Paul Hardwick: Exploits

Google's Blog Software Hijacked by Scammers.

Sun, 18 Mar 2007 02:58:36 GMT

Google's Blog Software Hijacked by Scammers. Google's blogger.com is being hijacked to spread malware through fake blogs, a security vendor warns. [PC World: Latest Technology News]

Firefox Takes New Tack on Testing Security Bug Fixes.

Sun, 18 Mar 2007 02:00:17 GMT

Firefox Takes New Tack on Testing Bug Fixes. Mozilla decides there will be more beta testing before it publishes security fixes for the Firefox browser. [PC World: Latest Technology News]

Hackers Promise Month of MySpace Bugs.

Sun, 18 Mar 2007 01:58:02 GMT

Hackers Promise Month of MySpace Bugs. They won't divulge their real names, they call their project a "whiny, attention-seeking ploy," and they appear to take their fashion cues from Beastie Boys music videos. [PC World: Latest Technology News]

Administrivia: Possible unscheduled upgrade of Privacy Digest

Sun, 18 Mar 2007 01:39:04 GMT

Administrivia: Possible unscheduled upgrade of Privacy Digest.

I might be implementing an unscheduled upgrade of the site due to some problems with the software I am currently using to run the site. I had been working on upgrading the software to implement some new features but may have to implement sooner than originally planned. If you would like to take a peek at the planned software take a visit to http://www.PrivacyDigest.com/index.php Yes the full URL will have to be entered until I have completed the switch over.

There may be some hiccups during the process as the XML/RSS location will change along with access to the sub-topics. I plan to create mod-rewrite rules to take of this but they may not all be ready on day one.

Please let me know what you think.

U.S. Lawmakers Introduce New Spyware Bill.

Sun, 18 Mar 2007 01:21:55 GMT

U.S. Lawmakers Introduce New Spyware Bill. Two U.S. lawmakers reintroduce a bill that would impose penalties of up to five years of prison time and fines for spyware activities. [PC World: Latest Technology News]

Injunction Against Companies Allegedly Engaged in ID Theft.

Fri, 16 Mar 2007 19:48:47 GMT

Injunction Against Companies Allegedly Engaged in ID Theft. "Combating identity theft is one of my top priorities in the consumer protection arena." [GT: Security and Privacy]

Antispyware advocates try, try again in Congress.

Fri, 16 Mar 2007 19:46:19 GMT

Antispyware advocates try, try again in Congress. A U.S. House subcommittee heard repeated praise today for an antispyware proposal similar to two previous bills that won passage in the House -- only to fail when they got to the Senate. [Computerworld Privacy News]

Botnets Fueling Unprecedented Attacks.

Fri, 16 Mar 2007 19:41:59 GMT

Botnets Fueling Unprecedented Attacks. Spam Levels and Associated Costs Are the Highest in History [GT: Security and Privacy]

Visa Chief: Customer Data Theft Neither Random Nor Unavoidable - Software Technology News by InformationWeek

Fri, 16 Mar 2007 19:39:19 GMT

Although the use of the Internet to buy and sell online has introduced a slew of security concerns within the payment services industry, Visa USA president and CEO John Philip Coghlan insists that technology is the solution to combating fraud -- not the cause of it. Coghlan also pointed out during Visa's security summit in Washington, D.C., Thursday that data breaches are neither random nor inevitable if proper security measures are taken.

The TJX data breach "was a stark reminder to all of us that such events can have vast reach and consequences," Coghlan said. Such breaches create mistrust and can undermine efforts make to build a good brand image. But, he made clear, "the majority of compromises come from storage of prohibited data and using vulnerable systems to process data."

TJX, the parent company of retailers T.J. Maxx, Marshalls, HomeGoods, and others, made headlines in February when it revealed an attack on its systems had resulted in the theft of customer information. Just as the headlines were threatening to die down, TJX announced a few weeks later that intrusions into its system actually began as early as July 2005, rather than beginning in May 2006 as the company had originally reported.

While the exact nature of the TJX data breach has not yet been revealed, in general, financial information is stolen in a number of ways, including the physical theft of a wallet, checkbook, or credit card; theft of information from one's home from friends, relatives, or in-home employees; phishing messages that trick people into divulging information to fraudsters; hacks, viruses, and spyware on a PC or ATM machine; and a corrupt business employee with access to your records.

But data theft is not random. Instead, it's perpetrated against businesses with the weakest security and the most valuable information, Coughlin said Thursday, adding, "More than 80% of all dollars lost come from 20% of fraudulent transactions."

Security Watch - Visa - customer data theft neither random nor unavoidable

Fri, 16 Mar 2007 19:36:34 GMT

Very revealing speech last week by John Coughlan, Visa USA's CEO, who insists that the technology is available to prevent cardholder data falling into the wrong hands.

In a speech at Visa's security summit in Washington late last week, Coughlan said that cardholder data breaches are neither random nor inevitable if proper security measures are taken.

The TJX (TJ Maxx) data hack, he said, "was a stark reminder to all of us that such events can have vast reach and consequences."

According to Coughlan, such hacks can create mistrust and undermine efforts to build a positive brand image. But, he said, the majority of system compromises result from the storage of prohibited data and using vulnerable systems to process data.

More Than 100 Security Breaches Reported Under Law to Thwart ID Thieves.

Fri, 16 Mar 2007 19:31:47 GMT

More Than 100 Security Breaches Reported Under Law to Thwart ID Thieves. "Consumers who get notice can act fast to protect their good names." [GT: Security and Privacy]

SELinux by Example. (Book Review)

Thu, 15 Mar 2007 19:49:06 GMT

SELinux by Example. Ravi writes "SELinux is a project started and actively maintained by the U.S Department of Defense to provide a Mandatory Access Controls mechanism in Linux. It had been a long standing grouse of Linux power users and system administrators over its lack of fine grained access control over various running processes as well as files in Linux. While Solaris touts its famous RBAC and Microsoft Windows has its own way of providing finer rights to its resources, Linux had to put up with the simple but crude user rights known in tech speak as discretionary access control to control user access of files. With SELinux project making great strides and now being bundled with many major Linux distributions, it is possible to effectively lock down a Linux system through judicious use of SELinux policies. SELinux implements a more flexible form of MAC called type enforcement and an optional form of multilevel security." -- Read the rest of Ravi's review. Or go directly to my Amazon Associate site and buy the book - SELinux by Example [Slashdot]

Core Security | CoreLabs - OpenBSD's IPv6 mbufs remote kernel buffer overflow

Thu, 15 Mar 2007 19:42:23 GMT

Vulnerability Description

The OpenBSD kernel contains a memory corruption vulnerability in the code that handles IPv6 packets. Exploitation of this vulnerability can result in:

1) Remote execution of arbitrary code at the kernel level on the vulnerable systems (complete system compromise), or;

2) Remote denial of service attacks against vulnerable systems (system crash due to a kernel panic)

The issue can be triggered by sending a specially crafted IPv6 fragmented packet.

OpenBSD systems using default installations are vulnerable because the default pre-compiled kernel binary (GENERIC) has IPv6 enabled and OpenBSD's firewall does not filter inbound IPv6 packets in its default configuration.

Remote Exploit Discovered for OpenBSD.

Thu, 15 Mar 2007 19:39:14 GMT

Remote Exploit Discovered for OpenBSD. An anonymous reader writes "OpenBSD is known for its security policies, and for its boast of "only one remote exploit in over 10 years". Well, make that two, because Core Security has found a remotely exploitable buffer overflow in the OpenBSD kernel. Upgrade your firewalls as soon as possible." [Slashdot]

New Fraudulent Adware Uses Rootkit Techniques.

Thu, 15 Mar 2007 19:16:48 GMT

New Fraudulent Adware Uses Rootkit Techniques. "Under no circumstances should users download applications through pop-up ads, or shortcuts that suddenly appear on the desktop." [GT: Security and Privacy]

Chertoff: Security and privacy not at odds.

Thu, 15 Mar 2007 19:12:44 GMT

Chertoff: Security and privacy not at odds. Calling privacy groups "Luddites," DHS head Michael Chertoff defends the Real I.D. Act. He claims that the data-chipped drivers licenses, which will be linked to a numbers of databases around the country, will actually protect privacy Editor:And down is up, black is white, and I have a bridge I'd like to sell you.

[...]

The head of the Department of Homeland Security on Thursday downplayed privacy concerns raised by the government's efforts to create standardized, data-chipped drivers licenses across the country.

The same technology that makes information on identification cards more reliable can also protect privacy, DHS Secretary Michael Chertoff said during a speech to the Northern Virginia Technology Council. "It's my contention that properly used technology ... actually protects privacy," he said. "We should not allow folks to be captivated by the argument that every time we do something with a computer, it invades privacy."

Chertoff was referring to privacy concerns surrounding the Real ID Act, a law passed by Congress in 2005 that would require states to create machine-readable ID cards containing the name of the holder, the data of birth, a digital photograph and other information.

Privacy groups, including the Electronic Privacy Information Center (EPIC), have said that the DHS hasn't come up with rules on how the information on the cards should be protected. DHS has made only "vague" plans for card security and for restricting which state motor vehicle agency employees would have access to the information, EPIC says.

"On security and privacy standards for the card, state motor vehicle facilities, and the personal data and documents collected in state motor vehicle databases, DHS shows little interest," EPIC says on its Web site.

But Chertoff said those raising privacy concerns about the use of IT in the U.S. government's domestic security efforts create a false tension between security and privacy. "This kind of Luddite attitude ... is exactly wrong," he said. "Security and privacy are very much the same type of value. I don't think they're mutually exclusive, they're mutually reinforced."

Chertoff also talked about how DHS is using IT. Technology plays a part in nearly all the agency's efforts, including machines that read fingerprints at border crossings, databases that link law enforcement investigations and scanning technologies for containers coming into the U.S.

[Computerworld Privacy News]

Spyware Legislation Could Aid Enforcement, CDT Testifies.

Thu, 15 Mar 2007 18:45:50 GMT

Spyware Legislation Could Aid Enforcement, CDT Testifies. An anti-spyware measure pending in Congress contains important provisions that could strengthen enforcement against spyware scammers, but broad consumer privacy legislation is still needed to address the larger issues associated with spyware, CDT Deputy Director Ari Schwartz told a congressional panel today. Testifying before the House Energy and Commerce Committee's Subcommittee on Commerce Trade and Consumer Protection, Schwartz applauded language in the Spy Act (H.R. 964) that bolsters the Federal Trade Commission's enforcement capabilities. But Schwartz also noted that the longtime practice of addressing privacy concerns sector-by-sector, rather than as part of a broader initiative would not get to the root of the problem. [Center for Democracy and Technology]

Interpreting the Results of a Vulnerability Assessment: How to Focus on What's Important in Your Web Application Security Testing.

Thu, 15 Mar 2007 17:59:06 GMT

Interpreting the Results of a Vulnerability Assessment: How to Focus on What's Important in Your Web Application Security Testing. SPI Dynamics just completed a new article, written by Kevin Beaver and Caleb Sima, that discusses how to interpret and prioritize the results of Web application security tests. By Kevin Beaver. [Infosec Writers Latest Security Papers]

Four Colorado Counties Placed on Election Watch List.

Wed, 14 Mar 2007 20:04:05 GMT

Four Colorado Counties Placed on Election Watch List. Errors with voting machines, delays in voting, inadequate security cited. [GT: Security and Privacy]

Latest ID-Theft Worry? Copiers.

Wed, 14 Mar 2007 19:55:53 GMT

Latest ID-Theft Worry? Copiers. Digital photocopiers use hard drives to store data. If not properly secured, they can be vulnerable to data thieves. By the Associated Press. [Wired News: Security Blanket]

Photocopiers: The newest ID theft threat.

Wed, 14 Mar 2007 19:40:11 GMT

Photocopiers: The newest ID theft threat. Photocopiers made in recent years often have hard drives that store what's been duplicated -- making them a potential target for identity thieves. [Computerworld Privacy News]

Apple Releases a Bushel of Software Patches.

Wed, 14 Mar 2007 15:35:07 GMT

Apple Releases a Bushel of Software Patches.

Today turned out to be "Patch Tuesday" after all, only the security updates were released by Apple instead of Microsoft.

Apple issued security updates to plug at least 46 separate security holes in its operating system and other software. The updates are available through Apple's site or via the built-in Software Update feature.

Nearly one-third of the fixes mend flaws outlined in the controversial Month of Kernel Bugs and Month of Apple Bugs projects from November 2006 and January 2007, respectively. Also included was a patch for a serious flaw in Apple's Software Update application.

A number of the patches address third-party applications built for use on Mac OS X and Mac OS X Server systems. Today's bundle fixes at least seven bugs in the MySQL database software, and two flaws in OpenSSH, a tool used to encrypt online communications. Other programs patched in this release include iPhoto, QuickDraw, and Adobe's Flash Player.

[Security Fix]

Tracking the Password Thieves.

Wed, 14 Mar 2007 15:30:56 GMT

Tracking the Password Thieves.

The Washington Post today ran a story I wrote about an epidemic of data theft being fueled by password-stealing viruses and phishing attacks. In some ways, the story behind the reporting that went into the piece is just as interesting, so I'd like to share a few of those details.

I based the story in part on a cache of stolen data I found online (more on how I obtained it in a bit). The data was being compiled by a password-stealing virus that had infected many thousands of computers worldwide; the particular text file that I found included personal information on 3,221 victims scattered across all 50 U.S. states.

Using a custom-built application that makes use of the Google Maps API, I was able to chart the approximate locations of the victims. This was possible because at the beginning of each record was the virus's best guess of the longitude and latitude of the infected computer's Internet address. This so-called "geo-IP" process is far from perfect: Sometimes these automated guesses are disturbingly accurate, and other times they are miles wide or completely wrong.

The approximate location of the 3,221 U.S. residents victimized by this virus (Data gathered by washingtonpost.com; image courtesy Secure Science Corp. and Google).

Scammers collect information about the location of their victims because it becomes useful when they want to conduct fraud with a hijacked credit or debit card account. The idea here is to evade a key component of fraud detection in the financial industry -- transaction location tracking. If Joe in Georgia starts suddenly withdrawing money or making purchases in Nigeria or Europe when his last transaction was an hour earlier in Atlanta, Joe's bank is going to flag the transactions as fraudulent and in all likelihood cancel the card.

[Security Fix]

Three Indicted for Alleged Online Brokerage Scam.

Tue, 13 Mar 2007 20:11:34 GMT

Three Indicted for Alleged Online Brokerage Scam. A federal grand jury indicted three people on charges of conspiracy, fraud, and aggravated identity theft related to a "high-tech" scheme to hijack online brokerage accounts. [PC World: Latest Technology News]

McAfee Says Vista's StickyKeys Could Be Misused.

Tue, 13 Mar 2007 20:02:15 GMT

McAfee Says Vista's StickyKeys Could Be Misused. A Windows Vista feature designed to simplify computing for disabled users has security implications, according to a McAfee researcher. [PC World: Latest Technology News]

American Studios' Secret Plan to Lock Down European TV Devices.

Tue, 13 Mar 2007 19:53:46 GMT

American Studios' Secret Plan to Lock Down European TV Devices.

EFF Exposes Standards Jeopardizing Innovation and Consumer Rights

San Francisco - An international consortium of television and technology companies is devising draconian anti-consumer restrictions for the next generation of TVs in Europe and beyond, at the behest of American entertainment giants.

The Electronic Frontier Foundation (EFF) is the only public interest group to have gained entrance into the secretive meetings of the Digital Video Broadcasting Project (DVB), a group that creates the television and video specifications used in Europe, Australia, and much of Asia and Africa. In a report released today, EFF shows how U.S. movie and television companies have convinced DVB to create new technical specifications that would build digital rights management technologies into televisions. These specifications are likely to take away consumers' rights, which will subsequently be sold back to them piecemeal -- so entertainment fans will have to pay again and again for legitimate uses of lawfully acquired digital television content.

"DVB is abetting a massive power grab by the content industry, and many of the world's largest technology companies are simply watching," said Ren Bucholz, EFF Policy Coordinator, Americas. "This regime was concocted without input from consumer rights organizations or public interest groups, and it shows."

Despite recent record profits, American movie and television studios insist that new technologies could ruin their industry. In past battles against innovation, these same studios sued to block the sale of the VCR and the first mass-marketed digital video recorder in the U.S. Having failed in those efforts, they have now turned to creating technical standards that, when backed by law, are likely to restrict consumers' existing rights and threaten the future of technological innovation.

With DVB, the plan begun by entertainment companies in the U.S. has now gone global. EFF's report is aimed at alerting European consumer groups and consumers about the dangers posed by the proposed standards and providing informational resources for European regulators.

"DVB members' active indifference, even hostility, to user rights is shameful," said EFF Staff Technologist Seth Schoen. "When American studios ask for regulatory support for restrictions pushed through the DVB Project, public officials must stand up for consumer rights, sustain competition and innovation, and tell Hollywood to back off."

For the full report:
http://www.eff.org/IP/DVB/dvb_briefing_paper.php

EFF's 2005 Submission to the U.K. Department of Media, Sports and Culture:
http://www.eff.org/IP/DVB/dvb_critique.php

Contacts:

Ren Bucholz
Policy Coordinator, Americas
Electronic Frontier Foundation
ren@eff.org

Seth Schoen
Staff Technologist
Electronic Frontier Foundation
seth@eff.org

[EFF: Breaking News]

Popular P2P apps could expose sensitive files, report says.

Mon, 12 Mar 2007 20:33:43 GMT

Popular P2P apps could expose sensitive files, report says. Five popular peer-to-peer file-sharing applications include features that could allow users to inadverdently share sensitive files on their computers with others, according to the U.S. Patent and Trademark Office. [Computerworld Privacy News]

Does Free Domain Registration Promote Malware?

Mon, 12 Mar 2007 20:06:37 GMT

Does Free Domain Registration Promote Malware? Easy, anonymous registration boosts sites used for spamming or hosting malicious apps, McAfee says. PC World: Latest Technology News]

Don't like ID cards? Hand over your passport | the Daily Mail

Sun, 11 Mar 2007 16:56:16 GMT

Anybody who objects to their personal details going on the new "Big Brother" ID cards database will be banned from having a passport.

James Hall, the official in charge of the supposedly-voluntary scheme, said the Government would allow people to opt out - but in return they must "forgo the ability" to have a travel document.

With one in every eight people saying they will refuse to sign-up, up to five million adults could effectively be refused permission to leave the country.

Campaigners reacted to Mr Hall's remarks with fury, saying they were yet more evidence of the lurch towards "Big Brother" Britain.

Phil Booth, of the NO2ID group, said: "The idea that ID cards scheme is voluntary, and people can opt-out, is a joke.

"There are all sorts of reasons why people need to travel, not just for holidays. There is work, visiting relatives.

"What are these people supposed to do? It stretches the definition of voluntary beyond breaking point. They will go to any length to get personal information for this huge database. Who knows what will happen to it then?"

Newly Revealed FBI Data Abuses and the Data Retention Red Flag.

Sun, 11 Mar 2007 02:43:18 GMT

Newly Revealed FBI Data Abuses and the Data Retention Red Flag.

Greetings. The release of a new report detailing massive FBI abuses of the PATRIOT Act (particularly in regard to National Security Letters), now confirms concerns that I and others have been long expressing about the potential abuse of retained Internet and other data, e.g.:

Sounding the Alarm on Government-Mandated Data Retention

An Open Letter to Google: Concepts for a Google Privacy Initiative

Broad abuses of retained data are now demonstrated to be real, not theoretical, as described in this Washington Post story.

We don't yet really know the full extent of these violations, but what has already been revealed is bad enough as a starting point.

I hope that these events will not only trigger considerable soul-searching by those firms who voluntarily retain user activity data, but also cause a renewed recognition of how broad mandated data retention can facilitate, and inevitably will facilitate, such abuses in the future.

--Lauren--

[Lauren Weinstein's Blog]

Justice: FBI misused Patriot Act powers - Yahoo! News

Fri, 09 Mar 2007 20:34:53 GMT

The FBI improperly and, in some cases, illegally used the USA Patriot Act to secretly obtain personal information about people in the United States, a Justice Department audit concluded Friday.

And for three years the FBI underreported to Congress how often it forced businesses to turn over the customer data, the audit found.

Attorney General Alberto Gonzales, who oversees the FBI, described the problems cited in the report as unacceptable and left open the possibility of criminal charges. He ordered further investigation.

"Once we get that information, we'll be in a better position to assess what kinds of steps should be taken," Gonzales told reporters following a speech to privacy officials.

[...]

The FBI also used so-called "exigent letters," signed by officials at FBI headquarters who were not authorized to sign national security letters, to obtain information. In at least 700 cases, these exigent letters were sent to three telephone companies to get toll billing records and subscriber information.

"In many cases, there was no pending investigation associated with the request at the time the exigent letters were sent," the audit concluded.

In a letter to Fine, Gonzales asked the inspector general to issue a follow-up audit in July on whether the FBI had followed recommendations to fix the problems.

"To say that I am concerned about what has been revealed in this report would be an enormous understatement," Gonzales told the privacy officials. "Failure to adequately protect information privacy simply is a failure to do our jobs."

Senators outraged over the conclusions signaled they would provide tougher oversight of the FBI -- and perhaps limit its power.

"The report indicates abuse of the authority" Congress gave the FBI, said Senate Judiciary Committee Chairman Patrick Leahy (news, bio, voting record), D-Vt. "You cannot have people act as free agents on something where they're going to be delving into your privacy."

The committee's top Republican, Pennsylvania Sen. Arlen Specter (news, bio, voting record), said the FBI appears to have "badly misused national security letters." The senator said, "This is, regrettably, part of an ongoing process where the federal authorities are not really sensitive to privacy and go far beyond what we have authorized."

Sen. Russ Feingold (news, bio, voting record), D-Wis., another member on the panel that oversees the FBI, said the report "proves that 'trust us' doesn't cut it."

The American Civil Liberties Union said the audit proves Congress must amend the Patriot Act to require judicial approval anytime the FBI wants access to sensitive personal information. "The Attorney General and the FBI are part of the problem and they cannot be trusted to be part of the solution," said Anthony D. Romero, the ACLU's executive director.

Audit Finds FBI Abused Patriot Act.

Fri, 09 Mar 2007 20:27:43 GMT

Audit Finds FBI Abused Patriot Act. happyslayer writes to mention that according to Yahoo! News a recent audit shows that the FBI has improperly and in some cases illegally utilized the Patriot Act to obtain information. "The audit by Justice Department Inspector General Glenn A. Fine found that FBI agents sometimes demanded personal data on individuals without proper authorization. The 126-page audit also found the FBI improperly obtained telephone records in non-emergency circumstances. The audit blames agent error and shoddy record-keeping for the bulk of the problems and did not find any indication of criminal misconduct. Still, 'we believe the improper or illegal uses we found involve serious misuses of national security letter authorities,' the audit concludes." [Slashdot]

FTC Finalizes Landmark Adware Settlement.

Fri, 09 Mar 2007 20:08:24 GMT

FTC Finalizes Landmark Adware Settlement. The Federal Trade Commission today finalized its landmark settlement requiring adware distributor Zango Inc. (formerly 180solutions) to hand over $3 million and change some of its most egregious practices. The settlement bars Zango from contacting the computers of people who installed Zango software before Jan. 1, 2006. After the proposed settlement was announced in November 2006, CDT submitted recommendations to the FTC highlighting the challenges that will come with enforcing it. In a letter to CDT, the FTC today acknowledged that it would need to remain vigilant to ensure that Zango abides by the terms of the settlement. The commission also urged CDT to pass along any evidence of future offenses by Zango stemming from CDT's ongoing forensics work in the adware/spyware arena. [Center for Democracy and Technology]

The Blotter(ABC NEWS) - Exclusive: Report Says FBI Violated Patriot Act Guidelines

Fri, 09 Mar 2007 17:02:02 GMT

The FBI repeatedly failed to follow the strict guidelines of the Patriot Act when its agents took advantage of a new provision allowing the FBI to obtain phone and financial records without a court order, according to a report to be made public Friday by the Justice Department's Inspector General.

The report, in classified and unclassified versions, remains closely held, but Washington officials who have seen it tell ABC News it documents "numerous lapses" and describe it as "scathing" and "not a pretty picture for the FBI."

FBI Director Robert Mueller is scheduled to brief Congress on the report at noon.

The officials say the inspector general found the FBI underreported by at least 20 percent the use of the controversial provision, known as National Security Letters, NSLs, in required disclosures to Congress.

The Patriot Act gave FBI agents the ability to demand telephone, bank, credit card and library records by issuing an administrative letter, bypassing the need to seek a warrant from a federal judge.

DNS Attack Factsheet Released.

Fri, 09 Mar 2007 16:30:25 GMT

DNS Attack Factsheet Released. Hoped to be first in a series. [GT: Security and Privacy]

Malware with Rootkit Features Grows.

Fri, 09 Mar 2007 16:28:49 GMT

Malware with Rootkit Features Grows. "Rootkit techniques are becoming increasingly popular among malware creators." [GT: Security and Privacy]

Online Anti-Virus Scans: A Free Second Opinion.

Fri, 09 Mar 2007 16:07:01 GMT

Online Anti-Virus Scans: A Free Second Opinion.

Periodic online virus scanning is a good idea for Windows users, even for people already using up-to-date anti-virus tools. There are a couple of reasons I suggest this: First, anti-virus software is frequently slow to spot new threats. Take a gander at the daily "unrecognized" stats posted by Shadowserver.org, which tracks the performance (or lack thereof) of several popular tools in spotting new variants. That list currently examines the performance of several free programs, but the reality is not much different with the commercial tools. Just have a look at performance metrics and virus detection failure rates chronicled here and here.

The second reason follows from the first: If something nasty does make it past your security defenses, usually the first thing it will try to do is disable the active protection and update features in those tools. In such cases, you probably would not know about the infection unless you turned to a third-party program that is not already installed on your computer.

In my experience, two of the better free online anti-virus scanners are Panda Software's PandaScan and Kaspersky Lab's Free Virus Scan. Both require that you run the scans using Internet Explorer, as both require the installation of an ActiveX plug-in to do the job.

F-Secure Corp., CA and BitDefender also offer free online scanners that also use IE and ActiveX, but I haven't yet tried those so I can't offer an opinion on them.

TrendMicro's HouseCall service lets you install and run a free scanning tool from inside an IE or Firefox browser. However, I found the program both annoying -- it emitted a series of very loud and startling tones through my computer speakers while downloading virus definitions -- and ineffective. It crashed halfway through the scan, taking all of my other open Firefox windows with it, including an earlier, unsaved version of this blog post. (I had hoped Firefox 2.0's crash-recovery feature would save what I had typed as it had in previous crashes, but no such luck this time.)

If you have just a single file or archive that you'd like to scan, I'd suggest submitting it to VirusTotal, a free online anti-virus engine that will scan your submission against more than two dozen of the most well-known tools.

Depending on the speed of your PC and the number of files and hard drives you have, conducting an online scan can take between a few minutes to several hours to complete. It's not a bad idea to run the scan only when you can afford to be away from the PC for a few hours, or perhaps right before bedtime. Even on my test machine -- which sports a 2.2 GHz processor and 2 gigabytes of memory -- running several of the online scanners interfered with the simplest of tasks, such as composing an e-mail.

[Security Fix]

All Microsoft Updates Phone Home.

Thu, 08 Mar 2007 22:49:17 GMT

All Microsoft Updates Phone Home. juct writes "In the wake of heise Security's report on the garrulous WGA Notification, Microsoft has now supplied additional details on the data sent. They have revealed to developers that apparently all updates relay information to the company in Redmond." [Slashdot: Your Rights Online]

Patch Reprieve for March's Black Tuesday.

Thu, 08 Mar 2007 22:03:31 GMT

Patch Reprieve for March's Black Tuesday.

Windows PC users and corporate system administrators worldwide will earn a reprieve from Redmond next week. Microsoft said today it has no plans to release new software security updates this month.

It's not as if there aren't any outstanding security flaws that Microsoft could fix this month, but the situation could be a lot worse.

Perhaps Redmond is simply being kind to corporate IT folk, many of whom are working hard to update their companies' software and hardware for the early daylight saving switch this weekend: For the first time in 20 years, daylight saving time will not start on the first Sunday in April. Instead, it will begin three weeks earlier, at 2 a.m. on the second Sunday in March, the 11th. Our IT staff has sent numerous e-mails to laptop users to drop by and make sure the Macs and PCs are all up to date. (Apple and Microsoft have already pushed out patches to address this issue, and if you've been keeping up to date with them, you should be fine, but Windows users can consult this page to be sure.) By the way, updates are available to fix this shift for Palm and Windows Mobile PDAs.

Normally, Microsoft plugs security holes in its software on the second Tuesday of every month, also known as "Patch Tuesday." Microsoft moved to a regular patch cycle a few years ago to make it more predictable for companies who need to staff or schedule extra IT personnel to test and deploy the updates to what could be thousands of systems. The system administrators to whom that task falls typically dread the monthly chore and have a different name for it: "Black Tuesday."

It's been a while since Windows users have been given a pass on patches. By my count, the last time Microsoft skipped a cycle was back in September 2005.

[Security Fix]

No Microsoft Security Updates Coming Mext Week.

Thu, 08 Mar 2007 21:40:55 GMT

No Microsoft Security Updates Coming Mext Week. In one of only a handful of times since 2003, Microsoft won't have security patches available next week. [PC World: Latest Technology News]

WGA Reports Back To MS Even If You Choose Not To Install - Aviran's Place

Wed, 07 Mar 2007 17:06:01 GMT

Heise online reports on a very interesting action Microsoft is taking during the installation of WGA.

When you start WGA setup and get to the license agreement page but decided NOT to install the highly controversial WGA component and cancel the installation, the setup program will send your info and the fact that you choose not to install WGA back to their servers.

In addition to that it seems that the setup program send some information stored in your registry to http://genuine.microsoft.com/. While it does not specifically identify the user, it looks like it does send some identification of your computer and Windows version (see picture) to Microsoft servers.

Microsoft WGA Phones Home Even When Told No.

Wed, 07 Mar 2007 17:00:00 GMT

Microsoft WGA Phones Home Even When Told No. Aviran writes "When you start WGA setup and get to the license agreement page but decided NOT to install the highly controversial WGA component and cancel the installation, the setup program will send information stored in your registry and the fact that you choose not to install WGA back to Microsoft's servers." [Slashdot]

Stations agree on anti-payola settlement | Houston Chronicle

Wed, 07 Mar 2007 16:17:54 GMT

Radio listeners weary of hearing the same songs over and over may have something to cheer about: Broadcasters have tentatively agreed to anti-payola settlements that could shake up music playlists at some of the nation's largest radio chains.

Four major broadcast companies would pay the government $12.5 million and provide 8,400 half-hour segments of free airtime for independent record labels and local artists, The Associated Press has learned.

The agreement is aimed at curbing payola -- generally defined as radio stations accepting cash or other consideration from record companies in exchange for airplay. The practice has been around as long as the radio industry and was made illegal after scandals in the late 1950s.

Two Federal Communications Commission officials, who spoke on condition of anonymity because final language has not been approved by the full commission, said the monetary settlement is part of a consent decree between the FCC and Clear Channel Communications Inc., CBS Radio, Entercom Communications Corp. and Citadel Broadcasting Corp.

The settlement was reached at the same time as a separate deal designed to lead to more airtime for smaller record companies and their lesser-known artists as well as local musicians.

Malware Increased 172 Percent in 2006, According to Report.

Wed, 07 Mar 2007 15:57:37 GMT

Malware Increased 172 Percent in 2006, According to Report. Amount of malware detected in 2006 same as past 15 years, combined. [GT: Security and Privacy]

Wal-Mart fires technician who recorded phone calls

Wed, 07 Mar 2007 15:52:20 GMT

March 05, 2007 (Reuters) -- CHICAGO - Wal-Mart Stores Inc. said today it fired a systems technician for intercepting text messages of people who were not Wal-Mart employees and for recording telephone conversations with a New York Times reporter without authorization.

Wal-Mart, the world's largest retailer, said an internal investigation found the technician had monitored and recorded phone calls between Wal-Mart public relations employees and a New York Times Co. reporter between September and January.

The Bentonville, Ark.-based retailer also said the technician, who worked in its information systems division, intercepted and stored text messages that contained certain key words, including those sent by people in the Bentonville area who were not Wal-Mart employees.

Wal-Mart spokeswoman Mona Williams said on a call with reporters that the technician "did this on his own."

While interviews with the technician gave the retailer an idea as to why he recorded the calls, Williams said she could not disclose the reasons because the case has been turned over to federal investigators.

Spying at Wal*Mart: Human nature run amuck?

Wed, 07 Mar 2007 15:46:37 GMT

Spying at Wal*Mart: Human nature run amuck? Does the Wal-Mart eavesdropping debacle have the potential to be this year's HP scandal? A former IT security staffer for the retailer evaluates what might have happened. [Computerworld Privacy News]

Mass. motor vehicle registry warns of spoof site.

Wed, 07 Mar 2007 15:44:41 GMT

Mass. motor vehicle registry warns of spoof site. The Massachusetts Registry of Motor Vehicles is warning customers about an online scam intended to trick them out of their credit card information and their money. [Computerworld Privacy News]

Crack! Security expert hacks RFID in UK passport.

Wed, 07 Mar 2007 15:41:33 GMT

Crack! Security expert hacks RFID in UK passport. The British government says that forgery of their new biometric passports is inconceivable, but a security expert has demonstrated a successful crack of the embedded RFID chip and its info. And he did it without taking the document out of its mailing envelope. [Computerworld Privacy News]

Your Wi-Fi can tell people a lot about you | CNET News.com

Wed, 07 Mar 2007 02:20:57 GMT

ARLINGTON, Va.--Simply booting up a Wi-Fi-enabled laptop can tell people sniffing wireless network traffic a lot about your computer--and about you.

Soon after a computer powers up, it starts looking for wireless networks and network services. Even if the wireless hardware is then shut-off, a snoop may already have caught interesting data. Much more information can be plucked out of the air if the computer is connected to an access point, in particular an access point without security.

"You're leaking all kinds of information that an attacker can use," David Maynor, chief technology officer at Errata Security, said Thursday in a presentation at the Black Hat DC event here. "If the government was taking this information from you, people would be up in arms. Yet you're leaking this voluntarily using your laptop at the airport."

There are many tools that let anyone listen in on wireless network traffic. These tools can capture information such as usernames and passwords for e-mail accounts and instant message tools as well as data entered into unsecured Web sites. At the annual Defcon hacker gathering, a "wall of sheep" always lists captured log-in credentials.

Errata has developed another network sniffer that looks for traffic using 25 protocols, including those for the popular instant message clients as well as DHCP, SNMP, DNS and HTTP. This means the sniffer will capture requests for network addresses, network management tools, Web sites queries, Web traffic and more.

A Network Sniffer On Steroids.

Wed, 07 Mar 2007 02:14:20 GMT

A Network Sniffer On Steroids. QuantumCrypto writes "Errata has developed a new network sniffer, dubbed 'Ferret,' that looks for traffic using 25 protocols, including those for the popular instant message clients as well as DHCP, SNMP, DNS and HTTP. This means the sniffer will capture requests for network addresses, network management tools, Web sites queries, Web traffic and more. 'You don't realize how much you're making public, so I wrote a tool that tells you,' said Robert Graham, Errata's chief executive. Errata has released the source code to this version 1.0, 'feature-poor and buggy' tool on its site. Anyone with a wireless card will be able to run it, Graham said." [Slashdot: Your Rights Online]

Cybercrime Treaty: What it Means to You

Wed, 07 Mar 2007 01:53:57 GMT

In that vein, in August the Senate ratified the Convention on Cybercrime, drafted by the Council of Europe with considerable input from the United States. So far, 43 nations have signed on. The Convention includes many sensible provisions aimed at unifying global computer-crime laws, and closes loopholes that make it possible for criminals to escape prosecution by locating their activities offshore.

But civil libertarians, along with leading telecommunications companies, strongly oppose the treaty. Civil libertarians are especially concerned about the sweeping authority given to participating countries to seize information from private parties as they investigate cybercrimes, even when the activity being investigated isn't a crime in the country where the data is located. If France is investigating a sale of Nazi memorabilia on eBay, the U.S. must cooperate, even though such transactions are not illegal in the U.S.

Telecommunications companies object to provisions that require member countries to establish and enforce potent data-retention policies for network traffic, and require any operator of a computer network to respond to requests for information from any participating country without compensation of any kind.

These are potentially serious problems, especially given that the Convention is open to any country that wants to join. But there are more practical reasons U.S. businesses should be concerned. The provisions for data retention and production apply to any operator of a computer network, not just telecoms. Worse, Article 12 attaches liability to businesses for "lack of supervision or control" of employees who commit criminal offenses covered by the Convention. Businesses must worry about employee activities that may be legal here, but illegal elsewhere, risking administrative, civil, or even criminal penalties.

These investigative and supervision costs will invariably be imposed on businesses without any real controls. Worldwide law-enforcement agencies, in other words, may now avail themselves of the opportunity to outsource their most expensive problems to you.

Cybercrime Treaty ó Hidden Costs For All.

Wed, 07 Mar 2007 01:48:08 GMT

Cybercrime Treaty [~] Hidden Costs For All. linuxtelephony writes in with an article at CIO Insight about a cybercrime treaty drafted in Europe with help from the US. It has implications for just about everyone with a network. From the article: "Civil libertarians are especially concerned about the sweeping authority given to participating countries to seize information from private parties as they investigate cybercrimes, even when the activity being investigated isn't a crime in the country where the data is located... Telecommunications companies object to provisions that require member countries to establish and enforce potent data-retention policies for network traffic, and require any operator of a computer network to respond to requests for information from any participating country without compensation of any kind... The provisions for data retention and production apply to any operator of a computer network, not just telecoms... Worldwide law-enforcement agencies, in other words, may now avail themselves of the opportunity to outsource their most expensive problems to you." [Slashdot: Your Rights Online]

Bagle Worm Still Swarming over the Net.

Wed, 07 Mar 2007 01:36:02 GMT

Bagle Worm Still Swarming over the Net. Three years after it first appeared, the Bagle is still in business, with many anti-virus engines unable to keep up, a security vendor claims [PC World: Latest Technology News]

Blue Box #52: Skype spyware? Cisco SIP issue again, secure call recording, Phil Zimmermann on VON Magazine, US Congress and Caller ID, ringjacking, Skype security, VoIP security, listener comments and more.

Tue, 06 Mar 2007 16:25:11 GMT

Blue Box #52: Skype spyware? Cisco SIP issue again, secure call recording, Phil Zimmermann on VON Magazine, US Congress and Caller ID, ringjacking, Skype security, VoIP security, listener comments and more.

Synopsis: Skype spyware? Cisco SIP issue again, secure call recording, Phil Zimmermann on VON Magazine, US Congress and Caller ID, ringjacking, Skype security, VoIP security, listener comments and more

[Blue Box: The VoIP Security Podcast]

Apple Patches QuickTime Holes.

Tue, 06 Mar 2007 16:04:12 GMT

Apple Patches QuickTime Holes.

Apple on Monday issued security patches to plug multiple security holes in its QuickTime media player software. The new version of the player -- QuickTime 7.1.5 -- fixes at least eight separate and serious vulnerabilities.

Updates are available for Mac OS X, Windows 2000, Windows XP and Windows Vista versions. Mac users can get the latest version either from Apple's site or via the built-in Software Update feature. Windows users with recent versions of QuickTime installed will already have Apple's Software Update program and should use that to get this latest version. Alternatively, Windows users can download it by following this link.

[Security Fix]

Month of PHP Bugs Gets Rolling.

Tue, 06 Mar 2007 15:58:44 GMT

Month of PHP Bugs Gets Rolling. Developer launches a Month of PHP Bugs project with 11 bugs in five days. [PC World: Latest Technology News]

Rootkits Evade Hardware Detection.

Tue, 06 Mar 2007 15:57:14 GMT

Rootkits Evade Hardware Detection. Sophisticated rootkits can hide from even the most reliable detection method currently available--hardware-based products, security researchers say. [PC World: Latest Technology News]

Most Detected Computer Infections in February Were Spyware and Trojans, Says Report.

Mon, 05 Mar 2007 20:40:04 GMT

Most Detected Computer Infections in February Were Spyware and Trojans, Says Report. "The aim of malware creators is purely financial and Trojans and spyware are the best types of malware for this purpose." [GT: Security and Privacy]

PC World - Microsoft OneCare Last in Antivirus Tests

Mon, 05 Mar 2007 02:27:26 GMT

Microsoft's Windows Live OneCare came in dead last out of a group of 17 antivirus programs tested against hundreds of thousands of worms, viruses, Trojan horses and other malware, an Austrian antivirus researcher reported Wednesday.

The AV Comparatives Web site, which is maintained by Andreas Cleminti from Innsbruck, Austria, posts quarterly results of tests that pit the top antivirus products against a dynamic list of nearly half a million individual pieces of malware.

Microsoft OneCare Last in Antivirus Tests.

Mon, 05 Mar 2007 02:23:42 GMT

Microsoft OneCare Last in Antivirus Tests. Juha-Matti Laurio writes "PC World has a story reporting that Microsoft's Windows Live OneCare came in dead last out of a group of 17 antivirus programs tested against hundreds of thousands of pieces of malware. The report of an Austrian antivirus researcher was released at the AV Comparatives Web site this week. Several free AV products were included in the test as well." --- While the top dog was able to find 99.5% of the malicious code, OneCare clocked in at 82.4%. Of course, there's no metric for the severity of the malware in the 17% gap. [Slashdot]

Month of PHP Bugs Has Begun.

Mon, 05 Mar 2007 02:01:57 GMT

Month of PHP Bugs Has Begun. An anonymous reader writes "The previously announced Month of PHP Bugs started three days ago, and already lists 8 security vulnerabilities in PHP and PHP related software. From the site: 'This initiative is an effort to improve the security of PHP. However we will not concentrate on problems in the PHP language that might result in insecure PHP applications, but on security vulnerabilities in the PHP core. During March 2007 old and new security vulnerabilities in the Zend Engine, the PHP core and the PHP extensions will be disclosed on a day by day basis. We will also point out necessary changes in the current vulnerability management process used by the PHP Security Response Team.'" [Slashdot]

Hacker Defeats Hardware-based Rootkit Detection.

Mon, 05 Mar 2007 01:52:23 GMT

Hacker Defeats Hardware-based Rootkit Detection. Manequintet writes "Joanna Rutkowska's latest bit of rootkit-related research shatters the myth that hardware-based (PCI cards or FireWire bus) RAM acquisition is the most reliable and secure way to do forensics. At this year's Black Hat Federal conference, she demonstrated three different attacks against AMD64 based systems, showing how the image of volatile memory (RAM) can be made different from the real contents of the physical memory as seen by the CPU. The overall problem, Rutkowska explained, is the design of the system that makes it impossible to reliably read memory from computers. "Maybe we should rethink the design of our computer systems so they they are somehow verifiable," she said." [Slashdot]

Malware Threat Report for February 2007.

Sun, 04 Mar 2007 03:44:32 GMT

Malware Threat Report for February 2007. "Storm Worm," continues to severely impact worldwide mailboxes in successive waves. [GT: Security and Privacy]

Hartford Courant - Best Buy Confirms It Has Secret Website

Sun, 04 Mar 2007 03:26:10 GMT

Under pressure from state investigators, Best Buy is now confirming my reporting that its stores have a secret intranet site that has been used to block some consumers from getting cheaper prices advertised on BestBuy.com.

Company spokesman Justin Barber, who in early February denied the existence of the internal website that could be accessed only by employees, says his company is "cooperating fully" with the state attorney general's investigation.

Barber insists that the company never intended to mislead customers.

State Attorney General Richard Blumenthal ordered the investigation into Best Buy's practices on Feb. 9 after my column disclosed the website and showed how employees at two Connecticut stores used it to deny customers a $150 discount on a computer advertised on BestBuy.com.

Blumenthal said Wednesday that Best Buy has also confirmed to his office the existence of the intranet site, but has so far failed to give clear answers about its purpose and use.

"Their responses seem to raise as many questions as they answer," Blumenthal said in an interview. "Their answers are less than crystal clear."

Researchers Say They Peeled the Onion Router.

Sun, 04 Mar 2007 02:31:22 GMT

Researchers Say They Peeled the Onion Router. Researchers in the U.S. say they've successfully shown how attackers could compromise a network designed to make it harder to trace Web sites they are viewing. [PC World: Latest Technology News]

PC World - Vista's UAC Warnings Can't Be Trusted, Symantec Says

Fri, 02 Mar 2007 02:19:06 GMT

Windows Vista's User Account Control (UAC), a system that Microsoft says makes the new operating system safer from attack, can be spoofed and shouldn't be completely trusted, a Symantec researcher said on Wednesday.

Ollie Whitehouse, an architect at Symantec's advanced threats research team, first used a blog entry Tuesday to point out how a hacker could use a file included with Vista to disguise the UAC warning dialog in the color associated with alerts generated by Windows itself.

Tricking Vista's UAC To Hide Malware.

Fri, 02 Mar 2007 02:14:53 GMT

Tricking Vista's UAC To Hide Malware. Vista's User Account Control, love it or hate it, represents a barrier against unwanted software getting run on users' computers. A Symantec researcher has found a simple way to spoof UAC and says that it shouldn't be completely trusted. The trick is to disguise the UAC warning dialog in the color associated with alerts generated by Windows itself. [Slashdot]

Castrated RFID Talk at Black Hat.

Fri, 02 Mar 2007 01:29:30 GMT

Castrated RFID Talk at Black Hat. Following a lawsuit threat, a security researcher goes ahead with a presentation on vulnerabilities in RFID access cards -- but doesn't demonstrate problems with HID Global's system. By Kim Zetter. [Wired News: Top Stories]

Solaris Worm Blasts Way Through Operating System.

Fri, 02 Mar 2007 01:02:48 GMT

Solaris Worm Blasts Way Through Operating System. "Hi, I'm Casper, I am a bored Sun developer and I wrote this piece of code." [GT: Security and Privacy]

Malware Adopts Disguises in Attempt to Dupe IT Defenses.

Fri, 02 Mar 2007 00:55:38 GMT

Malware Adopts Disguises in Attempt to Dupe IT Defenses. Top ten threats and hoaxes reported in February 2007. [GT: Security and Privacy]

MPAA Fires Back at AACS Decryption Utility.

Thu, 01 Mar 2007 23:43:21 GMT

MPAA Fires Back at AACS Decryption Utility. RulerOf writes "The AACS Decryption utility released this past December known as BackupHDDVD originally authored by Muslix64 of the Doom9 forums has received its first official DMCA Takedown Notice. It has been widely speculated that the utility itself was not an infringing piece of software due to the fact that it is merely "a textbook implementation of AACS," written with the help of documents publicly available at the AACS LA's website, and that the AACS Volume Unique Keys that the end user isn't supposed to have access to are in fact the infringing content, but it appears that such is not the case." --- From the thread "...you must input keys and then it will decrypt the encrypted content. If this is the case, than according to the language of the DMCA it does sound like it is infringing. Section 1201(a) says that it is an infringement to "circumvent a technological measure." The phrase, "circumvent a technological measure" is defined as "descramb(ling) a scrambled work or decrypt(ing) an encrypted work, ... without the authority of the copyright owner." If BackupHDDVD does in fact decrypt encrypted content than per the DMCA it needs a license to do that." [Slashdot: Your Rights Online]

Manipulating Reputation Systems.

Thu, 01 Mar 2007 23:25:59 GMT

Manipulating Reputation Systems.

BoingBoing points to a nice pair of articles by Annalee Newitz on how people manipulate online reputation systems like eBay[base ']s user ratings, Digg, and so on.

There[base ']s a myth floating around that such systems distill an uncannily accurate folk judgment from the votes submitted by millions of ordinary citizens. The wisdom of crowds, and all that. In fact, reputation systems are fraught with problems, and the most important systems survive because companies expend great effort to supplement the algorithms by investigating abuse and trying to compensate for it. eBay, for example, reportedly works very hard to fight abuse of its reputation system.

Why do people put more faith in reputation systems than the systems really deserve? One reason is the compelling but not entirely accurate analogy to the power of personal reputations in small town gossip networks. If a small-town merchant is accused of cheating a customer, everyone in town will find out quickly and [~] here[base ']s where the analogy goes off the rails [~] individual townspeople will make nuanced judgments based on the details of the story, the character of the participants, and their own personal experiences. The reason this works is that the merchant, the customer, and the person evaluating the story are embedded in a complex, densely interconnected network.

When the network of participants gets much bigger and the interconnections much sparser, there is no guarantee that the same system will still work. Even if it does work, a large-scale system might succeed for different reasons than the small-town system. What we need is some kind of theory: some kind of explanation for why a reputation system can succeed. Our theory, whatever it is, will have to account for the desires and incentives of participants, the effect of relevant social norms, and so on.

The incentive problem is especially challenging for recommendation services like Digg. Digg assumes that users will cast votes for the sites they like. If I vote for sites that I really do like, this will mostly benefit strangers (by helping them find something cool to read). But if I sell my votes or cast them for sites run by my friends and me, I will benefit more directly. In short, my incentive is to cheat. These sorts of problems seem likely to get worse as a service grows, because the stakes will grow and the sense of community may weaken.

It seems to me that reputation systems are a fruitful area for technical, economic and social research. I know there is research going on already [~] and readers will probably chastise me in the comments for not citing it all [~] but we[base ']re still far from understanding online reputation.

Patently Bad Move Gags Critics.

Wed, 28 Feb 2007 22:47:07 GMT

Patently Bad Move Gags Critics. A company finds a sneaky new way to silence security researchers: Claim that defeating its products infringes on patents. Commentary by Jennifer Granick. [Wired News: Security Blanket]

New SpamtaLoad Worm is Starting to Spread Rapidly, Says Report.

Wed, 28 Feb 2007 22:38:46 GMT

New SpamtaLoad Worm is Starting to Spread Rapidly, Says Report. "This type of malicious code is not usually the end in itself." [GT: Security and Privacy]

Microsoft Tackles 'False Positives' in Antipiracy Tool.

Wed, 28 Feb 2007 22:12:38 GMT

Microsoft Tackles 'False Positives' in Antipiracy Tool. Windows Genuine Advantage Notifications is revised to cut customers some slack after erroneous reports. [PC World: Latest Technology News]