The United States believes that Chinese authorities orchestrated a hacking campaign into computers of and Western governments, according to leaked documents cited by The New York Times.
The secret cables released by whistleblower site Leaks included one in which the US embassy in Beijing cited "a Chinese contact" who pointed to a government role in the hacking, the newspaper said.
"The hacking was part of a coordinated campaign of computer sabotage carried out by government operatives, private security experts and internet outlaws recruited by the Chinese government," the newspaper said, citing the cable.
Chinese operatives are also believed to have broken into computers of US and Western allies along with those of Tibet's exiled spiritual leader, the Dalai Lama, it said.
announced in March that it would no longer follow the communist government's instructions to filter searches for sensitive material after what it said were coordinated cyberattacks against the internet company.
The hacking included infiltration of the Gmail accounts of Chinese dissidents.
Hacking campaigns originating from China have been reported before, including in a recent study by the US-China Economic and Security Review Commission.

Read more: ABC News

Links to this post

Tags: Hack, Web

Introduction
Windows Server 2008 R2 is an incremental upgrade that builds on the Windows Server 2008 foundation. By simultaneously releasing Windows Server 2008 R2 and Windows 7, Microsoft was able to build significant synergy between the two products. This article focuses on some of the technologies made possible by that synergy, including DirectAccess, BranchCache™, Network Access Protection (NAP), and AppLocker™. The article shows how the Information Security and Risk Management (InfoSec) team in Microsoft IT use these technologies and Extended Protection for Integrated Windows Authentication (IWA) to fulfill their mission of enabling secure and reliable business for Microsoft and its customers.

DirectAccess

DirectAccess is a new feature in Windows Server 2008 R2 and Windows 7 that provides increased productivity for the mobile work force by offering the same connectivity experience inside and outside the office. With DirectAccess, trusted users on healthy devices on the Internet can securely access corporate resources such as e-mail servers, shared folders, or intranet Web sites without connecting through a Virtual Private Network (VPN). DirectAccess is on whenever the user has an Internet connection, giving users seamless access to intranet resources whether they are traveling, at the local coffee shop, or at home.
DirectAccess combines multiple Windows technologies to enable IP-layer connectivity between Windows computers and any other devices inside the corporate network. It is secured with Internet Protocol Security (IPsec) and strong host protections, including the Trusted Platform Module (TPM) and NAP. IPsec is used to enforce several security requirements that were traditionally implemented by VPNs, including encryption and user authentication.

Situation

Multiple remote access methods at Microsoft led to end user confusion about which technology to use at which time. And with the previous VPN solution, users had to wait through a long quarantine period while the system checked to see if the user's computer had the latest software patches, anti-virus signatures, and so on. Having multiple remote access technologies also led to increased overall overhead at Microsoft IT.

Deployment
Microsoft IT first offered DirectAccess as a pilot to a subset of employees. Microsoft IT is currently deploying DirectAccess globally in a phased manner to all employees.

Read more: Technet

Links to this post

Tags: OS General

Want to build a successful web app? Then it's time to Get Real. Getting Real is a smaller, faster, better way to build software.
Getting Real is about skipping all the stuff that represents real (charts, graphs, boxes, arrows, schematics, wireframes, etc.) and actually building the real thing.
Getting real is less. Less mass, less software, less features, less paperwork, less of everything that's not essential (and most of what you think is essential actually isn't).
Getting Real is staying small and being agile.
Getting Real starts with the interface, the real screens that people are going to use. It begins with what the customer actually experiences and builds backwards from there. This lets you get the interface right before you get the software wrong.
Getting Real is about iterations and lowering the cost of change. Getting Real is all about launching, tweaking, and constantly improving which makes it a perfect approach for web-based software.
Getting Real delivers just what customers need and eliminates anything they don't.
The benefits of Getting Real
Getting Real delivers better results because it forces you to deal with the actual problems you're trying to solve instead of your ideas about those problems. It forces you to deal with reality.

Read more:  Getting Real

Links to this post

Tags: Web-programming

I took a little break today and dropped-in on the REBOL3 AltME world to find an interesting question being asked by Cyphre and a few other users: The word CALLBACK appears in the REBOL binary, but what does it do? Here is some little known information about this feature.
Callbacks in DLL Functions (Routines)
When using the External Library Interface (DLLs), you can pass a REBOL function to be called back from within a DLL function. REBOL will deal with the argument conversions in both directions, but you still have to write it with great care, because interfacing in this way to DLL code is tricky business.
Example of a Callback
Here is an example written by Cyphre that helps show the way a callback function works. In REBOL you would write a routine (a DLL interface function) such as:

test: make routine! [
   a [int]
   b [int]
   c [callback [int int return: [int]]]
   return: [int]
] test-lib "test"

Here the c argument is a callback function interface specification that takes two integers and returns an integer result. Note that the argument names are not provided, only their datatypes.
Then, in the test.dll code you might write the something like:

extern "C"
MYDLL_API int test(int a, int b, int (*pFunc)(int, int))
{}

And finally, try it out, you would write the actual callback function such as:
add-it: func [a b][return a + b]

Read more: Rebol

Links to this post

Tags: C++, Programming