Nook E-Reader Gets Hacked to Run Pandora

A few Nook device owners have hacked it to run the Pandora music application in the background.

The move opens the door to adding more apps to the e-reader — something that Barnes & Noble does not support officially.

“It wasn’t that hard,” says Robbie Trencheny, a 18-year-old student who is also the team leader at nookDevs, a wiki and an online forum for Nook enthusiasts. “Once we had rooted the Nook (on Sunday), it was only a matter of time until we could put an app on it.”

“Rooting” the Nook involves hacking its system files to get full access to the device’s Android operating system. But unlike jailbreaking the iPhone, rooting the Nook isn’t just about tinkering with the software. Instead, Nook customers have to take a screwdriver to get to the device’s innards.

Nook’s Android OS is on a microSD card that needs to be connected to a computer to change a file on it. Once that’s done, the power of Nook’s Android OS is available to its users.
To run Pandora, Trencheny first searched for the .apk file associated with the app. “It’s a file extension that Android uses and every app has it,” he says. Once that file is wirelessly downloaded onto the 3G-enabled Nook, users have to run a command in the terminal shell of the device. With a few more steps described on the nookDevs wiki, they can get Pandora installed on the Nook.

There are a few more steps to get it operational. The Nook’s touchscreen won’t cooperate with the Pandora app so users have to use a VNC remote control software to get past the app’s initial login screen. Once that’s done, Pandora works perfectly with the Nook touchscreen and can run in the background as you browse books, says Trencheny.

If all that sounds a little rough for someone who just likes to pick up an e-reader and read, then there’s a fix in the works, assures Trencheny. NookDevs is working on creating a software unlock so users won’t have to open up the Nook. They are also trying to open a marketplace just for Nook apps.

And while Pandora is the first to make it to the Nook, adding other apps should be easy, says Trencheny. “We can run multiple apps if we want to,” he says.
NookDevs members haven’t heard any complaint, so far, from Barnes & Noble. “We have looked through the end user license agreement and, as far we can tell, there is nothing in there to get us into trouble,” says Trencheny. “We are not abusing the 3G or breaking the DRM rights on the books.”Source

Adobe to patch zero-day Reader, Acrobat hole

Adobe on January 12 will patch a critical hole in Reader and Acrobat that is being exploited in attacks. That date is the company's next scheduled quarterly security update release.

The zero-day hole, which affects Reader and Acrobat versions 9.2 and earlier, could crash the system and allow an attacker to take control of the computer.

Malicious Adobe Acrobat PDF files are distributed via an e-mail attachment that, when opened, executes a Trojan that targets Windows systems, according to Symantec. The rate of infection is extremely limited and the risk assessment level is very low, the company said.

Adobe decided to issue the patch in cycle in about four weeks rather than work on an earlier patch release because that would take between two and three weeks to deliver and would put the regular quarterly update off schedule, the company said in a blog post.

"The team determined that by putting additional resources over the holidays towards the engineering and testing work required to ship a high confidence fix for this issue with low risk of introducing any new problems, they could deliver the fix as part of the quarterly update on January 12, 2010," Adobe's Brad Arkin wrote.

In the meantime, customers can use a new JavaScript Blacklist mitigation feature that allows for easy disabling of JavaScript, Arkin said.

"Additionally, an informal poll we conducted indicated that most of the organizations we talked with were in favor of [releasing the patch in cycle] to better align with their schedules," he wrote.

Meanwhile, Webroot analyzed the payload of the malware and found that it installs three files that look like Windows system files that are digitally signed with a forged Microsoft certificate. Unlike legitimate Microsoft-signed certificates, these lack an e-mail address and a time stamp, the company said in a blog post.

"Authors of Trojan horse apps rarely go to the trouble of digitally signing files in this way," writes
Webroot researcher Andrew Brandt. "It's not clear why they would be digitally signing files, but clearly the person or people behind this are up to no good." Source

The iPhone Goes to War

Is the iPhone going to war?

On Wednesday at the 2009 Intelligence Warfighting Summit in Tucson, Raytheon, the military contractor, announced an iPhone application that tracks friends and foes, shows their positions on live, real time maps and provides secure communications.

Called the One Force Tracker, the Raytheon iPhone software can also be used by first responders like police, firemen, and emergency medical technicians.

The app is completely operative and works on a standard iPhone, said J Smart, chief technology officer for Raytheon’s Intelligence and Information Systems. “We are really delighted to be leveraging Apple’s innovation.”

The adaptation of the iPhone to military use is somewhat unusual, as technology more often trickles from the military to the consumer market. But this is a rare case of consumer hardware and software concepts being adapted for military use.

For instance, crowdsourcing, which has volunteers use cellphones to report real-time traffic flow, could be adapted to turn each soldier into a reporting unit, delivering real-time data about position and status.

Communications resemble social sites like Facebook, in which your friends would be represented by a military unit, and could be used to track position of, and communicate with, other units.

Maps with an overlay of points of interest are familiar to every GPS user. The Raytheon app would use the same concept, but points of interest might be known sniper sites or safe fallback positions.

Field information would be transmitted back to a central computer that would crunch the data, update it and push it back out to the soldiers. “This is hypothetical, but if there is a building with known terrorist activities, it could automatically be pushed to the phone when the soldiers get near that area,” said Mr. Smart.

Live information could also be used to reduce tactical errors and friendly fire incidents. “If there was another platoon that was supposed to arrive, and they were delayed, or ahead of schedule, you could adapt your plan,” said Mr. Smart. “If one of the units you are counting on is redirected, you know that in real time.”

Mr. Smart also said that Raytheon was developing sensors that could be attached to phones so that they would serve other purposes. He declined to give specifics, however mobile phones have been outfitted as portable ultrasound machines, which would be useful for battlefield medicine.

Although the application that Raytheon has developed will work with an off-the-shelf iPhone, the company concedes that there would have to be alterations for the battlefield.

One iPhone limitation to be addressed is that it only carries out one function at a time unlike competing systems from Palm and Google, which can run several concurrently. If a soldier is to have position automatically reported, the GPS will have to run at the same time as other applications. Mr. Smart said it would be an easy adaptation to make. “Underneath the iPhone is a Mac OS X operating system which is based on Unix, which gives us Unix multitasking,” he said.

But that raises another issue. Apple limits multitasking because it empties the batteries quickly. Because the iPhone doesn’t have a replaceable battery, a fresh one can’t be popped in when power gets low. Mr. Smart said that Raytheon may address that through a ruggedized phone case that would accommodate a larger battery.

Mobile phones are also known to be vulnerable to hacking attacks. Mr. Smart said that some safeguards were built in to the software, but especially sensitive transmissions could be passed through a more sophisticated scrambler that it would dock with.

Apple did not respond to a request for comment.

Raytheon is developing other iPhone apps as well. It has also demonstrated an application that would serve to train air traffic controllers. It would not completely replace current training, but would build skills in recalling aircraft and terrain, visual scanning, on-the-fly mathematics, and rule-based decision-making, skills that also are used frequently by gamers. Source

key element for proactive engineering of IT services

It is a key element for proactive engineering of IT services, making sure that certain IT resources and infrastructure can be utilized or are made available should the need arises. Capacity Management activities include the following :

> Monitoring and modeling to simulate the performance of IT services and its supporting components, and understand future resource needs
>Analyzing, tuning, and implementing necessary activities to make efficient uses and changes in resource utilization
> Managing and understanding the current demands for computing resources and deriving forecasts for future requirements, which involves an understanding of business priorities
> Application sizing to ensure required service levels can be met
> Building the yearly infrastructure growth plan with input from other team members
> Storing capacity management data while predicting the IT resources needed to achieve agreed service levels and
> Producing a capacity plan that documents current utilization and forecasted requirements, as well as support costs for new applications or releases.

Troubleshooting tehniques

1. using "Show" commands. most commonly used internetwork connectivity testting tools "PING and TRACEROUTE". for debugging, use to help if there any deep problem :D

At the end of every show command there is UNIX like pipe symbol followed

sample
r6#show version | ?
begin
exclude
include

the " begin" option is used to specify a string of characters that will mark where you want to begin viewing lines of the show command

The "include" option is used to identify and display specific lines within a given IOS show command that match a supplied regular expression.

The "exclude" option is used to identify and prevent the display of specific lines within a given IOS show command that match a supplied regular expression.

2. Using the Debugging Tools
  > debug Ip Packet
  > debug Ip Routing

3. Capturing Messages CISCO and Debug Output with SYSLOG
4. Debug Output to a syslog Server
5. Using TCP Dump

Rencana Harus di jalankan

ga terasa hampir satu tahun di "first" dgn knowledge yg harus di upgrade.
"Knowledge is Power" mmm pepatah tersebut menyejukan dan sekaligus "Pecutan" utk kedepan. yup setuju pengetahuan adalah segalanya so keep study bro... what the next...?? terlalu banyak plan untuk tahun depan termasuk ujian CCIE lab.. so hard to study coz limited budget..? itu bukan alasan selagi ada kemauan utk maju semua penghalang harus di lewati