eWorld Translations

Two days after learning of the problem, Mozilla has updated Firefox to fix a flaw in the Windows, Mac OS X, and Linux versions of its browser that was actively exploited by malware secretly planted on the Nobel Peace Prize website.

The new versions of Firefox, 3.6.12 and 3.5.15 are not vulnerable to this exploit, but users who visited the site before installing the updated version might have been infected with a Trojan horse program.

According to Firefox security engineer Daniel Veditz “Firefox 4 beta users appear safe for the moment.”

Norwegian security vendor Telenor SOC reported the bug on, detailing that the Nobel site redirected to a Taiwanese attack server which then launched a JavaScript-based exploit that, if successful, placed a Trojan horse on the victim’s computer.

To download the new version of Firefox, visit http://www.mozilla.com/.

Also affected are Mozilla Thunderbird and SeaMonkey. A fixed version of the Thunderbird news and email client is available here and a fixed version of the SeaMonkey “all-in-one internet application suite” here.

We’ll gladly help you to review and update your applications to alleviate the potential for exploits resulting from application versions that have known vulnerabilities. Contact us today.

At the end of last week, Adobe published a security update for its Shockwave Player, patch 11 security holes.

A sample exploit illustrating this vulnerability is already in circulation, opening the Windows calculator once a web page featuring the exploit code is visited. Obviously it wouldn’t be all that difficult to start another program instead using the same mechanisms.

This update is unrelated to the holes reported on earlier in the week in Adobe’s Flash Player and Reader applications.

Users should update their Shockwave Player as soon as possible, downloading the latest version from Adobe’s website.

We’ll gladly help you to review and update your applications to alleviate the potential for exploits resulting from application versions that have know vulnerabilities. Contact us today.

Today, Adobe updated a security advisory published last week, alerting its customers and users to an unpatched bug in Flash Player which also affects the Adobe Reader and Adobe Acrobat applications.

While there are not yet reports of Flash Player itself being targeted, Adobe warns: “There are reports that this vulnerability is being actively exploited in the wild against Adobe Reader and Acrobat.”

According to independent security researcher Mila Parkour, a malicious PDF file may exploit the Flash bug in Reader in order to place a Trojan horse program or other malicious software on the victim’s computer.

All versions of Flash on Windows, Mac, Linux and Android are vulnerable, Adobe admits.

Patched versions of the aforementioned three applications are expected to be released within the next 10 days; for Flash Player on most platforms tomorrow, 04 November 2010, and for Reader and Acrobat during the week of 15 November 2010.

Until a patch is available for this extremely critical vulnerability arising from the automatic execution of Flash content from within Reader and Acrobat via the authplay.dll library, users should exercise the utmost caution.

While deleting the authplay.dll file protects against the current attacks, both Acrobat and Reader will crash or produce an error message when they try to open a PDF file that contains Flash content.

We’ll gladly help you to delete the authplay.dll file and to review and update your applications to alleviate the potential for exploits resulting from application versions that have know vulnerabilities. Contact us today.

A recent SC Magazine article by Mark Weatherford, VP and CSO of North American Electric Reliability Corp. (NERC), discussed the effect of “unknown unknowns” on the electric grid and elaborated on the “High-Impact, Low-Frequency Even Risk to the North American Bulk Power System” which was created subsequent to a November 2009 workshop by NERC and the U.S. Department of Energy.

High-impact, low-frequency (HILF) events are somewhat elusive and unusual occurrences that potentially cause long-term, cataclysmic damage … in this case to the power grid, be it as a result of natural causes such as a solar storm triggering geomagnetic disturbances, or man-made causes like physical or cyber attacks, detonations of nuclear weapons or the outbreak of a pandemic.

To avoid the risk of the report gathering dust as a grand tome once it was delivered, NERC’s Electricity Sub-Sector Coordinating Council (ESCC) developed a “Critical Infrastructure Strategic Roadmap” framework based on which NERC and the electric industry drafted a Coordinated Action Plan in a collaborative public/private partnership.

It would not hurt to take this opportunity to review (or create, if you don’t have them, yet) your organization’s Continuity of Operations Plan (COOP), Disaster Recovery (DR) plan and/or Business Continuity Plan (BCP).

What would you for instance do if you are without power from the electric grid for an extended period of time? Do you have a UPS? If so, how long can it provide power for all your essential devices and facilities? Do you have a generator? If so, how long does your stored fuel supply last? Which steps have you taken to assure continued fuel supply until the situation has been remedied?

A freelancer, hit by a hurricane that knocked out power locally or regionally might just travel to a location not affected by the outage and operate from there using a laptop and a cellular phone. But this might not be quite as easy or even an option for a small or medium sized enterprise.

We’ll gladly help you to review and update or create your preparedness plans and policies. Contact us today.

As reported by eWeek, Microsoft’s 240-page Security Intelligence Report (SIR) Volume 9 indicates for the second quarter of 2010 that there are 2.2 million PCs in the US infected with bot software. This is more than in any other country in the world. With 550,000 PCs, Brazil comes in second. The statistics were gathered through 600 million PCs that use Microsoft’s update services and/or its Essentials and Defender security products.

Adrienne Hall, general manager of Microsoft Trustworthy Computing, blogged “Bot herders guard their botnets jealously and invest huge amounts of time, effort and money in them. They spread their bots by a central command to masses of computer users through malicious software and user deception. By keeping a low profile, bots are able to infiltrate computers and devices and can quietly operate in the background, often undetected for years.”

To avoid being or becoming one of these statistics, with the concomitant egg-in-the-face if and when both your own and confidential data your customers have entrusted you with ends up in the wrong hands, let us help you to review and update your computer’s configuration, your security mechanisms and your policies. Contact us today.

SDL Trados recently released Service Pack 3 for its SDL Trados Studio 2009 line of products.  Freelance upgrades are available here and Professional upgrades here.

Among its key updates are:

• Access to 3 different automated translation systems (SDL Automated translation, SDL Language Weaver and Google Translate) to help you translate new content more quickly, in virtually any language combination
• Hundreds of time-saving features, such as AutoSuggest, QuickPlace and Context Match, to help you translate faster than before.
• Save desktop publishing time by being able to preview your final document as you translate! Currently available for Microsoft PowerPoint, Word, HTML and XML files
• Support for the latest file formats so that you can accept any project, including Microsoft Office 2010, Adobe InDesign Markup Language (IDML) and InCopy Markup Language (ICML)
• Support for enterprise translation package formats
• First release of key APIs via the SDL OpenExchange, designed to open up SDL technology to everyone and increase software functionality
• Improved integration with SDL MultiTerm and SDL Global Authoring Management System
• Plus, over 180 customer suggestions have been included in SDL Trados Studio 2009 SP3 via ideas.sdl.com. Please continue to help shape future product releases by suggesting and voting for ideas at ideas.sdl.com!

There’s one caveat, though, with respect to the product’s PDF support via a third-party PDF-to-DOC conversion tool that was integrated as a filter: More often than not, it gets confused by improperly maintained formats, unnecessarily placed inline tags and incorrectly placed line breaks (based on some crazy PDF logic).

When installing the upgrade, set aside enough time for the downloads of the updated versions of both Trados Studio and MultiTerm, consisting f approx. 600 MB. And don’t get too annoyed when being forced to reselect your respective languages for the Freelance edition; for some odd reason, SDL does not automatically import them from the old version. To add insult to injury, some users encountered an update to the update and were therefore forced to jump through this hoop twice.

Also, please note that there is a known compatibility problem between SDL Trados Studio 2009 Freelance (without SP3) and SDL Trados Studio 2009 Professional SP3.

If a so-called Package is created in the later, the former ends up with an error message indicating: Your Trados version is too old and incompatible with this Package version.

The solution: either upgrade the Freelance version to SP3, or ask the customer to provide you with source files.

After installing SP3, some users also have encountered receiving an error 80040111 for components with CLDSID {1562E773-38AF-444A-8B83-8A79B4D1A0EF} when trying to open a termbase in MultiTerm.

This error is indicative of a MultiTerm SP3 installation that went wrong. Once MultiTerm SP3 is reinstalled, it works again.

SP3 is free for existing SDL Trados Studio 2009 and SDL MultiTerm 2009 customers! Just login to your account and retrieve it from the My Downloads section.

Please note that you have to run the executable update files one at a time while following the wizard-driven process, which will automatically remove your old version and replace it with SDL Trados Studio 2009 SP3 and SDL MultiTerm 2009 SP3, respectively.

If you would to receive one-on-one remote training from one of our highly skilled specialists in SDL Trados Studio or a variety of other applications, contact us today.

As Michael Cunnigham recently reported in a New York Times opinion piece:

As the author of “Las Horas,” “Die Stunden” and “De Uren” — ostensibly the Spanish, German and Dutch translations of my book “The Hours,” but actually unique works in their own right — I’ve come to understand that all literature is a product of translation. That is, translation is not merely a job assigned to a translator expert in a foreign language, but a long, complex and even profound series of transformations that involve the writer and reader as well. “Translation” as a human act is, like so many human acts, a far more complicated proposition than it may initially seem to be.

The author then goes on to take the first three words of Herman Melville’s “Moby Dick” – “Call me Ishmael” – as a perfect example of the challenges faced both by writers and subsequently translators to reel in the reader, e.g. through authority, forcefulness and confidence.

Quite obviously, it is not an easy undertaking to replicate a similar, if not the same effect in another language which may follow a different grammatical structure and likely features different phonetics.

For a more detailed analysis and description, take a few minutes to read the article.

To avoid the pitfalls resulting from a less than expert translation, rely on our highly skilled specialists and contact us today.

Have you ever encountered a backup CD from which you wanted to reinstall some long-forgotten or accidentally deleted files? Did you then encounter a computer system and/or CD drive with major hiccups when trying to read the CD? When taking it out of the drive and holding it against a bright light, were you perplexed to find a slew of pinholes in the metallic data layer through which the light shone straight at you?

If so, take a look at this summary of research findings by the National Institute of Standards and Technology (NIST), posted at About.com:

You should never use a pen, pencil or hard-tip marker to write on your CDs. That’s just one of several recommendations made by computer scientists at the National Institute of Standards and Technology (NIST), who sliced, diced and baked CDs and DVDs to see how long the digital information would survive.Most CDs and DVDs will last 30 years or more if handled with care, but many factors can slash their longevity.

Direct exposure to sunlight can do a great deal of damage both from the sun’s ultraviolet rays and the heat.

Any rapid significant change in temperature or humidity can stress the materials.

Fingerprints and smudges frequently do more harm than scratches. NIST recommends handling discs by the outer edge or the center hole.

Discs may be cleaned with a cotton cloth by wiping in a straight line from the center of the disc toward the outer edge. Isopropyl alcohol may be used for extra cleaning power.

Discs last longest when stored in plastic cases in a cool, dark, dry environment. Because gravity can gradually bend the disc, storing it upright like a book is best for long-term storage.Many libraries, archives and government agencies store information on optical media, and NIST collaborated with the Council on Library and Information Resources to issue the research report.

We’ll gladly help you to review and update your backup strategy, mechanisms and policies. Contact us today.

Slowly but surely, translation technology seems to be moving away from the local desktop towards server-based applications and data storage as well as online access.

Depending on the type of implementation this can be beneficial or cause major headaches, e.g. due to latency issues.

Among the contenders are (in alphabetical order):

• Boltran
• Crowdin.net
• GlobalSight
• Google Translator Toolkit
• Lingotek
• Translation Workspace (Lionbridge)
• Wordbee
• Wordfast Anywhere
• XTM Cloud

One advantage of working in the “cloud” is that even if your work laptop is confiscated at the airport for whatever obscure reason, your livelihood won’t be at risk for the time it takes to get your computer back (which can easily amount to a month or more).

Rather, you can pick up on another computer without having to deal with restoring all your apps and data from a backup which then would not even include any of the new files, emails and other data you received while you were gone.

While this might otherwise be remedied to some extent by also using an online backup solution, said solution would depend on the availability of sufficient volume and bandwidth while traveling.

But then again, a purely server-based translation solution would depend on online access, too, in order to be able to work.

Nevertheless, food for thought.

If you would to discuss your translation tool needs in more detail or if you would like to receive one-on-one remote training from one of our highly skilled specialists, contact us today.

As reported by DW-World.de, a mistranslated statement by United States General David Petraeus, commander of the US and NATO forces in Afghanistan, from a new set of guidelines for troops in Afghanistan, led some German government officials to believe that troops would be intensifying their involvement.

The online edition of the intellectual weekly paper Die Zeit headlined its story with the particularly vicious extract “Rip your teeth into the flesh of the insurgents.”

Berlin daily newspaper Der Tagesspiegel by the same publisher concluded “targeted killings are apparently central to [Petraeus'] strategy.”

The respective dramatic headlines wouldn’t have been out of place in a tabloid, but were perceived as an oddity when they were posed by those two publications which are generally seen as a quality news source.

As it turns out, one sentence out of Petraus’ three-and-a-half page statement was not properly translated. In its original, it reads “Get your teeth into the insurgents and don’t let go.”

As you can see, this is simply a note of encouragement for troops to stay the course and not give up, rather than a call to violence.

While it is not clear whether a human translator was used who simply lacked the cultural background to properly understand this typical Amercan style statement and thereby was not able to properly translate it, or whether machine translation was used, with all its culprits, the incident serves as a powerful reminder to not cut corners but rather use a quality translation service, such as ours.

To discuss your translation needs, give us a call toll-free at +1-888-398-4968, or use the free quote form in the sidebar to the right, or email us at info@eworldtranslations.com or provide more detailed information on our contact form.