Friday, December 28, 2007

Apple's WGA

Apple has filed an updated application to the US Patent & Trademark office for a product activation similar to Microsoft Windows Genuine Advantage.

Apple Readies Anti-Piracy Patent
Apple Inc has filed an application with the U.S. Patent & Trademark Office for a product activation and anti-piracy technology that would give it the same kind of control over its software, similar to what the often criticized Windows Genuine Advantage from Microsoft provides.

The patent application 20070288886, titled "Run-Time Code Injection To Perform Checks" and dated Dec. 13, spells out a "digital rights management system" that would "restrict execution of that application to specific hardware platforms."

In the application, Apple noted the ease with which digital information can be copied and the just-as-easy way users could break promises not to illegally distribute copies of that data. It also admitted that, in the end, copy-protection schemes such as dongles or encrypting software wouldn't stop pirates on a mission. "There is very little, however, that these approaches can do to thwart a determined user," the patent filing stated.

"Thus, it would be beneficial to provide a mechanism to restrict the execution of one or more applications to a specific hardware platform that is transparent to the user."

Apple currently does not have any copy protection over its Mac OS X operating system, or provides a check to tie a specific copy of the OS to a given notebook or desktop Mac.

The patent relies on a scheme where a cryptographic key generated before the actual hardware reaches the user. When an application opens, the system would insert a code into the execution code stream, generate data that's sent to a digital rights management module, then compare that signed data with the key. If they match, the application continues to open. If not, it's stopped in its tracks.

Such checks could be done on a very frequent basis, said Apple's patent application.

"In general, the selected time period should be small enough to prevent significant use of an unauthorized application or system, yet long enough so as not to degrade system performance," the filing read. Apple used an example of a check every five to ten minutes, which is much more often than Microsoft's Windows Genuine Advantage (WGA) technology. In June 2006, Microsoft took heat, then modified WGA, after users found out it was "phoning home" to the company's servers daily.

Patent application 20070288886 isn't new, the December filing noted, but rather builds on other applications, including one first filed in mid-2005 but not publicly posted until early January 2007.

Thursday, December 27, 2007

Storm Worm Changes Tactic

Storm Botnet changes the message it sends to unsuspecting victims, prefering to exploit the new year celebration instead.

Storm Botnet Drops Strippers Lure, Switches to New Year's

Just a day after unleashing spam featuring Christmas strippers, the Storm botnet switched gears yesterday and began duping users into infecting their own PCs by bombarding them with messages touting the new year, said security researchers.

According to U.K.-based Prevx Ltd. and Symantec Corp. in Cupertino, Calif., the botnet of Storm Trojan-compromised computers started sending spam with subject headings such as "Happy 2008!" and "Happy New Year!" late on Christmas Day. The messages try to persuade recipients to steer for the Web site to download and install a file tagged "happy2008.exe," said researchers at both firms.

However, the file is actually a new variant of the Storm Trojan.

Marco Giuliani of Prevx reported that the company had seen two general variants by early Wednesday. "The first has been online for about 10 hours, and we've seen 166 different repacked versions of it," said Giuliani in a posting to the Prevx company blog. The Storm code has been repacked every few minutes using a polymorphic-like technique since Monday, when the botnet started spreading stripper spam. Frequent repacking is a trick malware authors use to deceive signature-based antivirus software.

The Storm botnet's herders are also using fast-flux DNS (Domain Name System) tactics to keep the site operational, said Symantec. Fast flux, which the Storm botnet did not originate but has often used, is another antisecurity strategy; it involves rapidly registering and de-registering addresses as part of the address list for either a single DNS server or an entire DNS zone. In both cases, the strategy masks the IP address of the malware site by hiding it behind an ever-changing array of compromised machines acting as proxies.

The notorious Russian Business Network malware hosting network has become infamous for using fast flux to hide the Internet location of its servers, making it difficult for security researchers, Internet service providers or law enforcement officials to track the group's cybercrimes


Wednesday, December 26, 2007

Storm Worm Strikes Again

The Storm botnet delivers unwanted Christmas presents.

Storm Worm Tempts With Christmas Strip Show

The criminals behind the Storm botnet waited until the last minute, but they've finally started delivering unwanted Christmas presents.

Starting Monday, Storm-infected machines began sending out Christmas-themed spam in yet another attempt to trick victims into downloading malicious software. In this case, the site is named, and the malware is a variation of the Storm Trojan horse program that has been plaguing systems around the world since January.

The e-mails contain titles such as "Find Some Christmas Tail," "Warm Up this Christmas" and "Mrs. Clause Is Out Tonight!"

One message reads "Yo, I am pretty sure this is up your alley, from the things you have told me before. This will be the best 2 min you spend this holiday. hehe."

Once the user clicks on the link to, he is taken to a Christmas-themed Web site with photos of scantily clad women and offered a free download. That download is a malicious program, called Email-Worm.Win32.Zhelatin.pd by F-Secure, that connects to a P-to-P (peer-to-peer) network and begins downloading even more malware.

Storm's creators have built up networks of infected PCs -- called botnets -- over the past year by using a combination of sophisticated hacking tricks to avoid detection and by spamming potential victims with clever and timely e-mail messages. The network is called Storm because its original messages offered victims video of the deadly storms that battered Europe a year ago, but has also perfected the tactic of sending out holiday-themed messages.

Security experts estimate that the Storm has infected more than 15 million computers over the past year, although the current size of the network is much smaller than that.
This latest variant is being blocked by some antivirus vendors, including Kaspersky, Microsoft and Symantec, according to a technical write-up of the Christmas outbreak.

The SANS Internet Storm Center recommends that administrators block Web and e-mail access to the domain.


Tuesday, December 25, 2007

IE Still has Problems

After users reported problems with the recent patch of Internet Explorer, Microsoft offered a way to work around the unexpected bug.

Microsoft Offers Work-Around IE's Problem

Microsoft released a critical security patch for Internet Explorer last Tuesday, fixing some bugs in the browser. However, soon after users installed it, they began reporting that Internet Explorer would crash when visiting certain websites. Windows would then report that 'Internet Explorer has encountered a problem and needs to close'

Microsoft has offered a technical work-around for Internet Explorer users who have found their browsers crashing after installing a recent set of security patches. Microsoft now says that the problem is not widespread and affects certain custom installations of Internet Explorer 6 on Windows XP, Service Pack 2.

Users who have experienced this problem can fix it by making some tweaks in the Windows Registry, described in this Knowledge Base article.

Microsoft did not say what kind of customization would cause the bug, and company representatives were not immediately available for comment.

Some newsgroup users are speculating, however, that the issue may be related to antivirus software. Symantec and McAfee users who have been experiencing the problem have been able to resolve the issue by uninstalling the security update and then uninstalling their antivirus software, installing the update and then reinstalling their AV products, said Frank Saunders, a Windows user who has been following discussion of the issue.

The Internet Explorer patch associated with this problem -- MS07-069 -- is considered to be the most important of last week's updates because it fixes four critical vulnerabilities in the browser.

Monday, December 24, 2007

Store Caught Scalping Wiis

Reports say store is selling Wiis on Ebay for a premium over the retail selling price.

Game Store Caught Scalping Wiis on Ebay

According to Ars Technica, Slackers of Illinois/Missouri are taking retail Wiis and dumping them on Ebay for US$399, $150 above the MSRP.

When confronted with the breech of contract with Nintendo, a Slackers representative begrudgingly said, "That is something you'll have to speak with the owner about." Management has not responded.

Retailers have unfairly, though legally, used bundle gouging to nickel and dime gamers seeking Wiis in short supply. This is the first report of retailers bypassing retail to become resellers online which yield better returns.

"We don't have to remind retailers of the strength we have right now," said Nintendo president Reggie Fils-Aime in a recent interview. "We are simply making an observation and that reinforces our point quite nicely with retailers."


Sunday, December 23, 2007

Nintendo Shortage of Wiis

You can blame this year's Nintendo Wii shortage on, well, Nintendo. But consumer frustration over the shortage of Wii consoles is compounded by resellers and retailers who are using the Wii drought as a marketing tool and way to make money.

Don't Just Blame Nintendo
There had been a shortage of Nintendo Wiis this year, and don't just blame Nintendo. A large number of resellers and retailers who are using the Wii drought as a marketing tool are guilty, too.

Some resellers, and even consumers, buy Nintendo Wii and resell the unit for a profitable amount. There are also some gamers who bought the Wii but decided to resell it for a quick buck instead of keeping it. Others bought the Wii just to resell it for a substantial profit.

But in 2007 the reseller market has matured in ways that Tony Soprano might be envious of.

I've heard of people who have made a fulltime job out of reselling Nintendo Wiis. Just search for "Wii resellers" on Google or check eBay to see what I mean. There are loads of Web sites and Wii dealers on eBay selling the Nintendo console for at least twice the MSRP of $250 the unit sells for at retail stores such as Best Buy.

I've heard of some resellers stalking UPS drivers that deliver Wii shipments to retailers. Why? so they can get a jump on the stores that have fresh Wii inventory. Other Wii resellers make friends with the inventory managers at stores just to get first dibs on a Wii.

Reselling may sound like an easy job on paper, but it isn't. One reseller told the Web site Consumerist he received death threats from frustrated buyers wanting to buy a Wii at a reasonable price.

Friday, December 21, 2007

Microsoft Internet Explorer 8

Microsoft is developing Internet Explorer 8, and expects the first beta version to be released in the first half of 2008

Internet Explorer 8 in 2008
Microsoft is planning the release of the first beta of the next version of Internet Explorer in the first half of 2008. The corporation also said the Internet Explorer 8 has passed a key web standards test that ensures the browser won't "break" the web.

IE 8 has passed the "Acid2 Browser Test" from the Web Standards project. The test shows whether the browser renders a website in a certain way. If the browser displays the site correctly, it means the browser support certain accepted web standards.

Microsoft developed Internet Explorer before some web standards, such as CSS and RSS were developed, so older versions doesn't support some of the current standards. Since Internet Explorer was the de facto of web browsers, developers would often write web sites and codes to work with Internet Explorer, rather than to support the web standards. Microsoft also was lax in updating IE to meet the demands of web standards, since there was little competition in the browser market for years.

When Mozilla Firefox was released three years ago, the browser's need to stay current with web standards was once again moved to the forefront. Microsoft released Internet Explorer 7 in October 2006, and the company had good intentions - they decided to improve support for web standards with the new release.

However, some websites that were created for the older versions of IE didn't work properly on IE7. Microsoft hopes to remedy this problem so the situation is not repeated with IE8, according to an IE Blog posting attributed to Dean Hachamovitch, a Microsoft general manager on the IE team.

"With respect to standards and interoperability, our goal in developing Internet Explorer 8 is to support the right set of standards with excellent implementations and do so without breaking the existing Web," according to the blog posting.
Hachamovitch said Microsoft is taking a cue in lessons learned from making improvements to CSS in IE7 that "made IE more compliant with some standards and less compatible with some sites on the Web as they were coded." The key design goal for IE8, he said, is compatibility with existing Web sites and Web standards supported in other browsers to provide a premium user experience.

"As a developer, I'd prefer to not have to write the same site multiple times for different browsers," according to Hachamovitch's post. "Standards are a (critical!) means to this end, and we focus on the standards that will help actual, real-world interoperability the most. As a consumer and a developer, I expect stuff to just work, and I also expect backwards compatibility. When I get a new version of my current browser, I expect all the sites that worked before will still work."

Microsoft said the final release of IE8 depends upon feedback received from the beta process.

Thursday, December 20, 2007

Windows XP's Final Service Pack

Microsoft lets everyone try Windows XP SP3 Release Candidate, available last night. However, it warns off people who are not comfortable using pre-release code.

Windows XP's Final Service Pack
Microsoft has made available the Release Candidate (RC) for Windows XP Service Pack 3. The update, available at the Microsoft Download Center, would be the last Service Pack for the six-year-old operating system.

The service pack is finally available to the public, after giving thousands of users access to the update in an invitation-only basis.

According to a company spokeswoman, the version that was released, was dubbed a 'release candidate' to note the progress from earlier betas. She was unable, however, to say when the service pack would be available to Windows Update so users can download and install it with Windows Automatic Updates.

The final version of Windows XP SP3 remains slated for delivery sometime in the first half of 2008, the spokeswoman said. She also warned off casual users from trying the preview. "As this is a release candidate, we strongly encourage only those who are comfortable installing prerelease code to download Windows XP SP3," she said.

Recently, Microsoft has been downplaying the significance of Windows XP SP3. In a white paper posted to its Web site last week, and also Tuesday, the company praised Windows Vista at XP's expense, reminding users that "Vista provides the most advanced security and management capabilities of any Windows operating system."

"Windows XP SP3 does not bring significant portions of Windows Vista functionality to Windows XP," the spokeswoman said.

According to the white paper, the Download Center version of XP SP3 will weigh in at about 580MB; the version downloaded and installed via Windows Update, however, will be much smaller, typically around 70MB.

Windows XP debuted in October 2001 and was last updated as SP2 in August 2004; SP3 will be the final major upgrade of the operating system.

Wednesday, December 19, 2007

IE Crippled By Update

Microsoft is investigating a security update released last week that has crippled Internet Explorer and prevented users from surfing the Web.

Microsoft Update Cripples IE
Microsoft has confirmed that it is investigating reports regarding a security update for Internet Explorer issued last week, crippling some users' ability to get on the web with the said browser.

Users started posting messages on forums and Microsoft support newsgroup after Microsoft released the MS07-069 Security Bulletin on December 11. Most of them are saying that they could not use Internet Explorer to connect to the internet, either because Internet Explorer refused to launch, or because when it did open, it could not open various websites.

"About 60% of the time, I would get an 'Internet Explorer has encountered a problem and must close' dialog," reported Bill Drake on the Windows Update newsgroup. Others echoed those comments on IE-specific forums, noting that both IE6 and IE7 balked at loading, or while loading, some pages, particularly home pages, on both Windows XP and Windows Vista machines.

Harold Decker, operations manager at San Diego-based Gold Peak IndustriesNA Inc., started fielding calls from users last Wednesday morning as soon as people hit the office. "I stopped everyone who hadn't installed the update from installing it, after four PCs out of 14 had the problem," said Decker, who manages a total of 35 Windows XP SP2 machines. "We're a pretty plain shop; all our systems run Windows XP SP2 and IE6," said Decker. "But some kept crashing. It seemed limited to the window that was opened, and changing the home page to something simple, like a blank page, gave a better success rate."

Microsoft said it is currently creating a patch. "Our customer service and support teams are investigating public claims of a deployment issue with Microsoft Security Bulletin MS07-069," Microsoft's Mark Miller, director of security response. "If necessary, Microsoft will update the Knowledge Base article associated with MS07-069 with detailed guidance on how to prevent or address these deployment issues," Miller added.

Other users on the support forums weren't much help, except to suggest uninstalling last Tuesday's security update. That's what Decker did. "We uninstalled [MS07-069] and have had no problems since then," he said.

Tuesday, December 18, 2007

Google Yourself!

Have you Googled your name lately? A research firm made a survey on how many people are doing a Google Search on their names.

Go Ahead, Google Yourself
Have you Googled yourself lately? A survey made by Pew Internet and American Life Project said that there's a good chance you have.

The survey found that 47 percent of Internet users have searched for themselves through Google, an increase from 22 percent in 2002. Only 3 percent of those searching for themselves on Google claim to do it on a regular basis, with 22 percent claiming to search for themselves "every once in a while." A majority of 74 percent said they have searched for themselves once or twice.

Another interesting tidbit from the Pew survey is 53 percent of Internet users have Googled someone else’s name. Reasons include reconnecting with past friends (36 percent), searching about a coworker (19 percent) or a job applicant (11 percent), or even finding information about someone they are dating (9 percent).

Not included in the survey is the statistic that approximately 100 percent of those who read about the survey will Google their own name just to see what all the fuss is about. I of course did, and was both disappointed and relieved to find no information about myself.

While it's nice to know Google gawkers can't pull up anything on me if they tried, there's a strange emptiness to not having a digital footprint.

The Pew survey found that 60 percent of Internet users are not concerned with how much information is available online about them. A similar number of online adults (61 percent) claimed not to limit the amount of personal information they reveal online, while only 38 percent claimed to have taken extra precautions to limit that information.


Monday, December 17, 2007

Wikipedia's Rival

Google is developing an online publishing service where people can write entries based on subjects they know

Google Creates Wikipedia Rival
Google is developing an online publishing platform where people can write entries on subjects they know, and idea that's close to Wikipedia's user-contributed content but with several differences.

Currently, the project is in an invitation-only beta stage, similar to Gmail way back. It allows users to create clean-looking web pages with their photo and write entries on a particular subject, like exercise. These entries are called "knols", for "unit of knowledge", Google said.

The search giant aims to develop a deep repository of knowledge, covering a wide gamut of topics, such as history and entertainment. This looks promising, but it has to catch up with Wikipedia's already 7 million articles in 200 languages. Anonymous or registered users can contribute to an entry in Wikipedia that's edited by a network of vetted editors.

But Google asserts that the Web's development so far has neglected the importance of the bylined author.

"We believe that knowing who wrote what will significantly help users make better use of web content," wrote Udi Manber, vice president of engineering, on the official Google blog.
Google said anyone can write about any topic, and repetition of entries on the same subjects is beneficial. Google will provide the Web hosting space, as well as editing tools.

Google also gives users an option to place ads on their created knols, giving contributors a "substantial" portion of the revenue generated by those ads.

Entries cannot be edited or revised by other people, unlike Wikipedia. However, readers will be able to rank and review others' entries, which the Google's search engine will utilize.

The concept of peer-reviewed information is nothing new and is implemented in different ways on various Web sites. Yahoo, for example, has an "Answers" feature where users can ask questions, and the response is ranked on quality. Also, most blogs have forms where readers can comment on the author's entry.

Despite those other formats, Google probably feels that "a service like Knol might be necessary to stay competitive," wrote Danny Sullivan, editor in chief of Search Engine Land, in a review.

Saturday, December 15, 2007

Office Update Confuses Users

An automatic update for Windows XP and Vista included the massive 200MB Office 2007 SP1, which according to Microsoft, won't be pushed out with Windows Automatic Update

Office Update Installs Automatically
Some Windows users are surprised to know they have gotten the massive Office 2007 SP1 update automatically, even though Microsoft said it would not use Windows Automatic Updates to push out the large upgrade; at least not for several months.

Users running a preview copy of Windows Vista Service Pack 1 will receive the Office 2007 upgrade automatically, as well as those users running Windows XP SP3, which is still in limited beta testing. The update weighs in at almost 220 megabytes.

"As noted to beta customers, if [they] are running Vista SP1 beta software, as part of the beta program, Office 2007 SP1 on pre-release Windows Vista SP1 will automatically install as planned for this beta program," said Bobbie Harder, a senior program manager with the WSUS (Windows Server Update Services) group.

Other users noticed tha automatic download and install of Office 2007 SP 1, and that even if the update was installed manually, Automatic Update later automatically installs, or reinstalls, the service pack.

Microsoft, when it unveiled the service pack, said Automatic Updates would not be used to deliver SP1 for at least three months, and maybe even six months. The corporation also promised to give a 30-day notice before pushing the update out using Automatic Updates.

Harder said that "On Vista in the Windows Update Control Panel Applet, the Office 2007 SP1 will appear as an available update to download and install, but it will NOT automatically download and install, regardless of the automatic settings" However, the update is checked by default, and users can easily miss the update information, countered Bradley. "If you are a bit asleep and just blindly approve all of the patches, you get a very large wait while SP1 for Office 2007 is downloaded," she said.

A Computerworld reader reported exactly that. "I received [Office 2007 SP1] last night Dec 11 as part of Windows Auto-update," said someone identified as 6monthVistaUser in a comment attached to a story about SP1. "Last night was the largest auto-update ever (230 MB download) filled with 11 updates. 1 was for IE v7, 6 were for Vista cumulative patches, 1 was the Office 2007 Service Pack 1, the other one was for Business Contacts Manager SP 1."

Harder defended the process. "For customers who want the benefits of Office 2007 SP1 now, we have made it available," she said. She also noted that users could choose not to pull in the service pack. "Download and installation of the Office 2007 SP1 via the Vista Windows Update control panel applet requires explicit user interaction, just as with the Microsoft Update site," she said. "Once the list of available updates appears, they can de-select or uncheck the box next to Office 2007 SP1 and choose to download and install other updates, or just close the applet."

Friday, December 14, 2007

QuickTime Bug Squashed

Apple releases a patch to update a critical flaw, making it the eight update this year for QuickTime.

Apple Fixes QuickTime Bug
A new security patch for QuickTime has been released by Apple, making it the eight update for this year for the media player software. The update addresses three critical security flaws in Quicktime that also includes a vulnerability that has been used by online criminals.

The most critical of the flaws patched is the implementation of QuickTime of the Real Time Streaming Protocol, or RTSP, which is used to play video and audio over the internet. Attackers began exploiting the flaw early December after it was made public last November. The online attack includes tricking victims into visiting a malicious website that exploited the flaw, and hackers were able to install malicious software on the victims' PCs.

These attacks have targeted Windows-based systems, but experts says that Mac OS X users are also at risk. Apple issued patches for both Windows and Mac OS X users last Thursday.

Security researchers are looking at the way QuickTime works with QuickTime Media Link (QTL) fire format used by the media player. The second critical vulnerability, which had apparently not been publicly disclosed, has to do with this file format.

Apple also patched a handful of similar bugs in the way that QuickTime handles Adobe's Flash media format. The most serious of these flaws could let attackers run unauthorized software on the computer, much as the RTSP bug does, Apple said.
With security researchers paying special attention to media format bugs, Apple has had to patch QuickTime frequently this year. Some of these updates have come just weeks apart. Apple last patched QuickTime on Nov. 5.

Thursday, December 13, 2007

FolderShare Deletes Files

Microsoft fixed a bug in its online file storage and sharing service that deleted files without user authorization.

The Microsoft AutoDelete Bug
After users reported problems about Windows Live FolderShare, an online file storage and sharing service, Microsoft went to fix the bug. The bug in the service, the users reported, was deleting files without their authorization.

Windows Live FolderShare is a feature that allows users to store files online and then download and synchronize them to and between different devices and computers. This feature is currently available in beta release.

Microsoft acknowledge the bug and said, in an email on Friday, that it has fixed the problem. The bug may have "accidentally moved" user files from their original folders into the FolderShare Trash folder, and that users should not delete files in the Trash until they are sure all of them were meant to be deleted. Microsoft also advised users on how to retrieve deleted files from the Trash folder. The statement sent to the users was also posted on the FolderShare web site.

The company said it is working to assist users who have lost their files on how to retrieve them. It also said that another online storage service that is also in beta, Windows Live SkyDrive, had not been affected by the bug.

Even after Microsoft said it has fixed the problem, users on the discussion board were still reporting buggy behavior from the service. Users noted that they were having trouble synchronizing files between computers and locating directories when using the service on Windows Vista.

Wednesday, December 12, 2007

Vista Market Share Increases

Windows Vista and Mac users are still increasing, and Linux, despite its small percentage, doubled in number last year, research shows.

Vista and Mac Shares Increase
According to a research firm, Windows Vista made its biggest leap yet in November. It was used on nearly one out of ten Internet-connected computers last month.

Vista's exact share rose about one percentage point to 9.19 percent in November, up from 7.94 percent in October, according to Net Applications. In contrast, Vista's predecessor, Windows XP, fell by about one percentage point from 79.41 percent of all Internet-connected computers in October to 78.37 percent in November, according to Net Applications. Meanwhile, the Mac platform's share continued to grow, reaching nearly 7 percent.

Windows' overall share continues to exceed 92 percent, according to the Aliso Viejo, Calif.-based research firm.

Linux was in use on 0.6 percent of PCs worldwide, according to Net Applications. Despite its small share, Linux's slice of the market has nearly doubled since the beginning of the year.
Vista's share has grown from 0.2 percent to 9.2 percent since the beginning of the year. XP's share, meanwhile, has fallen from to 78.4 percent from 85 %at the beginning of the year.

Internet Explorer 7's share continued to grow, reaching nearly 37 percent. It is poised to eclipse its predecessor, IE6, which has fallen more than 14 percentage points since the beginning of the year, to 40.2 percent. Altogether, IE was in use on 77.4 percent of Internet-connected computers, down from 80 percent at the beginning of the year.

IE's main competition, Firefox, held a 16 percent share of all Internet-connected computers. That's up from 13.7 percent at the beginning of the year.

Apple Inc.'s Safari held 5.1 percent, up from 4.7 percent at the beginning of the year.


Tuesday, December 11, 2007

Gmail Combats Spammers, Blocks Users

An overzealous antispam measure mistakenly blocked legitimate users from their accounts

Antispam Measure Blocks GMail users
As an attempt to combat spammers, Google recently mistakenly disabled Gmail accounts of some users. Midweek, people started reporting in the official Gmail Help Discussion forum, that Google had locked them out of their accounts.

A Google staffer who oversees the forum and posts messages on behalf of Google acknowledged the existence of a problem at midafternoon Thursday.

"I understand that some of you have had a frustrating experience with your accounts being inappropriately disabled. Our team is aware of the problem, and our engineers are continuing to investigate," this person, identified as Google Guide, wrote.

Several hours later, the Google staffer declared the problem fixed "Our efforts to prevent breaches of our Terms of Use caused a number of users to be incorrectly identified," the staffer wrote.

The Google Guide also detailed some information about the situation in a subsequent post to the forum. The staffer said that it was the result of an effort to rid users who abuse the mail service, such as spamming.

Accounts which were disabled by mistake should have regained access to their mail with no data lost, said the staffer.

However, spokesperson Courtney Hohne said that Gmail would not reject any incoming messages to those disabled account, returning a "bounce-back" notice to senders, and will not automatically attempt to redeliver those rejected messages.

"Our goal has always been to keep Gmail free of people who abuse the service and to keep Gmail inboxes free of spam. We've been targeting a large network of spammers to keep them out of the Gmail system and accidentally disabled access to some other accounts," she wrote. Hohne said the mistakenly disabled accounts affected "a small fraction," well below 1 percent of the tens of millions of Gmail users.

Late Friday morning, some people are still complaining that their accounts were still locked.

The discussion thread is one of the longest in recent months, and is full of frantic pleas for help from affected people who use Gmail as their primary e-mail service for personal or work communications.

Along with disabled Gmail accounts, users were also complaining in the past month about a problem with the mail service. The new version of Gmail, dubbed Gmail 2.0, became extremely slow, often fails to load pages, and even crashes their browsers, users complained.

Gmail, which features an ungraded contacts manager and is designed to be faster and more stabled, is based on what the company calls "a major structural code change".

One of several threads devoted to this issue in the Gmail Help Discussion forum continues to grow, with nearly 300 messages at this time.

Monday, December 10, 2007

Microsoft to Release 7 Patches

The last batch of updates this year focuses on security fixes for Windows and Internet Explorer.

A Round of Patches from Microsoft
Microsoft corporation promised to end the year with a bang by scheduling
seven security updates Tuesday to fix flaws in Windows and Internet Explorer.

Even though Microsoft pledged that Windows Vista, the year-old operating system, is the most secure version of Windows ever, it will still be affected by five of the seven updates. "That's no small percentage," noted Andrew Storms, director of security operations at nCircle Inc. "The perpetuates the fact that even though Microsoft said it was secure, it still needs plenty of patches."

Three of the seven updates will be rated "critical" - Microsoft's highest ranking, while the remaining four will be labeled "important", the next lower rating. Microsoft has revealed limited amount of information about the updates in a prepatch notification posted to its website last Sunday.

One of the seven is a sure bet, Storms said, referring to an update for Windows dubbed as important that will affect Windows XP, and Windows Server 2003. "The Macrovision patch is the most likely candidate for what they're calling bulletin 5," said Storms.

Early last month, Microsoft confirmed that attackers were actively exploiting a bug in third-party anti-piracy software bundled with Windows. The software, which Microsoft licenses from Macrovision Inc., had been updated for Vista, which was why that OS was not at risk. Although Macrovision quickly issued a replacement driver for Windows XP and Server 2003, Microsoft said it needed time to prepare and test the update, which meant it missed the November patch deadline.

"The rest of these are a complete surprise to me," admitted Storms. With one exception, he also hesitated at guessing the contents of the remaining half-dozen updates. His one prediction: "Bulletin 7 might be the fix for the WPAD vulnerability."

On Monday, the Microsoft Security Response Center advised users of a bug in the way Windows looks up other computers on the Internet that has resurfaced. The flaw could allow attackers to steer users to an untrustworthy Web Proxy Auto-Discovery (WPAD) server, where they would receive directions to, say, malicious Web sites rather than the legitimate destinations.
"That would be a very quick fix, and unlikely Microsoft behavior, but if the fix is as simple as some have said, it's possible," said Storms.

Unless it yanks one or more from the list at the last minute, Microsoft will end the year having released 69 security bulletins in 2007, nine fewer than 2006's total but 14 more than in 2005.

Sunday, December 9, 2007

Facebook Tracks Offline Users

The social-networking site acknowledges that its Beacon ad service tracks even logged-off users who are visiting their partner's website.

Facebook Tracks Even Logged-Off Users
The social-networking site Facebook confirms the findings of a CA security researcher that its Beacon ad service is more intrusive and stealthy than previously acknowledge. This contradicts the statements previously made by Facebook executive and representatives.

The ad service, Beacon, tracks users' off-Facebook online activities even if those users are logged off from the social-networking site. The Beacon tracks user's online activities on specific external websites and broadcasts it to their Facebook friends. Although this feature has an option to opt-out, Beacon still transmits data gathered to Facebook servers even if the user has previously declined to use Beacon.

According to a company spokesman, Facebook does nothing with the data transmitted back to its servers, and, in these cases, deletes it. The admission will probably fan the flames of the controversy engulfing Beacon, which has been criticized by privacy advocates.
The Facebook spokesman did not initially reply to a request for further explanation on how the Beacon action gets triggered if a user is logged off from Facebook, when the social-networking site's ability to track its users' activities should be inactive. It's also not clear whether the website plans to modify Beacon so it doesn't track and report on the off-Facebook activities of logged-off users.

Beacon is a major part of the Facebook Ads platform that the website introduced with much fanfare several weeks ago. Beacon tracks certain online activities of Facebook users on more than 40 participating websites, including those of Fandango and Blockbuster. These include purchasing a product, signing up of a service, and including an item on a wish list. It then reports those activities to the users' set of Facebook friends.

The program has been blasted by groups such as and by individual users who have unwittingly broadcast information about recent purchases and other Web activities to their Facebook friends. This has led to some embarrassing situations, such as blowing the surprise of holiday presents.

On Thursday night, Facebook tweaked Beacon to make its workings more explicit to Facebook users and to make it easier to nix broadcast messages and opt out of having activities tracked on specific Web sites. Facebook didn't go all the way to providing a general opt-out option for the entire Beacon program, as some had hoped.

Facebook users are not informed that data on their activities at these sites is flowing back to Facebook, nor given the option to block that information from being transmitted.

If users have ever checked the option for Facebook to "remember me" -- which saves users from having to log on to the site upon every return to it -- Facebook can tie their activities on third-party Beacon sites directly to them, even if they're logged off and have opted out of the broadcast. If they have never chosen this option, the information still flows back to Facebook, although without it being tied to their Facebook ID, according to Stefan Berteau, senior research engineer at CA's Threat Research Group.

Facebook's admission over the weekend contradicts previous statements from the company regarding this issue. For example, in e-mail correspondence with Facebook's privacy department, Berteau was told, among other things, that "as long as you are logged out of Facebook, no actions you have taken on other websites can be sent to Facebook."

Saturday, December 8, 2007

Microsoft Internet Explorer Flaw

Microsoft acknowledges that there is a vulnerability with Internet Explorer 7 and rushes out fix

Microsoft IE7 to Patch
Microsoft went to work to fix a vulnerability with Windows Internet Explorer and its URI, or Uniform Resource Identifier. The fix is to address the problem in the way Internet Explorer 7 interacts with other programs. But with no fix available at the time, using IE7 on Windows XP machines is risky business.

The vulnerability of IE 7 lies in how it interacts, via the URI handler, with products such as Adobe's Acrobat Reader or Mozilla's Firefox. Before, Microsoft pointed fingers to Firefox. Then, the company, after acknowledging that the problem was its own, went to a slow work on a fix because no known exploit existed at the time. But it went on a frenzy when a Trojan horse attack started infecting machines in October.

The Trojan horse attack, which a user receives as an infected PDF, brings an old social-engineerin ploy, which malware filters usually don't vet. It tricks you into clicking the link by carrying a subject line such as "invoice" or "bill".

Adobe patched Reader, but that only covers one end of the worm home. Microsoft's patch has been in testing for quite a while, and may remain in that state for some time. As of now, try to avoid using Windows Internet Explorer 7 to browse sites that are suspicious. Try other alternatives, such as Firfox version and up, which already has a patch for the URI vulnerability.

Opening e-mail attachements is growing riskier. A Microsoft report found that the first half of 2007 saw a 150 rcent increase in phishing scams and a 500 percent increase in malicous payloads.

Obtain a patch of Adobe Reader fix at the Adobe's site if you don't have the PDF fix yet.

Friday, December 7, 2007

Windows Genuine Disadvantage?

Thousands of Windows users went berserk after Windows Genuine Advantage (WGA) system crippled their system, accusing them of conterfeit software. In Windows Vista SP 1, Vista cripples WGA.

WGA - Change or Go Away
Back in August, a glitch in Microsoft's servers for Windows Genuine Advantage (WGA) accused thousands of users of counterfeit copies of Windows. Users, who paid for their software, were inconvinienced by the fact that WGA crippled their Windows machine, especially Vista. Microsoft has announced that Windows Vista SP1, shipping early next year, will end the kill-switch measure that cripples every aspect of Windows Vista except limited Web browsing if it believes you to have a pirated copy of the operating system

Windows Genuine Advantage is Microsoft's way of determining whether you have an original, genuine copy of Windows, or just a counterfeit copy. The system is installed during Automatic Updates or when you try do download a software off the Microsoft website that requires WGA validation. What it does is scan your system, mainly the product key of Windows, to generate a code that it sends over to Microsoft. If the servers in Microsoft determines your copy of Windows is counterfeit, it tells WGA to run Windows in Reduced Functionality Mode.

With Windows XP, nothing much is changed except for occasional message that your copy of Windows did not pass the WGA test, on your system tray or in the log-on screen. In Windows Vista, however, the effect is more severe. Failing the WGA test on Vista will disable key features, such as the Aero interface, ReadyBoost, and a limited time of using the computer (you are automatically logged off after an hour).

Microsoft has reduced the impact of WGA on Windows Vista users, and it does this with SP 1. It no longer disables the Aero interface or any other features. Instead, it will only annoy them with messages accusing them of piracy. It'll also change their wallpaper, and it'll give them a dialog box that makes them wait until they can postpone activation.

Killing the kill switch is a good start, since it'll reduce the chances that Vista will mistakenly prevent deny functionality to paying customers. But it doesn't represent fundamental change to WGA. In fact, Microsoft VP Mike Sievert says that "It's worth re-emphasizing that our fundamental strategy has not changed. All copies of Windows Vista still require activation and the system will continue to validate from time to time to verify that systems are activated properly."

Still, a lot of users have no confidence with Microsoft's WGA. Of course, that includes those innocent Windows users who were accused of counterfeit software when they were in fact, genuine copies. Users say that either Microsoft has to change WGA to be integrated perfectly with Windows, or better yet, make it go away.

For years, the Microsoft monopoly made it very hard for anyone to opt out of using Windows. Thanks to the resurgent Mac OS X and ever-improving Linux--neither of which are burdened with copy protection--that's no longer true. WGA remains a significant argument against choosing Windows, and will be one until it gets far more seamless or simply goes away.

Thursday, December 6, 2007

Firefox Flaw

Four days after releasing version of Firefox 2.0, Mozilla Corp. has to scramble to release another update. For the first time, Mozilla has issued two updates to fix Firefox bugs in one week.

Firefox to Fix 'Canvas' Problem
Just four days after releasing version of Firefox 2.0 to fix six known bugs, browser developers at Mozilla Corp had to scramble to push out another update. Version was released, last Monday, to fix a new known bug that caused problems when the browser was rendering "canvas" HTML elements. Mozilla released the update last Friday, marking the first time Mozilla has issued two updates to the open-source browser in one week.

The most recent canvas problems were detailed last week by Mozilla, which said at the time is expected to have an update out by last Friday.

The Canvas elements were first used by Apple Inc. in its Safari browser to allow web designers to dynamically render bitmap images in HTML. Microsoft Internet Explorer does this with a plug-in, but Firefox, Safari, and Opera support Canvas natively;

Firefox for Windows, Mac OS X, and Linux, break pages that include the Canvas element, and cripple at least two Firefox extensions, FoxSaver and Fotofox.

The new version of Firefox is available for free download on the Mozilla website.

Wednesday, December 5, 2007

PC + Mac QuickTime Flaw

Symantec warns that both Windows and Mac systems may be vulnerable to exploits of an unpatched Quicktime flaws

Windows and Mac Shares QuickTime Flaw

Last Sunday, Symantec warned in a DeepSight Threat Management System alert that attackers are trying to exploit an unpatched vulnerability in Apple's QuickTime software that could let them run code on a victim's computer.

Attackers appear to be aimed at Windows users, but Mac OS users could be open to the risk as well, as QuickTime vulnerability in question affects both operating systems. The vulnerability, called the Apple QuickTime RTSP Response Header Stack-Based Buffer Overflow Vulnerability, was first revealed on November 23, and still remains unpatched by Apple.

Windows XP and Windows Vista running Internet Explorer, Firefox, Opera, and Safari are affected by this vulnerability, as well as Apple's own MacOS X 10.4 and 10.5.

Symantec said that there are two types of attacks underway. One involves redireting the victim's computer from an adult web site,, to another web site that infects the computer with an application called loader.exe. It can be saved to the victim's computer as metasploit.exe, asasa.exe, or syst.exe. Once installed on a computer, this application downloads another binary file, which Symantec identified as Hacktool.Rootkit, a set of tools that can be used to break into a system. It's possible that was compromised as part of the attack.

The second method of attack also involves redirection, however, Symantec is currently investigating the attack to determine what, if any, malicious code is involved.

To protect systems from attack, Symantec recommended blocking access to affected sites. "Filter outgoing access to,,,,, and Additionally,,, and should be filtered," it said, adding IT managers can also block outgoing TCP access to port 554.

Alternatively, IT managers could take more drastic steps. "As a last measure, QuickTime should be uninstalled until patches are available," the alert said.

Monday, December 3, 2007

Vista Confusion

Users, and even lawyers, gets confused with the Vista Capable slogan of Microsoft.

Windows Vista Capable Confusion
A Microsoft Corp. product manager couldn't correctly explain the "Vista Capable" marketing slogan, according to recent filings in a lawsuit that claims the company misled consumers with a pre-release Vista campaign last year.

Dianne Kelley filed a case against Microsoft with deceptive practices in letting PC makers put "Vista Capable" stickers on PCs, letting users believe the configuration can run any version of Vista. The truth, however, is only a limited number of PCs can run a version higher than Windows Vista Home Basic, the simplest version of Windows Vista. Any other higher version would then require the "Premium Ready" sticker slapped on the unit, which was introduced in the late 2006. It can run Vista versions as high as Ultimate.

Both stickers were used to further sell machines running Windows XP before the delayed public release of Windows Vista.

About two weeks ago, lawyers for Kelley requested that the lawsuit be given class-action status, which would open the plaintiff list to all U.S. residents. Last week, Microsoft opposed that move in its own filing with the federal court in Seattle.

Microsoft argued that it spent considerable time and effort educating the public and providing information to its OEM hardware partners about the Vista Capable program. "From the inception of the WVC [Windows Vista Capable] program, Microsoft emphasized that not all Windows Vista Capable PCs were equal," Microsoft said in its Nov. 19 filing. "As Microsoft repeatedly told the public, 'premium features and advanced experiences' such as Windows Aero would require a PC labeled 'Premium Ready.' "

But in a deposition taken by Kelley's lawyers that was included in their Nov. 9 brief, a Microsoft manager couldn't correctly explain what "capable" meant in the Vista marketing blitz.
"Capable is a statement that has an interpretation for many that, in the context of this program, a PC would be able to run any version of the Windows Vista operating system," said Mark Croft, the company's director of marketing. " 'Ready' may have [prompted] concerns that the PC would run in some improved or better way than -- than 'Capable,' therefore the word capable was deemed to be a more fitting word for this program."

After a 10-minute consultation with Microsoft's lawyers, Croft corrected himself. "I made the statement that ... Capable would be able to run any version of Windows Vista, whereas, in reality, our intent with Capable was that the system would be able to run a version of Windows Vista," he said. "So quite an important difference in the two -- two terms there."

Last April, just weeks after Kelley filed her lawsuit, Microsoft denied that it had changed its online description of a Vista Capable PC's capabilities. "We have made no changes to how we communicated Vista Capable in the past few months, other than to make some [verb] tense changes to indicate that [Vista] had shipped," a company spokeswoman said at the time.

Microsoft also disputed the contention that Vista Home Basic is, as Kelley's lawyers have argued, nothing more than "a gimmick Microsoft designed" to help computer makers unload "soon-to-be-obsolete PCs that Microsoft knew lacked the horsepower to run the 'real' Vista."

"Windows Vista Home Basic represents a major advancement over Microsoft's earlier operating systems," said the company in its filing last week, listing desktop gadgets and parental controls as two features that distinguish Home Basic from the earlier XP Home.

Saturday, December 1, 2007

Google to Combat Malicious Sites

Last month, news about malicious sites taking advantage of Google's PageRank to stay on top of the search results, drawing unsuspecting users into their malware-ridden sites. Google creates an online form so users can report any malicious sites they may see.

Google's Response to Malware Sites
News leaked out about malicious sites using a technique called Google Bombing and spamdexing to stay on top of the search results, last month. Malware sites will likely to occur on the top of the search results, drawing unsuspecting victims into their malware-ridden sites, by exploiting Google's PageRank system. Once the user enters the site, it will try to install a number of malwares on the system.

Security vendor Sunbelt Software said hackers appeared to be using various tricks to ensure their malicious sites appear high in Google's search results. Sunbelt said it turned up 27 different domains hosting malware, each with up to 1,499 malicious pages, or some 40,000 pages in total.

Google's initial response was to purge from its index these sites, although Google has not confirmed that this happened. At least, your search result will now less likely contain a malicious website. It was the first search engine to act on this situation. After all, it is its technology being used to bait users. Yahoo and Windows Live Search has not yet reported to the said breakout.

Currently, we know of hundreds of thousands of Web sites that attempt to infect people's computers with malware. Unfortunately, we also know that there are more malware sites out there," Google's Ian Fette wrote in the company's security blog.

To protect online users even more, Google launched an online form so ordinary web users can report any website they suspect that contain malicious code. It contains a simple form that lets users enter the URL of the site and additional information. It also features a CAPTCHA to prevent automated bots from reporting sites automatically.