darthcamaro writes "Running IE and been hacked? Don't blame Microsoft mdash; at least that's what their security types are now arguing. 'One of the things we've seen in the last two years is that attackers aren't even go after the browser itself anymore,' Eric Lawrence, Security Program Manager on Microsoft's Internet Explorer team, said. 'The browser is becoming a harder target and there are many more browsers. So attackers are targeting add-ons.' This kinda makes sense since whether you're running IE, Firefox, Safari or Chrome you could still be at risk if there is a vulnerability in Flash, PDF, QuickTime or another popular add-on. Or does it?"pa href="http://tech.slashdot.org/article.pl?sid=08/11/21/2036222amp;from=rss"img src="http://slashdot.org/slashdot-it.pl?from=rssamp;op=imageamp;style=h0amp;sid=08/11/21/2036222"/a/ppa href="http://tech.slashdot.org/article.pl?sid=08/11/21/2036222amp;from=rss"Read more of this story/a at Slashdot./p pa href="http://feedads.googleadservices.com/~at/7I1M6Gpfj3aiBJQpsVoTpwHLemw/a"img src="http://feedads.googleadservices.com/~at/7I1M6Gpfj3aiBJQpsVoTpwHLemw/i" border="0" ismap="true"/img/a/pimg src="http://feedproxy.google.com/~r/Slashdot/slashdot/~4/rl8vq54BZAE" height="1" width="1"/

pimg src="http://www.readwriteweb.com/images/google_chrome.jpg"How did Internet Explorer become the number one browser in the world? Simple - it came with every new computer you purchased, pre-installed and ready to go. Now it seems Google is contemplating doing the same with their browser, a href="http://www.google.com/chrome"Google Chrome/a. According to Google VP, Product Management, Sundar Pichai, the browser's beta period will end in January and then they "will probably do distribution deals," he says. /p p align="right"emSponsor/embr /a href='http://d.openx.org/ck.php?n=12672amp;cb=12672' target='_blank'img src='http://d.openx.org/avw.php?zoneid=861amp;cb=12672amp;n=12672' border='0' alt='' align="right" //a/p pIn an article that ran in yesterday's a href="http://technology.timesonline.co.uk/tol/news/tech_and_web/article5201289.ece"The Times/a, Pichai revealed details on what he called Google's plans to make Chrome the browser of choice for the everyday user. A big part of that plan includes distribution deals with computer manufacturers. /p pstrong"We could work with an OEM (Original Equipment Manufacturer) and have them ship computers with Chrome pre-installed,"/strong he was quoted as saying. Thanks to the anti-trust rulings that came out of the IE / Netscape battle back in the 1990's, there's nothing to prevent Google from doing deals of their own with computer makers, if they desire./p pOnce Google has a glitch-free version of Chrome sometime early next year, "we will throw our weight behind it," said Pinchai. "We've been conservative because its still in beta, but once we get it out of beta we will work hard at getting the word out, promoting to users, and marketing will be a part of that." em(a href="http://www.readwriteweb.com/archives/how_much_traffic_can_a_link_on.php"A link on Google's homepage might help/a with those marketing efforts, but not as much as we previously thought)./em/p pPichai also noted thatstrong versions of a href="http://www.google.com/chrome"Chrome/a for Linux and Mac computers will become available in the first half of next year/strong which would allow the browser to work on almost 99% of computers worldwide. /p h2Is It Ready?/h2 pJust because Google whips off the "beta" label (perhaps making Chrome one of the first products to leave beta with such speed) that doesn't necessarily mean the browser is ready for prime time./p pShortly after it's launch, a a href="http://www.readwriteweb.com/archives/security_flaw_in_google_chrome.php"serious security flaw/a was discovered in the browser. The exploit took advantage of an underlying vulnerability in WebKit that had already been a href="http://www.theregister.co.uk/2008/05/15/apple_safari_carpet_bombing_vuln/"known about/a for more than two months. Apple had patched their Safari browser against this flaw back in July, but Google Chrome launched in September with the flaw still in place. Google's overlooking of this risk is concerning. /p pAlso, for some Windows users, it wasn't until the most recent update the scroll-up functionality on their laptop's trackpad even workedem (this author was affected and was pinged by several Twitter friends that were, too)/em. And even now Chrome is misbehaving on a pre-beta build of Windows 7. Googling from the address bar no longer works since the upgrade on my test machine. /p pBefore the product goes gold, we at ReadWriteWeb would like to see the browser add support for RSS feeds, a surprising omission in the feature set. As fans ofa href="http://reader.google.com" Google Reader/a, we had hoped to see deeper integration with other Google products in Chrome, but that doesn't appear to be the case. Subscribing via the browser doesn't even work, let alone allow us to subscribe via Google's own RSS Reader. /p pStill, these problems may only be a patch or two away from being repaired. Hopefully, Google wouldn't release their browser before it's ready, especially if they plan on promoting it so heavily among mainstream computer users, many of whom have already switched over to Firefox and a href="http://www.readwriteweb.com/archives/firefox_reaches_20_market_shar.php"seem to be happy with their selection/a. For these individuals, a href="http://www.readwriteweb.com/archives/mozilla_one_billion_addon_down.php"Firefox addons/a are now also a major part of the browsing experience - will people willingly give those up and move to Chrome? We suppose we'll just have to wait and see. /p stronga href="http://www.readwriteweb.com/archives/google_chrome_may_be_pre-installed_on_new_pcs.php#comments-open"Discuss/a/strong pa href="http://feedads.googleadservices.com/~at/gQTQSuNqbCz-IwXqdrUT1UUJY8o/a"img src="http://feedads.googleadservices.com/~at/gQTQSuNqbCz-IwXqdrUT1UUJY8o/i" border="0" ismap="true"/img/a/pdiv class="feedflare" a href="http://feedproxy.google.com/~f/readwriteweb?a=vf3gq7yJ"img src="http://feedproxy.google.com/~f/readwriteweb?d=1035" border="0"/img/a a href="http://feedproxy.google.com/~f/readwriteweb?a=hX0wS5vt"img src="http://feedproxy.google.com/~f/readwriteweb?d=41" border="0"/img/a a href="http://feedproxy.google.com/~f/readwriteweb?a=xyZVbJ4e"img src="http://feedproxy.google.com/~f/readwriteweb?i=xyZVbJ4e" border="0"/img/a a href="http://feedproxy.google.com/~f/readwriteweb?a=fYSvWHHX"img src="http://feedproxy.google.com/~f/readwriteweb?i=fYSvWHHX" border="0"/img/a a href="http://feedproxy.google.com/~f/readwriteweb?a=1b6lD3SJ"img src="http://feedproxy.google.com/~f/readwriteweb?i=1b6lD3SJ" border="0"/img/a a href="http://feedproxy.google.com/~f/readwriteweb?a=TYQxCoGF"img src="http://feedproxy.google.com/~f/readwriteweb?d=52" border="0"/img/a a href="http://feedproxy.google.com/~f/readwriteweb?a=kMcMksz7"img src="http://feedproxy.google.com/~f/readwriteweb?d=1034" border="0"/img/a /divimg src="http://feedproxy.google.com/~r/readwriteweb/~4/bwdRzkYsph8" height="1" width="1"/

Publication Date: 2008 Nov 19 PMID: 19020027br/Authors: Koenigs, M. - Huey, E. D. - Calamia, M. - Raymont, V. - Tranel, D. - Grafman, J.br/Journal: J Neuroscibr/br/The neuroanatomical correlates of depression remain unclear. Functional imaging data have associated depression with abnormal patterns of activity in prefrontal cortex (PFC), including the ventromedial (vmPFC) and dorsolateral (dlPFC) sectors. If vmPFC and dlPFC are critical neural substrates for the pathogenesis of depression, then damage to either area should affect the expression of depressive symptoms. Using patients with brain lesions we show that, relative to nonfrontal lesions, bilateral vmPFC lesions are associated with markedly low levels of depression, whereas bilateral dorsal PFC lesions (involving dorsomedial and dorsolateral areas in both hemispheres) are associated with substantially higher levels of depression. These findings demonstrate that vmPFC and dorsal PFC are critically and causally involved in depression, although with very different roles: vmPFC damage confers resistance to depression, whereas dorsal PFC damage confers vulnerability.br/br/post to: a href = http://www.citeulike.org/posturl?url=http%3A%2F%2Fwww.ncbi.nlm.nih.gov%2Fentrez%2Fquery.fcgi%3Fcmd%3DRetrieve%26db%3DPubMed%26dopt%3DAbstract%26list_uids%3D19020027title=Entrez+PubmedCiteULike/a

pscript type="text/javascript"newVideoPlayer("/iphonebugfsit_gizmodo.flv", 320, 260,"");/scriptimg src="http://cache.gawker.com/assets/stills/iphonebugfsit_gizmodo.flv.jpg" style="display: none;" /According to a Fraunhofer Institute for Secure Information press release, the a href="http://gizmodo.com/5075154/the-iphone-os-22-rumor-round-up"eagerly expected iPhone 2.2 operating system update/a will arrive tomorrow, November 21. The release is expected to bring new features, but the Institute's note highlights a major security problem that can make your iPhone to place a call when visiting a malicious web site. This date is a href="http://gizmodo.com/5083116/iphone-22-release-just-10-days-away"in line with the previous rumors/a. bUpdate: here's the video of the security exploit that the iPhone 2.2 release will fix, according to the Fraunhoferians./b/p blockquotepThe Fraunhofer Institute SIT alerted the producers of the iPhone about this issue a month ago. To close this hole, new firmware will be released on November 21./p/blockquote pAccording to Collin Mulliner, the exploit only requires three lines of HTML code, which anyone with basic knowledge of this language can add to any web page./p blockquotepThe scenario: The iPhone user receives an e-mail or SMS with an Internet link. Clicking on the link will open a web site. But suddenly, the iPhone will start calling a phone number without any user intervention. The worse thing is that you can't stop the call, as the cellphone will be gray while the number is dialed. (...) Even amateurs could easily develop a criminal exploit./p/blockquote pThe Fraunhofer Institute says that a similar vulnerability was discovered last month and patched, "but obviously was not enough." [a href="http://translate.google.com/translate?u=http%3A%2F%2Fwww.sit.fraunhofer.de%2Fpressedownloads%2Fpressemitteilungen%2FiPhoneHack.jsphl=enie=UTF-8sl=detl=en"Fraunhofer SIT/a via a href="http://www.appleinsider.com/articles/08/11/20/iphone_security_posting_suggests_2_2_firmware_tomorrow.html"Apple Insider/a]/p br style="clear: both;"/ a href="http://www.pheedo.com/feeds/ht.php?t=camp;i=1e58aae5be7ab5ff42bbabec5492b326amp;p=1"img style="border:0;" src="http://www.pheedo.com/feeds/ht.php?t=vamp;i=1e58aae5be7ab5ff42bbabec5492b326amp;p=1" border="0" //adiv class="feedflare" a href="http://feeds.gawker.com/~f/gizmodo/full?a=p2EpPhQk"img src="http://feedproxy.google.com/~f/gizmodo/full?d=120" border="0"/img/a a href="http://feeds.gawker.com/~f/gizmodo/full?a=ffmk2GEs"img src="http://feedproxy.google.com/~f/gizmodo/full?d=41" border="0"/img/a a href="http://feeds.gawker.com/~f/gizmodo/full?a=0T9WcGtA"img src="http://feedproxy.google.com/~f/gizmodo/full?i=0T9WcGtA" border="0"/img/a a href="http://feeds.gawker.com/~f/gizmodo/full?a=LwHu9HBb"img src="http://feedproxy.google.com/~f/gizmodo/full?i=LwHu9HBb" border="0"/img/a /divimg src="http://feedproxy.google.com/~r/gizmodo/full/~4/shqmrzBjjl0" height="1" width="1"/

pscript type="text/javascript"newVideoPlayer("/iphonebugfsit_gizmodo.flv", 320, 260,"");/scriptimg src="http://cache.gawker.com/assets/stills/iphonebugfsit_gizmodo.flv.jpg" style="display: none;" /According to a Fraunhofer Institute for Secure Information press release, the a href="http://gizmodo.com/5075154/the-iphone-os-22-rumor-round-up"eagerly expected iPhone 2.2 operating system update/a will arrive tomorrow, November 21. The release is expected to bring new features, but the Institute's note highlights a major security problem that can make your iPhone to place a call when visiting a malicious web site. This date is a href="http://gizmodo.com/5083116/iphone-22-release-just-10-days-away"in line with the previous rumors/a. bUpdate: here's the video of the security exploit that the iPhone 2.2 release will fix, according to the Fraunhoferians./b/p blockquotepThe Fraunhofer Institute SIT alerted the producers of the iPhone about this issue a month ago. To close this hole, new firmware will be released on November 21./p/blockquote pAccording to Collin Mulliner, the exploit only requires three lines of HTML code, which anyone with basic knowledge of this language can add to any web page./p blockquotepThe scenario: The iPhone user receives an e-mail or SMS with an Internet link. Clicking on the link will open a web site. But suddenly, the iPhone will start calling a phone number without any user intervention. The worse thing is that you can't stop the call, as the cellphone will be gray while the number is dialed. (...) Even amateurs could easily develop a criminal exploit./p/blockquote pThe Fraunhofer Institute says that a similar vulnerability was discovered last month and patched, "but obviously was not enough." [a href="http://translate.google.com/translate?u=http%3A%2F%2Fwww.sit.fraunhofer.de%2Fpressedownloads%2Fpressemitteilungen%2FiPhoneHack.jsphl=enie=UTF-8sl=detl=en"Fraunhofer SIT/a via a href="http://www.appleinsider.com/articles/08/11/20/iphone_security_posting_suggests_2_2_firmware_tomorrow.html"Apple Insider/a]/p br style="clear: both;"/ a href="http://www.pheedo.com/click.phdo?s=d0088a1e2338ee4d383558b116b6f2acp=1"img alt="" style="border: 0;" border="0" src="http://www.pheedo.com/img.phdo?s=d0088a1e2338ee4d383558b116b6f2acp=1"//a img src="http://www.pheedo.com/feeds/tracker.php?i=d0088a1e2338ee4d383558b116b6f2ac" style="display: none;" border="0" height="1" width="1" alt=""/div class="feedflare" a href="http://feeds.gawker.com/~f/gizmodo/full?a=WrkC5xHN"img src="http://feedproxy.google.com/~f/gizmodo/full?d=120" border="0"/img/a a href="http://feeds.gawker.com/~f/gizmodo/full?a=8snnm0XV"img src="http://feedproxy.google.com/~f/gizmodo/full?d=41" border="0"/img/a a href="http://feeds.gawker.com/~f/gizmodo/full?a=nYBNPBRt"img src="http://feedproxy.google.com/~f/gizmodo/full?i=nYBNPBRt" border="0"/img/a a href="http://feeds.gawker.com/~f/gizmodo/full?a=Qkp9ND9a"img src="http://feedproxy.google.com/~f/gizmodo/full?i=Qkp9ND9a" border="0"/img/a /divimg src="http://feedproxy.google.com/~r/gizmodo/full/~4/GjnyKq2Ms_Q" height="1" width="1"/

via MacNN:

The Fraunhofer Institute for Secure Information Technology in Germany has allegedly discovered an iPhone vulnerability that allows a maliciously crafted website to force the phone to dial a number, according to Spiegel. The researchers claim that a programmer would only need to know basic programming, with just three lines of code required to exploit the issue. Clicking the link to a malicious sit...


More...

The Fraunhofer Institute for Secure Information Technology in Germany has allegedly discovered an iPhone vulnerability that allows a maliciously crafted website to force the phone to dial a number, according to Spiegel. The researchers claim that a programmer would only need to know basic programming, with just three lines of code required to exploit the issue. Clicking the link to a malicious sit...

divimg alt="" src="http://hits.guardian.co.uk/b/ss/guardiangu-feeds/1/H.15.1/88242?ns=guardianpageName=Business%3A+RBS+bosses+apologise+to+shareholdersch=Businessc3=The+Guardianc4=Royal+Bank+of+Scotland+%28Business%29%2CBanking+sector+%28Business%29%2CBusinessc5=Investments%2CBusiness+Marketsc6=Jill+Treanorc7=2008_11_21c8=1121573c9=articlec10=GUc11=Businessc12=Royal+Bank+of+Scotlandc13=c14=h2=GU%2FBusiness%2FRoyal+Bank+of+Scotland" width="1" height="1" //divpThe bosses of Royal Bank of Scotland yesterday told shareholders for the first time that they were "sorry" for the plight of the Edinburgh-based bank which is likely to be 60%-owned by the government after a pound;20bn bail-out was endorsed by investors./ppAddressing shareholders at a hastily convened meeting in Edinburgh, out-going chairman Sir Tom McKillop took personal responsibility as he said he was "profoundly sorry" for the situation that had forced the bank to accept the government rescue package./ppIn a candid address, McKillop, who will leave at next year's annual meeting, made it clear that the "buck stops with me as chairman". /ppUntil yesterday Sir Fred Goodwin, the chief executive, had refused to utter the word sorry. On his last day in the job which will be taken over today by Stephen Hester, Goodwin responded to a question from a former employee who is also a shareholder by saying that he was "extremely sorry"./pp"Accountability has been allocated and fully accepted," said McKillop./ppShareholders overwhelmingly backed the fund-raising package under which the government will underwrite a pound;15bn share issue at 65p a share and buy pound;5bn of preference shares. The shares closed yesterday at 46p, up 3.7p indicating that the government could end up with a 58% stake in the bank unless the share price rises through 65p which might encourage existing investors to participate in the cash call./ppIn his address to investors, McKillop refused to admit that the acquisition of parts of Dutch bank ABN Amro at the height the credit crunch last year had caused the bank's problems. But he admitted that the deal - the biggest financial services takeover of all time - had "added to our difficulties"./pp"In retrospect that higher exposure to assets, which later became very difficult to trade ... increased the short-term vulnerability of the group to the financial crisis as it intensified this year," McKillop said./ppHe also admitted that the bank had been run on too low a capital base - what he called an "efficient balance sheet" - for too long. "Had we known the severe market dislocation and economic deterioration we would face, we would, of course, have built up larger capital reserves earlier," said McKillop./ppThis was a point picked up by shareholder Alan Jack who said a prudent bank should have build up a "buffer of capital". He accused the bank of adopting a "gung-ho attitude"./ppThe bank had been forced into a record-breaking pound;12bn rights issue in April to shore up its balance sheet, but the deterioration in markets after that forced the government to devise its bank bail-out plan which will now involve a further pound;20bn being raised. The bank's shares have collapsed. Worth pound;60bn at its peak, RBS is now valued at a tenth of that./ppMcKillop was at pains to apologise to employees and customers. "I am sorry about the very real financial and therefore human cost that those who have invested in us now feel and recognise how seriously this has impacted shareholder confidence in RBS," he said. /ppA former chief executive of AstraZeneca, McKillop said: "In over 40 years of my working life I have had many difficult working experiences but none like this./pp"The challenges we must now address as an institution, as a country and indeed as part of the world's financial system, are unprecedented," said McKillop./pdiv style="float: left; margin-right: 10px; margin-bottom: 10px;"ullia href="http://www.guardian.co.uk/business/royalbankofscotlandgroup"Royal Bank of Scotland/a/lilia href="http://www.guardian.co.uk/business/banking"UK banking sector/a/li/ul/divdiv class="guRssAdvert"a href="http://ads.guardian.co.uk/click.ng/richmedia=yessite=Businesscountry=(none)spacedesc=rsssystem=rsstransactionID=1227227727899112100421654622"img src="http://ads.guardian.co.uk/image.ng/richmedia=yessite=Businesscountry=(none)spacedesc=rsssystem=rsstransactionID=1227227727899112100421654622" border="0" //a/diva href="http://www.guardian.co.uk"guardian.co.uk/a copy; Guardian News Media Limited 2008 | Use of this content is subject to our a href="http://users.guardian.co.uk/help/article/0,,933909,00.html"Terms Conditions/a | a href="http://www.guardian.co.uk/webfeeds/1,,1309488,00.html"More Feeds/a

via macrumors.com:

German publication Spiegel.de reports an newly announced iPhone vulnerability that can force a (potentially expensive) phone call to be made simply by visiting a webpage in Safari. The vulnerability was to be announced in ComputerBild on Monday bu...

More...

German publication Spiegel.de reports an newly announced iPhone vulnerability that can force a (potentially expensive) phone call to be made simply by visiting a webpage in Safari. The vulnerability was to be announced in ComputerBild on Monday but was detailed today in a press release from the Fraunhofer Institute for Secure Information Technology (SIT). A video of the exploit is also available.

SIT reports that they notified Apple of the issue a month ago and that a fix will become available on November 21st through a firmware upgrade.

This seems to confirm an earlier report that we would see iPhone Firmware 2.2 released on that date. The iPhone 2.2 firmware contains a number of small new features we have previously detailed.

Article Link: iPhone Vulnerability, Fix Coming on November 21st in Firmware 2.2?