Windows “Shortcut” Bug Code Made Public

According to a security researcher – all versions of Windows Operating system contains a serious bug, which may result in critical vulnerability of your system. The bug is present in the latest Windows7 service packs as well as on older versions of Windows, PC World reports.

Microsoft issued a security advisory on Friday which discusses how hackers can use a shortcut file ending with a .ink extension to automatically run their scripts (read malware) by letting the user view the contents of a folder containing the shortcut.

The researcher, who is better known as “Ivanlef0u”, published proof of the concept code to several locations on the internet. His work was later confirmed by a Belgian researcher Didier stevens, who said that Ivanlef0u’s code can be used to create an effective malware attack on any Windows operating system.

Stevens announced in a blog post that he had tested Ivanlef0u’s code using his self made tool and that the utility successfully blocks attacks from USB or DVD drives. You can use Ariad if you want to mitigate attacks with these shortcut links until Microsoft releases a patch, said stevens.

While Steve’s tool can be effective in blocking executable files from removable drives, it is not meant for rookie users who do not understand the working of the application. This is because Steve’s tool is a mini filter drive and works inside the Windows kernel, causing disturbance in the kernel can have grave consequences.

To defend users from such malicious USB attacks, the US Computer readiness team added an article which reads:

By convincing a user to display a specially-crafted shortcut file, an attacker may be able to execute arbitrary code with the privileges of the user. Depending on the operating system and AutoRun/AutoPlay configuration, this can happen automatically by connecting a USB device. This vulnerability can also be triggered by viewing a web page with Internet Explorer or opening a document with Microsoft Office.

Disabling the autorun and auto play feature is a solution but not all computer users are security experts. Millions of people don’t know about such security holes and it would be better if Microsoft could come up with a patch or something. Wait!, they already stopped the security updates for older versions of Windows?

Now who is going to answer such concerns?

TweetMeme Announces Pro Retweet Buttons

Here is some good news for bloggers who use the Tweetmeme button for promoting their blog posts on Twitter. Tweetmeme has recently added a pro feature, you can now upgrade to Tweetmeme pro for $1000 a year and get added features on the Tweetmeme Retweet button.

According to Tweetmeme, here are the added features in Tweetmeme pro buttons:

  1. You can add up to 10 UTM tracking tags within the pro retweet button, this will be useful when you want to track Twitter traffic in a variety of more ways.
  2. The design of the button can be customized to match with your site’s template.
  3. You can further customize the design of the pop up box, the one which opens when someone clicks the Retweetbutton on your blog posts.
  4. Better performance, dedicated servers to ensure your button is up and working.
  5. Accurate Retweet counts.
  6. Support for hash tags and URL shortener, this includes integration with Bit.ly Pro much awaited.

Here is an example image of the Tweetmeme pop up box, the logo really adds the branding you have always wanted.

new-tweetmeme-pro-buttons

There are 3 pricing plans to start with, the basic plan will cost you $1000 a year and up to 500,000 buttons served every day. The Pro plan will cost $2000 which will serve up to 2,000,000 buttons every day. The enterprise plan is $5000 a year, will serve unlimited number of buttons every day.

I think the regular Tweetmeme button does a fine job, however if you need all the advanced customizations and URL tracking with UTM tags you may switch to Tweetmeme pro. I am quite surprised to see that there are no monthly plans for Tweetmeme Pro, this would have allowed publishers with a small budget   test the advanced buttons.

More information is available at the Tweetmeme blog.

What’s Your Facebook Story ?

Yesterday, Facebook announced that now the world’s biggest social networking site has more than 500 million users. Guess what? The site now wants you to share your Facebook story with everyone else.

To share your Facebook story, head over to the application page at stories.facebook.com and you will see a world map, powered by Bing maps:

share-facebook-story

Hover your mouse over a city and you will be able to read stories shared by other Facebook users from the same city. You can Likea story or share it with your friends using the Share button.

share-facebook-story1

The user generated stories can also be explored from the Themestab, you can sort stories from dozens of themes e.g   Love, Friendship, University, Travel and so on.

share-facebook-story3

The Facebook blog reports that the stories application has been launched to celebrate all the amazing ways people use Facebook nowadays.

To write your Facebook story, simply fill out the form at the bottom of the page, pick a theme and you will be able to share the story in the application and with your friends via the News feed.

This Stories application will surely create much hype, lots of users will jump right in and share their Facebook story with friends and family. There is more, a team from Facebook will be hitting the open road in the U.S. to meet the people, towns and organizations behind these stories in the first Facebook Stories road trip.

What’s your Facebook story?

Webby Wednesdays: Edit PDF Documents Online, Create Beautiful Slideshows and Share Ideas on an Online Whiteboard

Welcome to Webby Wednesdays – a brief compilation of some web services which we found useful during the course of this week.

PDFEscape: Edit PDF Documents Online

When you want to edit a PDF document, you are in a fix. This is because you might not have a PDF editing program installed in your computer. Yes, there are tons of software available to edit PDF documents but why install another software when you can edit a PDF document online.

Thanks to PDFEscape, editing PDF documents is really easy and quick. The site lets you upload PDF documents from your computer and then opens a browser based editor where you can modify the content of the document. You can add text and sticky notes to the PDF document and highlight specific areas using arrows and objects.

After the editing is complete, the site lets you download the modified document to your computer. This is extremely useful when you need to edit a PDF document urgently and don’t have the time to download a PDF editing software. Apart from uploading documents from your computer, you can also fetch a document from a publicly accessible web URL.

No registration is required to use PDFEscape and it’s completely free to use. Only one limitation the file size of the document must not be greater than 2 MB.

edit-PDF-docs-online

Thanks to Himanshu for the tip.

Kizoa: Create Stunning Slideshows in Minutes

Kizoa is a brilliant online slideshow service which lets you upload photos from your computer and turn them into a slideshow. Then you can transitions and cool sound effects or play a background music, perfect when you want to organize your memories and add a fun element to it.

create-slideshows-online

Besides the slideshow, Kizoa also have a rich image editor which can be used to edit your images online. You can apply filters, resize or flip the images, crop them and then use them in a slideshow. Once the slideshow is up, you are provided an embed code which can be added to your blog or website. (see example)

Sneffel: Share your Ideas on an Online Whiteboard

Sneffel is a very unique web service which lets you create an online whiteboard for idea sharing. You can create a Sneffel boardand invite collaborators to your board. Then the entire team can write or draw on the board, as if they were working on the same document. The content of the board is updated in real time, so all the members can easily share their thoughts and ideas.

Sneffel lets you add the Sneffel board to your blog or website via an embed code. This feature may be useful for personal blogs, you can add a Sneffel board to your blog and let your visitors draw or write anything on it. Pure fun !

Suggest a Site

We are constantly looking for new startups, web services and cool tools which help you achieve online tasks more easily and efficiently. If you have found a very cool service or a web tool, why not share it with us by filling up this form.

Yahoo Will Soon Test Bing Powered Search Results, Both Paid and Organic

Yahoo is soon planning to embrace Bing and power a percentage of live Yahoo search using Microsoft’s search engine. According to a blog post from Search Engine land Yahoo sent an email discussing some of the organic Yahoo to Bing transition topics that are on the mind of their advertisers.

Yahoo has confirmed that they are testing the Bingpowered results offline and soon they will be testing the same in the live search results. The email wrote:

Though much of our testing is already happening offline, this month we’ll also test the delivery of organic and paid search results provided by Microsoft on live Yahoo! traffic.

The testing will be impaired on both paid and organic search queries and Yahoo says that the testing volumes will fluctuate during this period. The paid volume will be low on the first weeks, this is to ensure proper ROI of the advertisers.

Hence, if you go to Yahoo and perform a search, chances are that you will see search results powered by Bing. The testing period will last for two months and end on September.

Seorountable found a thread at Webmasterworld which consists of a presentation video by Yahoo and Microsoft of the transition timelines for Bing to begin powering Yahoo on both the organic and paid side of search. Here is a slide from the presentation:

yahoo-bing-powered-results

The Bing powered results will be implemented on both paid and organic search queries and if the experiment goes as planned, Yahoo plans to power 30% search queries using Bing.

Apple Buys Canadian Mapping Company, Trying a Google Earth Alternative ?

Looks like Google Earth is soon going to face tough competition from a strong rival. Apple has just bought a Canadian mapping company named Poly9. The company specializes in interactive 3D software designed to be used in browsers.

Poly9 (read Apple’s Google Earth) is a very lightweight program which uses only 303 kb of your browser’s memory. The application is cross platform, does not require any download and can run from your iPhone as well. The interface consists of a spinning 3D globe with comprehensive satellite imagery.

poly9

A report from the Apple insider blog reports that Poly9 was purchased “recently” by Apple, though the official confirmation has not been given. The office was closed a few weeks ago and all the employees were asked not to discuss anything regarding the agreement. The company has earlier worked with popular brands across the globe – this includes Microsoft, Yahoo, MSNBC, NORAD   to name a few.

Although Apple has snatched the Canadian company under their grip, there are some companies and web applications currently using the Poly9 technology. A very good example is Skype

[ via Gizmodo ].

Google Maps Gets Integration With 20 Car Brands

Three years ago, Google experimented the Send to Carservice of Google Maps with BMW. On today’s date, more than 20 brands support the Send-To-Car option for Google Maps. That’s a fantastic news for both the drivers and automotive industry.

If you are in US and own a Ford, Lincoln, Mercury enabled with Ford Sync, you can now send business listings or addresses found on Google Maps directly to your car. Other brands are also down the line, some of the very popular being Chevrolet, Buick, Cadillac, GMC, Hummer, Pontiac, Saab to name a few.

Watch the following video to see the GM Service in action

With the Send to Carservice enabled, drivers can use their car maker’s navigation system to be guided to their selected destination. What’s interesting to note is that drivers can send selected destinations from Google Maps to their connected vehicles in 19 different countries !

This is a really useful feature, if you don’t know the route to some place in an unknown city, you can use Google Maps to your advantage. Browse through Google Maps on your computer or mobile, prepare the route and send it to your car. Not only your ride will be hassle free, you don’t have to stop the car in every signal and ask passers by about the correct route to your destination.

[Via Google latlong ]

Display Registered and Non Registered Hotkeys in Windows With ActiveHotKeys

[Windows only]: Hotkeys are great, they save a lot of time in doing a variety of tasks in Windows. We have already discussed Clavier, a free utility which lets you define custom hotkeys in Windows programs.

But there are some things to take note, if you want to be a keyboard ninja with Windows applications. First, you have to remember all the hotkeys associated with different programs by heart. This is next to impossible, considering the fact that you use a wide variety of applications in Windows. Writing the hotkeys on paper or printing out cheat sheets is certainly not recommended.

The second problem is to find which hotkeys are already registered and which key combinations are available for use. As for example, Win + D is the hotkey for showing the desktop. It’s already registered with Windows and you can’t use the same combination in any other program.

ActiveHotkeys is a nice little program for Windows which lets you view all the registered hotkeys for different applications. The application detects what global keyboard shortcuts (hotkeys) are currently registered on the computer by various applications. This helps you determine which hotkeys are in use, and which are still available.

Download ActiveHotkeys

The program is portable, thus you don’t have to install anything. Just Unzip the package and double click on ActiveHotKeys.exe to start using the program. Here is how the program interface looks like:

activehotkeys

The left pane lists all the possible modifier keys and key groups which are available for use as keyboard shortcuts. Just select a checkbox and click Test Active HotKeysto view all the registered and non registered hotkeys for that key combination.

For example: I use SNAGIT screen capture program and the keyboard shortcut to capture a snapshot of my desktop is Control + Shift + P. When you perform a test for the Control + Shift key combination, you will see which hot keys are available for use and which key combinations are reserved for other programs. Here is the output which I got:

find-active-hotkeys

In the same way you can perform checks on different key combinations and see which applications have reserved a specific key combination. All in all, ActiveHotKeys is a must use utility for anyone who uses keyboard shortcuts and wants an easy way to list all the available/active combinations.

Techie Buzz Verdict

The Application works perfectly in Windows but there is just a small issue. When you are testing a specific key from ActiveHotkey interface, the key is temporarily disabled to be used in any other program. You have to first quit ActiveHotkeys and then you will be allowed to use that key. For example: If you are testing all key combinations for the Shift key, you can’t use the Shift key in other programs.

Techie Buzz Verdict: 4/5 (Excellent).

Use MDownloader to Quickly Download Files From File Hosting Services

There are quite a good number of file hosting services out there which lets users host large files and share the download link with anyone. Some of the very popular file hosting services are Rapidshare, Megaupload, Snapfiles where you have certain limitations and have to wait for a timer to complete before you can start to download any file.

All these file hosting services are great but there are some disadvantages. The first disadvantage is on the download limitation, you can complete a maximum of one or two downloads in the time span of 24 hours. Another disadvantage is when you are downloading a large file using a browser and there is a power cut or something, your download crashes in the middle.

Hence I have made a switch and now use a full featured desktop app for downloading large files from free file hosting services.

MDownloader is a free utility for Windows which lets you download files from most of the file hosting services. You can download multiple files in one go, don’t have to wait for the timer to finish, don’t have to fill up those boring captchas and can schedule downloads at your convenience.

The application works just the same way as other download managers grab the download links, put them in the queue and hit the Downloadbutton. There is a quick paste button available at the MDownloader toolbar which lets you quickly paste URL’s from Windows Clipboard. The best thing about MDownloader is that you can pause and schedule downloads when you want. This is really helpful when you do not want to stay awake just because a file download is in progress.

Apart from downloading files, MDownloader can also be used to upload files to several file hosting services. You can also use the RSS monitor function in MDownloader to monitor a list of RSS feeds for newer downloads and selectively download the files you want.

Techie Buzz Verdict

MDownloader is a very useful application for downloading files from file hosting services. The program requires .NET Framework to be installed on your system and works perfectly in Windows XP, Windows Vista and Windows 7.

Techie Buzz rating: 4/5 (Excellent).

Webby Wednesday: Convert Partial RSS Feeds to Full Text, Get Free Clipart and View Lyrics of a YouTube Video

Welcome to Webby Wednesdays – a brief compilation of some web services which we found useful during the course of this week.

OpenClipArt.org: Get Free Clipart

If you write a blog, one of the major concerns is avoiding copyright infringement. Copyright violation can arise due to duplicate content which includes using text or images from other sources and not giving the source it’s due credit. While it’s easy to avoid copyright issues by writing the text part yourself, it’s not exactly the same with images.

When you want to use an image in your blog post, you have to search the web and find an image from any other website or blog. Unfortunately, most of the images you find on the web are not labelled with a clear message that says who it belongs to.

Thanks to sites like Openclipart.org finding free clipart has never been such easy. Every image in the site is completely free, you can use their images in anything you publish.

They also offer several packages loaded with all of the clipart from the entire website. These can be downloaded in a couple of different formats.

FiveFilter: Convert partial RSS Feeds to Full Feeds

There are plenty of blogs who offer a partial RSS feed of their blog posts. When you subscribe to the partial feeds, you can read only an excerpt of the blog post from your RSS reader. This can be irritating because you have to click the link and visit the website to read the full blog post.

If you are a blogger and read a lot of blogs everyday, it would be a good idea to convert the partial RSS feeds to full text feeds. Thanks to FiveFilter, converting feeds is now just a few clicks away.

To use the service, all you have to do is visit this page and enter the URL of the feed in the Feed URLtext field as shown below:

Then hit the Create Feedbutton and you are done. FiveFilters will convert the partial feed to full text feed and show you a link to the full feed, grab that link and subscribe in your news reader. The site also offers a handy bookmarklet, Just drag and drop this link in your Bookmarks toolbar. Whenever you come across a partial feed, click this bookmarklet and the feed will be converted to a full text RSS feed automatically.

TubeOke: View YouTube Video and Lyrics Side by Side

While watching a video at YouTube, you might want to perform a Karaoke. You may want to read the lyrics of a song and sing it with the music. TubeOke makes this possible by showing the lyrics of the song in the same page where the video is played. Works quite simple just go to the site and search for an artist or a song name.

Hit Searchand the lyrics of the song will load in the same page, thus allowing you to read the lyrics and view the video simultaneously.

Suggest a Site

We are constantly looking for new startups, web services and cool tools which help you achieve online tasks more easily and efficiently. If you have found a very cool service or a web tool, why not share it with us by filling up this form.