That could run up against opposition in Congress, which lambasted the concept in a series of hearings in 2008, causing the demise of a company, NebuAd, which pioneered it inside the United States.

The technical challenges also may be formidable. John Seiver, an attorney at Davis Wright Tremaine who represents cable providers, said one of his clients had experience with a law enforcement request that required the logging of outbound URLs.

"Eighteen million hits an hour would have to have been logged," a staggering amount of data to sort through, Seiver said. The purpose of the FBI’s request was to identify visitors to two URLs, "to try to find out…who’s going to them."

A Justice Department representative said the department does not have an official position on data retention.

Via (cnet.com)

In solving this problem comes SpeedyFox 1.4.1. The tool optimizes the base of the Mozilla Firefox browser and start making use of the appreciably faster. Support for the program comes down to his boot and one click.

Firefox has become one of the browsers in the world thanks to its plugin system, speed of navigation and the tab system that makes browsing endlessly through the Internet.

The only problem is that using Firefox is constant, this is losing properties, stability and speed on everything, so it is necessary to perform a general cleanup of certain files in order to fly back across the network.

SpeedyFox 1.4.1 is a small application by which we can give an extra touch of speed to Firefox, and that after cleaning done by the program can multiply up to 3 times the speed of the browser starting, will improve the management of history and we operate much faster with cookies.

Wait no more and make the world’s most comprehensive browser has an extra speed to be able to navigate better SpeedyFox 1.4.1.

Once installed, SpeedyFox automatically detects your Firefox’s default profile. If you have more than one profile, you can select the one you want to optimize from the drop-down menu. If you have portable version of Firefox, choose your profile path manually by selecting "Custom…" profile. All you have to do is hit the Speed Up Firefox button. The optimization process can take anywhere from 5 minutes to an hour depending on how large your databases are. The whole optimization process is safe as it does not effect your history, bookmarks, passwords, etc. So Don’t Worry Be Happy ..

Download Speedyfox 1.4.1 for Free

At the time of boot, lot many exe files executes which can be shifted or delay for 4 or 5 minutes so that the system will be ready to use in lesser time. There is a free software to delay those not urgent exe files execution.

When Windows loads it’s Startup file, it attempts to load every program in there at the same time. Therefore if you have quite a lot of programs starting when Windows starts, each program will try and grab CPU time so that it can load. If each program tries to do this at the same time, you soon notice the slow down that occurs, due to your CPU trying to help all the programs to load, and your hard disk accessing multiple files.

Startup Delayer allows you to setup how many seconds after Windows has started, to load each program.
For Example:
If you have your mail program and a special clock starting up, then you can make your mail start say 10 seconds after Windows has loaded, and then the special clock start 20 seconds after Windows Starts.

System Compatible : Windows 98/ME/2000/XP/XP64/Vista

Download Startup Delayer for Free

Put the file in any directory in which the first-run database is created and the file works. Soundbase not interfere with the system registry, it can be run on user accounts with restricted rights, or the USB flash drive. The program has its own music player.

Soundbase was created as a free alternative to the large amount of commercial mp3 players and mostlikely it will fit somewhere into your mp3 playing experience. As a player, as a tag editor or as an organizer. It will always give you a quick way of doing common tasks. Read the tutorials, the help files and give it a try!  

Soundbase is compatible with windows XP, Vista and Win 7, both 32bit and 64bit versions. So what might be the reasons why you like soundbase, well first of all Soundbase is very fast, secondly it is the only program I know of that can easily load 100.000s of songs without you getting very frustrated. If that is not enough reason then maybe one of the following might be:

1. aac, mp3, mp4, ogg, ape, flac, aac and wma playback;
2. aac, mp3, mp4, ogg, ape, flac, aac and wma tag editor;
3. soundbase playback is gapless and full 32bit floatingpoint;
4. full freedb access to download tag and album information;
5. radio playback with a selection of all kinds of webradio stations;
6. lyrics download for complete albums at once or only the playing song;
7. album art download from various locations with auto selection of 10 images;
8. language caption integration allowing you to change any displayed text;
9. skinengine, color and caption engine to adjust the looks to your liking;
10. organiser to move or copy your songs to a tag based folder structure;
11. miniplayer and a taskbar player access to the main playerbuttons;
12. burn, rip and convert songs to/from mp3/mp4/flac/ape/wma;
13. VSTi support to use some of worlds finest DSP support;
14. or change many other options that impact soundbase.

Download Soundbase Album Player

One of the first applications built to find and remove malware and spyware, Ad-Aware’s reputation is well-justified. The latest version continues the publisher’s tradition of adroitly addressing user concerns, but isn’t yet perfect.

Building on the improvements made in version 8, former Ad-Aware users should be glad to hear that the program installs faster than it used to. Without a doubt, though, this version of Ad-Aware improves greatly on what has come before. It loads faster during your boot cycle, and scans are faster. Empirical tests noted that while the Quick Scan finished in less than 10 minutes for version 8, the current version’s Quick Scan finished in under three minutes. Previous files that had been falsely detected as threats weren’t flagged this time around, probably due in part to Ad-Aware’s behavioral detection engine. Called Genotype, it’s based on heuristics and uses a one-pass scanning system, Genotype isn’t directly exposed to users, although you can opt in to anonymously contribute data from the Settings menu. The new version also explicitly calls out in the scan windows what the scan looks for.

New users should note that Ad-Aware Free performs faster than integrated antivirus and antimalware programs in part because only the paid version of Ad-Aware comes with an antivirus engine. Other important features are disabled in the free version. While rootkit detection is present, behavior-based heuristics and real-time registry protection are not. Ad-Aware Free cannot scan networked drives, and even a basic feature like the scheduler remains off-limits to nonpaying customers. The proprietary real-time defender Ad-Watch Live has been reconfigured to run more smoothly in the background, however, and long-time fans will notice the change. Ad-Aware continues to make improvements and seems to be unwilling to rest on its malware-removing laurels, but the free version is undeniably hamstrung.

Key Features of Ad-Aware Free Anti-Malware 8.2

• Core Malware Protection
  A power-packed combination of our pioneer anti-spyware technology together with rootkit protection and advanced Genotype detection to provide proactive malware protection, including protection against spyware, blended malware, trojans, rootkits, hijackers, keyloggers, and much more.
• Ad-Watch Live! Basic
  Integrated real-time process protection blocks malicious processes and infected programs that try to start or run on your system, to prevent them from further integration in your system.
• NEW! Genotype Detection Technology
  Based on heuristics, genotype allows Ad-Aware to stay one step ahead of today’s ever-evolving threats, as well as threats that have not yet been created. For in-depth information on this technology, please click here.
• NEW! Behavior-Based Heuristics Detection
  Extra Sensory Protection allows you to go a step beyond detecting known threats — the heuristics detection finds and blocks unknown and emerging threats and stops deceptive malware and cyber thieves before they attack your personal information.
• NEW! Rootkit Removal System
  Cutting edge anti-rootkit technology protects you from hidden threats and stealth attacks that are designed to gain access to your system by avoiding detection.
• NEW! The Neutralizer
  Advanced removal tool combats malware that attempts to restore itself even after rebooting your system
• NEW! Download Guard for Internet Explorer
  Most people are aware of the dangers and the risk when downloading files from the web. IE Download Guard provides an additional layer of protection that lets you download files on Internet Explorer confidently. If the file is malicious, you will simply be notified during the download process so that you can take action before any malware can infiltrate your system.
• NEW! E-mail Scanner
  Keeps you safe from malicious attachments and images in your e-mail.
• Detect, Remove and Repair
  Ad-Aware intelligently cleans your system by removing all traces of the infection.
• Minimal Strain on System Resources
  Improvements to computer resource usage mean you have protection that doesn’t slow your computer down.
• Easy to install & Use
  We know not all users have the same needs, so we give you the power to decide how you want to interact with Ad-Aware.
  • Simple Mode allows you to set and forget – by using our expert recommended settings, no interaction is needed from your part, making using the program as easy as possible.
  • Advanced Mode lets you customize all the settings as you choose, to tailor everything to your specific needs.
• Lavasoft SmartSet
  Let the experts at Lavasoft guide you. Lavasoft SmartSet makes scanning and cleaning as easy as possible — by providing settings for scans and recommended actions for found infections. All you have to do is set and forget.
• External Drive Scanning
  Scan your external storage device, iPod, USB’s, or any other drives that you connect to your PC for an additional layer of security.
• Pin-Point Scanning
  Quickly identify whether a suspicious file is safe or malicious – Right click any file or folder to perform an immediate scan, or send it to ThreatWork Alliance for analysis.
• Automatic Updates
  Continuous pulse updates to guard your privacy against cyber attacks.

System Requirement

• Processor
  P600 MHz or better.
• Ram
  Operating system + 100 MB.
• Hard Disk
  100 MB free space recommended.
• Supported Operating Systems
  Windows 7 (32 and 64-bit), Windows Vista (32 and 64-bit), Windows XP (32-bit), Windows 2000 Pro.

Download Ad-Aware Free Anti Malware 8.2

Features & Benefits

Maximum protection with minimum impact on your PC

For 20 years Panda Security has been innovating and protecting its customers against viruses and other threats. As always, you can rest assured that Panda products combine the best protection technologies with the latest advances in speed and efficiency to minimize use of your computer’s resources. This product also includes new tech support services for your complete peace of mind.

• Includes:

• Anti-Virus
• Anti-Spyware
• Anti-Phishing
• Anti-Rootkit
• Firewall
• Identity Protect
• Anti-Spam
• Parental Control
• Premium Backup
• PC Tune Up
• Technical support service and automatic upgrades

• Key benefits for users:

• Anti-Malware Protection
• Identity Theft Protection
• Safe Internet Browsing
• Backup & Restore
• PC Optimization

ANTI-MALWARE PROTECTION

• NEW! Panda USB Vaccine protects your USB drives from infection
• IMPROVED! 80% reduced memory consumption
• IMPROVED! Anti-Malware Engine detects and eliminates viruses, worms, Trojans, spyware, keyloggers, rootkits, bots, etc.
• IMPROVED! Instant Messaging protection for MSN Messenger, Windows Live Messenger, Yahoo Messenger and AOL traffic.
• IMPROVED! Advanced Proactive Protection technologies include Genetic Heuristics and TruPrevent 2.0 behavioral analysis to protect against new and unknown malware.
• IMPROVED! The Personal Firewall protects against worms and hackers attacks.
• WiFi Monitor protects your wireless network from intruders.

IDENTITY THEFT PROTECTION

• IMPROVED! Anti-Phishing Filter identifies fraudulent email and protects you from online scams.
• Anti-Banking Trojan Engine lets you bank and shop online with complete peace of mind.
• The award-winning Anti-Rootkit Technology detects threats that hide in your PC, silently stealing personal information.

SAFE INTERNET BROWSING

• IMPROVED! The Web Filter lets you use the Internet safely without the risk of infections, vulnerability exploits, browser hijacking or phishing websites.
• IMPROVED! The Information Filter prevents theft from your PC of credit card numbers, social security numbers and any other personal information.
• New Anti-Spam Filter keeps your inbox free from junk mail, regardless of your email program.
• The Parental Control feature lets children use the Internet safely by restricting access to inappropriate Web content.

PC OPTIMIZATION / BACKUP & RESTORE

• With Backup/Restore you can safeguard your most important documents and images either locally or online.
• Protect your pictures, videos and all type of files automatically through a premium 5GB online backup system (NEW!) .
• Improve your system performance by removing unnecessary files and traces with Tune-Up utilities.

Technical Requirements

• Operating system: Windows® 7 (32 & 64-bit), Windows® Vista™ (32 & 64-bit), Windows® XP (32-bit)
• Processor: Pentium 300 MHz or faster
• RAM: 128 MB without TruPrevent Technologies, 512 MB with TruPrevent Technologies (1 GB recommended)
• Hard Disk: 265 MB free space
• MS Internet Explorer 6.0
• CD-ROM drive

Support and Services

• NEW! Tech Support Online Forum

  Join our community of experts and resolve all your questions and queries in real-time. Thanks to the new Panda Security online support forum you will have access to the most useful information regarding your product.

• Tech Support 24 hours a day-365 days a year

  Panda Security is a pioneer in offering round-the-clock customer services. Whenever you need us, our tech support experts will provide a rapid response via email or the Internet.

• SOS Virus

  This rapid response service lets you submit suspicious files directly to PandaLabs’ engineers. Enjoy the benefits of having a team of experts at your disposal!

• Automatic daily updates

  Every day more than 2000 new threats appear. But don’t worry! Panda Global Protection 2010 automatically updates at least once a day to keep you permanently protected. Feel safe at all times!

Get Panda Global Protection 2010

There are few operations in mathematics that are truly ‘irreversible’. In nearly all cases, if an operation is performed on ‘a’, resulting in ‘b’, you can perform an equivalent operation on ‘b’ to get ‘a’. In some cases you may get the absolute value (such as a square root), or the operation may be undefined (such as dividing by zero). However, in the case of ‘undefined’ operations, it may be possible to base a key on an algorithm such that an operation like division by zero would PREVENT a public key from being translated into a private key. As such, only ‘trial and error’ would remain, which would require a significant amount of processing time to create the private key from the public key.

In the case of the RSA encryption algorithm, it uses very large prime numbers to generate the public key and the private key. Although it would be possible to factor out the public key to get the private key (a trivial matter once the 2 prime factors are known), the numbers are so large as to make it very impractical to do so. The encryption algorithm itself is ALSO very slow, which makes it impractical to use RSA to encrypt large data sets. What PGP does (and most other RSA-based encryption schemes do) is encrypt a symmetrical key using the public key, then the remainder of the data is encrypted with a faster algorithm using the symmetrical key. The symmetrical itself key is randomly generated, so that the only way to get it would be by using the private key to decrypt the RSA-encrypted symmetrical key.

Example:  Suppose you want to encrypt data (let’s say this web page) with a key of 12345.  Using your public key, you RSA-encrypt the 12345, and put that at the front of the data stream (possibly followed by a marker or preceded by a data length to distinguish it from the rest of the data).  THEN, you follow the ‘encrypted key’ data with the encrypted web page text, encrypted using your favorite method and the key ‘12345′.  Upon receipt, the decrypt program looks for (and finds) the encrypted key, uses the ‘private key’ to decrypt it, and gets back the ‘12345′.  It then locates the beginning of the encrypted data stream, and applies the key ‘12345′ to decrypt the data.  The result:  a very well protected data stream that is reliably and efficiently encrypted, transmitted, and decrypted.

Source files for a simple RSA-based encryption algorithm can be found HERE:
ftp://ftp.funet.fi/pub/crypt/cryptography/asymmetric/rsa

It is somewhat difficult to write a front-end to get this code to work (I have done so myself), but for the sake of illustration, the method actually DOES work and by studying the code you can understand the processes involved in RSA encryption.  RSA, incidentally, is reportedly patented through the year 2000, and may be extended beyond that, so commercial use of RSA requires royalty payments to the patent holder (www.rsa.com).  But studying the methods and experimenting with it is free, and with source code being published in print (PGP) and outside the U.S., it’s a good way to learn how it works, and maybe to help you write a better algorithm yourself.

The well-known ‘PKZIP®’ utility offers both compression AND data encryption in this manner. Also DBMS packages have often included some kind of encryption scheme so that a standard ‘file copy’ cannot be used to read sensitive information that might otherwise require some kind of password to access. They also need ‘high performance’ methods to encode and decode the data.

Fortunately, the simplest of all of the methods, the ‘translation table’, meets this need very well. Each ‘chunk’ of data (usually 1 byte) is used as an offset within a ‘translation table’, and the resulting ‘translated’ value from within the table is then written into the output stream. The encryption and decryption programs would each use a table that translates to and from the encrypted data. In fact, the 80×86 CPU’s even have an instruction ‘XLAT’ that lends itself to this purpose at the hardware level. While this method is very simple and fast, the down side is that once the translation table is known, the code is broken. Further, such a method is relatively straightforward for code breakers to decipher – such code methods have been used for years, even before the advent of the computer. Still, for general "unreadability" of encoded data, without adverse effects on performance, the ‘translation table’ method lends itself well.

A modification to the ‘translation table’ uses 2 or more tables, based on the position of the bytes within the data stream, or on the data stream itself. Decoding becomes more complex, since you have to reverse the same process reliably. But, by the use of more than one translation table, especially when implemented in a ‘pseudo-random’ order, this adaptation makes code breaking relatively difficult. An example of this method might use translation table ‘A’ on all of the ‘even’ bytes, and translation table ‘B’ on all of the ‘odd’ bytes. Unless a potential code breaker knows that there are exactly 2 tables, even with both source and encrypted data available the deciphering process is relatively difficult.

Similar to using a translation table, ‘data repositioning’ lends itself to use by a computer, but takes considerably more time to accomplish. A buffer of data is read from the input, then the order of the bytes (or other ‘chunk’ size) is rearranged, and written ‘out of order’. The decryption program then reads this back in, and puts them back ‘in order’. Often such a method is best used in combination with one or more of the other encryption methods mentioned here, making it even more difficult for code breakers to determine how to decipher your encrypted data. As an example, consider an anagram. The letters are all there, but the order has been changed. Some anagrams are easier than others to decipher, but a well written anagram is a brain teaser nonetheless, especially if it’s intentionally misleading.

My favorite methods, however, involve something that only computers can do: word/byte rotation and XOR bit masking. If you rotate the words or bytes within a data stream, using multiple and variable direction and duration of rotation, in an easily reproducable pattern, you can quickly encode a stream of data with a method that is nearly impossible to break. Further, if you use an ‘XOR mask’ in combination with this (’flipping’ the bits in certain positions from 1 to 0, or 0 to 1) you end up making the code breaking process even more difficult. The best combination would also use ‘pseudo random’ effects, the easiest of which would involve a simple sequence like Fibbonaci numbers. The sequence ‘1,1,2,3,5,…’ is easily generated by adding the previous 2 numbers in the sequence to get the next. Doing modular arithmetic on the result (i.e. Fib. sequence mod 3 to get rotation factor) and operating on multiple byte sequences (using a prime number of bytes for rotation is usually a good guideline) will make the code breaker’s job even more difficult, adding the ‘pseudo-random’ effect that is easily reproduced by your decryption program.

In some cases, you may want to detect whether data has been tampered with, and encrypt some kind of ‘checksum’ into the data stream itself. This is useful not only for authorization codes but for programs themselves. A virus that infects such a ‘protected’ program would no doubt neglect the encryption algorithm and authorization/checksum signature. The program could then check itself each time it loads, and thus detect the presence of file corruption. Naturally, such a method would have to be kept VERY secret, as virus programmers represent the worst of the code breakers: those who willfully use information to do damage to others. As such, the use of encryption is mandatory for any decent anti-virus protection scheme.

A cyclic redundancy check is one typically used checksum method. It uses bit rotation and an XOR mask to generate a 16-bit or 32-bit value for a data stream, such that one missing bit or 2 interchanged bits are more or less guaranteed to cause a ‘checksum error’. This method has been used for file transfers for a long time, such as with XMODEM-CRC. The method is somewhat well documented, and standard. But, a deviation from the standard CRC method might be useful for the purpose of detecting a problem in an encrypted data stream, or within a program file that checks itself for viruses.