La Navidad (latín: nativitas, ‘nacimiento’ )? es una de las fiestas más importantes del Cristianismo, junto con la Pascua y Pentecostés, pues celebra el nacimiento de Jesucristo. Esta fiesta se celebra el 25 de diciembre por la Iglesia Católica, la Iglesia Anglicana, algunas otras Iglesias protestantes y la Iglesia Ortodoxa Rumana; y el 7 de enero en otras Iglesias Ortodoxas, ya que no aceptaron el calendario juliano, que reformó el Papa Gregorio XIII.
Por eso mismo he diseñado un BlogSticker navideño para que lo puedas agregar a tu blog/sitio/página para estas navidades.
El lugar donde podrás ver mi diseño es aquí.
Más información [BlogSticker]
Un fallo crítico en las versiones 7.2 y 7.3 de QuickTime – y puede que sus versiones previas – podría provocar la entrada de crackers en nuestras máquinas de forma remota, tal y como han avisado Symantec y el US-CERT.
La vulnerabilidad se encuentra en la gestión del protocolo RSTP (Real Time Streaming Protocol) que se incluye en QuickTime y que puede ser utilizada para que el atacante obligue a la víctima a visitar contenidos de streaming especialmente adaptados y nocivos a los que podría accederse mediante archivos adjuntos QTL al correo electrónico.
Un exploit que aprovechase esta técnica podría ser utilizado para instalar malware o incluso registrar el sistema en busca de contraseñas.
Más información [The Inquirer]
The Asus Eee PC isn’t missing many must-have specs right out of the box, but there’s always going to be a reason or three for some internal Bluetooth.
Luckily, the hack really isn’t too terribly difficult as demonstrated by tnkgrl — as long as you’ve got a basic idea about what you’re doing when it comes to a few stray USB wires and a motherboard.
It involves a standard USB Bluetooth dongle stripped to its essentials and hooked up to the mini PCIe slot that also hosts the Eee PC’s wireless card.
The hack doesn’t mess with your original wireless, and provides the sweet, sweet Bluetooths to XP and the standard Xandros OS.
And speaking of Xandros, someone’s also gone through the trouble of getting their WM6 HTC TyTN up and tethered with the Eee — which seems like a natural next step after you manage the tnkgrl hack, but we’re not the boss of you.
More information [tnkgrl Mobile]
That’s right! Now you can get your hands on the first Release Candidate for Windows XP Service Pack 3! And all it will take is the implementation of a simple registry hack designed to allow Windows XP users to access, download and install Service Pack 3 Release Candidate straight from Microsoft.
You are not one of the 15,000 testers that have been so far permitted access to the RC build? No problem. And on top of that, there is no need to wait for a public version of one of the upcoming development milestones of XP SP3.
If you really can’t wait to get your hands on XP SP3 RC, then all you have to do is play around with the registry a tad.
More information [Softpedia]
Word of warning if you have an Apple-shaped twinkle in your eye: Lo-jacking the Asus Eee PC with OS X is legally dubious (like a lot of worthwhile tech endeavors tend to be) thanks to licensing restrictions and whatnot. Dan’s method more or less follows Adam Pash’s awesome Hackintosh tutorial over at Lifehacker, but an already PC-patched copy of OS X floating around on BitTorrent mercifully lets you skirt a lot of the hack and slashage for a moderately easy install.
The Eee’s pint-sized specs make Tiger a better choice than Leopard for your $399 ultraportable Mac. If only Apple pumped these out themselves—a low-cost ultraportable Mac would sell so well they’d have to hire people just to count the money.
More information [UNEASYsilence via TUAW]
An iPhone hacker, known as Core, has managed to finalize an AppleTalk Filing Protocol hack that enables full read/write access to either an iPhone, or iPod touch, via Finder. Unfortunately, the work has just been completed, and as yet, it is not available via Installer.app. If you fancy trying it manually, you can find the complete instructions after the jump, courtesy of the great guys at TUAW.
To install by hand, use sftp to copy the tar file into /opt/iphone. Extract the archive on your iPhone or touch–the tar archive program is part of the BSD program; use tar xvf name-of-archive.tar–and run /opt/iphone/afp/startserver.sh &. The ampersand lets the program run in the background. (You will need to restart it after reboots.)
Once installed and running, go to Finder. Choose Go > Connect To Server, and enter the afp address for your iPhone, in my case afp://192.168.0.111. Just use the afp:// prefix with the local IP address of your iPhone. Enter your user id (root) and password (alpine) and your iPhone or iPod appears in the sources list for your Finder windows… To add new applications, just drop them into the Applications folder. To back-up your personal data, just copy /var/root/Library.
To get cracking, hit the link to download the necessary file. Be sure to opt for the newer package, named afpd.with.registered.users.tgz. If you are not willing to get messing all up inside your iPhone or touch, wait a little while longer, as this awesomeness is bound to appear in Installer.app in the not too distant future. If you do give it a try, be sure to let us know how you get on.
More information [Wickedpsyched via TUAW]
The same person who hacked the RockYou OpenSocial application on Plaxo just 45 minutes after it was publicly released is at it again.
This time, he claims to have easily accessed the iLike application on Ning. Specifically, he says he can add and remove songs on users’ playlists. And more damaging, he can also access a user’s friends list in the client-side code. Give him a Ning username and he can give you details on their friends: relationship to user, last date of update, photo, profile creation date and part of their email address.
He’s pulled up Ning co-founder Marc Andreessen’s friend list to prove his point, and shared part of it with me. I won’t be publishing it here, but it shows that he got access to the application.
Total time to hack iLike on Ning: 20 minutes.
As with the RockYou/Plaxo hack, no real damage has been done, but it shows that in the rush to get applications out the door quickly, attention to security may have fallen by the side of the road.
TheHarmonyGuy now has a blog up where he is writing about his hacks of OpenSocial applications. See it here. He notes that RockYou’s application remains unpatched.
More information [TechCrunch]
