Cool Tech Reviews

Netcraft reports that MySpace accounts are at risk from a phishing attack that uses MySpace’s own servers:

Netcraft has discovered that the social networking site, MySpace, appears to have been compromised by phishers who have presented a spoof login form on the main site. This modified login form is designed to submit the victim’s username and password to a remote server hosted in France.

(screen shot)

Netcraft has notified MySpace of the issue, although it currently remains live. Because the fraudulent login page is hosted on MySpace’s own servers and does not exhibit any signs of external content, such as cross-site scripting (XSS) or open redirects, it is convincing and even security-conscious users are at risk of becoming victims. The attack is launched from a profile page, where the username is login_home_index_html, and uses specially-crafted HTML in order to hide the genuine MySpace content from the page and instead display its own login form.

More details and the screenshots by following the link, but Netcraft provides a well-regarded, free browser tool bar for IE and Firefox that prevents phishing vulnerabilities including this one via a community reporting process.

As for MySpace, this is yet another peril of allowing users to have in depth control over their own Web space.

Creative has a new software update for some of its Zen personal media players with an interesting property - it disables an advertised feature of the player. Ed Oswald explains at BetaNews:

Creative has apparently bowed to RIAA pressure, issuing a firmware update for two of its players that removes the FM recording feature. In the past, the music industry has argued that recording from radio broadcasts hurt music sales, and has most recently attempted to stop satellite radio services from implementing similar features.

Specifically, the firmware change affects the company’s Zen MicroPhoto and Zen Vision:M players. In the release notes, Creative gives no reasoning for the change other than saying “this firmware removes your player’s FM recording feature.”

The change overshadows other enhancements, including support for Audible Type 4 tracks, the addition of a volume restriction feature, and enhancements to the user interface and usability. But many customers may be less apt to apply the update in order to save the FM recording functionality.

I’m sure the customers can hardly wait to apply the update. Worse yet is the speculation that:

As far as I know, this is something that many companies will have to remove from their players due to RIAA regulations.

I thought it was settled a long time ago in law (in the USA, at least) that end users were permitted to record broadcast music for personal use, but I guess that doesn’t prevent the recording industry from leaning on the hardware manufacturers. Frankly, nothing the recording industry does can surprise me anymore - if they had their way consumers wouldn’t be able to own any device capable of audio or video recording.

Cheap phone calls are a little off my beaten path, but I was interested in the story of Futurephone:

The first question most people seem to ask when they hear about Futurephone.com is: What’s the catch?

It turns out there really isn’t much of one. Eventually — though not yet — you’ll have to listen to a short commercial before your call goes through.

Futurephone, a California startup company, has, for the last three weeks, been offering you the chance to call a number in Iowa, then enter a number you’re trying to reach in any of 50 other countries, and — bingo — you’re on the phone to Shanghai. Or Warsaw. Or Christmas Island.

We tried it, and it works. You call 712-858-8883, and a recorded voice answers, inviting you to hear brief instructions in English, Spanish or Chinese. Then you dial 011, the country code (51 for Peru, for instance, or 359 for Bulgaria) and the local number. If someone is there and awake to answer at the other end, you can talk to the other side of the planet — for whatever it cost you to make a call to Iowa.

What makes it all work is that the price of phone calls has been dropping dramatically, particularly since Futurephone uses VoIP to route the calls. They figure that they can make enough selling 10 second ads before each call to pay for the call and make a profit.

As for the Futurephone phone number in Iowa:

Where, by the way, are you calling when you reach 712-858-8883? It turns out to be an exchange in Superior, Iowa, a town of 142 people on the Iowa-Minnesota border. But Doolin says that’s simply a number his firm was able to use to route calls inexpensively.

More details at the Futurephone website.

As Apple’s iPod continues to dominate the personal media player market, competitors are trying just about everything to get some market share from new form factors to new features like the odd Wi-Fi sharing in Microsoft’s Zune. One new entrant is Samsung’s YP-K5 personal audio player with built-in speakers!

David Pogue at the NY Times:

The K5 costs $210 for a model with 2 gigabytes of memory (about 500 songs’ worth) or $260 for a 4-gig model. That’s roughly $50 more each than the corresponding iPod Nano models. Is Samsung out of its mind?

No, because the K5 has a very big ace up its sleeve: built-in speakers.

Held in your hand, the K5 looks like a black triple-thick iPod Nano (3.8 by 1.8 by 0.7 inches). It turns out, though, that it’s that thick for a reason: what looks like a shiny black slab is actually two slabs, ingeniously connected by a sliding hinge. When you push against the edge, the halves slip apart; the previously concealed bottom half reveals a silver speaker grille. At this moment, the K5’s screen image rotates 90 degrees, so that the display is upright when you set the whole thing down on a desk or table.

In that position, it looks like a cross between a teeny tiny laptop and an itty bitty boom box.

Because that’s what it is right now: a boom box.

And the surprising thing is that the speakers apparently aren’t bad at all, although you aren’t going to rock the house with them.

Even so, these are the best one-inch speakers you’ve ever heard — much better than, say, the music-playing cellphones that pass for audio equipment these days. There’s enough power to fill a room with background music, for example.

Other features include an FM tuner, spiffy display and controls, and a built-in alarm clock. Yes, you can have the K5 wake you up with your preferred tunes. One thing to note is that while battery life is rated at 30 hours with the ear phones, it is reduced to 6 hours with the speakers on which I still don’t think is too shabby.

Pogue ends up a little bit ambivalent about the K5, but Gizmodo and CNET have quite favorable reviews and everyone gives Samsung credit for thinking outside the box.  I tend to think of the K5 as achieving music sharing the old fashioned way without the disappointing Wi-Fi rigmarole implemented in the Zune.

Google has always had a number of Gadgets available to spiff up your Google HomePage or Desktop, but they are now making them available to website owners to dress up their pages:

Google Gadgets are miniature-sized objects that offer cool and dynamic content that can be placed on any page on the web. A directory of “Google Gadgets for your webpage” is now available for webpage owners everywhere to browse and select gadgets for their own pages, at http://www.google.com/ig/directory?synd=open.

“Now anyone can have a great-looking website with automatically updating content,” said Adam Sah, Google Gadgets Architect. “By making Google Gadgets available for you to add to your webpage, we’re working to connect developers with enthusiastic consumers and to make information universally accessible and useful to the individual user.”

With almost no effort and at no cost, webpage owners can add complex, dynamically updating content to their own websites using Google Gadgets. Because there is such an enormous variety of Google Gadgets to choose from, webmasters also have a great deal of freedom to select only the gadgets that will best complement their own page. There are games, news clips, weather reports, maps, and more.

There are over 1200 of the Gadgets (most provided by 3rd parties) and I suspect the biggest problem is figuring out which ones to choose.  Below are a few that amused me, but I do have to note that loading speed will vary since they are hosted on the 3rd party websites. You may have to refresh the page a couple of times to see all three Gadgets that I have embedded. Also, they seemed to interact oddly with my stylesheet and I wasn’t able to control the heights of the windows as you can see. (Update: that problem now seems to be fixed.)