The Worst Windows Flaws for The Past Decade

June 25, 1998, and June 30, 2008, marked two important milestones in Microsoft’s evolution of the Windows OS — the passing of the torch from Windows 95 to Windows 98, and the less seemly transition from XP to Vista.

In the 3,659 days between, users of Windows have been forced to bear witness to another evolution of sorts: bugs that left Windows open to exploits that appeared almost as fast as you could say, “On the Origin of Species.”

Uncovering — and exploiting — Windows vulnerabilities has made sport for many and careers for many more. Entire industries have sprung up to protect Windows users from previously unknown flaws, while malware authors have matured their practices from juvenile pranks to moneymaking criminal enterprises.

Caught in the middle of this never-ending onslaught is the innocent PC user and the besieged IT admin. And though Microsoft and the entire software industry have labored tirelessly to handle zero-day exploits and to develop protocols for reporting potential security problems, we’ve seen and experienced several colossal security meltdowns thanks to the humble Windows bug.

These errors, buried in millions of lines of code, have steered great corporations and turned the tide of fortunes. It’s high time they got the credit they deserve. Here are the worst Windows flaws we’ve endured since the introduction of Windows 98.

Password “password” would have been more secure
Bug identifier: VCE-2000-0979, MS00-072
Description: Share Level Password vulnerability
Alias: Windows 9x share password bypass
Date published: Oct. 10, 2000

Windows 9x introduced a nifty little concept wherein users could host a password-protected mini file server, aka a share, on their PCs. The idea was simple: Allow users of networked computers to host and share files securely. Only the padlock Microsoft used to lock the door came equipped with a gaping hole that rendered it useless.

“When processing authentication requests for a NetBIOS share, Windows 95/98 would look at the length of the password sent by the attacker and then only compare that number of bytes to the real password,” writes vulnerability expert H.D. Moore, who manages the Metasploit Framework project.

Oops. “This let the attack specify a password of zero bytes and gain access to the share,” without actually knowing the password at all, Moore explains.

“The real damage,” he continues, “was that by trying all characters of incrementing lengths, they could literally obtain the password for share from the server.”

If there’s one thing we’ve learned from the past decade of Microsoft patches, it’s that not everyone keeps on top of them. When Microsoft published this particular advisory, the patch that fixed the problem (MS00-057) had already been released two months prior.

With this bug, if you knew the layout of a Microsoft file system — which folders appear where — you could send a command to a Web server that essentially gave you total control.

As anyone who has spent any time using a Windows computer will tell you, it’s not hard to find your way around the hard drive. Documents go in a particular folder path; most applications are put in another folder path; and so on.

By using dots and backslashes (or their respective unicode representations) in the URL, this bug allowed you to navigate up and down the file system and execute commands, just by knowing a few simple rules and how Windows organizes itself. While account permissions for IIS are somewhat limited, a related exploit helped escalate privileges, giving remote users the ability to do whatever they wanted to with Windows servers simply by sending a few URLs.

“Originally found as an anonymous post in the PacketStorm forums, this resulted in nearly two straight years of mass ownage against Windows web servers,” Moore writes.

Upshot: Directory traversal opened up a new world for automated attacks that merely had to call a particular URL to do their dirty work.

Code Red: Deadly bug, disgusting soda
Bug identifier: MS01-033
Description: Unchecked buffer in index server ISAPI (Internet Server API) extension could enable Web server compromise
Alias: The Code Red bug
Date published: June 18, 2001

What happens when you send a ton of data at a Microsoft Web server? If it was the summer of 2001, well, you owned the network. At least that’s what happened a little more than a month after Microsoft released this obscure-sounding patch for IIS Web servers.

he nature of the bug was simple: Take an IIS server, invoke a buffer overflow, and commands spill into other parts of system memory. Because the commands were issued in the context of the system itself, the bug opened up for exploitation virtually all aspects of the server’s operation.

And exploitation happened, all right, on a scale that hadn’t been seen before.

On the afternoon of Friday, July 13, 2001, security engineers at eEye Digital Security received reports of a worm that was spreading rapidly through its customers’ networks. Fueled by a limited edition, crimson, caffeinated, high-fructose corn syrup-based beverage, Mark Maiffret and Ryan Permeh spent a weekend reverse-engineering the worm, and alerted the world to its presence.

What the worm did was probe vulnerable IIS servers, infect them, and create 100 threads of itself, which then spread to other computers. If the date was between the 20th of the month and the end of the month, it would attempt to spew data at http://www.whitehouse.gov. Permeh and Maiffret estimated that the worm could infect approximately 500,000 unique IP addresses per day.

Upshot: Code Red really drove home the importance of patching bugs soon after Microsoft released the patch, because the patches themselves give malware authors clues to exactly where they should look for new vulnerabilities.

Fastest infection. Ever.
Bug identifier: MS02-039
Description: Buffer overruns in SQL Server 2000 Resolution Service could enable remote code execution
Alias: The SQL Slammer bug
Date published: July 24, 2002

While technically not an OS bug, the SQL Slammer bug deserves honorary mention due to the sheer velocity with which vulnerable systems were infected. The bug targeted Microsoft’s database server. Vulnerable computers were subject to buffer overflows that, if properly crafted, could place commands into memory to cause the targeted system to execute those commands with the permissions of the database service.

Patching was complicated by the fact that admins needed to run an earlier patch before they could run the MS02-039 fix. The bug affected primarily corporate server systems, but also affected home users who had MSDE (Microsoft SQL Server Desktop Engine) installed. That made a number of home users, some of whom didn’t even know they had MSDE on their machines, unwitting participants in the carnage to come.

Because the Slammer worm primarily targeted servers running databases, it didn’t infect millions of machines. It did, however, spread rapidly — so rapidly, in fact, that it had infected roughly 9 out of 10 vulnerable machines within 10 minutes of being released on Jan. 25, 2003. The entire worm was only 376 bytes, and fit into a single packet of data.

The MS02-039 bug was “one of the biggest oversights of all time,” says Steve Manzuik, senior manager of security research at Juniper Networks, “not because it was an easy or obvious bug to find — it wasn’t.”

“At the time of the patch, no one realized that every vulnerable SQL installation was also listening on a UDP (User Datagram Protocol) port that they could be exploited over,” Manzuik explains. “Many administrators simply locked down access to the SQL TCP ports while forgetting about UDP.”

A postmortem by the Cooperative Association for Internet Data Analysis revealed that the worm was a model of efficiency, doubling the number of infected systems every 8.5 seconds, and flooding the Internet with so many infection attempts that routers shut down. When restarted, so many routers attempted to update their routing tables simultaneously that normal Internet traffic simply couldn’t get through the gridlock.

Billy Gates, stop making money! Make malware instead.
Bug identifier: MS03-026
Description: Buffer overrun in RPC interface could allow code execution
Alias: The Blaster Worm bug
Date published: July 16, 2003

The DCOM RPC interface is a common component of NT-based Windows OSes, including NT, 2000, XP, and Server 2003. In the summer of 2003, it became the subject of intense scrutiny.

As Microsoft described in the bulletin that accompanied the patch, a successful exploit only required the attacker to send a “specially formed request” to a vulnerable PC — a bit like dangling candy in front of a ravenously hungry baby.

By Aug. 11, the Blaster worm arrived, and though it spread rapidly, it was fairly easy to block with a firewall.

Unfortunately, protecting home systems with firewalls wasn’t common practice at the time. Home users’ PCs — connected directly to the Internet — got whomped by the worm. When the worm’s code crashed the infected computer’s RPC service, the computer would display a message warning of imminent shutdown, and unceremoniously reboot itself.

The worm had another message, this one to Microsoft’s founder, and embedded within its code: “billy gates why do you make this possible? Stop making money and fix your software!!”

But it was fixed. Or at least it would have been if people had patched their systems.

At the end of the summer, Microsoft released a second set of updates in MS03-039 that blocked additional ports that attackers could use to mess with the RPC service.

That sassy bug has a lot of spunk
Bug identifier: CVE-2003-0533, MS04-011
Description: Stack-based overflow in certain Active Directory service functions in LSASRV.DLL
Alias: The Sasser bug
Date published: April 13, 2004

In yet another example of ironic buffer-overflow goodness, this bug made the security subsystem of Windows the agent of evil itself. And, once again, malicious coders used Microsoft’s own patch to figure out exactly where to target the OS.

As Windows XP’s gatekeeper, LSASS (Local Security Authority Subsystem) manages the permissions of a PC’s user accounts. So when eEye — the same company that discovered the Code Red bug — quietly disclosed the details of this flaw to Microsoft in October 2003, it touched off six months of furious coding in Redmond that culminated in a patch that fixed 13 other Windows 98, NT, 2000, XP, and Server 2003 flaws, as well as the LSASS bug.

And, within 18 days, the Sasser worm was cruising the Internet, hopping from one unpatched machine to another. The poorly coded worm wreaked havoc, shutting down networks around the world. Even though a fix was already available, many users — in particular, corporate IT managers — still had not applied MS04-011. By May 1, 2004, work on fixing the unintended damage caused by Sasser had become a round-the-clock operation, says then director of the Microsoft Security Response Center, Kevin Kean, with “a number of war rooms and rotating shifts” for MSRC staffers.

WMF: Wherein malware is foisted
Bug identifier: CVE-2005-4560, MS06-001
Description: Vulnerability in graphics-rendering engine could allow remote code execution
Alias: Windows Metafile vulnerability, aka drive-by downloads
Date published: Jan. 5, 2006

Over the winter holidays in 2005, security researchers began discussing a newly discovered vulnerability in a Windows library used by the OS to display various kinds of graphics in apps and the OS itself.

The problem stemmed from a particular image file format, native to Windows since the days of Windows 3.0, called WMF (Windows Metafile). Used as the native format for storing graphics within Microsoft Office documents, support for WMF was by that point thoroughly embedded into Microsoft products.

WMF files contain function calls that a program sends to the GDI (Graphics Driver Interface). Someone discovered that WMF files can contain executable code as well. This would allow you to, say, create a WMF file that, merely by being viewing, invokes Internet Explorer to visit a particular URL, download a file, and execute that file. Special.

The aftermath of the discovery followed a familiar pattern. Microsoft issued a patch on Jan. 5, 2006, in record time. But for a long while, unpatched computers running vulnerable versions of gdi32.dll roamed the Internet, slurping up mountains of malware.

The bug had far-reaching effects, enabling malicious code to be foisted on unsuspecting users and executed in a variety of ways: previewing an e-mail containing the malicious WMF file in Outlook; viewing an image preview in Explorer; viewing a malicious WMF in certain third-party graphics programs; indexing a hard disk that contained a malicious file; following a URL link in an e-mail, IM, or on another Web page to a site where the malicious file was embedded in the Web page.

MDAC: The component that keeps on giving (headaches)
Bug identifier: CVE-2006-0003, MS06-014
Description: Vulnerability in MDAC (Microsoft Data Access Components) could allow code execution
Alias: MDAC RDS.Dataspace ActiveX bug
Date published: April 11, 2006

Way back in 1998, Microsoft issued a security bulletin about a component of IIS that ran under Windows NT Server called Microsoft Data Access Components. In the bulletin, MS98-004, Microsoft warned that a part of MDAC called the RDS (Remote Data Service) had a vulnerability that allowed unauthorized people to browse databases.

Flash-forward eight years to the spring of 2006. Microsoft released a security bulletin about a component of MDAC called RDS, which has a vulnerability that permits malicious Web servers to perform drive-by downloads against the unpatched PCs of unsuspecting victims. Eerily familar.

In the later case, it was an ActiveX control that allowed users to connect to RDS through IE and wreak havoc. The ActiveX control doesn’t behave as intended, and can be loaded and exploited if you visit the wrong Web site.

Of course, by 2006, MDAC isn’t just loaded on servers; you may have it on your PC. Moreover, the bad guys have changed tactics. No longer content to wait patiently for you to happen upon their malicious Web site, they spam you with links, buy ads based on Google searches, and load their pages with SEO (search engine optimization)-rich keywords. The result, however, is the same: Visit and be exploited.getRelatedBoxOne(“/article/08/10/06/41FE-windows-flaws_5.html”,”spBoxOne”)

In fact, the bad guys are now using off-the-shelf exploit software to put malware onto your machine. A tool called MPack that’s loaded on malicious Web sites can check to see what browser version you’re using and what patches you have installed. Based on this analysis, it delivers the exploits that will do the most damage. More galling is that they don’t even bother to hide what they’re doing, naming the Web page that performs the exploit “mdac4.php.”

Upshot: The MDAC RDS is a complex system, with a multitude of patches available depending on which version you have installed. Manually choosing the right patch can be a complicated task. But with such a serious flaw, you can’t afford to make a mistake. Patches like these have helped push advancements in Windows Update, which scan your system and pick the right patch automatically, so you don’t have to.

Resources and references from http://www.infoworld.com

Internet Explorer 8 Beta 2 is Coming…

More than two years ago, when Microsoft was in the final stages of testing Internet Explorer 7, Bill Gates promised more frequent browser updates, as often as every 9 to 12 months. And yet today, nearly two years after IE7’s release, the long-awaited Internet Explorer 8 has just reached the Beta 2 milestone.

IE8 Beta 2 Features

Accelerators

Accelerators let you efficiently complete your everyday browsing activities like mapping directions, translating words, emailing your friends, and more in just a few mouse clicks.

Common accelerator showing driving directions

InPrivate Browsing

Browse the web without saving your history with Internet Explorer 8’s InPrivate Browsing. Now you can shop for that special gift with confidence knowing your family won’t accidentally find out or use a shared computer without leaving a trace.

The InPrivate button on the Address Bar

Web Slices

Keep up with changes to the sites you care about most. Add a Web Slice and you won’t have to go back to the same website again and again for updates on news, stock quotes, online auctions, weather, or even sports scores. Learn more.

A common Web Slice

Search suggestions

Search smarter with detailed suggestions from your favorite search providers and browsing history. See visual previews and get suggested content topics while you type in the enhanced Instant Search Box.

A search showing visual content

SmartScreen Filter

New security features help to protect you against deceptive and malicious websites which can compromise your data, privacy and identity.

A blocked website because reported as unsafe

Transparent JFrame Background

JFrame not come with the transparent window functionality, but you can try making it by using Java graphics class. The code below is the demo for the transparent frame background. Try the code below if you want to see it.

import javax.swing.*;
import java.awt.*;
import java.awt.event.ComponentEvent;
import java.awt.event.ComponentListener;
import java.awt.event.WindowEvent;
import java.awt.event.WindowFocusListener;
import java.awt.image.BufferedImage;
import java.awt.image.ConvolveOp;
import java.awt.image.Kernel;

public class TransparentBackground extends JComponent
implements ComponentListener, WindowFocusListener, Runnable {

// constants —————————————————————

// instance —————————————————————-
private JFrame _frame;
private BufferedImage _background;
private long _lastUpdate = 0;
private boolean _refreshRequested = true;
private Robot _robot;
private Rectangle _screenRect;
private ConvolveOp _blurOp;

// constructor ————————————————————-
public TransparentBackground(JFrame frame) {

_frame = frame;

try {

_robot = new Robot();

} catch (AWTException e) {

e.printStackTrace();

return;

}

Dimension dim = Toolkit.getDefaultToolkit().getScreenSize();

_screenRect = new Rectangle(dim.width, dim.height);

float[] my_kernel = {
0.10f, 0.10f, 0.10f,
0.10f, 0.20f, 0.10f,
0.10f, 0.10f, 0.10f
};

_blurOp = new ConvolveOp(new Kernel(3, 3, my_kernel));

updateBackground();

_frame.addComponentListener(this);

_frame.addWindowFocusListener(this);

new Thread(this).start();

}

// protected —————————————————————
protected void updateBackground() {

_background = _robot.createScreenCapture(_screenRect);

}

protected void refresh() {

if (_frame.isVisible() && this.isVisible()) {

repaint();

_refreshRequested = true;

_lastUpdate = System.currentTimeMillis();

}

}

// JComponent ————————————————————–
@Override
protected void paintComponent(Graphics g) {

Graphics2D g2 = (Graphics2D) g;

Point pos = this.getLocationOnScreen();

BufferedImage buf = new BufferedImage(getWidth(), getHeight(), BufferedImage.TYPE_INT_RGB);

buf.getGraphics().drawImage(_background, -pos.x, -pos.y, null);

Image img = _blurOp.filter(buf, null);

g2.drawImage(img, 0, 0, null);

g2.setColor(new Color(255, 255, 255, 192));

g2.fillRect(0, 0, getWidth(), getHeight());

}

// ComponentListener ——————————————————-
@Override
public void componentHidden(ComponentEvent e) {
}

@Override
public void componentMoved(ComponentEvent e) {

repaint();

}

@Override
public void componentResized(ComponentEvent e) {

repaint();

}

@Override
public void componentShown(ComponentEvent e) {

repaint();

}

// WindowFocusListener —————————————————–
@Override
public void windowGainedFocus(WindowEvent e) {

refresh();

}

@Override
public void windowLostFocus(WindowEvent e) {

refresh();

}

// Runnable —————————————————————-
@Override
public void run() {

try {

while (true) {

Thread.sleep(100);

long now = System.currentTimeMillis();

if (_refreshRequested && ((now – _lastUpdate) > 1000)) {

if (_frame.isVisible()) {

Point location = _frame.getLocation();

_frame.setLocation(-_frame.getWidth(), -_frame.getHeight());

updateBackground();

_frame.setLocation(location);

refresh();

}

_lastUpdate = now;

_refreshRequested = false;

}

}

} catch (InterruptedException e) {

e.printStackTrace();

}

}

public static void main(String[] args) {

JFrame frame = new JFrame();

TransparentBackground bg = new TransparentBackground(frame);

frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);

frame.getContentPane().add(bg);

frame.pack();

frame.setSize(500, 500);

frame.setLocation(500, 500);

frame.setVisible(true);

}
}

Conway’s Game of Life…

The Game of Life is not your typical computer game. It is a ‘cellular automaton’, and was invented by Cambridge mathematician John Conway.

This game became widely known when it was mentioned in an article published by Scientific American in 1970. It consists of a collection of cells which, based on a few mathematical rules, can live, die or multiply. Depending on the initial conditions, the cells form various patterns throughout the course of the game.

The popular Conway’s Game of Life that we seen all over the internet today mostly written in java applet. But the program below is written in JFrame class. I hope you enjoy it…

import java.awt.*;

import java.awt.event.ActionEvent;

import java.awt.event.ActionListener;

import javax.swing.*;

public class ConwayGUI extends JFrame {

int gen;

int[][] conway = new int[50][50];

String[] speed = {“Slow”, “Fast”, “Hyper”};

javax.swing.Timer timerslow = new javax.swing.Timer(900, new startConway());

javax.swing.Timer timerfast = new javax.swing.Timer(100, new startConway());

javax.swing.Timer timerhyper = new javax.swing.Timer(1, new startConway());

javax.swing.Timer timerStart = new javax.swing.Timer(1, new mula());

public ConwayGUI () {

GUIComponent();

}

private void GUIComponent() {

this.setLayout(new BorderLayout());

this.setDefaultCloseOperation(EXIT_ON_CLOSE);

this.setTitle(“Game Of Life”);

this.setResizable(false);

JP1 = new JPanel();

JP1.setLayout(new GridLayout(50, 50));

arrButton = new JButton[50][50];

for (int i = 0; i < 50; i++) {

for (int j = 0; j < 50; j++) {

final int m = i;

final int n = j;

JP1.add(arrButton[i][j] = new JButton(“”));

arrButton[i][j].setPreferredSize(new java.awt.Dimension(12, 12));

arrButton[i][j].setBackground(new java.awt.Color(128, 128, 128));

arrButton[i][j].addActionListener(new java.awt.event.ActionListener() {

public void actionPerformed(java.awt.event.ActionEvent evt) {

arrBtnActionPerformed(evt, arrButton[m][n]);

}

});

}

}

add(BorderLayout.CENTER, JP1);

java.awt.GridBagConstraints gridBagConstraints;

JP2 = new JPanel();

JP2.setLayout(new GridBagLayout());

clearBtn = new javax.swing.JButton();

nextBtn = new javax.swing.JButton();

stopBtn = new javax.swing.JButton();

startBtn = new javax.swing.JButton();

speedLabel = new javax.swing.JLabel();

speedCombo = new javax.swing.JComboBox();

genLabel = new javax.swing.JLabel();

genField = new javax.swing.JTextField();

clearBtn.setText(“Clear”);

clearBtn.addActionListener(new java.awt.event.ActionListener() {

public void actionPerformed(java.awt.event.ActionEvent evt) {

clearBtnActionPerformed(evt);

}

});

gridBagConstraints = new java.awt.GridBagConstraints();

gridBagConstraints.gridwidth = 5;

gridBagConstraints.insets = new java.awt.Insets(0, 0, 0, 16);

JP2.add(clearBtn, gridBagConstraints);

nextBtn.setText(“Next”);

nextBtn.addActionListener(new java.awt.event.ActionListener() {

public void actionPerformed(java.awt.event.ActionEvent evt) {

nextBtnActionPerformed(evt);

}

});

gridBagConstraints = new java.awt.GridBagConstraints();

gridBagConstraints.insets = new java.awt.Insets(0, 0, 0, 16);

JP2.add(nextBtn, gridBagConstraints);

startBtn.setText(“Start”);

startBtn.addActionListener(new java.awt.event.ActionListener() {

public void actionPerformed(java.awt.event.ActionEvent evt) {

startBtnActionPerformed(evt);

}

});

JP2.add(startBtn, new java.awt.GridBagConstraints());

speedLabel.setText(“Speed:”);

gridBagConstraints = new java.awt.GridBagConstraints();

gridBagConstraints.gridwidth = 3;

gridBagConstraints.insets = new java.awt.Insets(0, 21, 0, 0);

JP2.add(speedLabel, gridBagConstraints);

speedCombo.setModel(new javax.swing.DefaultComboBoxModel(speed));

speedCombo.setSelectedItem(speed[0]);

gridBagConstraints = new java.awt.GridBagConstraints();

gridBagConstraints.gridwidth = 4;

gridBagConstraints.insets = new java.awt.Insets(0, 11, 0, 0);

JP2.add(speedCombo, gridBagConstraints);

genLabel.setText(“Generation:”);

gridBagConstraints = new java.awt.GridBagConstraints();

gridBagConstraints.insets = new java.awt.Insets(0, 16, 0, 5);

JP2.add(genLabel, gridBagConstraints);

genField.setColumns(7);

genField.setEditable(false);

JP2.add(genField, new java.awt.GridBagConstraints());

add(BorderLayout.SOUTH, JP2);

pack();

}

private void clearBtnActionPerformed(java.awt.event.ActionEvent evt) {

genField.setText(“”);

gen = 0;

for (int i = 0; i < 50; i++) {

for (int j = 0; j < 50; j++) {

arrButton[i][j].setBackground(new java.awt.Color(128, 128, 128));

}

}

}

private void nextBtnActionPerformed(java.awt.event.ActionEvent evt) {

neighbor();

}

private void startBtnActionPerformed(java.awt.event.ActionEvent evt) {

String str = startBtn.getText();

if (str.equalsIgnoreCase(“Start”)) {

timerStart.start();

startBtn.setText(“Stop”);

clearBtn.setEnabled(false);

nextBtn.setEnabled(false);

} else {

timerStart.stop();

timerslow.stop();

timerfast.stop();

timerhyper.stop();

startBtn.setText(“Start”);

clearBtn.setEnabled(true);

nextBtn.setEnabled(true);

}

}

private void set_arr() {

String str = “java.awt.Color[r=255,g=255,b=0]”;

for (int i = 0; i < conway.length; i++) {

for (int j = 0; j < conway[i].length; j++) {

String s = “” + arrButton[i][j].getBackground();

if (s.equalsIgnoreCase(str)) {

conway[i][j] = 1;

} else {

conway[i][j] = 0;

}

}

}

}

private void neighbor() {

set_arr();

gen++;

genField.setText(“” + gen);

for (int i = 0; i < arrButton.length; i++) {

for (int j = 0; j < arrButton[i].length; j++) {

int bil = cal_Neighbor(conway, i, j);

String str = “java.awt.Color[r=255,g=255,b=0]”;

String kosong = “java.awt.Color[r=128,g=128,b=128]”;

String s = “” + arrButton[i][j].getBackground();

if (s.equalsIgnoreCase(str)) {

if (bil == 2 || bil == 3) {

arrButton[i][j].setBackground(new java.awt.Color(255, 255, 0));

} else if (bil < 2 || bil > 3) {

arrButton[i][j].setBackground(new java.awt.Color(128, 128, 128));

}

}

if (s.equalsIgnoreCase(kosong)) {

if (bil == 3) {

arrButton[i][j].setBackground(new java.awt.Color(255, 255, 0));

}

}

}

}

}

private int cal_Neighbor(int[][] arr, int num, int i) {

int total = 0;

if ((num – 1 != -1) && (i – 1 != -1)) {

if (arr[num – 1][i – 1] == 1) {

total += 1;

}

}

if (num – 1 != -1) {

if (arr[num – 1][i] == 1) {

total += 1;

}

}

if ((num – 1 != -1) && (i + 1 < arr[num].length)) {

if (arr[num – 1][i + 1] == 1) {

total += 1;

}

}

if (i – 1 != -1) {

if (arr[num][i – 1] == 1) {

total += 1;

}

}

if (i + 1 < arr[num].length) {

if (arr[num][i + 1] == 1) {

total += 1;

}

}

if ((num + 1 < arr.length) && (i – 1 != -1)) {

if (arr[num + 1][i – 1] == 1) {

total += 1;

}

}

if ((num + 1 < arr.length)) {

if (arr[num + 1][i] == 1) {

total += 1;

}

}

if ((num + 1 < arr.length) && (i + 1 < arr[num].length)) {

if (arr[num + 1][i + 1] == 1) {

total += 1;

}

}

return total;

}

private void arrBtnActionPerformed(java.awt.event.ActionEvent evt, JButton arrayBtn) {

String str = “java.awt.Color[r=255,g=255,b=0]”;

String s = “” + arrayBtn.getBackground();

if (s.equalsIgnoreCase(str)) {

arrayBtn.setBackground(new java.awt.Color(128, 128, 128));

} else {

arrayBtn.setBackground(new java.awt.Color(255, 255, 0));

}

}

class startConway implements ActionListener {

public void actionPerformed(ActionEvent e) {

neighbor();

}

}

class mula implements ActionListener {

public void actionPerformed(ActionEvent e) {

try {

if (speedCombo.getSelectedIndex() == 0) {

timerhyper.stop();

timerfast.stop();

timerslow.start();

} else if (speedCombo.getSelectedIndex() == 1) {

timerhyper.stop();

timerslow.stop();

timerfast.start();

} else if (speedCombo.getSelectedIndex() == 2) {

timerslow.stop();

timerfast.stop();

timerhyper.start();

}

} catch (Exception ew) {

}

}

}

public static void main(String[] args) {

java.awt.EventQueue.invokeLater(new Runnable() {

public void run() {

ConwayGUI showWin = new ConwayGUI ();

showWin.setVisible(true);

}

});

}

private JButton[][] arrButton;

private JPanel JP1;

private JPanel JP2;

private JButton clearBtn;

private JButton nextBtn;

private JButton stopBtn;

private JButton startBtn;

private JComboBox speedCombo;

private JLabel speedLabel;

private JTextField genField;

private JLabel genLabel;

}

Movie Update: The Flyboys [2008]

As World War I rages in Europe and Allied forces in France, Italy, and England find their resolve quickly diminishing due to the overwhelming force of the German juggernaut, a handful of brave American soldiers volunteer to join their French counterparts in learning to fly and fighting for freedom from above as the true story of the legendary Lafayette Escadrille comes to the screen in a breathtaking war adventure from Academy Award-winning director Tony Bill and famed producer Dean Devlin. They have come from all over the United States, ready and willing to put their lives on the line despite their country’s initial pledge to not get involved with the all-consuming war that rages throughout Europe. Few could have foreseen the challenges faced by the world’s first fighter pilots, however, and upon arriving at their aerodrome in France, the aspiring aviators are assigned to a new squadron under the command of war-ravaged Captain Thenault (Jean Reno) and battle-weary American pilot Reed Cassidy — the sole survivor of his devastated former air brigade. With little encouragement from their fellow aviators and nothing to drive but their unifying goal of taking to the skies and offering up their lives in the name of freedom, the determined airmen of the Lafayette Escadrille set out to make history by embarking on the adventure of a lifetime.

DOWNLOAD

Microsoft Has Weakness???

In many ways, Microsoft has little to worry about, at least not for now. Sure, they are losing market share steadily, but for their lead to be toppled it would take years and years, or would it?

Microsoft’s agreements with major OEMs (original equipment manufacturers) such as Dell and HP are highly confidential (which is a warning sign in itself), but by most accounts, the agreements give Microsoft a lot of power over these OEMs. This is part of what gives Microsoft so much power. As long as OEMs continue to sell Windows exclusively, which Microsoft essentially ensures with their agreements, they have a large part of the market all to themselves. These strangle-hold agreements may also be a weakness, though.

From the information we have, it appears that Microsoft controls OEMs not by making them love Microsoft, but by threatening them with increased licensing costs, something that could quickly kill any OEM. What this means is that most OEMs probably wish Microsoft has less of a monopoly. In fact, both Dell, by selling Ubuntu on some notebooks, and HP, with their rumored custom version of Linux, have indicated this.

It appears that Dell, HP, and others probably have two options: restrict their Linux stuff to remote areas of their businesses, or declare a revolution by offering Linux on all their computers. I suspect that any single OEM that tried this would get killed, but if several major OEMs did it together?

Let’s look at the pros and cons from the perspective of OEMs:

• PRO: Good chance of toppling Microsoft’s power, freeing them of restrictive licensing deals.
• PRO: Reduce costs by cutting out Windows licensing fees all together.
• CON: Potential technical problems and initial negative customer response.
• CON: Some possibility of getting absolutely crushed. In this case, the company in question could probably recover, but not without losses.

While we do not know exactly how bad the license with Microsoft is, it seems unlikey that any major company would take the risks involved. If I were Microsoft, I would, however, be somewhat concerned. If OEMs did “revolt,” Microsoft would be in deep trouble. Arguably, despite the low probability, this is Microsoft’s most immediate threat. Could it ever happen? Would it work?

Ultimate Edition

Ultimate Edition, sometimes called Ubuntu Ultimate Edition, is a modified version of Ubuntu with a new theme and tons and tons of applications. To make room for all this stuff, Ultimate Edition is distributed on a DVD, rather than a CD. That said, at only 1.3GB, Ultimate Edition is one of the smalled DVD distros.

I would say that the target audience for Ultimate Edition (which I will call UE from now on) is definitely Ubuntu users looking for some modifications. For those people, one of the main reasons to choose UE is the theme. Most brown-haters will like the new back with blue highlights theme a lot. While I am not a huge fan of dark themes in general, this is one of the best I have ever seen. A lot of what makes this the case is the blue, which helps lighten certain parts. As with any Linux distro, you can change the theme if you don’t like it, but it takes some time and effort to make a really great theme.

Apart from the new theme, the main attraction of UE is all the installed applications. Almost every application most people will ever need is already there, plus a bunch more. So, unless you are working with a lot of audio or video stuff, if you don’t want to bother installing anything, UE might be a very good choice. I say unless you do audio or video work, because UE has relatively few applications in this category. Also, there are a number of distros designed specifically for audio and video work, such as Ubuntu Studio and Musix GNU/Linux.

If you are an Ubuntu user with a big hard drive who is not particularly worried about the bloat of all the included applications, UE is definitely worth a look. Additionally, if you don’t like Ubuntu’s default theme but do like Ubuntu, UE is a good choice for you, too.