You don’t need to get distracted by the mechanics of presenting a slide show. Learn just a few shortcuts and you can focus on your audience and your message instead.

Remembering keyboard shortcuts is tough enough when you’re working on some no-pressure project at your desk. Get in front of an audience, and your mind may go totally blank. Your focus needs to be on the material you’re presenting and how you’re connecting with your audience — not on ” How do I back up to the previous slide?” That’s why it’s a good idea to pick a handful of the most useful shortcuts and make them second nature. When you find yourself delivering a presentation via the keyboard, these shortcuts will see you through.

August 9th, 2008

Posted propecia discounts by Adrian Kingsley-Hughes

So, in a stroke, two security researchers (Mark Dowd of IBM and Alexander Sotirov or VMware) at Black Hat have set browser security back 10 years and rendered Vista’s security next to useless (PDF of paper here – site currently Slashdotted …).

Some random thoughts in no particular order …

• First off, I’m surprised that it took this long for the walls to come tumbling down, but I have to admit I didn’t expect all of them to come down at once like that! After boasting about Vista’s heightened security, Microsoft is now left with a serious amount of egg on its face.
• While there’s a lot of cool stuff discussed in the paper, many of the vulnerabilities come down to running insecure applications. Not only does Microsoft need to up its game, it needs to get developers who are pumping out applications to do the same.
• The sky isn’t falling in, but this does make things a lot easier for the bad guys.
• You can’t trust software to protect itself, and we need to combine hardware and software. One example – under Vista DEP (Data Execution Prevention) isn’t enforced well enough. It’s only partially enabled and if switched fully on too many applications fail. This is unacceptable. I’m sure that DEP isn’t perfect either, but it’s another layer that hackers have to get through.
• It’ll be interesting to see how Microsoft spins this. The paper has huge implications and fixing these issues is going to be tricky. Given how long we can expect Vista to be around I expect that Microsoft will try to fix things in a future service pack. These issues are going to haunt Windows for years.
• Where does this leave Windows 7? I would have expected Microsoft to have ported the security features from Vista into 7, but this paper kinda makes that obsolete. If Microsoft is going to make a stab at fixing these issues then this could very well delay Windows 7.
• Now that Vista’s defenses have been crippled, we’re back to relying on third-party security applications to detect malicious code … some things don’t change.

[UPDATED: Source code here.]

[UPDATE: Since Ed Bott has picked up on this issue and has disagreed with some point I made, I’ll post my response to his post here too:

… I know you read the paper because I sent you the PDF, but it seems you failed to notice a few things.

You accuse me of “alarming oversimplification” with the “set browser security back 10 years” quote yet you seemed to have overlooked that the authors themselves used that has the sub heading to the paper.

Also, you seem to emphasis that Vista’s memory protection features were supposed to make attacks “more difficult,” not “impossible”(a viewpoint that I agree with) but you don’t follow on from that to the logical conclusion of this paper – that these defenses have, in part at any rate, been undone so the “more difficult” argument is now quickly becoming moot.

Also, you seem to have been selective in choosing quotes. From page 1 of the paper:

“We aim to show that the protection mechanisms in Windows Vista are particularly ineffective for preventing the exploitation of memory corruption vulnerabilities in browsers.”

And the paper goes on to back that up … in spades. This isn’t an issue about defense in depth, it’s about the quality of those defenses. From the paper again:

“Since real-world exploitation requires
bypassing multiple memory protections, we will present several ways in which these techniques
can be combined to achieve remote code execution.”

Defense in depth is a non-starter if the bad guys can bypass enough of them to achieve their nefarious goals.

You said: “If you read the authors’ actual words, not the sensationalist and wildly inaccurate news accounts, you get a completely different story.”

Quote directly from the paper:

– “Setting back browser security by 10 years”

– “We aim to show that the protection mechanisms in Windows Vista are particularly ineffective for preventing the exploitation of memory corruption vulnerabilities in browsers.”

– “The design and implementation of the memory protection mechanisms in Windows have a number of limitations that reduce their effectiveness.”

– There are dozens more to choose from … but I think that the conclusion is worth repeating: “In this paper we demonstrated that the memory protection mechanisms available in the latest versions of Windows are not always effective when it comes to preventing the exploitation of memory corruption vulnerabilities in browsers. They raise the bar, but the attacker still has a good chance of being able to bypass them.” … defense in depth shot down in flames.

You said: “One of the biggest targets of the work by Sotirov and Dowd is Address Space Layout Randomization (ASLR).”

GS, SafeSEH, heap protection and DEP are also covered. These are separate from ASLR.

You said: “The idea that they’ve been completely blindsided by the revelations in a single Black Hat paper and that they’ll have to scrap the entire architecture of the Windows platform is naive, to put it charitably.”

Good for Microsoft, Ed, but tell me how this helps me in the now better protect systems?

Sure, this paper doesn’t foretell of the apocalypse, but it’s enough for me, personally, to begin asking myself which OS is best to protect me and mine from the bad guys out there.

Link to Ed Bott’s post.]

[UPDATED: Bruce Schnier’s take on this. Three words: “This is huge.”

Now when it comes to this kind of stuff, Schneier is one of the smartest on the planet, and when he speaks, I for one am going to sit up and pay attention.]

[UPDATED: Further commentary by Schneier:

“Here’s commentary that says this isn’t such a big deal after all. I’m not convinced; I think this will turn out to be a bigger problem than that.”

Again, I have to choose a side to believe here (Schneier vs. Ars Technica), I’m siding with Schneier.]

Before

After

It's sometimes normal to end up with bad spots on your photos because of dust that collected on your camera’s sensor. Luckily, you can use Photoshop Lightroom to remove those dust spots and make your photos look like new. It's very quick and easy, so let's get right to it! Just follow the tips below to clean up your photos:

1.) First, you need to pick your picture. The worse the picture is, the better the procedure will go.

2.) Open Photoshop Lightroom and highlight Develop Module. Use the Remove Spots tool right below your photograph and select Heal. Once that tool is activated, point it to the dust spot on your picture and left click. Photoshop Lightroom will then make that the default "heal spot" location that you can apply to any photo that has a dust spot in the same place. If you want to tweak the location a bit, you can drag the circle around until you find the best healing spot. You can then repeat the same procedure for any other dust spots visible on your images.

3.) Once all the spots have been selected and healed, you’re ready to apply the changes to any other photos you have. Even while selecting the edited image, you can highlight the other images you want to correct with the slider bar at the bottom. While holding down the Ctrl key, you can select individual images. Once you’ve selected all the images you want to clean up, you can click on Develop and then Sync Settings.

4.) Go to the Synchronize Settings screen and check the box that says Dust Removal. Then click on Synchronize. Depending on the number of images, propecia discount dust spots and the speed of your computer, Photoshop Lightroom will take anywhere between a few minutes to an hour to erase all the marks.

5.) Even though the automatic healing spot is located in every picture, you have room to change the location for each individual image. All you need to do is select the Remove Spots tool as you click through every image. Once you do that, you're given the option of moving the heal location at will. That means, you don’t need to create a new healing spot. You only need to adjust its location for every individual image. Happy dusting!

Outlook can call your cell phone! Now, you might wonder why you’d bother, but it’s a convenient way to send phone numbers, short messages, reminders, and other important stuff to your cell phone so you can store it or share it. For instance, you might send a new client’s phone number and address to your cell phone, just in case you get lost or stuck in traffic.

Of course, you don’t have to use Outlook to send e-mail to just your own cell phone. You can send e-mail to anybody, as long as their cell phone supports Short Message Service (SMS). Fortunately, it’s a truly simple process:

Below is a list of the major carrier domains:

If you don’t know the cell phone’s service carrier, visit whitepages.com or phonenumber.com/reverse-phone, and enter the 10-digit cell phone number using the reverse lookup feature. If you’re lucky, it’ll list the carrier. If the carrier’s domain isn’t listed above, check its Web site.

Keep in mind that text messages aren’t always free. The recipient might be charged for the message.

propecia direct alt=”Absolute Color Picker” title=”http://ct.zdnet.com/clicks?t=70670076-fcda8243b2af06197976dd4e0ab0dea0-bf&brand=ZDNET&s=5″ width=”130″ height=”110″ align=”left” style=”margin-bottom: 0px; margin-right: 7px” /> Absolute Color Picker is freeware that lets you select a color anywhere on your screen or by means of various color models and convert it into HTML-based hexadecimal representation.
License: Free
OS: Windows 95/98/NT/2000/XP/2003 Server