<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d26473280\x26blogName\x3dHackers+News\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dBLACK\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttp://hackers-news.blogspot.com/search\x26blogLocale\x3den_US\x26v\x3d2\x26homepageUrl\x3dhttp://hackers-news.blogspot.com/\x26vt\x3d113306571398039483', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>

Hackers News

Keeping Knowledge Free

New VoIP Phishing Scams

Wednesday, April 26, 2006
Cloudmark, an anti-spam company, put the word out about a new type of email phishing scam targeting banking customers. These fake emails don't provide a URL for you to click--you're much too smart for that. Rather, they provide a phone number, which calls into a voice mail system that asks for your account number. According to Cloudmark, what's new here is the criminal use of VoIP and PBX (private branch exchange) software to set up a voice-mail system that sounds like your bank. The process is cheap and easy, thanks to VoIP and open-source PBX software such as Asterisk. The same low-cost setup that's enabling small businesses to sound professional is enabling small-time scam artists to do the same. "The convergence of the Internet with the phone system allows someone with VoIP to do what the big boys used to do," says Adam J. O'Donnell, Ph.D., senior research scientist at Cloudmark. Cloudmark's enterprise spam filters found two such phishing scams, one targeting a small bank in a large U.S. city. Cloudmark says more than 1000 such messages were received over a three-day period. The scam artists set up a toll-free number and a number with area code.

read more

Linux, Mac viruses on the rise

The crusade to win a greater share of the operating system market away from Microsoft's Windows has long fired up the hearts of the Mac and Linux faithful. But popularity breeds contempt - from hackers. A new study of "malware" - viruses, worms, and other software nasties - released Friday by Moscow-based Kaspersky Lab shows a doubling in the number of viruses and worms targeting Linux from 2004 to 2005. The trend is worth watching, says Linux Pipeline, but must be put in context. There were only 863 cases of Linux attacks last year, while Symantec found 11,000 viruses and worms in Windows. And Apple's (Research) Mac? It got off easy in the Kaspersky report, but last week brought news of vulnerabilities in OS X, following on a February report of the first documented Mac OS X virus. Additionally, independent security researcher Tom Ferris posted to his blog a series of "serious" Mac security breaches that he recently discovered.

read more

Viruses and hackers cost UK business £10bn a year

Security breaches from computer viruses, hacker attacks and staff misuse of the internet are costing British business £10bn a year, according to a DTI backed report published yesterday. The biannual survey of 1,000 companies by PricewaterhouseCooper shows losses are 50% higher on the 2004 figure - this despite increased spending on security systems. Larger firms saw the number of security breaches fall, but the average cost of each incident rose to £65,000-£130,000 in disruption.

read more

Weak passwords leave firms open to hackers

Poor password policy management is leaving firms open to hacking attacks, a survey published today at Infosec Europe 2006 has warned. Nearly two thirds of the 500 IT administrators who responded to the poll considered the passwords of their users to be inadequate, either using common dictionary words, names or other weak passwords. Overall 86 per cent of users used one password for all their sites or a very limited pool of passwords. Over 40 per cent fall into the former category. "It is madness to use the same password for your banking site as for your football supporters' page," said Graham Cluley, senior technology correspondent at Sophos, which carried out the survey.

read more

Microsoft rolls out browser fixes

Microsoft Corp. is releasing a new test version of Internet Explorer, the market-leading Web browser that is facing competition from smaller players. The new beta, available Tuesday for free download to English-languages customers, includes fixes for problems that were causing Internet Explorer 7 to stop working, said Dean Hachamovitch, general manager in charge of Internet Explorer development. With the previous test version, Hachamovitch said the most common problems reported involved banking and news sites, in part because of security changes. Improving security can be tricky since any changes can cause legitimate Web sites to stop working, frustrating users.

read more

Five new vulnerabilities in Mac OS X

Tuesday, April 25, 2006
A researcher has discovered a new round of holes in Mac OS X, further proof that hackers are starting to look beyond the Windows landscape for exploit opportunities. The flaws, discovered by Tom Ferris of the Security-Protocols blog, can lead to DoS attacks, said monitoring service Secunia, which rated the vulnerabilities highly critical on Friday. Some of the errors can be exploited when the Safari browser processes malformed HTML tags or GIF images on a malicious website or when Safari decompresses malformed ZIP archives in the Finder. Ferris, who included proof-of-concept exploit code in his posting, said he notified Apple about the flaws early this year and has been told they "will be fixed in the next security release." As users await patches, Secunia recommends they avoid untrusted websites and do not open ZIP archives or images originating from unknown sources.

read more

Windows to Linux, and vice versa

These days, the "revolution" is all about Linux. The word alone has become a catchcry for everything anti-establishment, anti-Bill, and anti-licensing fees. If you listen to the hype, it's being used everywhere, in businesses of all sizes, to do everything but make the coffee. Just because everybody's using Linux, however, doesn't mean everybody's happy for that fact to be known, as I found recently while looking for potential candidates for this special report about companies that had made the switch from Windows and Linux, and vice versa. Based on the ongoing enthusiasm about Linux, I presumed it would be simple to find companies just busting to tell how they'd ditched their Microsoft server software and moved onto Linux servers. Everybody's doing it, after all, aren't they? Unfortunately, only Wotif.com -- a last-minute accommodation Web site due to be listed this year -- was willing to tell its story.

read more

Linux Performance Tuning

Why tune my system? This is probably the first thing you want to know. When a distribution is packaged and delivered to clients, it is designed to be fully compatible with most of the computers available in the market. This is a very heterogeneous set of hardware (hard disks, video cards, network cards, etc.). So distribution vendors like Red Hat, SuSe, Mandriva and the rest of them choose some conservative configuration options to assure a successful installation. For instance, probably you have a very advanced hard disk with some special features that are not being used due to standard configuration settings. To summarize: your linux distribution goes well… but it can goes even better! For instance, probably you have a very advanced hard disk with some special features that are not being used due to standard configuration settings.

read more

'World of Warcraft' battles server problems

With 6 million subscribers, each of whom pays $15 a month, Blizzard Entertainment's online game "World of Warcraft" has become a billion-dollar enterprise. Now comes the hard part: Making sure WoW is always up and running. Some players are angered by ongoing server problems that have led the game to crash without warning while they were playing. Complaints have also surfaced about long lag times and frustrating waits to even play. Despite Blizzard's contention that it's been keeping WoW customers informed of system problems at all times, some players contend that the company has been slow to react to complaints and reluctant to offer support when problems arise. According to players, the problems have been especially acute since Blizzard implemented its last major patch to WoW, in late March. At that time, the company acknowledged it had some temporary server problems but said they'd resolve themselves within hours. But some players say that ever since then, they're routinely encountered "urgent maintenance" that can result in being booted from the game at any time.

read more

Firefox to overtake Internet Explorer by Dec-2007

So it seems that not only has the percentage of Firefox users been increasing for the last 2.5 year but the rate of increase in the percentage of users has also been increasing.

read more

iPod Sync Comes to Linux

Linspire Inc's Developer Duane Maxwell recently released libipod for Linux which allows you to develop programs to load ipods up with music files in the same manner as iTunes. This has worked pretty well with Ltunes which also has been released on sourceforge and will hopefully make it's way into other fine music management software for Linux.

read more

Read this! The internet is about to get messed up.

The Internet, as we know it, is going to change (and not for the good... think the really bad, worst-case remember-that-Internet-thing? bad) if the gov and Verizon, comcast, att, etc. get their way. I doubt there is any other issue that is more important right now. Digg up.

read more

Beware wireless hacking

Monday, April 24, 2006
SECURITY experts are warning internet users of a new threat to their computer systems, with thieves gaining access to other people's broadband from unsecured wireless networks in homes and businesses. Known as "leaching", the unusual form of theft involves neighbours and passers-by logging on to a home or business wireless network and surfing the web for free. The consequences can range from slower download speeds to massive bills for unsuspecting network owners. Market research firm IDC estimates there are more than 200,000 wireless networks operating in homes around Australia, increasing the opportunities for sneak thieves. Stealing internet access has also become easier. Thieves need only a tiny wireless card for their laptop computer.

read more

Chinese users want Google to pick a new name

Some Chinese Internet users aren't happy with Google's recently announced Chinese name, and they've started an online petition to express their displeasure. "We love Google, but we don't love Guge," said the message atop the NoGuge.com Web site, referring to Google's Chinese name. By mid-morning on Monday more than 7,000 users had signed the petition -- a tiny fraction of China's 110 million Internet users. Guge, which incorporates the Chinese characters for 'valley' and 'song,' is an allusion to traditional songs that celebrate a rich harvest. But many Chinese Internet users find the name just doesn't sound right to them. "The name Guge makes us feel bad, it disappoints us," the Web site said. "Google are you listening?" Among a list of alternative names for Google posted on a NoGuge.com, the most popular was Gougou, a slang term for Google that literally means 'dog dog.' Gougou received 2,774 votes out of 28,942 cast in an informal poll. The second most-popular pick was Google, followed by Goule, which means 'enough.'

read more

Report: Non-Windows attacks on the rise

Attacks against platforms other than Windows, particularly Linux, are growing quickly, according to a Kaspersky Lab report released today. The number of malware affecting Linux during 2004 and 2005 jumped from 422 to 863, said the report, written by Konstantin Sapronov on the Viruslist.com website. Other Unix-based systems also are experiencing similar rises in attacks, although not to the level of Linux. Sapronov said this is not surprising news, especially as alternate platforms become more popular. "Slowly but surely Linux is being chosen over Windows not only for servers, but also for desktops," he said. "Mac OS X's (stock) may also rise. Since Apple has switched to Intel processors, Macintosh is rapidly gaining popularity."

read more

SSL/TSL and SSH Not So Secure Anymore

Polish scientists from Wroclaw University of Technology have found a vulnerability in security technologies used across the Internet that may allow kleptographic attacks resulting in silent theft of information without user's awareness. The attack is only possible if client application has been modified by a malicious person e.g. by infecting computer system by a virus or persuading a user to install a plug-in, download or compile modified code. Such application would not send any additional information and would act according to protocol specification but the data sent over secure channel would easily be disclosed only by sniffing network traffic. Probably all of the SSL/TLS and SSH protocols may be affected including Internet Explorer, Outlook Express, Mozilla Firefox, Mozilla Thunderbird and Opera.

read more

Rootkits to mask most malware by 2008

Rootkits that hide malicious software from anti-virus and anti-spyware tools are growing in number and sophistication, and will pose an unprecedented risk to users by 2008, security company McAfee said this week. In the opening quarter of 2006, said McAfee in the first of a trilogy of reports on rootkits, its Avert Labs spotted more rootkit components in worms, Trojan horses, and spyware than in all of 2005. During the past three years, the use of rootkits in malicious code has soared by more than 600 percent. "There have been dramatic increases in the last year or two," said Stuart McClure, a McAfee vice president and the chief of Avert Labs. "This hasn't been a linear ramp-up." Although rootkits began innocently enough - the term originally referred to a collection of Unix utilities that gave administrator-level access (known as root access) - they began to go dark as long ago as 1986. Most users first became aware of them much more recently; in late 2005, news broke that Sony BMG Music was using a rootkit to hide anti-piracy protection on audio CDs played on PCs.

read more

Banks move to limit losses from security breach

From Citibank to SunTrust, credit unions to community banks, America's financial institutions are scrambling to deal with the biggest cyber-heist of customer debit-card numbers to date. The huge computer-hacking incident, which took place more than a month ago, has led to potentially millions of dollars in theft by a global ring of hackers using the stolen debit information and personal-identification numbers, industry experts said this week. In recent weeks, the nation's banks have quietly tried to extinguish the problem by closing hundreds of thousands of debit-card accounts and providing customers new cards, account numbers and PINs, industry officials said. Exact figures are unknown _ some banks have reported numbers, others have not. It is thought that at least 350,000 accounts across the country were defrauded, involving more than $10 million in losses, according to some experts.

read more

Doubts, fears and the Australian ID card

Concerns about the privacy of individuals are as important as ever and ought not be compromised. Whenever the Federal Government discusses its plans for a "smartcard" - which would allow citizens to electronically access Medicare and other government services - speculation inevitably strays to the possibility that a compulsory national ID card will also be introduced. Is the "smartcard" a way of accustoming people to the notion of a national ID card? The smartcard would have a photo ID and a computer chip allowing bureaucrats to access personal information. It would not be compulsory, but most people over 18 would need one because it is the only way they would have access to government money including Medicare, Austudy, child-care benefits, pensions and pensioner concessions, the family tax benefit, unemployment benefit and maternity payments.

read more

Security Myths and Passwords

Sunday, April 23, 2006
In the practice of security we have accumulated a number of “rules of thumb” that many people accept without careful consideration. Some of these get included in policies, and thus may get propagated to environments they were not meant to address. It is also the case that as technology changes, the underlying (and unstated) assumptions underlying these bits of conventional wisdom also change. The result is a stale policy that may no longer be effective…or possibly even dangerous.

read more

Linux Distributors Unite on Standard

In a move to make the Linux OS a stronger alternative to Windows, a group of major Linux distributors announced Friday they have united on a standard set of components for desktop versions of Linux.

read more

CIA fires officer over leak; criminal probe also opened

Saturday, April 22, 2006
The CIA has fired one of its officers for leaking classified information, an agency spokeswoman said Friday. The officer admitted to "unauthorized discussions with the media in which the officer knowingly and willfully shared classified intelligence including operational information," said spokeswoman Michelle Neff. Neff declined to divulge the officer's name or position, or what specifically was leaked. (Watch how a failed polygraph test outed a journalist's source -- 1:50) A U.S. official said the person's name has been turned over to the Justice Department, where a determination will be made on whether to file criminal charges. A senior government official said the dismissal was related to a story in The Washington Post about the United States holding terror suspects in secret prisons overseas.

read more

eBay Worried About Google

eBay is reportedly in talks with both Yahoo and Microsoft on how they can work together to counter the threat from Google.

According to an article in Friday’s edition of The Wall Street Journal, the San Jose, California-based online auction giant began separate talks late last year with both companies on how they could cooperate with one another to fend off competitive threats from the search engine company.

read more

New Toshiba HD-DVD player is really a Pentium 4 PC

Toshiba has fired a shot in the war between formats to have high definition on a disc. Their HD-A1 player hit the shelves earlier this week, and has been met with fairly good reviews overall. Being interested in the format, I decided to hunt around and find an available player to go and check out. After bringing one back to the office, I took a little look under the hood to see what goes into a high definition DVD player. I had heard it was really a standard PC in there, with an IDE drive playing back content. Sure enough, after poking around that's exactly what I found. There is a USB flash disk inside the unit that holds the bootable firmware that runs the player, and it will be very interesting in the near future to see what secrets it holds.

read more

Myth or reality: Is the fax dead?

Leading developer of network security, GFI, today released a report on how companies can streamline faxing technology to improve employee productivity. The report examines the costs involved in manual faxing and estimates that the average yearly cost for businesses sending 50 faxes per day is $26,000. The report concludes that GFI’s integrated fax solution, GFI FAXmaker, can reduce the annual cost of manually sending 50 faxes per day to $2,600, if they are sent directly from their email client. A recent Gallup/Pitney Bowes poll of Fortune 500 companies conducted in the US discovered that faxing is still the number one method for sending and receiving official international messages that must be signed for, at an average cost of $15 million per year. Whilst email is still the most common form of business communication, until the digital signature is deemed as a legal entity, many industries are still reliant on faxing.

read more

THE Top 15 Security/Hacking Tools & Utilities

A good summary with a description and links of some of the top tools in the Hacking/Security arena. For old hands it will be a familiar list but most people will find a thing or two they didn't know about.

read more

Hands-on testing of the new Linux virus

NewsForge has obtained a copy of the widely reported Windows/Linux cross-platform "proof of concept" virus. News reports thus far on the code have contradicted themselves: some reported the virus can replicate itself on both Windows and Linux, others saying it has a viral nature only on Windows. Testing by both NewsForge staff and Hans-Werner Hilse may reveal why the confusion.

read more

Boot Faster with Parallel Starting Services

If the slow booting time of your Linux box is driving you crazy, consider parallel booting techniques.

What kind of improvements might you see, compared to your current sequential boot process? Well, let's start by seeing what kind of times you're getting currently. Either grab a stopwatch, or write a simple script to time the boot

read more

The pros and cons of Windows Firewall

Friday, April 21, 2006
Is Windows Firewall up to the task of securing your network? We delve into the details of this host-based stateful firewall and weigh its pros and cons. Windows Firewall debuted with the release of Windows XP, and Windows XP Service Pack 2 enabled this feature by default. This host-based stateful firewall replaced Windows' Internet Connection Firewall. This feature's default configuration rejects incoming IP traffic unless you've specifically allowed it. To configure or adjust the Windows Firewall settings, go to Start | Control Panel, and double-click the Windows Firewall applet. Let's take a closer look at the various settings.

read more

Oracle CEO gets strategic with Red Hat name calling

Red Hat chief executive Matthew Szulik has written an open letter to Larry Ellison, essentially accusing Oracle of being a relic of a dying enterprise software age, which has served its own interests rather than those of customers for 30 years. Szulik's mildly worded letter appeared in the Financial Times on Thursday, shanghaiing the very pink pages Ellison had co-opted just five days earlier to share with the world his thoughts on how Oracle may buy a Linux distro. Szulik has been joined by Scott Handy, IBM's vice president of Linux and open source, who made it clear IBM ain't gonna be re-assessing its relationships with anyone just cos' Red Hat bought JBoss. Ellison used his FT piece to lump IBM in with Oracle, saying both must re-assess their relationships with Red Hat since it bought their mutual competitor, JBoss. The slowly gathering backlash against Larry's comments are almost as predictable as Ellison's words themselves. Larry's outburst blends some good-old-fashioned ERP/CRM vendor politics calculated to freeze the competition with the passions of the jilted lover who knows he's lost something of great value.

read more

Opera takes v9 to beta, unveils widgets

Norwegian browser maker Opera Software on Thursday unveiled the first public beta of its namesake, Opera 9.0. The 3.7MB beta, which can be downloaded from the Oslo-based company's web site, follows a rougher technical preview that debuted in October 2005. Among Opera 9.0's new features are "widgets," small web-based applications similar in function to the same-named applets in Mac OS X and to Yahoo's Widget Engine. Windows Vista, Microsoft's next-generation operating system, will also include widget-like capabilities. The browser also boasts support for BitTorrent, an advertisement- and image-blocker, search engine customization, and thumbnail previews of pages open in the tabbed interface. "Opera 9 unlocks new levels of productivity for the Internet ecosystem," boasted chief executive Jon von Tetzchner, in a statement.

read more

Asia is public enemy No. 1 for spam

More spam is now relayed from Asia than any other continent, according to the latest research from security company Sophos. Asia accounts for 42.8 percent of the spam received by Sophos' global spam monitoring network, with North America in second place with 25.6 percent, the company said on Thursday. Two years ago, North America was responsible for more than half of the world's spam, Sophos said. Now North and South America combined don't come close to Asia's percentage, said Graham Cluley, senior technology consultant at the security provider. Cluley added that Europe is also becoming a major relayer of spam and now transmits almost as much as North America, with 25 percent. "I won't be surprised if Europe overtakes North America next month," he said.

read more

Google declines to rule out wireless airwave bid

Google Inc. on Thursday opened the door to the possibility that it could bid on U.S. licenses for wireless radio spectrum in order to offer Internet access services, but said no plans were imminent. Co-founder Larry Page said the company has no wireless spectrum acquisition plans to announce but declined to rule out speculation that Google may be gearing up for a push far beyond wireless trials it is working on in the San Francisco area. "We haven't announced any plans with regard to spectrum, but we are generally interested in improving access to the Internet," he said in a tone mixing the excitement of a keen science student with that of a billionaire ready to pay for the undertaking. He was responding to a question by a Wall Street analyst over whether the company's wireless strategy would lead the company to bid in upcoming U.S. airwave auctions.

read more

Man charged with hacking USC database

A 25-year-old San Diego man has been charged with hacking into the University of Southern California's online application system and nabbing personal data from prospective students. On Monday, the U.S. Attorney's Office in Los Angeles filed a criminal complaint against Eric McCarty, a network administrator, for allegedly exploiting a vulnerability in a USC database that hosts and stores student applications. Officially, he's charged with "intentionally transmitting a code or command to cause damage to the USC online application system," according to the U.S. Attorney's office. Michael Zweiback, an assistant U.S. attorney in the cybercrimes and intellectual property unit, said that the case reflects a growing trend among hackers.

read more

Cisco invests in video encryption company

Widevine Technologies, which designs technology to prevent digital video theft, on Wednesday said it had received $US16 million from several investors, including network equipment maker Cisco Systems. The privately held company's encryption technology scrambles digital video signals as they leave a service provider's main office, and decrypts them once they enter consumers' homes via television set-top boxes. "This gives Cisco pretty much a ground-floor opportunity to use Widevine's technology in some of their future home devices," said Vamsi Sistla, an analyst at ABI Research in New York. Cisco, which bought television set-top box maker Scientific-Atlanta for about $US7 billion earlier this year, is building its presence in the digital video market through other acquisitions and investments.

read more

Apple plugs Java holes

Apple has released a security update for its OS X OS X 10.4.5 operating system that plugs five security holes in the Java virtual machine. The update prevents applications running in Java Web Start from seizing additional privileges, which could result in Java applications granting themselves permission to read and write local files on a system. The patch updates the Java 2 Standard Edition (J2SE) on OS X to J2SE 1.5.0_06.

read more

Quantum cryptography record broken

Scientists have reported an important speed breakthrough which brings closer the day when quantum encryption becomes a usable part of communications security. The National Institute of Standards and Technology (NIST), a U.S. government agency, has reported that it has managed to shift quantum-encrypted information at a "raw" throughput of 4 million bits per second across a 1 km-long fiber link. This is at least twice NIST's previous record, which has been rising since the agency announced it had broken the 1 million bits per second barrier in May 2004. At such transfer rates, it becomes practical to use quantum key distribution (QKD) cryptography to secure a video stream.

read more

The Evolution Of Spy Tools

Real spies may tell you that their lives are nothing like what you’d see in a Hollywood movie, but don’t be fooled: They’ve still got some pretty cool gadgets. And aside from the relatively recent tools that monitor electronic correspondence, most of those gizmos have been around for a pretty long time. Spies claim that theirs is the second-oldest profession, and basic espionage needs haven’t changed: looking and listening, getting the information they need, and smuggling it back home. What has changed is the way those spy gadgets work. As technology advances and enemies get smarter, spies have had to constantly re-invent the tools of their trade.

read more

Authenticating e-mail can break it

The promise of e-mail authentication is too good to ignore, but if it is implemented incorrectly it will break a company's mail system instead of fixing it, experts have cautioned. "Deploy smart. Don't just do it," Erik Johnson, a secure messaging executive at Bank of America, said in a presentation at the Authentication Summit here Wednesday. "If you just do it, you may just break it." For the past two years, the technology industry has been advocating the use of systems to guarantee the identity of e-mail senders. It sees such authentication as key to the fight against spam and phishing, as it should help improve mail filters and make it harder for senders to forge their addresses. The industry also likes to advertise that these systems have practically no cost.

read more

IT industry eyes Vietnam

The world's biggest chip maker Intel is investing in Vietnam and Microsoft chairman Bill Gates is due to visit this weekend, but the poor Southeast Asian country's IT industry has a long way to go. Business analysts say that for the second time in a decade an array of foreign industries and services, including IT firms, have an eye on Vietnam's highly literate, young workforce. "Don't take one announcement or two announcements to suggest Vietnam is there," cautioned Myron Brilliant, a vice president for Asia in the U.S. Chamber of Commerce on a March visit. "There is a lot of competition in the region and globally."

read more

Google hastens push in corporate search

Hoping to become less dependent on Internet advertising, online search engine leader Google Inc. is introducing a tool designed to make it easier for companies and their workers to find vital information scattered across a maze of complex software applications. The latest upgrade to Google's 4-year-old search engine for corporate America underscores the Mountain View, California-based company's determination to develop other revenue channels besides advertising, traditionally a volatile market vulnerable to unpredictable swings in spending. With the improvement unveiled Wednesday, Google's corporate search engine will be able to fish through a deep pool of data and display the requested information in a box near the top of the computer screen so users won't have to scan through other pages.

read more

Russia calls for unity to fight Internet crime

The world should unite against online criminals because they could cause as much harm as deadly weapons, Russia's interior minister said on Wednesday. Russian hackers are notorious, and the country is often identified as a centre for extortion from internet bookmakers, banks and other businesses. Several damaging viruses are believed to have originated in Russia. Interior Minister Rashid Nurgaliyev said the frequency of such attacks was increasing, with potentially catastrophic consequences. "A whole arsenal of destructive technologies is being used by criminals against the information infrastructure," Nurgaliyev told a conference in Moscow.

read more

Beware the silent exploit

An interesting stat in the ninth and latest version of Symantec’s bi-annual Internet Security Threat Report, which covers the second half of 2005, highlighted the rise in exploits that are modular in nature. Modular malicious codes, as Symantec calls them, are exploits that initially possess limited functionality but over time are capable of updating themselves into sophisticated malware. As Symantec’s report showed, modular is now the mantra for hackers: Malicious modular code accounts for nearly 88 percent of the top 50 malicious code samples between June to December 2005, up from 77 percent in the previous six-month period. The obvious inference from the stat is that more hackers now think stealth and non-destructiveness when they launch attacks. Modular exploits, being tiny in footprint and light on resource requirement, lets hackers go under the radar while they steal data and slave machines.

read more

Open Source is bad... except when Microsoft uses it

Microsoft, the anti-open-source company, is using open-source software from one of open-source's leading lights. You've got to love it.

read more

New York Times Web Site Down for Hours

Thursday, April 20, 2006
The online edition of The New York Times, one of the most viewed U.S. Web sites, was off-line for nearly four hours Wednesday night. The site, http://www.nytimes.com, was restored shortly before 11 p.m. EDT after being inaccessible for about four hours. A spokeswoman for New York Times Co., Catherine J. Mathis, did not immediately return a call for comment Wednesday night. The Web site was ranked ninth among the 50 most visited sites last month, according to figures released Monday by comScore Media Metrix, which tracks Internet traffic. It received 36.3 million unique visitors, just behind the myspace.com online community, part of News Corp., and ahead of Verizon Communications Inc. and The Weather Channel sites, comScore said.

read more

Customizing GNOME Desktop

GNOME can be both nice to look at and fun to use. However, GNOME is horribly bland in its natural state, and fixing it so that it's more palatable seems like such a daunting task. This guide shows how to make your GNOME desktop beautiful in around 20 min.

read more

Google Bookmarks in Firefox

This Firefox extension allows you to use, add and manage your Google Bookmarks right from Firefox's interface. It's very useful, works similar to the normal bookmarks, except that everything is synchronizing with server.

read more

Looking Ahead: Ubuntu Linux 6.06

Ubuntu is a pretty interesting Linux distribution isn't it? I mean, no other take on Linux has shot so high so fast. Nobody has single-handedly turned the desktop Linux world over on its ear like Ubuntu has. Nobody. What makes it so special? What sets it apart from the hundreds of other distros on the market today? Well, we're here to take a look at the latest pre-release copy of what is to become Ubuntu 6.06... Flight 5. First off, let me begin by saying I am not an Ubuntu zealot. I do not run Ubuntu on my personal workstation, I do not fly the Ubuntu flag in my front yard, and I do not have Mark Shuttleworth over for dinner and a game of strip poker every weekend. If you care to know, I prefer Slackware over any other distro for my personal use, and to this day am running it at home to do all of my work and play. I like to get that out of the way right up front because I'd hate to be called a zealot if this review goes well... after all, zealotry is for morons. You can take that to the bank with you.

read more

Apple Needs to Make OS X Open-Source

A cloud is rising over Mac OS X and its future unless Apple makes its boldest move ever: turning OS X into an open-source project. That would make the battle between OS X and Linux the most interesting one on the computer scene. With all attention turned in that direction, there would be nothing Microsoft could do to stem a reversal of its fortunes. Let's start at the beginning. There's been a lot of fuss over Apple's rollout of the unsupported Boot Camp product, which lets Mac users run Microsoft Windows easily on an Intel-based Macintosh. I got into various levels of trouble when I suggested that Apple was going to gravitate towards Windows since it would be easy to do and there was some evidence that the company might want to do it.

read more

Microsoft Pulling Plug on Windows 98, 98 SE and ME

For those of you still puttin' around on Windows 98 or Windows 98 SE, you'll be cut-off from Microsoft in July. If you're still running Windows Millennium, well I'm sorry to hear that. Customers will no longer be provided with critical security updates after July 11, 2006. From Microsoft's Help and Support site:

Microsoft is ending support for these products because they are outdated and these older operating systems can expose customers to security risks. We recommend that customers who are still running Windows 98 or Windows Me upgrade to a newer, more secure Microsoft operating system, such as Windows XP, as soon as possible.

Although Microsoft is ending the release of updates for the aforementioned operating systems, online self-help support will still be available at from Microsoft's support site until at least July 11, 2007.

read more

Dell unveils 'fastest' consumer laptop

Dell has announced what it claims - and it should know - is its fastest consumer-oriented notebook, the gamer friendly XPS M1710. The laptop sports Intel's quickest Core Duo processor plus Nvidia's newest, top-of-the-range mobile GPU, and comes in a choice of glowing red or metallic black carapace. The notebook's spec best includes a 2.16GHz Core Duo T2600 CPU, 2GB of 667MHz DDR 2 SDRAM, an Nvidia GeForce Go 7900 GTX with 512MB of dedicated graphics memory, 100GB of SATA storage, dual-layer DVD±R/RW optical drive, 802.11a/b/g Wi-Fi card, five-in-one media card reader, and a 17in UXGA screen.

read more

Torvalds creates patch to help Linux virus

Wednesday, April 19, 2006
An anti-virus firm in Russia is hyping 10-15 year old code as a new threat, but it doesn't work right on the latest versions of the Linux kernel. What's a poor virus to do? Never fear, Linus Torvalds has come up with a patch to provide a work-around for the probem and early tests show the "virus" now works on all versions of the kernel.

read more

Oracle releases password security tool

Oracle has released a tool designed to ferret out commonly used default passwords that theoretically could be misused by hackers. Called the Oracle Default Password Scanner, the software was released Tuesday as part of Oracle's quarterly Critical Patch Update. Earlier versions of the company's database software included well-known default passwords and user names, for example "scott / tiger". These accounts are also known to have been created by other software, such as application servers, that interact with the database, said Oracle Security Alerts Manager Darius Wiles. Although these accounts have been locked down in current versions of the database, they may present a problem to some users with older versions of the database or to those who have upgraded from an older version that included the default passwords, he added.

read more

Microsoft faces tough sell for sender ID

Microsoft on Tuesday claimed rapid adoption of its Sender ID framework for email authentication to fight spam, but at least one analyst firm said the software maker is waging an uphill battle in the industry. On the eve of the second annual Email Authentication Summit in Chicago, Microsoft got the market machine humming for Sender ID, claiming its adoption has increased in March to 21 percent of Fortune 500 companies, compared with seven percent the same month a year ago. Sender ID uses Microsoft's proprietary Purported Responsible Address method for checking the headers with a message body to verify the legitimacy of the domain name from which an email is sent. Sender ID also supports the Sender Policy Framework Classic method, which looks only at envelope headers outside the message body; but the authentication system generally implies the PRA method.

read more

Indian army carries out country-wide cyber security audit

A day after Defence Minister Pranab Mukherjee's call for tightening security procedures, the Army today announced carrying out country-wide cyber security audit by setting up a specialist security establishment. The Army headquarters has also issued security advisory to all units and set up a specialist cyber security team from the Corp of signals to carry out a countrywide audit, a top Army officer said here. "The team besides looking into security shortcomings had also issued instructions on framing pass phrases instead of passwords for the computers and would carry out hacking operations to check vigilance of the units", he said. He said that for the first time the army was now going in for automation of record of all personnels and for this 47 centres had been set up." Almost 80 per cent of the records have now been transferred to computers carrying the entire data bank on all serving personnel including officers".

read more

So you think you're safe?

Well you're not -- if you're only using a firewall. Here's what else you need to know to secure your network. Sure, network firewalls will help protect you against a wide variety of threats. But if your security plans stop and start with a firewall, you're in big trouble. So network security extends beyond simply setting up a "good enough" firewall. There are other things you need to consider to help secure your network, and not all of them are tied directly to the network itself. Here are six tips from the experts to give you help.

read more

Linux Snobs: Real Barriers to Entry

One particularly distraught new Linux user came to me and shared how his meeting with a number of Linux "pros" turned to a bash Windows, bash him and bash everything he said gathering. Instead of answering his question regarding which GUI they prefer to use on their systems, the response was a clear: "you ignoramous! Go back to your Windows."

read more

Programmers' prose sought in Linux essay contest

Can you craft a sentence as well as you can code a Linux hack? If so, Intel and the Linux Symposium want to hear from you, with a new competition for the best essay on Linux.

read more

The Perfect Setup - Fedora Core 5

This is a detailed description how to set up a Fedora Core 5 based server that offers all services needed by ISPs and hosters (Apache web server (SSL-capable), Postfix mail server (with SMTP-AUTH and TLS), DNS server, FTP server, MySQL server, POP3/IMAP, Quota, Firewall, etc.).

read more

Vista Gets New App Compatibility Tool

With any major new Windows release such as Vista, application compatibility becomes a critical concern for businesses and individuals considering an upgrade. No matter how much Microsoft promotes the new version, users aren't going to make the switch unless their applications continue to function seamlessly. In turn, Microsoft has long offered an Application Compatibility Toolkit (ACT), which checks what programs are installed on a system and detects any potential conflicts. The Redmond company is preparing version 5 of the software to be ready by the time Windows Vista ships later this year, and has included a number of new features. ACT 5.0 most notably will have to take into account the limited user privileges in Windows Vista that are designed to keep the operating system core safe from malware. Internet Explorer 7 will also run in a protected mode, potentially disrupting applications that interact with the browser.

read more

Sun: Four years to go in x86 transformation

Sun Microsystems began its pushing x86 server efforts in earnest two years ago, but the company still has several years to go before the transformation into a full-fledged x86 hardware maker is complete, said John Fowler, executive vice president of the network systems group that builds x86 servers. "I think we are in the first two years of six," Fowler said in an interview here Friday. The serious part of the effort began two years ago when Jonathan Schwartz took over as chief operating officer and carved out once-shunned x86 servers as a separate Sun business unit. Sun once sold only machines with its Sparc processors, but responding to market pressure added generic Intel-based servers in 2002. Last year, Sun introduced its own designs, the dual-processor X4100 and X4200 of the "Galaxy" family using Advanced Micro Devices' Opteron. Sun plans to release an eight-processor Galaxy by the end of June and also a blade server, but has a long way to go to catch up to x86 leaders Hewlett-Packard, Dell and IBM.

read more

Intel Mac tricked into triple-boot config

Intel-based Macs can now play host to three operating systems and boot into any one of them at will. The triple-boot technique has been outlined on the OnMac.net website, home of the first code to allow the new machines to run Windows XP. The procedure's not trivial, though it makes use of Apple's BootCamp utility to ease you through the installation of Windows XP. After installing XP, the process walks you through adding a Linux distrubution off a live Linux CD to the dynamically re-partitioned Mac hard drive. This Linux uses a swapfile for virtual memory rather than the more commonplace swap-specific partition due to limitations in the permitted partition structure.

read more

Driver caught with gadget for changing stop lights

A man who said he bought a device that allowed him to change stop lights from red to green received a $50 ticket for suspicion of interfering with a traffic signal. Jason Niccum of Longmont, Colorado, said the device, which he bought on eBay for $100, helped him cut his time driving to work. "I guess in the two years I had it, that thing paid for itself," he told the Daily Times-Call on Wednesday. Niccum was issued a citation March 29 after police said they found him using a strobe-like device to change traffic signals. Police confiscated the device. "I'm always running late," police quoted Niccum as saying in an incident report. The device, called an Opticon, is similar to what firefighters use to change lights when they respond to emergencies. It emits an infrared pulse that receivers on the traffic lights pick up.

read more