Happy hackers at Maker Faire 2011

SAN MATEO, Calif.--From the size of the crowd at Maker Faire today, it's clear the world has a growing appetite for DIY innovation. More than 100,000 people were expected for the sixth annual event, taking place at the San Mateo County Event Center this weekend.

A diverse mix of science, engineering, design, and art--with everything from robots to knitting to exploding soda to steam rollers--Maker Faire is an otherworldly extravaganza that attracts kids and adults, leaving both wide-eyed at the marvelous maker creations.

Where else can you see four very realistic beeping R2D2s twirling around through gawking crowds?

iPad Owners Spend More Time Using in Bed than in Bathroom

Users of Apple's iPad and other tablets prefer to spend more time fiddling with their devices in bed than in the bathroom.

That’s the assessment of a new study by The Nielsen Co.

Nielsen recently surveyed 12,000 tablet, e-reader and smartphone owners in the U.S. to find out where and in what situations people like to use the gadgets.The study also measured how long people use their devices compared to other situations. Use while watching TV, lying in bed, hanging out with friends and family, waiting for a doctor's appointment, and in the bathroom were all gauged.

Users of tablets, e-readers and smartphones said they spend about 3 percent to 4 percent of their gadget time in the bathroom. By comparison, about 21 percent of a tablet user’s time is spent lying in bed, and 11 percent of smartphone usage is spent on the mattress, according to the survey. Sixty-one percent of e-reader owners cited bedtime as a great situation for opening an e-book. And 37 percent of e-reading time was spent lying in bed among those surveyed.

The most popular place to use tablets appears to be in front of the tube.

Seventy percent of tablet owners cited watching TV as the most popular situation for using a tablet. This was also the biggest time suck with 30 percent of a user's tablet time spent in front of the set.

The least popular situation to pull out the electronic gizmos?

Tablet owners said they are least likely to use the device while commuting. Smartphone owners are most reluctant to pull out their device during a class or meeting. And 9 percent of e-reader users surveyed say they leave their gadgets at home when shopping or running errands.

'Jeopardy!'-Winning Computer Delving Into Medicine

IBM's Watson computer system, best known for defeating the world's best "Jeopardy!" players, now delivers rapid-fire answers to questions about diseases and medicines.

The company says it could be suggesting diagnoses and treatments to doctors right at a patient's bedside in the next couple of years.
In the Server Room of Jeopardy Challenger 'Watson' Watch Video
Jeopardy: Man vs. Machine Watch Video
Buying High Watch Video

A recent demonstration showed how Watson's suggested diagnoses evolved as the computer was given more information about a patient, including where the patient lived. When told a patient was pregnant, it altered its treatment suggestion.

Watson is being fed a diet of medical textbooks and journals and taking training questions in plain language from medical students. A doctor who is helping IBM says its database might soon include entries from blogs.

Microsoft and Facebook team up to fight child porn

Facebook is expanding its efforts to fight child pornography using Microsoft technology, Redmond announced in a blog post yesterday.

The world's largest social network has joined the National Center for Missing and Exploited Children's PhotoDNA program. The service, which was developed by Microsoft Research and Dartmouth College in 2009, uses image-matching technology to find known depictions of child pornography across the Web. Facebook plans to use the technology across its network to ensure child pornography is not circulating through the site.

Microsoft has been using PhotoDNA with great success since the service's development. According to the company, it has analyzed more than 2 billion images through its Bing image search and SkyDrive. So far, it has found 1,500 matches and 1,000 matches on Bing and SkyDrive, respectively.

"Many of these images recirculate on the Internet time and time again, even many years after the original crime occurred and the abuser has been brought to justice," Ernie Allen, president and CEO of the National Center for Missing and Exploited Children wrote on Microsoft's blog. "And every time these crime scene images are viewed, the children in the images are re-victimized. PhotoDNA aims to break this cycle, so the images of abuse need not haunt these children online forever."

This isn't Facebook's first move to stem the proliferation of child pornography on the Web. Last year, the company, along with MySpace, joined forces with then-Attorney General Andrew Cuomo, now governor of New York, to develop a "digital fingerprints" database. The tool would be used by the social networks to analyze a photo before it's uploaded to see if it matches the database of pornographic images. If so, the upload process would be blocked.

"Protecting Facebook users, especially the many young people who use our site, has always been a top priority and we devote significant resources to developing innovative systems to proactively monitor the site for suspicious activity and the rare cases of illegal content," Facebook Chief Security Officer Joe Sullivan said last year after Facebook announced its partnership with the attorney general.

Facebook plans to make an official announcement on its partnership with the National Center for Missing and Exploited Children on PhotoDNA later today. Those who are interested in hearing more about its plans can watch live starting at 12 p.m. PT. Users can also ask questions and have them answered by a panel discussing the launch.

PG Auto Pro Classifieds Software Shell Upload

###########################################################################################################
## PG Auto Pro classifieds software (FCKeditor) Arbitary File Upload ##
## Author : kaMtiEz (kamtiez@exploit-id.com) ##
## Homepage : www.indonesiancoder.com | www.exploit-id.com | www.magelangcyber.web.id ##
## Date : 14 May, 2011 ##
###########################################################################################################

[ Software Information ]

[+] Vendor : http://www.pgautopro.com/
[+] Download : – ( because not free :( )
[+] Price : PG Auto Pro $499.00 ( http://www.pgautopro.com/pricing.php )
[+] version : -
[+] Vulnerability : File Upload
[+] Dork : “CiHuY”
[+] LOCATION : INDONESIA – JOGJA

###########################################################################################################

[ Vulnerable File ]

http://127.0.0.1/[kaMtiEz]/system/plugins/fckeditor/editor/filemanager/connectors/test.html

[ Shell ]

http://127.0.0.1/[kaMtiEz]/uploads/file/YourFile.txt

[ DEMO ]

http://demo.pgautopro.com/system/plugins/fckeditor/editor/filemanager/connectors/test.html

http://sparkimotors.com/system/plugins/fckeditor/editor/filemanager/connectors/test.html

[ FIX ]

dunno :”>

###########################################################################################################

[ Thx TO ]

[+] INDONESIANCODER – EXPLOIT-ID – MAGELANGCYBER TEAM – MALANGCYBER CREW – KILL-9
[+] Tukulesto,arianom,el-farhatz,Jundab,Ibl13Z,Ulow,s1do3L,Boebefa,Hmei7,RyanAby,AlbertWired,GonzHack
[+] Lagripe-Dz,KedAns-Dz,By_aGreSiF,t0r3x,Mboys,Contrex,Gh4mb4S,jos_ali_joe,k4l0ng666,n4sss,r3m1ck,
[+] yur4kh4,xr0b0t,kido,trycyber,n4ck0,El k4mpr3t0 dan teman2 semuanya yang saya tak bisa sebutkan satu2 :D

[ NOTE ]

[+] For Wantexz .. Get Well Soon My Friends :)
[+] Special Thx to my brotherhood in DejavuNet :D
[+] Jangan Takut , Luka Pasti Akan Sembuh :)

[ QUOTE ]

[+] INDONESIANHAXOR still r0x
[+] nothing secure ..

WordPress EditorMonkey (FCKeditor) Remote File Upload

## WordPress EditorMonkey (FCKeditor) Remote File Upload
## Author : kaMtiEz (kamtiez@exploit-id.com)
## Homepage : www.indonesiancoder.com | www.exploit-id.com | www.magelangcyber.web.id
## Date : 14 May, 2011

[ Software Information ]

[+] Vendor : http://rajprasad.wordpress.com/plugins/editormonkey/
[+] Download : http://www.kumovies.com/wp-content/plugins/editormonkey.tar.gz
[+] version : 2.5 or lower maybe also affected
[+] Vulnerability : File Upload
[+] Dork : “CiHuY”
[+] LOCATION : INDONESIA – JOGJA

#############################################################################################################

[ Vulnerable File ]

http://127.0.0.1/[kaMtiEz]/wp-content/plugins/editormonkey/fckeditor/editor/filemanager/upload/test.html

[ Shell ]

http://127.0.0.1/[kaMtiEz]/UserFiles/YourFile.txt

[ DEMO ]

http://ideashaveconsequences.org/wp-content/plugins/editormonkey/fckeditor/editor/filemanager/upload/test.html

[ FIX ]

dunno :”>

#############################################################################################################

[ Thx TO ]

[+] INDONESIANCODER – EXPLOIT-ID – MAGELANGCYBER TEAM – MALANGCYBER CREW – KILL-9
[+] Tukulesto,arianom,el-farhatz,Jundab,Ibl13Z,Ulow,s1do3L,Boebefa,Hmei7,RyanAby,AlbertWired,GonzHack
[+] Lagripe-Dz,KedAns-Dz,By_aGreSiF,t0r3x,Mboys,Contrex,Gh4mb4S,jos_ali_joe,k4l0ng666,n4sss,r3m1ck,El k4mpr3t0
[+] yur4kh4,xr0b0t,kido,trycyber,n4ck0,dan teman2 semuanya yang saya tak bisa sebutkan satu2 :D

[ NOTE ]

[+] For Wantexz .. Get Well Soon My Friends :)
[+] Special Thx to my brotherhood in DejavuNet :D
[+] Jangan Takut , Luka Pasti Akan Sembuh :)

[ QUOTE ]

[+] INDONESIANHAXOR still r0x
[+] nothing secure ..

Is Google’s Chromebook The Death Knell For Antivirus?

Updated and corrected below.

The antivirus industry likely let out a collective groan when Google first made a familiar-sounding boast Wednesday: that the just-launched laptops it’s calling Chromebooks have “security built-in so there is no anti-virus software to buy and maintain.”Similar claims from Apple (that its computers are safe “right out of the box“) or from Oracle (that its machines are “unbreakable“) have only been invitations to the security industry to prove otherwise. But this time is different: Google may have built something so simple that it renders security add-ons–and the industry that sells them–irrelevant.

Chromebooks are built to run nothing but a browser–unless they’re jailbroken, no executable files can be installed, neither antivirus software, nor the malicious software it’s meant to protect against. And if that web-only strategy catches on–still a big if, admittedly–it could spell real trouble for antivirus companies like McAfee, Symantec, Kaspersky and Trend Micro.

Charlie Miller, a researcher for Independent Security Evaluators who has made a career out of disproving Apple’s security claims, has owned a Chromebook since February, when the machines were sent as freebies to winners of the Pwn2Own hacking competition in Vancouver. He hasn’t dug deeply into the device’s security, but he says the Web-only security model works in theory. While a hacker might exploit bugs in the Chrome browser to run code on a user’s machine, that exploit would only allow the attacker to access the user’s data for a single session, and would disappear the moment the browser closed. “The way you stay persistent [as a hacker] is by installing software,” says Miller. “This is designed not to allow any persistence. You turn it off and on and you’re good to go.”

Update and correction :
A critical response post at Tom’s Tech Blog points out a few issues I missed here. Google is releasing a software development kit for native applications, which could potentially introduce security vulnerabilities. And with regard to Charlie Miller’s quote above, even a hijacked browser could potentially steal a user’s credentials, which could allow access to his or her cloud-stored data. (Though the point remains that this isn’t an issue that necessarily can be fixed by antivirus software.) Apologies for these oversights.

The Chromebook’s security model means the antivirus industry is facing a new kind of PC more similar to the iPhone than a netbook, argues Perimeter E-Security chief technology officer Andrew Jaquith: a limited device with security inherent in its restrictions . When Jaquith was still an analyst for Forrester Research last August, he wrote a widely-read post arguing the folly of Intel’s McAfee acquisition. One point in that argument was that McAfee is less relevant than ever before, as the burden for security in post-PC devices like tablets and smartphones shifts to the vendor–Apple, Google or RIM–instead of the security industry.

The Chromebook contributes to that larger post-PC problem for McAfee and its ilk, Jaquith argues. He points to data from Gartner Research that predicts sales of 1.4 billion post-PC devices (a category that he construes as including the Chromebook) by 2015 compared with 540 million traditional PCs. “Very few of these will need AV. That’s terrible news for security vendors because three-quarters of the market for their traditional products is about to go away,” says Jaquith. “That’s what happens when you build security in, instead of relying on the market to bolt it on. It’s great for customers, and terrible for the security aftermarket.”

When I asked McAfee chief executive David DeWalt about the problem that the security faces with regard to restricted devices like smartphones last month, he pointed out that McAfee has an opportunity to help businesses integrate those post-PC devices securely and that McAfee’s mobile software can help consumers track lost phones and back up their data, as well as protect them from malware. He also brought up a string of rogue apps that recently appeared in Google’s Android market as evidence of the need for post-PC security.

But integrating Chromebooks into an organization is easy enough–they don’t store any data locally, so they pose little risk of causing a data breach. Tracking lost phones and performing backups is hardly enough of a task to sustain giant antivirus operations like McAfee and Symantec. And in that Android outbreak that DeWalt referenced, Google flipped its remote kill switch, remotely wiping the offending apps without any security company’s intervention–hardly a demonstration of McAfee’s relevance in mobile.

The Chromebook is locked down even tighter than Android, and reduces antivirus’s foothold from slim to near-zero. The ultra-simple devices may catch on, or not. But either way, they’re a reminder that the PC world is facing an incursion by post-PC devices, and that those devices will be post-antivirus, too.