Archive for January, 2008

We have another treat for you Blogliners who have been patiently awaiting our redesign. Today's special surprise is the Photo Widget View available within Bloglines Beta.We've been experimenting with different views in the Bloglines Start Page. In this case, we display photos from Flickr inside a Photo Widget. Sure beats a text description. We currently only do this for Flickr, but in future releases you will be able to apply the photo view for other photo-oriented feeds.

Here's a little before and after.

Before

After

As a reminder, you can go to Flickr or other photos sites and create a feed tracking a specific topic or tag. In the example above our topic we tracked was "Europe." Or you can track a specific user on the site. So in other words, anytime a friend posts a picture on Flickr, you would see that picture on your Bloglines.

Have Fun!

- Eric Engleman and the Bloglines Team

Photo by mj*laflaca

Like many of his American Idol contemporaries, Clay Aiken is making the leap from the small screen to the stage in “Monty Python’s Spamalot.” Aiken follows Idol contestants who have appeared in stage musicals including Diana DeGarmo, Tamyra Gray, Constantine Maroulis, and Fantasia Barrino to name a few. And while I’m talking musicals, let’s not forget to include Jennifer Hudson, who won an Oscar for her role in the film adaptation of the 1981 Broadway musical “Dreamgirls.”

Is this a good thing? Well, I admit that like many other people, if a TV actor I love is doing a stage production, I’ll try to see it. I’ve been to more than one ex-Idol production and if, like me, you’re a big enough Idol fan, you may be able to overlook some of their shortcomings as performers (because, let’s remember, musicals are singing and acting) and enjoy the show. But if your Idol knowledge is limited to water cooler chat, you may quickly become keenly aware of their limitations and forego any future theater productions with Idol alumni.

Aiken will step into the role of Sir Robin, originally played by David Hyde Pierce on Broadway. It might be a test of Aiken’s talents, but surely theater critics can’t be as brutally honest as Simon.

Is your favorite Idol onstage? Which former Idol contender do you think would be great on Broadway?

Jasmin

Return to Yahoo Answers!

Hey Guys,

What keeps you coming back to Yahoo! Answers? For me, it's the chance to learn something new. The other day I stumbled upon a question that I'd been wondering about for years -- what determines whether a college is NCAA Division I, Division II, or Division III?

I'd always assumed the answer had to do with enrollment, but apparently there are many other factors that go into the equation. After a lot of fruitless searching and clicking, I found a PDF from the official NCAA site that explained it all. Short answer -- it's a mixture of the number of sports the school sponsors, how many spectators attend games, how many scholarships the school offers, "scheduling requirements," and various other considerations.

Now that I finally know why some schools get to play in college football's biggest bowl games while others aren't eligible, I can move on to other equally important mysteries like learning who invented the crossword, what determines blood type, and why Snoop Dogg doesn't go by his real name. I feel smarter already.

Thanks for reading,

Mike

p.s. -- I use Yahoo! Answers to learn stuff (and because it's my job). Do you use it as a means to discover facts, communicate with friends, or get subjective opinions? Please leave a note and let me know.

Return to Yahoo! Answers

Photo by Eli Hodapp

As much as I love my job with Yahoo! Answers, I looked forward to taking a break from all things work-related during the recent holidays. But during that time, I found myself back among the Yahoo! Answers community – only this time as the beneficiary of some great information and advice. I spent a few weeks at my sister’s home, and Answers helped us at least three times while I was there.

The first need to consult Answers came while watching “Pirates of the Caribbean: At World’s End” (all 168 humorless minutes of it). Just before the last bit of my interest waned, a moment in the film caught my attention. It was talk of the green flash seen at sunset. It prompted childhood memories of spending days on my sea-loving grandfather’s boat. He often regaled us with tales of the green flash and would wake us before dawn in an unsuccessful attempt to show us the spectacle as the sun rose. As my sister and I reminisced about those frustrating early mornings, we questioned the veracity of the tale, but a quick search on Answers shed light on the phenomenon. Unfortunately, it didn’t make the movie any more watchable.

My second foray into Answers came while blowing bubbles with my 18-month-old niece. She quickly grew bored with my abilities and wanted to try her own hand at it. Anxious to win her favor, I handed her the wand and bottle of solution, which she promptly upended and emptied onto her patent leather Mary Janes. Fortunately, Answerers provided some great suggestions for making your own bubble solution. Many suggested the use of glycerin (which we didn’t have), but blueyez recommended substituting light Karo syrup, which worked beautifully.

Finally, New Year’s Eve saw the entire family enjoying a huge platter of shrimp cocktail. At one point, my aunt plopped an entire shrimp into her mouth -- tail and all. I admit that I was a little repulsed and made no attempt to hide it. I mean, devouring shrimp tails seems about as appetizing as gnawing on a plate of fingernails. Surely they aren’t meant to be eaten, are they? She insisted that they are perfectly suitable for ingestion, tasty, and nutritious to boot. The jury is still out on that one, but Marion makes a great point when she asserts that it’s “a personal choice…just do what you like and be polite.” Bon appétit, Auntie JoAnne!

Thanks to all of you for helping me get through the holidays! Whether at work or at play, I guess Answers truly has become part of my daily life.

How did you use Answers to help you through the holidays?

Richard S.

Return to Yahoo! Answers

Hey Guys,

Coming back from vacation is never easy. Fortunately, I found a lot of good questions to help ease the pain. Here are some highlights from my first week back...

One very romantic gentlemen is seeking information on how to get married at the Hazzard County courthouse from "The Dukes of Hazzard." He asked the community for help in tracking down the building. As a long time fan of Bo and Luke Duke, I was happy to oblige. From what I can tell, the courthouse is either in one three small Georgia towns or on a back-lot in Hollywood. Good luck, lover boy!

The Battle of Bunker Hill was one of the most important fights in the Revolutionary War. So, how did the it get its name? I did a bit of research and found that the hill was named after the Bunker family who owned the land. Interestingly, historians believe the battle was actually waged on a nearby hill known as Breed's Hill. For whatever reason, the name "Bunker Hill" just stuck.

It's impossible to look at anything plastic without seeing the recycling logo. A curious community member asked for help in figuring out the symbol's actual meaning. I tracked down an interview with the logo's creator, a man named Gary Anderson. In the interview, Anderson explains that the three arrows "symbolize continuity within a finite entity." If you think about it, that's what recycling is all about.

Thanks for reading,

Mike

Return to Yahoo! Answers

MSCOM Operations get lots of requests from both internal and external customers on how we operate www.microsoft.com , Microsoft Update, and the Microsoft Download Center (just to name a few). Those customers are asking about a wide variety of topics that...(read more)

This week you may have heard or read about a new rootkit that has been reported in the wild that uses the Master Boot Record (MBR) as its Auto-Start Entry Point (ASEP).  The malware is being called VirTool:WinNT/Sinowal.A.  First we want to let you know that if you use any of the Microsoft antivirus technologies (Windows Live OneCare, Forefront Client Security, Forefront Security for Exchange or Windows Live OneCare Safety Scanner), you are already protected from this threat as of definition version 5364.0 and higher.  Next, we want to talk about the use of the MBR as an ASEP by which to kick off the malware loading process and some of the interesting consequences of using this technique.< ?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />

 

There are several binaries in the wild which try to install this rootkit. All the known variants are detected by Microsoft antimalware products using two generic signatures: PWS:Win32/Sinowal.gen!C and PWS:Win32/Sinowal.gen!D. 

 

This malware attempts to modify the MBR so that it can control what gets read from the disk into memory and execute very early in the boot process.  After the modified MBR is executed, it reads additional malicious code into memory which modifies the NT kernel to force it to load a malicious driver that has been stored at the end of the physical disk (The driver will not be visible while the infected OS is running.).  Once the driver is loaded into the kernel, it behaves just like a standard kernel mode rootkit, providing covert and stealth network backdoor functionality by hooking low level APIs to attempt to avoid detection.

 

Here are some interesting things about this malware:

 

First, the installer for this rootkit needs to modify the MBR in order to ensure that the rootkit can persist across reboots.  It does this by using the CreateFile API attempting to open “\Device\Harddisk0\DR0” for write access.  Using the CreateFile API in this way (for direct / raw disk access) requires administrative privileges as mentioned in this KB article: http://support.microsoft.com/kb/q100027.  So if you are logged into Windows as a standard user or if you are using Windows Vista with UAC enabled, even if you accidentally run the malware installer or it runs via some exploit code, it will be running with insufficient privilege to modify the hard disks MBR; thus it will not be able to persist a system restart.

 

Next, the perceived strength of this new rootkit, its lack of a visible footprint in the registry and file system due to the use of the MBR as the ASEP, is also a big weakness!  If you suspect that you have a system that is infected with this rootkit, to prevent it from loading, all that is required is to write a known-good copy of a master boot record back to the disk to prevent the rootkit driver from being loaded on the next reboot!  Fortunately, we have made that a fairly painless process with the Windows Recovery Console and the ‘fixmbr’ command!

 

Here are some instructions for using the Windows Recovery Console:

 

Windows XP instructions: http://support.microsoft.com/kb/314058 (just type ‘fixmbr’ in the console)

 

Windows Vista instructions: http://support.microsoft.com/kb/927392 (just type ‘bootrec.exe /fixmbr’ at the console)

 

After restoring a known-good MBR to the hard drive, you should be able to start Windows and perform an on-line antivirus scan to detect and remove any of the malware components or any other malware that may have been installed on the system and hidden by the rootkit. You can use the Windows Live OneCare Safety Scanner at http://safety.live.com to perform such a scan. It includes all the signatures for this malware.

 

The main driver makes outbound HTTP connections to a particular hard-coded IP address or domain. We presume this is so that it can receive instructions and/or register with its overseer. It may also be able to receive instructions which allow it to act as an HTTP proxy, or to download and execute further malware. The malware makes similar connections to a number of domains which appear to be pseudo-randomly generated.

 

More information about this malware is available in our virus encyclopedia write ups:

 

VirTool:WinNT/Sinowal.A: http://www.microsoft.com/security/portal/Entry.aspx?name=VirTool:WinNT/Sinowal.A

 

VirTool:WinNT/Sinowal.B:  http://www.microsoft.com/security/portal/Entry.aspx?name=VirTool:WinNT/Sinowal.B

 

PWS:Win32/Sinowal.gen!C:  http://www.microsoft.com/security/portal/Entry.aspx?name=PWS:Win32/Sinowal.gen!C

 

PWS:Win32/Sinowal.gen!D:  http://www.microsoft.com/security/portal/Entry.aspx?name=PWS:Win32/Sinowal.gen!D

 

Support

•	Customers in the U.S. and Canada can receive technical support from Microsoft Customer Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.
•	International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit International Help and Support.

 

-- Robert Hensing and Scott Molenkamp

 

This is a case where the Microsoft Malware Protection Center (MMPC) worked closely with the Microsoft Security Response Center (MSRC) to analyze the threat and develop guidance and mitigations. Rob "EL CONQUISTADOR" Hensing (Microsoft Security Technology Unit) and Scott Molenkamp (Microsoft Malware Protection Center, Australia) contributed to this blog in an effort to share this information with customers and partners.