HTML5 Games: Ready Or Not?

Posted by Unknown | June 23, 2012 | ,

An Open Source Game Project undertaken by Wooga, a German company specializing in Social Games, has inadvertently hit the rock. What would have translated as the most advanced game title for the emerging web development platform, HTML5, is perhaps not to be or better set for the future.

Wooga's Pocket Island, was an ambitious project with the original goal of pushing HTML5 Games into new territory and perhaps create one of the worlds biggest game ever.

The company has labeled the project "failed" according to an official release on a blog post, Thursday.  And had subsequently tagged the emerging web standard, HTML5, not ready for serious game development.

According to the blog post, initially, the game project was an experiment to dig into the vast possibilities of HTML5, but the landscape turned-out rather unsuitable, as the company puts it, "the water wasn't as cold as the team expected".

Despite that the game was fully functional, it lacked the polish of the natively developed apps. Further more, it took much more time, that would have been devoted into improving the overall game-play mechanics. What appeared simple task on native apps, is decidedly more complex and time consuming with HTML5.

Then comes the salient question: what lies ahead for HTML5 Games?

Read More>>

IE Flaw: Microsoft XML Vulnerability

Posted by Unknown | June 14, 2012 |

Microsoft Patch Tuesday (designated day monthly on which Microsoft Fixes Security issues) disclosed a critical vulnerability in Microsoft XML (MSXML) Core Services 3.0, 4.0, 5.0 and 6.0 that could allow remote code execution when a user views a specifically crafted web site with Internet Explorer.

MSXML Core Services provide W3C compliant APIs that allow developers to use JavaScript, VBScript and Microsoft development tools to build XML 1.0 applications.

The vulnerability is exposed when MSXML accesses an object in memory that has not been initiated, leading to memory corruption such that an attacker could execute arbitrary code in the context of logged-in user.

Albeit, the vulnerability can only be exploited if a user visits an infected web site, the likelihood of users been tricked into visiting such sites is very high, given the rampage of social networking, emails and other messaging platforms whereby such phishing can be perpetrated.

The Patch Tuesday, however have afforded a temporary fix, now available for download on Microsoft Support website, Technet.

IE is perhaps saddled with history of security flaws, which were also responsible for the earlier Gmail hacks originating from China. And coupled with the current trends of state-sponsored cyber attacks, Google had recently launched a notification service to alert users of suspicious activities on their accounts.

Microsoft, indeed must have to work-out a thorough security system for its browser, Internet Explorer, in view of the growing browser wars.

Read More>>

Malware Check: Android Vulnerable

Posted by Unknown | June 09, 2012 | ,

The Android platform has been marred by the significant infiltration of malwares in the App Store, a development which Google has been battling for sometime now, and had recently launched Bouncer, an automated system check to keep malicious applications out of the Android App Store dubbed Google Play.

According to a report by InformationWeek, two researchers by names, Jon Oberheide of DUO Security and Charlie Miller, principal research consultant at Accuvant Lab, had found different techniques to bypass Bouncer.

The researchers succeeded in submitting an app to Google Play-vetting that established a connect-back shell in the Bouncer's infrastructure, thereby exposing how the security mechanism works. They however, admitted the strong security backup with the Google systems, which were able to track their activities almost instantly.

The researchers discovered the underlying emulator QEMU, upon which the Bouncer is based, and that the popular emulator has had its history of vulnerabilities in the past. The researchers posited the possibility of exploiting a bug in QEMU to crack the Bouncer, a claim which Google has acknowledged.

Google, however has declined to issue an official statement as to whether it will release a patch for the uncovered vulnerabilities.

Android platform has continued to rise despite the malware challenges, and may probably become the most popular smartphone OS, according to the latest IDC predictions for 2012.

Read More>>

IPv6 - The Future of The Internet

Posted by Unknown | June 07, 2012 |

The internet protocol (IP), the identification system for the internet, whose current version 4 (IPv4) is limited to only 4 billion addresses, as the system assigns a series of 4 digit numbers, ranging from 0 - 255, to every internet device has come to a point whereby the system needs more room to accommodate the next generation internet devices.

IPv6 is the next version of the internet protocol with a whopping address capacity of 128-bit against the formers 32-bit. That means, the expanded address capacity will enable the trillions of new internet addresses needed to support connectivity for the future internet devices.

June 6, marked the world IPv6 launch day, and the transition will enable the internet to continue to grow with new innovative services to be developed as more devices can now connect to the internet.

The complete transition to IPv6, definitely, may take some time as every website and ISP (Internet Service Provider) will have to make the switch. However, IPv4 will continue to operate as normal, as both the two versions will work together until IPv4 is no longer needed.

 Internet users on their part have no active contribution to make. All applications and devices will work just as they did before now. The change is only intended to make sure there are more rooms for the next generation of internet devices. Google has made available a list of FAQ for more information and guidance.

Read More>>

Google as a follow-up on the evolving trend of nation-states engaging in cyber attacks against organizations or individuals with varied fronts and concerns have gone ahead to launch a notification service aimed at users whose accounts may be at risk of such level of attacks.

Google Online Security Blog in a post on Tuesday stated categorically about its monitoring systems put in place to thwart efforts by cyber criminals to hijack its users accounts.

According to the post, Google is constantly on the lookout for malicious activities on their systems, and any instance it observes attempts by third-party to log-on to users account unauthorized will show clear warning notifications. The warnings, however, does not necessarily mean your account has been compromised, rather that you may be at a risk of a targeted phishing from state-sponsored attackers.

Google intends the notification to serve as a signal for users to take extra steps to protecting their accounts, whilst the recommendations for secured accounts remains the same: create difficult passwords with combination of letters, numbers and characters, and update your system software whenever a patch is made available. 

How Google decodes the phishing signals as state-sponsored attacks remains unknown, but has reassured that the reason for not disclosing the detailed analysis is for the bad guys not be able to counter their monitoring systems.

Google also promises to continue to update the notifications based on the latest information.  

Read More>>