News about what is happening in technology today!

ARLINGTON, Virginia — Insider attacks and industrial espionage could become more stealthy by hiding malicious code in the core system functions available in a motherboard’s flash memory, researchers said on Wednesday at the Black Hat Federal conference.

A collection of functions for power management, known as the Advanced Configuration and Power Interface (ACPI), has its own high-level interpreted language that could be used to code a rootkit and store key attack functions in the Basic Input/Output System (BIOS) in flash memory, according to John Heasman, principal security consultant for U.K.-based Next-Generation Security Software.

The researcher tested basic features, such as elevating privileges and reading physical memory, using malicious procedures that replaced legitimate functions stored in flash memory.

“Rootkits are becoming more of a threat in general–BIOS is just the next step,” Heasman said during a presentation at the conference. “While this is not a threat now, it is a warning to people to look out.”

Read more

Nobody was ever arrested for leaking the secret source code for parts of the Windows operating system in 2004, but a hacker who sold a copy online afterward was sentenced to two years in federal prison Friday.

William “IllWill” Genovese, 29, will serve three years of supervised release following his prison term, during which he’ll be subject to electronic monitoring through special software installed on his computer, under the terms handed down by federal Judge William Pauley in New York. He remains free on bail, and is scheduled to report to prison March 14.

Genovese ran a popular hacking-oriented community website called IllMob.org in February 2004 when two 200-MB files containing incomplete portions of the source code for the Windows 2000 and Windows NT operating systems hit the internet, flooding dodgy websites and peer-to-peer networks like some hard-core geek version of the Paris Hilton video.

Like many others, Genovese downloaded a copy. Unlike others, he posted a note to his website offering it for sale.

According to court records, an investigator hired by Microsoft took Genovese up on his offer and dropped two Hamiltons on the secret source code. The investigator then returned and arranged a second $20 transaction for an FBI agent, which led to Genovese’s indictment under the U.S. Economic Espionage Act, which makes it a felony to sell a company’s stolen trade secrets. After consulting with his public defender, Genovese pleaded guilty last August.

Read more

The Los Angeles city attorney’s office has sued the makers of Grand Theft Auto: San Andreas for allegedly hiding pornographic material inside the video game, officials said.

Rocky Delgadillo said his office sued Rockstar Games and its parent company, Take-Two Interactive Software, for making misleading statements in marketing the game and engaging in unfair competition.

A telephone call made after business hours to a Take-Two spokesman in New York was not returned.

The game, released in October 2004, features characters that commit crimes such as murder, drug dealing and pimping. The game also had an embedded “mini game” in which characters could engage in explicit sexual acts.

The industry board that rates video games gave it a mature rating but would have given it an adults-only rating if it knew of the explicit content, Delgadillo said.

The game’s rating was later changed and retailers, including Wal-Mart Stores, Target Corp. and Best Buy, pulled copies from their store shelves.

Read more

The popular Samba suite is an implementation of Microsoft’s SMB (Server Message Block)/CIFS (Common Internet File System) protocol that allows other operating systems to emulate or interoperate with Windows for the purposes of sharing files or printing.

Releasing a new version of the software today in conjunction with a speech on the subject by Australia-based Samba creator Andrew Tridgell at the Linux.conf.au conference in New Zealand, the team behind the software outlined its new features.

“Samba 4 supports the server-side of the Active Directory logon environment used by Windows 2000 and later, so we can do full domain join and domain logon operations with these clients,” the group said in a statement on its Web site, noting this feature was “the main emphasis” for the new software.

NEW YORK — IBM unveiled new speech recognition technology on Tuesday that can comprehend the nuances of spoken English, translate it on the fly, and even create on-the-fly subtitles for foreign-language television programs.

Historically, speech technology required the user to limit his speech to a fixed set of phrases in order to interact with a device. With IBM’s Embedded ViaVoice 4.4 software package, introduced on Tuesday, the company hopes to allow users to speak commands using phrasing that is natural to them.

In a demonstration today at IBM’s headquarters here, for example, users changed a simulated radio station, by speaking any of the following phrases: “Play 92.3,” “Tune to 92.3,” or “Tune the radio to 92.3.”

Read more