Author: Serkadis

There are numerous sites and web-server side scripts which perform malicious attacks or simply unpleasant problems to their visitors.

The latest one that gained prominence, is the although not really causing much harm is the “Want 2 C Something Hot?”. It is an elegant CSRF (Cross-site request forgery) which just shares itself on the facebook profile of the visitor.

The careful visitor will simply steer away from such links. The careful but curious visitor would want to see what such code does, but in a safe environment. So, here is a sample environment for a safe preliminary analysis of a malicious web site:

1. The analysis computer – a Cleanly installed VMware Windows XP SP3 guest OS. The guest OS should be configured with a bridged networking. Configure your host OS firewall to block all communication from the guest OS IP address to the host OS IP address.
2. The protective shielding – The guest OS should have a latest updated antivirus software. We recommend AVIRA, with active heuristics scanning. Also, include an anti-malware software, like Spybot – Search and Destroy.
3. The analysis tools – Now is the time to fire up your arsenal:
• Wireshark/Ethereal – all traffic should be captured with a network sniffer, so if the application level tools miss something, you can always revert to the packet capture. Set the sniffer to automatic saving of packet capture to disk, and start the sniffer before you start surfing!
• Latest Firefox with Firebug Add-In – all request/reply communication will be tracked through the Firebug. This is the application tool that will help you start dissecting the communication to and from the browser, and what is actually received.

The results of a the “Want 2 C something hot?” through firebug is seen on the next image. From there you can start dissecting each request and reply to fully understand the sequence of events.

Please note that the results are not magical, and that by only using this toolset you won’t become an instant securuty analyst or a hacker. This is just a safe environment for analysis of web sites.

Talkback and comments are most welcome

Related posts
Google’s Ratproxy Web Security Tool for Windows
Tutorial – Using Ratproxy for Web Site Vulnerability Analysis
Web Site that is not that easy to hack – Part 1 HOWTO – the bare necessities
Checking web site security – the quick approach

Don’t be fooled by the surge in existing home sales in Ocotober.

The number was far larger than expected. But the only people helped out by the sales of existing homes at low prices are real estate agents and banks collecting fees on new mortgages.

For the rest of us, the surge in existing home sales is basically a non-event. If anything, the 10.1% surge might bad news for the broader economy.

The problem goes far beyond the usual griping you will hear today. Yes, low prices, low interest rates and the tax credit all boosted sales. But if these sales were really giving the economy a boost, that would be terrific news.

Home sales can be both an indicator of economic strength and a contributor to economic growth. That is, home sales can be both a signal that the economy is recovering and a path to recovery itself. This time around, however, the home sales numbers are neither a signal nor a contributior.

You see, the signalling from home sales is all screwed up due to the subsidies involves. And the economic boost from home sales really only arises from the sale of new homes. The sale of existing homes doesn’t give a boost to anyone.

“The only contribution from existing home sales to the economy are some commissions and fees. That is good news for real estate agents and mortgage brokers, but not for the overall economy,” Calculated Risk explains.

The only legitimately good news in today’s home sales numbers is the decline of overhanging housing inventory to seven months, which is elevated beyond the “healthy” 6 month supply but far below the horrific oversupply numbers from several months ago. Unfortunately, the oversupply of rental units is climbing, suggesting that our subsidies may just be convincing some renters to become owners. That’s not economically useful.

From Calculated Risk:

The key to reducing the overall inventory is new household formation (encouraging renters to become owners accomplishes nothing in reducing the overall housing inventory). And the key to new household formation is jobs. And usually the best leading indicator for jobs is residential investment. Somewhat of a circular trap.

And that suggests the recovery will be sluggish and unemployment will stay high for some time.

To sound an even more bearish note, there’s a real danger to great news that is actually economically irrelevant. You’ll get bulls like Jim Cramer screaming about how the economy is about to soar. Investors will take on more risk, businesses will overstock inventory. When it becomes clear the October home sales were a head fake, there will be a lot of pain.

Join the conversation about this story »

See Also:

• Existing Homes Sales Boosted By Homebuyer Credit Mad Rush
• Existing Home Sales Surge 10.1% In October

The growing European flu scare is causing government to restrict travel between countries.

Reuters: Uzbekistan has closed its border with central Asian neighbor Kazakhstan to all but citizens of each nation returning home, the Kazakh Foreign Ministry said on Monday, as swine flu spreads in both countries.

Kazakh media and residents of the Uzbek capital Tashkent have connected the move to fears about an outbreak of the H1N1 flu virus, but this has not been confirmed by the authorities there.

Read the whole thing >

Join the conversation about this story »

See Also:

• Ukraine Flu Death Toll Hits 400
• New Flu Strain Is Worse Than Swine Flu, And Affecting Millions Across Europe
• Ukrainian Black Lung Deaths Doubling Every Two Weeks Throughout Europe

---

Just because district judges look intimidating, doesn’t mean they don’t have a lighter side to them. Underneath the toga and the hammer lies a simpl…

Dry bulk shipping’s Baltic Dry Index (BDI) has hit new highs for the year.

And once again the BDI’s use as an ‘economic indicator’ is coming out of the woodwork. Past head fakes forgotten.

Raymond James’ J Marshall Adkins asks in a report: ‘Can the Baltic Dry Index Serve as A Leading Indicator of Oil Prices?’

Raymond James: The reason the index is watched so closely by many economists and policymakers is that it is an excellent leading indicator for economic activity. The BDI tracks international carriers hauling raw materials (e.g., wood for Finnish paper mills) as opposed to container ships carrying finished goods (e.g., paper for the U.S. Treasury’s busy printing presses). Thus, the precursors to production, rather than the results of production, are accounted for in the index, giving it a predictive quality. Additionally, the market for these cargo ships tends to be tight and inelastic.

Let’s just first assume that by leading indicator one means ‘reliable leading indicator’ since if it’s not reliable then it’s useless.

Now, there are actually many reasons why the Baltic Dry isn’t a reliable forward indicator for the economy, which we’ve gone into some depth on many times before, yet for the sake of efficiency the following might suffice:

The BDI spiked in 2008 to all-time-highs right before the global economy collapsed. That alone proves it pretty unreliable without getting into the nitty gritty. It’s not an indicator of anything except the highly volatile supply and demand situation between dry bulk ships and commodities at any given moment of time (and with little forward sight). It can change by +/-80% within very tight time frames based on only moderate changes in supply vs. demand, thus turning on a dime even if the economy hasn’t done so.

The supply of ships at any moment has a large impact on the index value.  The BDI is a function of supply and demand, and a very sensitive schizophrenic one at that. It’s not just an indicator of demand alone. For example, if massive amounts of new ships flood the market, the BDI will collapse even if commodities demand and the world economy are still growing. This could actually end up being the case over the next two years.

Yet this research piece doesn’t stop at claiming the BDI forecasts the economy alone.

It takes the BDI’s predictive prowess a giant leap further by then suggesting that the BDI might serve as an indicator for oil prices.

Raymond James: It is intuitive that any indicator which gauges worldwide economic activity, such as the BDI, should also give an assessment of global energy prices, since the two are intrinsically tied together. If shipping activity is tied to economic activity, and economic activity is tied to energy prices, then shipping activity should be tied to energy prices. (For you math majors out there, this is what’s called “transitivity.”) In fact, we’ve found that over the past three years, the BDI and West Texas Intermediate (WTI) oil prices have been closely correlated, as shown in the chart below.

Oil tanker rates don’t even serve as a reliable indicator for oil prices. They can at times fall even while oil prices rise, due to changes in ship supply… so why should dry bulk rates be any better? The effect of ship supply has once again been left out of the above logic.

Yet apparently, this short two-year correlation proves the BDI will reliably forecast oil prices. Just realize how many different charts have had this same shape over the last two years:

(Raymond James, Energy: Stat of The Week, Can the Baltic Dry Index Serve as a Leading Indicator of Oil Prices, J Marshal Adkins, 23 November 2009)

Join the conversation about this story »

See Also:

• Freight Forwards Curve Warns Of Baltic Dry Index Collapse (EGLE, DRYS, GNK)
• The Baltic Dry Index Soars On Voracious Chinese Commodities Demand (DRYS, EGLE)
• Shipping Rates Are Lousy For Predicting The Economy (DRYS)

Iran state media loudly trumpeted, today, that the country made $5 billion by diversifying its reserved away from the dollar, and into euros.

AFP: “Iran has considerably reduced the total of US dollars in its currency basket,” Mahmoud Bahmani said at a bankers’ seminar in Tehran.

Since October 2007, Iran has received 85 percent of its oil revenues in currencies other than the US dollar, the channel reported, adding it is seeking a substitute for the dollar for the remaining 15 percent.

Read the whole thing >

Join the conversation about this story »

See Also:

• Petrobras Is Ditching Iran After Oil Discoveries Prove To Be A Total Flop
• Turkey Dumps US Dollar For Trade With Iran And China
• Iran Says It’s Ditching The Dollar Completely

Filed under: Sedan, Performance, BMW

The 5 Series is an important model for BMW, particularly in North America where it’s the brand’s second best seller behind the 3 Series. Heading into 2010, BMW has expanded its mid-size line with the new Gran Turismo body style already on sale. However, the volume leader for the 5 Series is the four-door sedan, which officially debuts today. The 2011 model transitions to a new platform architecture shared with the latest 7 Series as well as the upcoming Rolls-Royce Ghost. The 5 Series sedan gets a four-inch shorter wheelbase than its siblings, but at 116.9 inches, it still stretches well past its competition. The new Mercedes-Benz E-Class runs a mere 113.1 inches between its axles and the Cadillac CTS is 113.4 inches.

From a technical perspective, the new 5 Series picks up much of what can be found in the 7 Series and the Gran Turismo. Read on after the jump to learn more about it.

UPDATE: Nine videos added and more images uploaded into gallery.

[Source: BMW]

Continue reading Officially Official: BMW unveils all-new 5 Series sedan

Officially Official: BMW unveils all-new 5 Series sedan originally appeared on Autoblog on Mon, 23 Nov 2009 14:12:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

While the O2 HTC HD2 has been formally announced and seemingly not available, the situation with the T-Mobile UK version seems exactly the opposite.  While the device is not supposed to be available yet, Coolsmartphone reports one lucky punter has already been able to get his hands on one, and that the super smartphone may be lying in wait in many T-Mobile stores.

Daniel Cunningham found the HD2 in his local T-Mo store and they’d had it in stock for 3 days. He was offered one free for £40 p/m on an 18 month contract, so you may find the HD2 hiding away in your local store too.

Well now I know what I will be doing tomorrow – HTC HD2 hunting!

Read more at Coolsmartphone here.

If you’re looking for a twist on the traditional pumpkin pie for Thanksgiving, try this quick, easy, and light pumpkin cheesecake.  It’s a great no-bake option for those who don’t have double ovens at their disposal.

We start with gingersnap cookies for the crust.  Trader Joe’s has both regular gingersnaps (their Triple Ginger cookies – made with fresh ginger, powdered ginger, and crystallized ginger – are sinfully addictive!) as well as a gluten-free variety.  A tasty variation from regular graham cracker crust.  Most stores sell ready-made graham cracker crusts, so you can save a little time by going that route, and then this recipe is truly no-bake (we fudged a bit, as the crust does need a little pre-baking if you’re making it yourself).

To crush cookies, place them in a large Ziploc bag, break into pieces by lightly hammering with the end of a rolling pin, and then roll into crumbs.  The gingersnap cookies are firmer than graham crackers, so really use some elbow grease to break up the cookies.  You can also pulverize them in the food processor or blender.

The filling is made with just 1 block of cream cheese, instead of most cheesecake recipes that use 3 or even 4 blocks of cream cheese!  As a result, this filling is light and airy compared to the dense texture of traditional cheesecake.  I actually prefer this light version and don’t feel as guilty eating it.  You can use neufchatel or light cream cheese if you prefer.

Pumpkin Butter, available only seasonally at Trader Joe’s, has all the spices you need for this pie.  In fact, just mixing Pumpkin Butter and cream cheese makes a great filling for mini tarts or turnovers.  We added sour cream and pumpkin puree to make this easy and delicious cheesecake filling.

Finally, the whipped topping is optional.  If you can go the extra mile and whip your own cream, it’s a luxurious treat that really makes this dessert shine.  We used maple syrup to lightly sweeten the cream, and the maple flavor is a terrific complement to the pumpkin filling.

You can make this dessert a couple of days ahead and keep it in the fridge.  Just before serving, sprinkle extra crushed gingersnap cookies or graham crackers for a rustic-looking garnish.

No Bake Pumpkin Cheesecake

Prep time: 15 minutes
Cooking time: 10 minutes (for the crust)
Serves 8

It seems that Spain is a country that is pretty consistently figuring out that we shouldn’t just throw out all other rights the second “piracy” is shouted by the entertainment industry. We’ve noted recently that the country hasn’t just rejected three strikes and declared broadband a basic right, but has also ruled, repeatedly, that personal file sharing is legal. And now, it even has judges who realize that “anti-circumvention” laws should have limits as well.

As you probably know, one of the key things that the entertainment industry has pushed for throughout the world is “anti-circumvention” clauses in copyright law. In the US we have this in the DMCA and it’s a total mess. The law basically says that any attempt to circumvent (or to make or sell a tool to circumvent) DRM on a digital work is a violation of the copyright law — even if making a copy of the content in question wouldn’t violate copyright law.

Spanish copyright law includes an anti-circumvention clause, but as Leo Martins alerts us, a judge in Salamanca, Spain has taken a much more nuanced view of it in a case pitting Nintendo against Grupo Movilquick, who produced alternative cartridges for Nintendo DS devices. The judge’s ruling (translated from the original) appears to find that the alternative cartridges do, in fact, circumvent Nintendo’s DRM and can be used for “pirating” games, but also extend the utility of the devices for perfectly legal purposes. For that reason, the judge dismissed the lawsuit (translation from the original) noting that it doesn’t make sense that the law would be intended to say that only Nintendo can expand the functionality of its devices, and the fact that Nintendo doesn’t offer similar functionality shouldn’t preclude others from doing so. There are areas where Nintendo can still bring a lawsuit, such as for patent and trademark issues, but the judge notes those should be dealt with in a civil court.

Permalink | Comments | Email This Story

Consumers seem to be getting their debt under control as credit card delinquencies and late payments from June to September fell to 1.1%:

—–

TransUnion.com released today the results of its analysis of trends in the credit card lending industry for the third quarter of 2009. The report is part of an ongoing series of quarterly consumer lending sector analyses focusing on credit card, auto loan and mortgage data available on TransUnion’s Web site at www.transunion.com/trenddata. Information for this analysis is culled quarterly from approximately 27 million anonymous, randomly sampled, individual credit files, representing approximately 10 percent of credit-active U.S. consumers and providing a real-life perspective on how they are managing their credit health.

Statistics

The national credit card delinquency rate (the ratio of bankcard borrowers 90 days or more delinquent on one or more of their credit cards) dropped to 1.10 percent in the third quarter of 2009, down 5.98 percent over the previous quarter. Year over year, credit card delinquencies remained essentially flat from 1.09 percent in the third quarter of 2008. As expected, incidence of credit card delinquency was highest in Nevada (1.98 percent), followed closely by Florida (1.47 percent) and Arizona (1.35 percent). The lowest credit card delinquency incidence rates were found in North Dakota (0.66 percent), South Dakota (0.70 percent) and Alaska (0.73 percent). Mississippi saw the largest quarter-over-quarter drop of 13.4 percent in credit card delinquency. In comparison to last quarter, where no state experienced a quarterly increase in delinquency rates, the third quarter saw 8 states log an increase.

Average credit card borrower debt (defined as the aggregate balance on all bank-issued credit cards for an individual bankcard borrower) drifted downward nationally 1.87 percent to $5,612 from the previous quarter’s $5,719, and down 1.71 percent compared to the third quarter of 2008 ($5,710). The highest state average credit card debt remains in Alaska at $7,699, followed by Tennessee at $7,039 and Alabama at $6,453. The lowest average credit card debt was found in Iowa ($4,225), followed by North Dakota ($4,449) and Wisconsin ($4,602).

The steepest increases in average credit card debt over the previous quarter occurred in Hawaii (+5.48 percent), North Dakota (+0.71 percent) and Alaska (+0.44 percent). The District of Columbia experienced the largest drop in average credit card debt (-10.05 percent), followed by Nevada (-3.16 percent) and Delaware (-3.11 percent).

U.S. Analysis

“For the first time in ten years, third quarter national delinquency rates showed a decrease from the previous quarter, indicating a departure from the usual seasonal patterns. This movement could have occurred for a number of reasons. First, the national savings rate fell in the third quarter, possibly indicating continued consumer efforts to keep debt to a minimum and debt repayment under control in the face of an already depressed labor market. Consumers recognize that their credit cards are their primary purchasing vehicles in this economy,” said Ezra Becker, director of consulting and strategy in TransUnion’s financial services group. Second, many lending institutions modified credit card rules, fees and charges in the third quarter, in advance of the Credit CARD Act taking effect in February 2010. Those changes almost certainly impacted the dynamics of third quarter performance.

“An early indicator of the impact these term modifications will have on consumers and their credit habits in terms of debt and delinquencies will likely be revealed during the upcoming holiday season and immediately thereafter. However, the long-range effect is as yet unclear. In all events, it is anticipated that the market will experience a different lending dynamic and a material shift in the use of credit cards and marketshare across the industry. This recession has taught the U.S. consumer many lessons: shop around for the best deal, maximize the value of your spend and protect your day-to-day liquidity. While TransUnion still expects to see seasonal behavior patterns in delinquency rates, the industry is still in flux as to what the new historical norms might be,” continued Becker.

Forecast

“With positive GDP now being reported along with an expectation that the national saving rate will drift downward in the fourth quarter, TransUnion sees its year-end forecast for 90-day credit card delinquency rate remaining steady at approximately 1.1 percent nationally, with a possible drift upward in the beginning of 2010,” said Becker.

At the state level, Nevada is still expected to experience the highest delinquency rate by the end of 2009 (1.9 percent), while North Dakota is anticipated to show the lowest delinquency rate (0.64 percent).

Join the conversation about this story »

See Also:

• Shock and Awe: Pre-Approved Credit Card Comes With 79% APR
• Chris Dodd’s Incredibly Stupid Credit Card Rate Freeze Will Destroy The Consumer
• Desperate Retailers Bring Back "Layaway" Plans For The Holidays

Filed under: Coupe, Performance, Videos, Lexus

The lease-only 2011 Lexus LFA supercar has been getting a lot of exposure lately. We had a chance to drive it a few weeks ago and just showed you some pics of the matte black car when it showed up at Cars & Coffee in Irvine this Saturday, but now we have something even better. LeMans-winner and Jay Leno Show racing coach, Justin Bell, heads out onto Fontana’s California Speedway with this very same LFA, getting some instruction himself from fellow racer Scott Pruett before taking the better seat for a lap.

The segment was shot for the latest episode of Jay Leno’s Garage, the Jay Leno webshow that highlights a different car every week, sometimes with Jay driving and sometimes with Justin doing the heavy lifting. Follow the jump to see the video for yourself and be sure to check out Jay’s Garage regularly if you don’t already. Listening to this thing rip up to 9,000 RPM is worth the nine-minute investment of your time, trust us. Thanks for the tip Gabriel!

[Source: Jay Leno’s Garage]

Continue reading VIDEO: Justin Bell shows off Lexus LFA in Jay Leno’s Garage

VIDEO: Justin Bell shows off Lexus LFA in Jay Leno’s Garage originally appeared on Autoblog on Mon, 23 Nov 2009 13:56:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Today we release some new ECM research. It focuses (as does much of our broader research) on the so called mid-market. ‘Mid’ is a terribly misleading term as it conjures up the idea that this is the average, sub-par section of the market. In fact, this is the single most important, vibrant, and sizable section of the market. It is from here that the majority of ECM (Document Management) solutions are procured and where many of the most interesting and innovative products emerge.

In our most recent research we have added evaluations for Docuware, FileBound, Westbrook, and Fabasoft. They are all worthy competitors alongside established players such as Laserfiche, Hyland, SpringCM, and Alfresco. As you can see, mid-market ECM buyers have a bevy of options to compare against the biggest name in mid-market ECM players, SharePoint.

Still playing Need for Speed: Shift? Good news. EA has now detailed the content of the game’s DLC, and you’re in for a little treat. The Team Racing…

Filed under: Coupe, Performance, Audi, Rumormill

We’ve learned to take “scoops” from Auto Express with a grain of salt. But Britain’s car tabloid says they have it on good authority that Audi is working on an even more extreme successor to the current range-topping R8 supercar.

Dubbed the R10, the heart of the new four-ringed exotic is listed as a twin-turbo 5.0-liter V10 mounted amidship and pumping out 600 horsepower – through all four wheels, natch. The platform is tipped to be shared with sister company Lamborghini’s upcoming replacement for the aging Murcielago, crafted from aluminum and supplemented with carbon fiber.

While such a performance beast would encroach on Lamborghini’s territory and, from the sound of it, even approach Bugatti’s, the Volkswagen empire has proven particularly adept at packing segments with its own products, so anything’s possible. AE says prototypes are already lapping the Nurburgring and could be ready for delivery by 2012.

[Source: Auto Express]

Rumormill: 600hp twin-turbo Audi R8 replacement in the works? originally appeared on Autoblog on Mon, 23 Nov 2009 13:30:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

There’s a lot of hype over music services lately, especially music streaming services. The interesting thing is that the hype isn’t necessarily over the services themselves, but over the fact that this time some may actually succeed. Spotify is the prime example and the European free music streaming service has been heralded as the savior of the market and the way forward. There’s just one problem, it may save, or rather create a market for free streaming services, it may even save the music industry but the artists still aren’t getting paid.

Torrentfreak has an interesting story on how much do the actual artists make from streaming services more precisely from Spotify. Lady Gaga, one of the most popular artists on Spotify at the moment, made a whooping $167 (SEK 1150) by having her songs on the service. The sum came from the Swedish Performing Rights Society (STIM) as royalties for over one million streams of her hit song “Poker Face.”

Without knowing the exact details of her contract or the deals that the music labels have with Spotify, it can’t be used as a general example. Still, it’s safe to assume that most artists aren’t making that much more. The labels would jump at the chance to claim that this is clear proof that free streaming services aren’t working and that people need to pay subscrip… (read more)

ArtelPlus has released a new version of BatteryZzz 2.0, an application warning a user with a sound signal of critical discharge and full charge of his Windows Mobile device battery.

Smartphone users much more often than the users of conventional mobile phones face the problem of low battery. Higher battery discharge rate on smartphones and Pocket PC in comparison with conventional mobile phones is a cause of inconvenience, especially when the battery level drops low when it is needed the most. This prevents the users from efficient use of their Windows Mobile devices.

BatteryZzz allows you to simply and effectively solve this problem, reminding you with a sound signal to charge your Pocket PC at the right time. Unlike other PDA battery utilities, which just indicate the battery status on the screen, the main advantage of BatteryZzz is that the low battery warning sound easily attracts attention, so there is no need for continuous regular monitoring of the battery indicator on the PDA screen. 

"It is similar to waking up with an alarm clock sound instead of waking up every hour and watching at the clock." 

Another unique feature of BatteryZzz is that a user gets a notification sound upon completion of the battery recharge. This will not only save your time but also save your battery charger from overheating.

BatteryZzz 2.0 features include:

• a new interface with modern design and convenient thumb navigation;

• option to set the battery discharge level when the alarm is to go off;

• option to set the interval between low battery notifications (also, this interval can automatically shorten if the battery power drops below a specified level);

• an option to play an alarm warning upon completion of the battery charge only once and/or automatically switch to silent mode at night;

• an option to set any sound or melody of your choice as the full charge or low battery alerts;

• efficiency – BatteryZzz is a "lightweight" application, it does not affect your smartphone performance and practically has no effect on the battery’s discharge rate.

More info is available at www.artelplus.com/batteryzzz

This post was submitted by Lilac.

At 12 o’clock this morning while most of us were nursing the nasty side effects of a weekend-long bender, GM officially unveiled the new 2011 Cadillac CTS Coupe to the motoring press. The live, in-the-flesh reveal isn’t scheduled until next week at the LA Auto Show (which I will be attending, for all 3 of you interested fans), but as PR custom dictates GM was kind enough to give us a sneak preview a full 7 days early.

Based on its increasing popular full-sized brethren, the CTS coupe shares all the basic styling cues of the CTS sedan yet features a much chunkier, Beyonce-in-a-bodysuit ass. Fortunately, thanks to the 304-hp direct injected 3.6L V6, if you are successfully able to row your own (6-sp manual standard, 6-speed auto available for poseurs) you should be able to peel out of a dead stop before the jeers from the Bimmer owners reach your ears. If you aren’t fast enough on the throttle or otherwise catch the last sing-song remnants of “Fatty fatty two-by-four…” the CTS coupe also comes with enough interior accessories to keep your crushing depression at bay until you get to your therapist’s office, including iPod/MP3 capability, 40-gig hard drive, pop-up nav, Bluetooth, standard Keyless Access and Smart Remote Start, rear camera system, and a Bose 5.1 Cabin Surround™ audio system.

To help give this thick lady some semblance of agility, two optional performance packages are available: the RWD or AWD Performance Package with 18″ wheels and all-season tires or the Summer Tire Performance Package with 19″ tires. For those customers who feel ill-equipped to handle this BBW without the help of a few extra horsepower, GM promises the CTS-V coupe will drop sometime in 2010.

If you’ve got a fetish for big girls, be sure to check back next week for live image updates from the LA Auto Show.

I today stumbled across this video of a user review of the HTC Touch Pro 2 vs the Android powered Motorola Droid.

Its nice to see one of the most loved Windows Mobile handsets hold up pretty well against the most highest profile Android handset available at present.  I must say however that search feature is pretty cool, but on the other hand it seems to be a slicker version of Microsoft’s Tellme service, so it may not be that enviable after all.

On a related note, a more expert opinion comes from JKontherun, who compared Windows Mobile against Android, and found the OS again holds up pretty well, winning on 3:0 on multi-tasking, user interface and desktop integration, with a tie on Outlook vs Gmail integration.

Read that comparison here.