Showing posts with label Processor. Show all posts
Showing posts with label Processor. Show all posts

Thursday, March 24, 2011

Intel launches second generation processor - Intel Insider

Intel today launched a second generation processor called Intel Insider, a feature that will help people download and view movies in High Definition (HD) on their laptops and PCs.

The PCs and Laptops with the Intel Insider processor would be available in the country from next month onwards, Intel's Managing Director, South Asia, R Shivakumar told PTI here.

'The launch of Intel Insider in India is absolutely befitting considering it is the home of one of the largest film industries in the world -- Bollywood. With Intel Insider, people can watch their favourite movies in HD at their homes on the day of release itself,' Shivakumar said.

In a bid to boost its sales, Intel has tied-up with Hungama.com, which will act as a platform for download and streaming of famous Bollywood and international movies, including blockbusters from Yash Raj Films , Paramount Pictures , T-Series and Reliance Home Video .

The introduction of Intel Insider is a significant breakthrough in the entertainment space where consumers can unlock an ever increasing and expanding world of high- definition content on their PCs, he added.

The technology also offers a 'proactive queue' capability that will help consumers pre-download films ahead of the release date, and give them the ability to purchase those films, securely, even if they are not connected to the Internet.

This will allow consumers to start watching their movies immediately on the release date without waiting to download during peak traffic times.

-JMD Computer

Tuesday, February 10, 2009

BASIC INPUT OUTPUT SYSTEM

During the late s and s it became economical to move an increasing number of peripheral functions onto the motherboard see above. In the late s motherboards began to include single ICs called Super IO chips capable of supporting a set of lowspeed peripherals keyboard mouse floppy disk drive serial ports and parallel ports. As of the late s many personal computer motherboards support a full range of audio video storage and networking functions without the need for any expansion cards at all higherend systems for D gaming and computer graphics typically retain only the graphics card as a separate component.Popular personal computers such as the Apple II and IBM PC had published schematic diagrams and other documentation which permitted rapid reverseengineering and thirdparty replacement motherboards. The term mainboard is archaicly applied to devices with a single board and no additional expansions or capability. In modern terms this would include embedded systems and controlling boards in telvisions washing machines etc.


Motherboards contain some nonvolatile memory to initialize the system and load an operating system from some external peripheral device. Microcomputers such as the Apple II and IBM PC used readonly memory chips mounted in sockets on the motherboard. At power up the central processor would load its program counter with the address of the boot ROM and start executing ROM instructions displaying system information on the screen and running memory checks which would in turn start loading memory from an external or peripheral device disk drive if one isnt available then the computer can perform tasks from other memory stores or displays an error message depending on the model and design of the computer and version of the bios.

Article Source:- http://www.motherboas.webs.com/

PERSONAL COMPUTER

While most capacitors are rated for hours of operation at °C their expected design life roughly doubles for every °C below this. At °C a lifetime of years can be expected. This appears reasonable for a computer motherboard however many manufacturers have delivered substandard capacitorscitation needed which significantly reduce life expectancy. Inadequate case cooling and elevated temperatures easily exacerbate this problem. It is possible but tedious and timeconsuming to find and replace failed capacitors on PC motherboards it is less expensive to buy a new motherboard than to pay for such a repair.citation neededMotherboards are produced in a variety of sizes and shapes form factors some of which are specific to individual computer manufacturers. However the motherboards used in IBMcompatible commodity computers have been standardized to fit various case sizes.

Laptop computers generally use highly integrated miniaturized and customized motherboards. This is one of the reasons that laptop computers are difficult to upgrade and expensive to repair. Often the failure of one laptop component requires the replacement of the entire motherboard which is usually more expensive than a desktop motherboard due to the large number of integrated components. Almost all medium to high end Nvidia cards and most high end ATI cards support the technology.Prior to the advent of the microprocessor a computer was usually built in a cardcage case or mainframe with components connected by a backplane consisting of a set of slots themselves connected with wires in very old designs the wires were discrete connections between card connector pins but printedcircuit boards soon became the standard practice. The central processing unit memory and peripherals were housed on individual printed circuit boards which plugged into the backplane.

Article Source:- http://www.motherboas.webs.com/

CENTRAL PROCESSING UNIT

Motherboards are generally air cooled with heat sinks often mounted on larger chips such as the northbridge in modern motherboards. If the motherboard is not cooled properly then this can cause the motherboard to crash. Passive cooling or a single fan mounted on the power supply was sufficient for many desktop computer CPUs until the late s since then most have required CPU fans mounted on their heatsinks due to rising clock speeds and power consumption. Most motherboards have connectors for additional case fans as well. Newer motherboards have integrated temperature sensors to detect motherboard and CPU temperatures and controllable fan connectors which the BIOS or operating system can use to regulate fan speed. Some higherpowered computers which typically have highperformance processors and large amounts of RAM as well as highperformance video cards use a watercooling system instead of many fans.

Some small form factor computers and home theater PCs designed for quiet and energyefficient operation boast fanless designs. This typically requires the use of a lowpower CPU as well as careful layout of the motherboard and other components to allow for heat sink placement.A study found that some spurious computer crashes and general reliability issues ranging from screen image distortions to IO readwrite errors can be attributed not to software or peripheral hardware but to aging capacitors on PC motherboards. Ultimately this was shown to be the result of a faulty electrolyte formulation. For more information on premature capacitor failure on PC motherboards see capacitor plague.Motherboards use electrolytic capacitors to filter the DC power distributed around the board. These capacitors age at a temperaturedependent rate as their water based electrolytes slowly evaporate. This can lead to loss of capacitance and subsequent motherboard malfunctions due to voltage instabilities.

While most capacitors are rated for hours of operation at °C their expected design life roughly doubles for every °C below this. At °C a lifetime of years can be expected. This appears reasonable for a computer motherboard however many manufacturers have delivered substandard capacitorscitation needed which significantly reduce life expectancy. Inadequate case cooling and elevated temperatures easily exacerbate this problem. It is possible but tedious and timeconsuming to find and replace failed capacitors on PC motherboards it is less expensive to buy a new motherboard than to pay for such a repair.citation neededMotherboards are produced in a variety of sizes and shapes form factors some of which are specific to individual computer manufacturers. However the motherboards used in IBMcompatible commodity computers have been standardized to fit various case sizes.

Laptop computers generally use highly integrated miniaturized and customized motherboards. This is one of the reasons that laptop computers are difficult to upgrade and expensive to repair. Often the failure of one laptop component requires the replacement of the entire motherboard which is usually more expensive than a desktop motherboard due to the large number of integrated components. Almost all medium to high end Nvidia cards and most high end ATI cards support the technology.Prior to the advent of the microprocessor a computer was usually built in a cardcage case or mainframe with components connected by a backplane consisting of a set of slots themselves connected with wires in very old designs the wires were discrete connections between card connector pins but printedcircuit boards soon became the standard practice. The central processing unit memory and peripherals were housed on individual printed circuit boards which plugged into the backplane.

Article Source:- http://www.motherboas.webs.com/

Motherboard

A motherboard is the central printed circuit board PCB in some complex electronic systems such as modern personal computers. The motherboard is sometimes alternatively known as the mainboard system board or on Apple computers the logic board. It is also sometimes casually shortened to moboMost computer motherboards produced today are designed for IBMcompatible computers which currently account for around of global PC salescitation needed. A motherboard like a backplane provides the electrical connections by which the other components of the system communicate but unlike a backplane it also hosts the central processing unit and other subsystems and devicesMotherboards are also used in many other electronics devices.A typical desktop computer has its microprocessor main memory and other essential components on the motherboard.

Other components such as external storage controllers for video display and sound and peripheral devices may be attached to the motherboard as plugin cards or via cables although in modern computers it is increasingly common to integrate some of these peripherals into the motherboard itself.An important component of a motherboard is the microprocessors supporting chipset which provides the supporting interfaces between the CPU and the various buses and external components. This chipset determines to an extent the features and capabilities of the motherboard.Additionally nearly all motherboards include logic and connectors to support commonlyused input devices such as PS connectors for a mouse and keyboard. Early personal computers such as the Apple II or IBM PC included only this minimal peripheral support on the motherboard.

Article Source:- http://www.motherboas.webs.com/

Sunday, February 1, 2009

Using a Mobile Phone As a Modem For Accessing the Internet

What features and functionality should you understand in order to fully take advantage of accessing the internet via a mobile phone? Although this can appear complicated and involved ... a little information goes a long way to "keep it simple".
For the sake of discussion .... let's say you have a mobile handset with the following specifications:
Networks...
2G Network-GSM 900/1800/1900
3G Network-UMTS 2100
Data...
GPRS- Clause 10(4+1/3+2 slots),32-48 Kbps
3G-384 Kbps
You have configured the software application given with the phone on your laptop .... and once you connect the phone to the laptop using the USB connection you can access Internet. The settings used in the software application includes "call type=GPRS". The connection speed (downlink) is around 375 Kbps when checked through a freely available tool on the Internet .... and the phone's modem speed is shown as 460.8 Kbps all the time( on the network connection). Since your speed is less than 384 Kbps (3G speed is given as the phone's spec), you're likely using 3G. Since GPRS is also supported, when the 3G coverage is not available, you're probably able switch to GSM/GPRS.
Your service provider says they support EDGE,GPRS,3G and HSDPA/HSUPA.
Here's some questions you may ask .....
* What are the theoretical maximum speeds of EDGE,GPRS, 3G?
* What is actually meant by 3G here?
* What is the underlaying technology used by my phone?
* Which method is better to connect the phone to the laptop; Bluetooth or USB?
* Your phone spec says Bluetooth v1.2 and USB2.0 and you've heard that USB2.0 (480Mbps) is faster than Blootooth v1.2 (1 Mbps). Is this correct? Will it make any difference, since your connection from phone to the Internet is 375 Kbps?
Here's some feedback to help you work through such a scenario .... and the associated questions above:
For sure, the speed with USB 2.0 should be much better than that through Bluetooth (of any class).
3G is a network technology that should offer some extended data services in addition to the regular GSM features. However, I would recommend that you check with your service providers since they should have the exact specifications that you asked for.
Theoretical speeds for EDGE are up to 10 times those of GPRS. But again, since these depend on network configuration you need to check with the service provider.
Since your speed is less than 1 mb/s, frankly, it doesn't matter if you use bluetooth or USB - the speeds cited are correct. I would use what is most convenient for you.
In any case, the edge/hsdpa connection speeds are still slower than either Bluetooth or USB, so they will not bottleneck your speed. So as long as your battery isn't about to run out, you can connect however you choose to.
3G HSUPA is Third Generation High-Speed Uplink Packet Access - a 3G mobile telephony protocol, which offers increased data transfer speeds and capacity of up to 3.6 Mbps on the downlink and up to 1 Mbps on the uplink, under ideal conditions.
3G HSDPA 3.6 is a 3G High-Speed Downlink Packet Access mobile telephony protocol, which offers increased data transfer speeds and capacity of up to 3.6 Mbps on the downlink and up to 348Kbps on the uplink, under ideal conditions.
3G - Third Generation High-Speed Downlink Packet Access - offers increased data transfer speeds and ables customers to access the Internet and email from their cellphones.capacity of up to 1.8 Mbps on the downlink and up to 348Kbps on the uplink
EDGE (Enhanced Data rates for GSM Evolution) or EGPRS provides data transfer rates significantly faster than GPRS or HSCSD. EDGE increases the speed of each timeslot to 48 kbps and allows the use of up to 8 timeslots, giving a maximum data transfer rate of 384 kbps.
HSCSD (High Speed Circuit Switched Data) enables data to be transferred more rapidly than the standard GSM (Circuit Switched Data) system by using multiple channels. The maximum number of timeslots that can be used is four, giving a maximum data transfer rate of 57.6 kbps (or 38.4 kbps on a GSM 900 network). HSCSD is more expensive to use than GPRS, because all four slots are used simultaneously - it does not transmit data in packets. Because of this, HSCSD is not as popular as GPRS and is being replaced by EDGE.
GPRS - General Packet Radio Service is a mobile data service available to customers with GSM cellphones. With a GPRS connection, the phone is "always on" and can transfer data immediately, and at higher speeds: typically 32 - 48 kbps. An additional benefit is that data can be transferred at the same time as making a voice call.
I would recommend using USB as it is faster then Bluetooth. You will not have a bottleneck created by the bluetooth link.
Regarding the underlying technology ...
When you phone is connected to a 3G network it will be using W-CDMA (Wideband Code Division Multiple Access) W-CDMA is the higher speed transmission protocol as used in the UMTS system, it is a third generation follow-on to the 2G GSM networks deployed worldwide.
When you phone is on 2G GSM it is using a form of TDMA (time division multiple access).
Again .... the main message is this: Wherever possible, simplify and make it convenient for you!
Michael is the owner of FreedomFire Communications....including DS3-Bandwidth.com. Michael also authors Broadband Nation where you're always welcome to drop in and catch up on the latest BroadBand news, tips, insights, and ramblings for the masses.
Article Source: http://EzineArticles.com/?expert=Michael_Lemm

Monday, January 26, 2009

3 + 1 things to check before buying a second hand PC

If you’re planning to buy a new Second hand PC for you or for someone you know. Be careful many dismay buyers with their words which aren’t true. here are a few must check before buying the Second hand PC to ensure that you don’t buy an outdated PC and also to make sure that they are in good condition for long.
1. First and foremost check whether the computer is in working condition.
2.Ask the dealer or the one from whom you are buying, for proper purchase details and a valid bill to ensure that you are not going to buy a smuggled or a stolen PC.
3. Make sure you collect all the essential Drivers and Operating System CD or DVD for later use. You might need them to Re-install if a problem arises.
4.Check Whether the PC you’re buying can cope with the latest software available today and also check whether the peripherals are available in the market and they are compatible with your PC.

Please do not buy a second hand product online, as it may not be accurate as they proclaim it to be. Try buying from a local dealer or the person you know. Hope you enjoyed this post. Thanks for spending your valuable time here. If you have something to say, please do comment below.
Article Source:- http://www.pixobyte.com/how-totutorials/3-1-things-to-check-before-buying-a-second-hand-pc/

Sunday, January 25, 2009

Double-clicking any drive opens search option

Solution 1:
That's a virus named as ravmon.exe and autorun.inf
Scan first with a good antivirus [Nod32 Recommanded]
then try this trick.

First show the hidden files and folders options then try this method

1. Go to Start-->run and type cmd then click ok

2. If u want to remove the infected file from c drive then type C: in command prompt and press enter

3. Type autorun.inf and press enter
autorun.inf file is opened

4. Now type "attrib autorun.inf -s -h -r" and press enter

5. Now delete the file by typing
"del autorun.inf" and press enter

6.Now type autorun.inf and press enter now, u will find no infected autorun.inf file.

7. same way do for all other drives then restart ur pc

Article Source:- http://www.tricksystem.com/

Task Manager Disabled

If you are working on Windows XP pro, following steps will help u to enable Task Manager

SOLUTION 1:
Click Start --> Run
Enter gpedit.msc in the Open box and click OK
In the Group Policy settings window, select User Configuration
Select Administrative Templates
Select System
Select Ctrl+Alt+Delete options
Select Remove Task Manager
Double-click the Remove Task Manager option
Disable that option

SOLUTION 2:
Click on Start >> Run and in the Open box type:

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f

Click OK.

Article Source:- http://www.tricksystem.com/

Sunday, January 18, 2009

Eliminate PBX headaches with 3CX IP Phone System!

Evolve your communications with 3CX Phone System for Windows - an IP Phone System that completely replaces your proprietary PBX, supports standard SIP soft/hard phones, VOIP services and traditional PSTN phone lines. 3CX Phone System is far less expensive than a traditional PBX and can reduce call costs substantially by using a VOIP service provider. Its web-based administration makes phone system management easy. 3CX Phone System eliminates the phone wiring network and allows users to hot desk simply by taking their phone.

Key Features:

  • Complete phone system - Provides call switching, routing & queueing
  • Purchase cost dramatically lower than a traditional hardware PBX
  • Scaleable - Unlimited extensions and phone lines. No proprietary expansion modules needed!
  • Web based configuration & status indication - Easy phone system management!
  • Unified messaging - Receive voice mail via e-mail
  • Auto attendant (e.g. 1 for sales, 2 for support, etc.)
  • Reduce long distance and inter office call costs
  • No more expensive proprietary system phones - Use standard SIP phones
  • Eliminate the phone wiring and make moving offices easier
  • Out of the box configuration for many VOIP providers
Article Source: http://www.3cx.com/phone-system/

Thursday, January 15, 2009

Mobile Phone Tips

  1. Mobile phones are susceptible to liquid logging and there are chances that water / oil / milk / tea / cold drink / curry / shaving foam may get in and damage it. Please ensure you keep your phone away from all such things. The phone can not be repaired if it's undergone moisture damage. The manufacturer does not give any warranty for such cases.
  2. The Liquid Crystal Display (LCD) may get damaged in case pressure is applied on the surface. While keeping the phone in the pocket or while seated, always check that it is not in contact with any sharp/hard object. It's advisable to use pouches or mobile phone covers to avoid LCD damage.
  3. Modern mobile phones are designed to squeeze in loads of features in a compact size. The Printed Circuit Boards (PCBs) are multi-layered and are mounted with surface-mounted devices. The contact of such Integrated Circuits and components on PCB are in microns (µm) (10^ - 6 meters) and a small impact / shock / jerk may displace the components or break the tracks. The manufacturer does not give any warranty for such cases. Mobile phone pouches or covers are of great help in avoiding such damages.
  4. The plastic cosmetic parts lose their glare/color due to heavy exposure to sun light. To avoid direct sun exposure, one must use mobile pouches or covers.
  5. Every mobile handset has an IMEI number (International Mobile Equipment Identity), which is a unique number and one can access this number by pressing *#06#. The mobile warranty is attached to the IMEI number, and it's also useful in the event of theft.
  6. The Emergency Number worldwide for Mobile is 112. If you are out of coverage area, dial 112 and the mobile will search any existing network. This number 112 can be dialed even while the keypad is locked.
  7. If you lock your keys in the car and the spare keys are at home, call someone on your cell phone. Hold your cell phone about a foot from your car door and have the other person at your home press the unlock button, holding it near the phone on their end. Your car will unlock.
  8. Mobile phones should not be frequently charged, it may reduce the battery life. Always track the battery charge indicator, and carry mobile charger in purse/bag/car to avoid the contingency of battery discharge.
  9. Electronic items have deteriorative effect if contaminated with dust. The use of the pouches or mobile phone covers shall be useful to keep your mobile phone free from dust.
  10. Nokia handset comes with a reserve battery. To activate, press the keys *3370#. The cell will restart with this reserve and will show a 50% increase in battery. This reserve will get charged when you charge the cell next time.
  11. There are many authorized sources that provide entertainment software etc.
  12. It's always advisable to install antivirus software on your mobile phone.
  13. Make the best use of the user manual.
  14. When your phone is out of network coverage, switch off the handset or else the battery may get drained.
  15. Finger nails or sharp objects may damage the keypad. Use fingers while pressing the keys.
  16. Bluetooth should be turned on only when it is required. Keeping Bluetooth on unnecessarily makes your phone open to malicious viruses.
  17. To enhance the life of your charger, it should be unwound and disentangled.
  18. While removing the battery, it's advisable to first switch the handset off.
  19. When your mobile phone is not used for a long duration, remove the battery and keep it separately.
  20. Always use accessories recommended by the manufacturer.
Article Source:- http://www.themobilestore.in/mobilestore/faces/jsp/mobilePhoneTips.jsp?catalogueID=3&categoryID=41&parentCategoryID=18

Double screen laptop from Lenovo

After the big screen laptops, Lenovo, the world's fourth-largest,plans to release a laptop with more then one screen. The Lenovo ThinkPad W700ds appears to be the first laptop ever to sport two LCD screens - a 17 inch primary screen and a 10.6-in. secondary screen. The smaller 10.6-inch display slides out from behind the main 17-inch display to provide more work space to its users. This laptop is called by Lenovo mobile workstation, which means is intended for users who need more space and more energy to do their work. Lenovo ThinkPad W700ds is powered by Intel Core 2 Duo, Core 2 Quad or Core 2 Extreme processor and Nvidia Quadro graphics technology. In addition, the module supports Intel Turbo 4GB. The main 17 inches screen has 1920 x 1200 resolution, while the second screen has a resolution of 1280 x 768. Smaller screen can be folded up to 30 degrees. The laptop has a weight of 11 pounds which is just double as the average ThinkPad laptop. Its dimension is 2.2 * 16.1 8 12.2 inch. which is just like a ordinary laptop. The Laptop is equipped with an 8X DVD burner and a pair of 250GB, 5,400-rpm hard drives that are set up to stripe data across the disks. You can get the second screen by touching main screen on its right hand side. The resulting composite screen can show images with resolution of up to 3200 by 1968 pixels. As ThinkPad W700ds is designed specially for the graphics purpose, laptop has an innovative graphics setup that is powered by Nvidia's Quadro FX 3700M video processor with 1GB of dedicated video memory. The processor has the ability to grab another 1.8GB from system memory, giving it a total of 2.8GB of video memory. The keyboard of the laptop is equipped with LED lights that illuminate the keys. Lenovo W700ds also includes three ports for external monitors (VGA, DVI and the newer Display Port) as well as two Express Card slots.


Apart from all the facility, lenovo W700ds is a communications powerhouse with Gigabit Ethernet as well as 802.11 a/b/g/n wireless networking. There's a 1.3-megapixel webcam on top of the display. The ThinkPad W700ds is all about business, making it perfect for everything from editing video to working with high-end computation and visualization programs. The Lenovo Thinkpad W700ds is expected to be available in this year starting at $3,600.


Article Source:- http://tech-flood.blogspot.com/2009/01/double-screen-laptop-from-lenovo.html

Wednesday, January 7, 2009

Your First Step to a Highly Secure Web Site

Web Application Vulnerability Assessment Essentials: Your First Step to a Highly Secure Web Site If an organization isn't taking a systematic and proactive approach to web security, and to running a web application vulnerability assessment in particular, then that organization isn't defended against the most rapidly increasing class of attacks. Web-based attacks can lead to lost revenue, the theft of customers' personally identifiable financial information, and falling out of regulatory compliance with a multitude of government and industry mandates: the Payment Card Industry Data Security Standard (PCI) for merchants, HIPAA for health care organizations, or Sarbanes-Oxley for publicly traded companies. In fact, the research firm Gartner estimates that 75 percent of attacks on web security today are aimed straight at the application layer.


While they're described with such obscure names as Cross-Site Scripting, SQL Injection, or directory transversal, mitigating the risks associated with web application vulnerabilities and the attack methods that exploit them needn't be beyond the reach of any organization. This article, the first in a three-part series, will provide an overview of what you need to know to perform a vulnerability assessment to check for web security risks. It'll show you what you can reasonably expect a web application security scanner to accomplish, and what types of assessments still require expert eyes. The following two articles will show you how to remedy the web security risks a vulnerability assessment will uncover (and there'll be plenty to do), and the final segment will explain how to instill the proper levels of awareness, policies, and technologies required to keep web application security flaws to a minimum - from an application's conception, design, and coding, to its life in production.

Just What Is a Web Application Vulnerability Assessment?

A web application vulnerability assessment is the way you go about identifying the mistakes in application logic, configurations, and software coding that jeopardize the availability (things like poor input validation errors that can make it possible for an attacker to inflict costly system and application crashes, or worse), confidentiality (SQL Injection attacks, among many other types of attacks that make it possible for attackers to gain access to confidential information), and integrity of your data (certain attacks make it possible for attackers to change pricing information, for example).

The only way to be as certain as you can be that you're not at risk for these types of vulnerabilities in web security is to run a vulnerability assessment on your applications and infrastructure. And to do the job as efficiently, accurately, and comprehensively as possible requires the use of a web application vulnerability scanner, plus an expert savvy in application vulnerabilities and how attackers exploit them.

Web application vulnerability scanners are very good at what they do: identifying technical programming mistakes and oversights that create holes in web security. These are coding errors, such as not checking input strings, or failure to properly filter database queries, that let attackers slip on in, access confidential information, and even crash your applications. Vulnerability scanners automate the process of finding these types of web security issues; they can tirelessly crawl through an application performing a vulnerability assessment, throwing countless variables into input fields in a matter of hours, a process that could take a person weeks to do manually.

Unfortunately, technical errors aren't the only problems you need to address. There is another class of web security vulnerabilities, those that lay within the business logic of application and system flow that still require human eyes and experience to identify successfully. Whether called an ethical hacker or a web security consultant, there are times (especially with newly developed and deployed applications and systems) that you need someone who has the expertise to run a vulnerability assessment in much the way a hacker will.

Just as is the case with technical errors, business logic errors can cause serious problems and weaknesses in web security. Business logic errors can make it possible for shoppers to insert multiple coupons in a shopping cart - when this shouldn't be allowed - or for site visitors to actually guess the usernames of other customers (such as directly in the browser address bar) and bypass authentication processes to access others' accounts. With business logic errors, your business may be losing money, or customer information may be stolen, and you'll find it tough to figure out why; these transactions would appear legitimately conducted to you.

Since business logic errors aren't strict syntactical slip-ups, they often require some creative thought to spot. That's why scanners aren't highly effective at finding such problems, so these problems need to be identified by a knowledgeable expert performing a vulnerability assessment. This can be an in-house web security specialist (someone fully detached from the development process), but an outside consultant would be preferable. You'll want a professional who has been doing this for awhile. And every company can benefit from a third-party audit of its web security. Fresh eyes will find problems your internal team may have overlooked, and since they'll have helped hundreds of other companies, they'll be able to run a vulnerability assessment and quickly identify problems that need to be addressed.

Conducting Your Vulnerability Assessment: The First Steps

There are a number of reasons your organization may need to conduct a vulnerability assessment. It could be simply to conduct a checkup regarding your overall web security risk posture. But if your organization has more than a handful of applications and a number of servers, a vulnerability assessment of such a large scope could be overwhelming. The first thing you need to decide is what applications need to be assessed, and why. It could be part of your PCI DSS requirements, or to meet HIPAA requirements. Or the scope could be the web security of a single, ready-to-be-deployed application.

Once you've figured out the scope, you need to prioritize the applications that need to be assessed. If you're accessing a single, new application, that decision is easy. But if you're on the precipice of accessing every web application in your architecture, you have some decisions to make. Whether you're looking at the web security of applications you own, or only those that take part in online sales transactions, you need to inventory and prioritize the applications to be assessed.

Depending on the scope and purpose of your vulnerability assessment, it makes sense to start looking at the web security of your crucial applications first - for instance, those that conduct the most transactions or dollar volume - and work down from there. Or it could be starting with all applications that touch those that process and store sales transactions.

No matter your scope, or the purpose of your vulnerability assessment, other aspects of your architecture always need to be considered when listing and prioritizing your applications. For instance, any externally facing applications - even those that don't contain sensitive information - need to be given high priority. The same is true for externally hosted applications, whether they are Internet-facing or directly connected to back-end systems. Any applications that are accessible by the Internet, or hosted by others, should be subject to a vulnerability assessment. You can't assume that an application is secure just because it is hosted by a third-party, just as you can't assume that just there is no risk just because a web application, form, or entire site doesn't handle sensitive information. In both cases, any web security vulnerabilities could very likely lead an attacker directly to your most critical network segments and applications.

The Vulnerability Assessment

Now you're ready for the vulnerability assessment. Believe it or not, much of the hard work is already done: deciding the scope, and then classifying and prioritizing your applications. Now, assuming you've already acquired a web security scanner and have identified who will conduct the manual scan for business logic errors, you're ready to take a whack at your application.

The resulting report, based on the security health of the application, will provide you a list of high, medium, and low priority vulnerabilities. At this point, you'll need someone to vet the automated vulnerability assessment results to find any false positives, or vulnerabilities identified by the scanner, but don't actually exist. If it seems overwhelming, don't fret; we'll delve into how to prioritize and remedy these web security vulnerabilities in the next installment. About the same time as your automated vulnerability assessment, the manual assessment will be underway. During the manual assessment, the expert will look for logic errors in the application: Is it possible for users to conduct transactions in ways the developers hadn't anticipated? Such as the ability of someone to tamper with application values that are being passed from the client to the server to alter the price of an item. The manual vulnerability assessment will end with a list of all vulnerabilities to web security found, and the assessor should prioritize the risks posed by each problem - based on the ease of exploiting the vulnerability, and the potential harm that could result if an attacker is successful.

Now you have your list of web security vulnerabilities, both technical and logic. And, if your organization is like most others, you have some remedying work to do. The challenge now is to prioritize what needs to be fixed, so that your existing applications can be hardened, and those being built can be remedied and safely placed into production.

While the list of web security issues may be long, you've completed the first major phase on the road to a highly secure application. Take comfort in the fact that your vulnerability assessment has identified problems in your applications before they were attacked by competitors, lone-hackers, or organized crime. In the next article, Effective Web Application Vulnerability Remediation Strategies, we'll show you how to prioritize your remediation work so that development time isn't prolonged, and existing applications at risk are remedied before they can be attacked.


About Caleb Sima

Caleb Sima is the co-founder of SPI Dynamics, a web application security products company. He currently serves as the CTO and director of SPI Labs, SPI Dynamics' R&D security team. Prior to co-founding SPI Dynamics, Caleb was a member of the elite X-Force R&D team at Internet Security Systems, and worked as a security engineer for S1 Corporation. Caleb is a regular speaker and press resource on web application security testing methods and has contributed to (IN)Secure Magazine, Baseline Magazine and been featured in the Associated Press.

About Vincent Liu

Vincent Liu, CISSP, CCNA, is the managing director at Stach & Liu, a professional services firm providing advanced IT security solutions. Before founding Stach & Liu, Vincent led the Attack & Penetration and Reverse Engineering teams for the Global Security unit at Honeywell International. Vincent is an experienced speaker and has presented his research at conferences including BlackHat, ToorCon, and Microsoft BlueHat. He has been published in interviews, journals, and books with highlights including: Penetration Tester's Open Source Toolkit; Writing Security Tools and Exploits; Sockets, Shellcode, Porting, and Coding; and the upcoming Hacking Exposed: Wireless.

Article Source: http://www.site-reference.com/articles/Website-Development/Your-First-Step-to-a-Highly-Secure-Web-Site.html

Tuesday, January 6, 2009

6 Easy Steps to Increase Vista Responsiveness in Just 5 Minutes Or Less

Step #1 - Use only anti-virus software that requires less system memory and processing power

Avira anti-virus free edition is such a tool that uses less system resources.

Step #2 - Disable Windows Error Reporting.

It will generate an error message when a program stops responding then it will send an error report to Microsoft in the hope that they will fixed the problem in future. Disable it will free up system's limited resources.

Step #3 - Disable Search Indexing

Windows Vista's Search Indexing is constantly checking the files on your system so that you can locate a file quickly. This is helpful, but it can slow down the system performance dramatically and user doesn't use search function frequently.

Step #4 - Disable All Graphics Effects

Vista provides "eyes catching" 3D aero glass and transparent effects. Those effects require large amount of graphics and arithmetic operations and it will severely slow down your system if you do not have a powerful graphics card and CPU.

Step #5 - Perform Disk Defragment Regularly

Disk fragmentation will slow down read and write access of a hard drive hence it reduces the responsiveness of a program and it will also Vista boot up time. Auslogics's Disk Defrag is a good tool that can defragment your hard disk quickly which is an ideal replacement of Vista default disk defragment.

Step #6 - System Registry Cleaning

The Windows registry is a directory which stores settings and options for Vista. Installing and un-installing programs and other daily activities actually create a lot of entries in the registry over time. After a while, Vista behave doesn't like when it was new, it stops unexpectedly, and its performances become sluggish. It is recommended that you use a free registry defragment tool to find out how many errors in you registry and get them fixed promptly.

Article Source: http://EzineArticles.com/?expert=Clement_Gee

Sunday, November 9, 2008

Intel vs. amd???

I believe you are going to buy a dual core processor. The main competition exists between Intel Core2 Duo and AMD Athlon X2. Intel Dual Core (not Core2 Duo) is crap and you should not go for it. Until recently, Intel was unable to compete with AMD. But with the advent of Core2 Duo Processors Intel is giving good fight to the increasing market of AMD.

You can buy processors starting from Rs.3000/- to Rs.20000/-. Now it all comes up to the investment you are going to make. If you can afford to buy best motherboard and the best processor, you would be spending a huge sum of money on something that you won’t really need at this point of time.

So find out what motherboards are available in the market (company +model name) and processor options you have. I would personally suggest you to think of Intel ... when you plan a budget, forget Intel and buy AMD. You will generally get a better deal buying a higher AMD processor in the price of Intel.

However saying that go for Intel Core 2 Duo E6850 (3.0GHz) or above if you can afford it. BUT do remember you should search for a good motherboard too. Also you need a RAM running at higher FSB. Just adding huge quantity of RAM won’t give you best performance.
You can post what items are available in your area and I WD advice which should be the best buy.
Good Luck

- JMD Computer

 
Design and Bloggerized by JMD Computer