Keep your eye open for the EcoStrip.

Now here’s a good idea. It’s called the EcoStrip and it’s your standard power strip for use with your computer that has a neat addition to it. It plugs into one of your PC’s USB ports so it can tell when you turn off your PC at which point it kills power to anything else plugged into the strip.

If your desk is like mine then you have at the least a set of powered speakers and one or more monitors plugged in that continue to draw power after you’ve shut off your PC. Standby modes don’t tend to eat a lot of power, but when you’ve got several of them and then you multiply that by all the other people who have them then those little bits of current add up pretty quickly. This little strip would help to eliminate at least some of that waste.

It’s not available in the U.S. yet, but it will be soon so keep an eye open for it. I plan on picking up three myself once they’re available.

Via Everything USB.

Sony has another rootkit scandal on its hands.

You’d think Sony would’ve learned from all the trouble they got in with their anti-CD copying rootkit awhile back, but the problem with being a huge conglomerate is it’s often difficult for The Powers That Be to know everything every branch of the company is up to. This time around it’s not a CD copy protection causing the problem, but rather a biometric USB flash drive:

We received a report that our F-Secure DeepGuard HIPS system was warning about a USB stick software driver. The USB stick in question has a built-in fingerprint reader. The case seemed unusual so we ordered a couple of USB sticks with fingerprint authentication. We installed the software on a test machine and were quite surprised to see that after installation our F-Secure BlackLight rootkit detector was reporting hidden files on the system.

Many of our regular readers will remember the huge Sony BMG XCP DRM rootkit debacle of 2005. Back then malware with rootkits were not very common but since then a lot of malware families have adopted rootkit cloaking techniques. It is unclear if the “rise of the rootkit” would have happened in this magnitude without the publicity of the Sony BMG case. In any case, a lot more people now know what a “rootkit” is than back then.

This USB stick with rootkit-like behavior is closely related to the Sony BMG case. First of all, it is another case where rootkit-like cloaking is ill advisedly used in commercial software. Also, the USB sticks we ordered are products of the same company — Sony Corporation.

The Sony MicroVault USM-F fingerprint reader software that comes with the USB stick installs a driver that is hiding a directory under “c:\windows\”. So, when enumerating files and subdirectories in the Windows directory, the directory and files inside it are not visible through Windows API. If you know the name of the directory, it is e.g. possible to enter the hidden directory using Command Prompt and it is possible to create new hidden files. There are also ways to run files from this directory. Files in this directory are also hidden from some antivirus scanners (as with the Sony BMG DRM case) — depending on the techniques employed by the antivirus software. It is therefore technically possible for malware to use the hidden directory as a hiding place.

Oops. To their credit Sony does appear to have learned something from the previous debacle and they’re admitting right up front that it’s an issue:

Electronics giant Sony has confirmed a recently discovered security flaw in some of its products that could leave PCs vulnerable to attack by hackers.

The firm said that the fault, which affected software packaged with memory sticks, was developed by a third-party.

Sony said it was conducting an internal investigation into the problem and would offer a fix “by mid-September”.

That’s a big change from the last time when the president of Sony BMG, Thomas Hesse, made the mistake of railing against angry consumers by declaring “Most people, I think, don’t even know what a rootkit is, so why should they care about it?” That did little to cool heads at the time.

So if you happen to be an owner of one of these Sony USB drives you should be aware that your desire for extra security may have made you less secure, but Sony’s working on a fix for you.

Looking for your thoughts on USB headsets.

Audience participation time. I’m sure more than a few of you folks out there are using USB headsets to voice chat online and I’m looking to pick one up as the quality of the audio from the collar mic I’m using now is best described as “meh.” The collar mic uses the standard microphone jack on the audio system and I’ve read that USB based mics tend to produce better sound, especially when used with a headset to help muffle output from the speakers.

My primary uses will be for voice chat while gaming though I’d like to try a podcast at some point so I’d like something that provides really good audio quality. I’ve been reading reviews here and there, but it’s hard to judge how much I need to speed for something that’ll produce decent audio and I’m hoping to be able to pick up two as Anne is voice chatting more when she plays WoW. So I’m turning to you folks to see if you have any recommendations you can pass along for me to check out. What’s good? What’s bad. What’s the best bang for the buck?