Sony Unveils First Internal Blu-ray Disc Drive

Sony Electronics unveiled its first internal Blu-ray disc (BD) ROM drive (BDU-X10S) for the computer. The drive offers consumers an option to upgrade their desktop to a Blu-ray player, which can also play DVDs and CDs.

The BDU-X10S now comes bundled with the CyberLink’s PowerDVD BD Edition software for playing movie titles, recorded Blu-ray disc home videos, DVD-ROMs and CD-ROMs. It also supports playback of recorded Blu-ray discs in MPEG-2 or H.264 format, standard DVD-Video discs or recorded DVDs encoded with MPEG-2 or AVCHD formats.

The internal drive allows fast and easy transfer of data or videos through its high-speed Serial ATA (SATA) interface.  Its standard 5.25-inch form factor enables easy installation in desktop PCs running Microsoft Windows Vista or Windows XP operating systems.

Other technical specifications include,  8x DVD ROM (Read Only), 24X CD-ROM (Read Only), data buffer size of 4MB, physical dimension of 5.25 x 1.63x 7.0 inch and installation angle supporting both vertical and horizontal.

Sony BDU-X10S is available through Rashi and its branches throughout India for Rs. 16,950 and enjoys one year warranty.

Microsoft Offers Way to Share Data With Social Networks

Microsoft is opening up its Windows Live platform to allow users to share their contact lists with five social-networking sites, some of which until now have been accessing such data through the back door.

The move is intended to give users control of their data, and remove the need for the kind of work-around used to share such data today, “which unduly puts customers at risk for phishing attacks, identity fraud, and spam,” wrote John Richards, director of Microsoft’s Windows Live Platform, on the official developers’ blog for the platform.

Facebook and Bebo members can now invite friends on their Windows Live contacts list to join their online social network at those sites, without having to hand over their Windows Live password. Members of the Hi5, LinkedIn and Tagged communities will be able to do so “in the coming months,” Microsoft said.

As part of this effort, Microsoft is introducing a new website, www.invite2messenger.net, where people can invite their contacts from any of these five social networks to join them on Windows Live Messenger.

Yahoo already operates a similar service with LinkedIn: a page on the LinkedIn site takes members wishing to import their Yahoo Mail contacts list to a Yahoo log-in page in order to authorize the data exchange.

Some social-networking sites already offer to help their members import their contacts list from Web-based e-mail services and send invitations to people on that list — but to do this, the sites typically ask their members to hand over the username and password for their Web-mail account to gain access to the contact data.

That’s the case, for example, with LinkedIn’s functions for importing contacts lists from Google’s Gmail and AOL’s Web-mail service, which require that members trust LinkedIn with their username and password for the other services. LinkedIn does not yet have a link with Windows Live.

Internet users are becoming increasingly suspicious of such requests for credentials, given the prevalence of phishing attacks and other attempts at identity theft.

To enable the exchange of contacts data, Microsoft has created a new API (application programming interface) that allows social-networking sites to request access to the Windows Live contacts list of their members by sending the members to a Microsoft-controlled log-in page, where the members can enter their Windows Live credentials without having to divulge them to a third party. Microsoft then notes that the user has granted permission to the social-networking site to access the contact data.

Opening up the interfaces is a way of acknowledging that ownership of contacts lists rests with the sites’ users, not with their operators, according to Richards at Microsoft.

“We firmly believe that we are simply stewards of customers’ data and that customers should be able to choose how they control and share their data,” he wrote.

As recently as January, Facebook was not so sure that ownership of contacts lists rested with the users that had supplied it: it disabled, and later reinstated, the Facebook account of a tech blogger who used a service provided by AOL subsidiary Plaxo to download contact data from the Facebook site.

Symantec Suspects Bot in Attacks on D-Link Routers

Suspicious port scanning that’s been tracked back to D-Link routers may mean a worm or bot is on the loose and infiltrating the popular brand’s devices using a three-year-old vulnerability, security researchers at Symantec said.

The security company issued a warning Monday night to customers of its DeepSight threat notification service saying that there were “reliable reports” of an in-the-wild worm or bot that was attacking, then installing itself, on D-Link routers. By today, however, Symantec had taken a step back.

“After looking into it further, we decided that that was a little misleading,” said Oliver Friedrichs, a director of Symantec’s security response team. “It’s unconfirmed at this point. But we have definitely seen an increase in attack activity, and that activity appears to be coming from other D-Link devices.”

In other words, although Symantec’s researchers haven’t gotten their hands on a worm or bot sample, all the evidence points in that direction. “We suspect that it’s a bot,” he said.

According to Friedrichs, the attacks against the D-Link routers begin with hackers scanning TCP port 23 for an active SNMP (Simple Network Management Protocol) service, a flaw that first showed up in D-Link router firmware in 2005. “It looks like they’re exploiting the SNMP vulnerability to reset and reconfigure the administrative password on the routers,” said Friedrichs, perhaps to conduct “drive-by pharming” attacks that change a router’s settings so its users are unknowingly directed to bogus or malicious Web sites instead of the real URLs.

“Having port 23 open on the Internet-facing side is a bad idea in general,” said Petko Petkov, a prolific penetration tester from the U.K who, with a partner, Adrian Pastor, has published research on hacking routers. “But I guess this is due to the fact that the attacked devices have only one Ethernet port and users can unwillingly expose otherwise privileged services on the Internet.”

Router vulnerabilities are up and attacks against routers are on the upswing — especially attacks that target devices used by consumers and small businesses to create wireless networks, said Friedrichs. “Attackers are increasingly looking beyond the desktop,” he said, for new places to install — and hide — their malware.

Petkov wasn’t shocked to hear of Symantec’s warning. “We’re not surprised at all, as all embedded-device(s) we have tested so far are vulnerable to all kinds of interesting vulnerabilities,” Petkov said in an e-mail today. Nor would creating a worm or bot Trojan be tough. “Anybody can code a worm which attacks routers on a massive scale quite easily. Most of the research information is out there, so it is a matter of putting the pieces of the puzzle together.”

Friedrichs characterized the port 23 scanning activity Symantec is seeing as “moderate” and said the researchers will continue to investigate. He and his team, however, had not been able to verify that the vulnerability had been patched, and if so, when, or which specific models of D-Link’s routers might be at risk.

D-Link officials did not respond to a call for comment.

For the moment, the best advice Friedrichs had for D-Link router owners is to make sure that the SNMP service was not exposed to the Internet.

Intel Ups Speed of Quad-Core Processors

Intel unveiled two low-voltage, 45-nanometer server processors.

The quad-core Xeon L5400 Series chips run at 50 watts — or 12.5 watts per core — but their performance still reaches the 2.5-GHz mark. Intel is making the chips using the 45nm manufacturing process that it first used with its Penryn family of chips, which were unveiled last November.

The new chips deliver the same performance as their predecessors, the Xeon 5400 Series, but use 40% less power, according to a company spokesman.

Energy-efficient processors are gaining more attention as companies increasingly look to go green — in order to save both power and money. For companies with large data centers, the cost of electricity can sap a significant portion of the IT budget.

“There is a class of customer that is looking more to economically- or environmentally-friendly designs,” said Stephen Thorne, a product line manager in Intel’s server platform group. “And there also are customers who are trying to pack as much performance as possible into their data center.”

Thorne noted that there has been a call for energy-efficient processors in blade configurations. “A lot of users have power constraints or physical constraints,” he added. “Say you have a fixed space in Manhattan. You can’t expand the space, but with lower-energy processors, you could pack more servers into a rack because each server is using less power.”

In January, Intel rival Advanced Micro Devices Inc. disclosed that it was picking up speed on delivering its own energy-efficient quad-core chip, the 9100E, which reportedly uses one-third less power than AMD Phenom chips. The 9100E had been slated on in-house AMD road maps to ship in either the second or third quarter. The chip is now on the docket to be released this quarter.

And the clock is quickly ticking down on the first quarter. So if AMD’s new chip is still on track, it should ship this week.

Intel reported that its new Xeon processors have a 50% larger cache than its previous-generation, low-voltage quad-core Xeon processors. They also have 12MB of on-die cache and dedicated 1333-MHz front-side buses.

Thorne said Intel was able to lower the power consumption on the new chips through a combination of using the 45nm manufacturing process, running them at a slightly slower speed and lowering the voltage across all the cores to parse out the reduction.

Vendors supporting the new Xeon chips include Dell, Fujitsu, Hewlett-Packard, Hitachi, IBM and NEC.

Intel also announced that it expects to begin shipping its L5210 dual-core processor, which will boast a 40-watt rating, a clock speed of 3 GHz, a 6MB cache and a 1333-MHz front-side bus.