Saturday, August 20, 2005

China Telecom opens office in Austin

Via the Austin Business Journal.

China Telecom USA has opened a regional office in Austin, along with a location in Atlanta.

The two offices will serve the Southeastern and Southwestern regions of the United States.

"China is the fastest growing economy in the world with numerous opportunities opening up to U.S. businesses every day," says Weihua Zhang, president of China Telecom USA. "We are aware of the many companies in both the Southeastern and Southwestern regions of the United States are looking to expand their businesses into China. China Telecom USA can now assist these companies at a local level to help them gain a strategic foothold in the market."

China Telecom USA expects to open more regional offices at a later date, to better serve all of its customers nationwide.

Skywatchers: Mars to be Spectacular in Fall 2005


Image source: MSNBC/NASA via AFP, Getty-Images



Joe Rao writes over at Space.com:

Mars is coming back. The Red Planet, the only one whose surface we can see in any detail from the Earth, has begun the best apparition it will give us until the summer of 2018.

Planet watchers have already begun readying their telescopes.

If this sounds familiar, you might recall a similar setup two years ago. This current apparition of Mars will not be as spectacular as the one in August 2003 when the planet came closer to Earth than it had in nearly 60,000-years.

Mars is currently in the constellation of Aries, the Ram and doesn't rise until around 10:45 p.m. local daylight time. There is certainly no mistaking it once it comes up over the east-southeast horizon. Presently shining at magnitude –0.8, it now ranks fifth among the brightest objects in the night sky, surpassed only by the Moon, Venus, Jupiter and Sirius (the brightest star in the sky).

And as it continues to approach Earth, Mars will only be getting brighter in the coming weeks: it will surpass Sirius on Sept. 21 and on Oct. 4 it will rival Jupiter and as a consequence (until Nov. 26), hold forth as the second-brightest planet.

WTO gives U.S. till April to change gambling law

A Reuters newswire article, via Yahoo! News, reports that:

A World Trade Organization arbiter on Friday gave the United States until April 3 to comply with a ruling that a ban on Internet gambling services offered by Antigua violates the body's rules.

U.S. officials had sought a July deadline.

United States Trade Representative's Office press secretary Neena Moorjani said on Friday the USTR would examine the ruling and do its best to accede to the timeframe.

But she said the change would not necessarily loosen U.S. restrictions on Internet gambling.

Original Einstein Manuscript Discovered

An AP newswire article by Toby Sterling, via ABC News, reports that:

The original manuscript of a paper Albert Einstein published in 1925 has been found in the archives of Leiden University's Lorentz Institute for Theoretical Physics, scholars said Saturday.

The German-language manuscript is titled "Quantum theory of the monatomic ideal gas," and is dated December 1924. Considered one of Einstein's last great breakthroughs, it was published in the proceedings of the Prussian Academy of Sciences in Berlin in January, 1925.

High-resolution photographs of the 16-page manuscript and an account of its discovery were posted on the institute's Web site.

Diversification Helped Spammer Make Money

An AP newswire article by Steve Karnowski, via Yahoo! News, reports that:

Christopher Smith's neighbors didn't know exactly what he did for a living. But they knew well that he liked to collect expensive cars and set off fireworks at all hours.

At an age when most of his peers could barely afford a new car, Smith was amassing a collection that would include BMWs, Hummers, a Ferrari, a Jaguar and a Lamborghini. And when other 20-somethings were trying to save for down payments on modest starter homes, Smith paid $1.1 million for a house in a more affluent suburb.

Smith got all that through his successes in massive unsolicited e-mail marketing, authorities say. The Spamhaus Project, an anti-spam group, considered him one of the world's worst offenders.

He was just 25 when the feds in May shut down his flagship company, Xpress Pharmacy Direct, and seized $1.8 million in luxury cars, two homes and $1.3 million in cash held by Smith and associates.

But even then, prosecutors say, he refused to give up.

Belarus: KGB censors satirical Internet cartoons

Via Reporters sans Frontières.

Reporters Without Borders today condemned the raids carried out on 16 August by the Belarusian secret police, the KGB, on three apartments in Minsk and the western city of Grodno allegedly belonging to young members of the Third Way opposition movement who create satirical, animated cartoons (in Flash format) for Internet distribution.

The KGB confiscated at least 12 computers and material used to produced the cartoons, and interrogated three Third Way members.

"This harassment is yet another example of the authoritarianism prevailing in Belarus," Reporters Without Borders said. "Any sarcasm and criticism of the authorities is severely punished. Three journalists have been given prison terms for 'insulting the president' in recent years and it would be intolerable if these young Internet users were now to suffer the same fate."


Daily gapingvoid.com fix....

Via gapingvoid.com. Enjoy!


Light that travels faster than the speed of light?

Thanks to a post over on Slashdot which alerts us to this article.

Man, I knew I should've gotten in on the ground floor in any effort to speed up light -- someone's going to be rich beyond their wildest dreams. :-)

The Science Blog reports that:

A team of researchers from the Ecole Polytechnique Fédérale de Lausanne (EPFL) has successfully demonstrated, for the first time, that it is possible to control the speed of light – both slowing it down and speeding it up – in an optical fiber, using off-the-shelf instrumentation in normal environmental conditions. Their results, to be published in the August 22 issue of Applied Physics Letters, could have implications that range from optical computing to the fiber-optic telecommunications industry.

U.S. government IPv6 testing must go on

Grant Gross writes in InfoWorld:

Normally, August in the Washington, D.C., area is a time for many workers to take vacation and escape the near-tropical conditions. But the parking lot outside a Northern Virginia facility operated by the U.S. Department of Defense's Defense Information Systems Agency (DISA) was filled Wednesday morning.

The work of DISA, with the job of creating, acquiring and testing technology equipment for the Defense Department, must continue through the sweltering August weather. In one of the DISA building's lab areas, more than a dozen Defense Department contractors were subjecting hardware products to a variety of tests.

Among the pressing matters in one of several testing labs at DISA was testing of Internet Protocol version 6 (IPv6), the next generation of protocol that allows computers to communicate over the Internet. The Defense Department has set 2008 as a target for making its computer systems compatible with IPv6, although the agency had formerly mandated IPv6 compatibility by then. Even though the target is no longer a mandate, testing IPv6 remains an important priority.

Microsoft Security Response Center: New security advisory

From the MSRC Blog:

Hey folks – Mike Reavey here, live from the situation room. (BTW- “live from the situation room” is a new favorite term ever since our big television debut this week!) I wanted to let you know that we published an advisory on a security issue in COM object, MSDDS.DLL, that when loaded in Internet Explorer could potentially run malicious code a system. The advisory is here. Some quick excerpts that are important for customers to know:

· The Microsoft DDS Library Shape Control (Msdds.dll) does not ship in the .NET Framework.

· Microsoft Office 2003 are not affected by this vulnerability.

· Microsoft Access 2003 are not affected by this vulnerability.

· Microsoft Visual Studio 2003 are not affected by this vulnerability.

· Microsoft Visual Studio 2002 Service Pack 1 are not affected by this vulnerability.

As far as where the control does ship:

· Microsoft Visual Studio 2002 with no service packs ships the control, but customers that have applied Service Pack 1 for Visual Studio 2002 will be protected.

· Microsoft Office XP Service Pack 3 are not by default affected by this vulnerability. However, its only in a vulnerable configuration if the C runtime library files are in the search path for Internet Explorer. These files are Msvcr70.dll and Msvscp70.dll. For instance placing them in the same directory as Msdds.dll or in the %windir%/system32 directory could expose Office XP customers to this issue.

Of course, there are more suggested actions in the advisory that can help protect customers and we’ll keep investigating this issue. Finally, you’ve heard us say it before, but I’ll say it again; publicly posting details and exploit code for a vulnerability puts customers at risk. We really want to encourage security researchers to work with us by sending information to secure@microsoft.com. You can read more about how to work with us here.


UK police want database of people who are "suspicious", yet unconvicted

Via the BBC.

A computer system allowing police to share details of dangerous offenders has been unveiled by the Home Office.

The £10m Violent and Sex Offenders Register (Visor) is intended to help reduce re-offending and contains information on 47,000 people.

It controversially includes details on people who have not been convicted, but are still considered a public danger.

Minister Fiona Mactaggart said Visor could help reduce crime and was "a step change in public protection".

Germany launches national IT security plan

An IDG News Service article by John Blau, via TechWorld.com, reports that:

The German government is to create a computer emergency response centre to deal with the increasing threat of computer viruses.

The centre will be just part of a national IT security plan that was outlined yesterday in Berlin by interior minister Otto Schily. It comes at a time where many other industrialised nations are struggling to come to grips with attacks on IT systems in both the public and private sectors.

The number of new viruses and worms in the second half of 2004 more than quadrupled from the same period the year before to 7,300 worldwide, according to Schily. The damage from phishing attacks, which aim to steal passwords or credit card numbers, is estimated at around 2.5 billion euros (£1.7 billion) globally, he said.

The German government's "National Plan to Protect IT Infrastructures" is the first in Europe and comprises three main areas: early prevention, swift response and security standards. The Federal Office for Security in Information Technology (BSI) will play a key role. It will be responsible for developing and implementing new security standards in the public sector, and publishing guidelines for the private sector.

Hacker nabs Air Force personnel data

Frank Tiboni writes in FCW.com:

A hacker gained access into an Air Force personnel system and accessed individual information on about half of its officers and “a handful” of its noncommissioned officers, service officials confirmed today.

A hacker used an airman’s log-in information to access the online Assignment Management System (AMS) and download data from it. The Air Force has started notifying more than 33,000 service personnel of the security breach, according to a statement.

The Air Force Personnel Center detected high activity on one person’s AMS account in June and alerted service and federal investigators. AMS has assignment preferences and career management information, and contains birth dates and Social Security numbers. It does not hold personal addresses, phone numbers and specific information on dependents.

'E-Mail Wiretapping' Prosecutions Could Increase in the Future

Gene J. Koprowski writes in eWeek:

A federal appeals court ruling in Boston last week on e-mail wiretapping is reverberating throughout the Internet community—and legal world—with a consensus emerging that there may be prosecutions in the future for what today is considered normal business practice by ISPs.

The First Circuit Court of Appeals, voting 5-2, ruled that an e-mail service provider that supposedly read e-mail, intended for customers only, could indeed be tried on federal criminal charges.

This overruled a 2-1 vote last summer by a three judge panel in the same matter.

In a majority opinion written by Judge Kermit Lipez, a Clinton appointee, of the First Circuit, the court said the prosecution under the federal Wiretap Act could proceed, because the "statute contains no explicit indication that Congress intended to exclude communications in transient storage from the definition."

"Business" Worms Wreak Havoc From Inside

And, unfortunately, this is exactly what I have witnessed firsthand.

Gregg Kiezer writes in TechWeb News:

One of the week's dozen or so bots can be called the first "business" worm, a security expert argued Friday.

"On the face of it, Bozori is no different than earlier Internet worms like Blaster or Sasser," said David Emm, a senior technology consultant for the Moscow-based Kaspersky Labs, in an e-mail to TechWeb. "It uses an exploit to spread directly to vulnerable machines. Yet there's no global epidemic. We've seen no tell-tale signs of an epidemic on the Internet. And we've had no reports of infection from individual users."

Other experts seconded that last statement. Radialpoint, a security provider to broadband ISPs, said that its customers are reporting low infection rates among their users, even those without anti-virus defenses. "We attribute this to the fact that the virus [sic] only targets Windows 2000 machines," said a Radialpoint spokesperson.

"There's no question that this worm is spreading. However, it seems to be confined to localized 'explosions' inside large corporations," Emm continued. "These organizations, typically made up of 'small internets' behind heavily defended Internet gateways, have experienced infection."

Canada: Bill would let police monitor your e-mail

Thanks to a post over on Slashdot which brought our attention to this issue.

A CamWest News Service article by Tim Naumetz, via The Windsor Star, reports that:

The federal cabinet will review new legislation this fall that would give police and security agencies vast powers to begin surveillance of the Internet without court authority.

The new measures would allow law-enforcement agents to intercept personal e-mails, text messages and possibly even password-secure websites used for purchasing and financial transactions.

University of Ottawa professor Michael Geist, a law and privacy expert involved in consultations over the bill, said a draft version of the legislation circulated earlier this year did not require court authority for police to intercept communications or demand information from Internet servers.

"I think it's the kind of legislation that is literally going to shock millions of Canadians," said Geist.

Friday, August 19, 2005

Tor starts anonymous GUI competition

Via The Inquirer:

THE DEVELOPERS of Tor - which is supported by the Electronic Frontier Foundation (EFF) - is launching a competition to create a graphical front end.
The idea is that people will be able to install and configure Tor easily without necessarily having to be software wizards.

Tor currently helps to create anonymous identities when using IRC, browsers, instant messaging and the like.

The first phase of the competition is for entrants to produce mockups of good interfaces. The second phase is providing working implementations. Entries are invited for both.

The EFF said the winning entries will be open source, show good graphic design, and have a simple interface. Everyone who enters gets a free t-shirt.

More details of the project, here.

Cisco - ZOTOB and WORM_RBOT.CBQ Mitigation Recommendations

Via UNIRAS (UK Gov CERT).

Cisco customers are currently experiencing attacks due to new worms and bots that are active on the Internet. The signature of these worms and bots appears as TCP traffic to port 445 as well as traffic to several secondary TCP ports depending on the variant of the worm. Affected customers have been experiencing high volumes of traffic from both internal and external systems. Symptoms on Cisco devices include, but are not limited to, high CPU and traffic drops on the input interfaces. This document focuses on both mitigation techniques and affected Cisco products that need software supplied by Cisco to patch properly.

These worms and bots have been referenced by the name ZOTOB in multiple variants, WORM_RBOT.CBQ in multiple variants, and by several other names. These worms and bots exploit a vulnerability previously disclosed by Microsoft, details of which can be found at http://www.microsoft.com/technet/security/Bulletin/MS05-039.mspx

Cisco has made free software available for the affected products listed in this Notice that require Cisco-distributed updates.

Microsoft working to fix new Internet Explorer flaw

An AP newswire article, via The Mercury News, reports that:

Microsoft Corp. was working Friday to come up with a fix for a flaw in its Internet Explorer browser that could let hackers gain remote access to computer systems through malicious Web sites.

A patch was not immediately available, though some security experts played down the risk.

"If the user doesn't browse a malicious Web site, then the user isn't even under attack,'' said Gerhard Eschelbeck, chief technology officer at Qualys Inc., a security company based in Redwood Shores, Calif.

The vulnerability is a problem in the way Internet Explorer handles certain pieces of data that are optional components in various programs.

The Redmond, Wash.-based software maker said it knew of no customers who had been attacked.

Finnish security exec arrested over bank hack

John Leyden writes in The Register:

The data security chief at the Helsinki branch of financial services firm GE Money has been arrested on suspicion of conspiracy to steal €20,000 from the firm's online bank account. The 26 year-old allegedly copied passwords and e- banking software onto a laptop used by accomplices to siphon off money from an unnamed bank.

Investigators told local paper Helsingin Sanomat that the suspects wrongly believed that the use of an insecure wireless network in commission of the crime would mask their tracks. This failed when police identified the MAC address of the machine used to pull off the theft from a router and linked it to a GE Money laptop. Police say that stolen funds have been recovered. Four men have been arrested over the alleged theft with charges expected to follow within the next two months.

International travelers at airports delayed for hours due to worm

An AP newswire article, via CNN, reports that:

Travelers arriving in the United States from abroad were stuck in long lines at airports nationwide when a virus shut down a U.S. Customs computer system for several hours, officials said.

Homeland Security spokesman Russ Knocke said the virus impacted computer systems at a number of airports Thursday night, including those in New York, San Francisco, Miami, Los Angeles, Houston, Dallas and Laredo, Texas.

Knocke said customs agents immediately switched to manual inspections. He declined to provide details on where the computer virus originated.

The worst delays appeared to be at Miami International Airport, where as many as 2,000 people waited to clear immigration, airport spokesman Marc Henderson said. The passengers were not permitted to leave the area before then.

Also, there additional details in another AP article here.

Thursday, August 18, 2005

Iridium, Dutch Firm Team on Maritime Container Security System

W. David Gardner writes in TechWeb News:

A Dutch firm plans to use the Iridium Satellite system to monitor shipping containers remotely to reduce the threat of terrorists tampering with those containers.
ZOCA Container Security BV is preparing a trial with the U.S. Department of Homeland Security (DHS), said Jaap van den Hoek, ZOCA managing director.

ZOCA has developed a proprietary handheld-based system that communicates with Iridium’s 66-satellite network. The ZOCA system controls container security by locking and unlocking devices remotely.

The handheld device, about the size of a typical bar code scanner, plugs into a connection on containers and transmits a security code to a central computer at ZOCA’s global processing center. Once the security code and other coordinates are confirmed, permission is granted to open or close the container.

Internet Storm Center moves ThreatCon status to "Yellow"

Via the ISC Daily Handler's Diary page.

The Infocon status is now yellow, due to the MSDDS.DLL exploit now available. We moved to Yellow as we feel widespread malicious use of this vulnerability is imminent, and the workarounds shown here provide sufficient countermeasures to be applied quickly. We expect to move back to green by the end of the day or early tomorrow.


Google Releases Blogger for Microsoft Word

Deborah Rothberg writes in Microsoft Watch:

Users of the free web log service, Blogger, now can publish directly from inside Microsoft Word.

Google announced earlier this week the release of Blogger for Word, a free add-in, downloadable from the Web, that allows users of the Web log service Blogger to post directly to their sites from Microsoft Word.

Once the add-in is installed, three additional buttons appear on a user's Word toolbar: Publish, Open Post, and Save As Draft. These allow users to publish new posts directly from the text document, open and edit their last 15 posts in Word, and save posts without publishing them.

Microsoft investigates potential new IE flaw

This story follows up a 0-Day exploit which I mentioned here yesterday afternoon.

I should also point out that while Microsoft has not yet released a patch for it, the folks over at the Internet Storm Center have a nifty workaround fix.

Joris Evers writes in C|Net News:

Microsoft is investigating a report of a new, unpatched flaw in Internet Explorer that could expose users of the ubiquitous Web browser to attacks.

An attacker could craft a malicious Web site that takes advantage of the flaw and gain control over the PCs that visit the Web site, or an attacker could install malicious software on those systems, a representative of the French Security Incident Response Team said in an e-mail interview Wednesday. The organization rates the issue "critical," its most serious classification.

Exploit code for the flaw is available on the Internet, according to the French security research group. The availability of exploit code typically raises the risk to users because it could aid miscreants in setting up attacks.

Microsoft is investigating the report of the new IE flaw, a company representative said in a statement late Wednesday. The software maker is not aware of attacks that use the reported flaw, the representative said. After the investigation, Microsoft will take the appropriate action to protect users, which could include a security update, she said.

Domain Registrations Reach All-Time High Of 83.9 Million

Matthew Friedman writes in Networking Pipeline:

The Internet continues to expand, with domain registrations reaching an all time high of 83.9 million, according to VeriSign's Domain Name Industry Brief for the second quarter of 2005.

The domain name space experienced eight percent growth in the second quarter of this year, and an impressive 28% increase since the second quarter of 2004. According to VeriSign, price promotions and product bundling encouraged the registration of 8.1 million new domain names in the second quarter of 2005, a 16% increase in new domain name registrations over the first quarter and 63% rise over the previous year.

The .com and .net domains remain as popular as ever, growing seven percent in the last quarter to reach 44.2 million names, a 30% increase over the same quarter in 2004. New .com and .net registrations were up 4.2 million, 49% over the same period last year, and renewal rates reached an all-time high of 75%.

TSA Data Dump Leads to Lawsuit

This is a good time (again) to mention UnSecureFlight.com.

Kim Zetter writes in Wired News:

Following accusations last month that the Transportation Security Administration violated the Privacy Act in testing its new airline passenger-screening program, four individuals sued the agency Thursday.

They want the TSA to dig deeper for commercial data records it may have collected on each of them to test the Secure Flight program, and to hand over those records. The individuals also filed a motion to prevent the agency from destroying records before the lawsuit is resolved.

"Until the court has determined that they conducted an adequate search for my clients' documents, I think the document destruction should cease," said attorney Jim Harrison, who represents the four plaintiffs. He was referring to a recent TSA announcement that it was already destroying Secure Flight records.

Harrison filed the lawsuit in a federal district court in Anchorage, Alaska, where his clients reside.

Under the federal Privacy Act, government agencies that collect data on individuals must let them access the data and correct errors found in the records.

Germans hail Berners-Lee 'second-greatest' scientist

Lucy Sherriff writes in The Register:

Tim Berners-Lee has been named the second most important scientist of the 20th century by the organisers of Germany's Quadriga award, in recognition of the invention of the web. The organisers said only Einstein was more important.

Sir Tim, who was knighted in 2003 in recognition of his achievements, invented the web while he was working at CERN. He wanted to help the particle physicists collaborate on research even when they weren't all working in the same geographical area.

Arguably even more importantly, he made the protocols freely available to the world shortly after his invention, and his solution became the world wide web.

"Berners-Lee elected not to patent the World Wide Web for commercial reasons or his own personal profit but gave it away for all of us," Klaus Riebschlaeger, chairman of the organising committee told Reuters. "Free and available to all humanity, it became the network for knowledge linking the world."

Worms meet corporations in legal minefield

Charlie Demerjian brings up some rather important points in this article, and I urge anyone who is involved with a network that was hit with any of the worms/bots this week to not only read it, but absorb it, and understand the underlying implications.

Charlie Demerjian writes in The Inquirer:

I SPENT MOST OF Tuesday morning at a financial services provider, and the talk of the morning was all about a large financial services giant and the Zotob worm. Any guesses why? It was claimed that said large financial giant was another notch in the Zotob author's belt, and while they were not down per se, it cased problems, slow networks, and downed services.

Another day, another massive bot infection. When will these people learn trusted computing and Microsoft promissory press releases are not worth the paper they are printed on? And yes I know they are not on paper anymore. Here is when they'll learn, when someone notices that getting infected violates a whole bunch of laws, and that brings down the legal hammers on them.

What do I mean? Well, for this said large financial organisation, there are several new regulations that are now in force, but the one that I am specifically thinking of is SarbOx. If they were an HMO or hospital, they would have HIPPA to contend with too. These laws have some pretty onerous data access and authenticity requirements backed up by civil and criminal penalties. Several states like California also have laws on notification and reporting on top of these.

So, what's the problem? The large financial organisation just got potentially owned bad, it was infected by a bot carrying worm that allows outside access to the computers, the data carried within, and potentially the servers. Keyloggers? Maybe. Things riding on the back of Zotob? Maybe. I don't know, do you? Do you think the large financial organisation does either?

Google Files to Sell 14.2 Million Shares

An AP newswire article, via The Washington Post, reports that:

Google Inc. on Thursday said it has filed with the Securities and Exchange Commission to sell 14.2 million shares of class A common stock, an offering worth more than $4 billion at Wednesday's closing stock price.

Shares of Google, which have more than tripled since going public a year ago, closed Wednesday at $285.10 on the Nasdaq Stock Market, giving the offering an estimated value of $4.04 billion.

In pre-market trading, Google shares slipped $9.10, or 3.2 percent, to $276. The stock made its trading debut at $85 on Aug. 19 last year, and climbed as high as $317.80 in mid-July.

Click Fraud Claims Drive Lawsuits

Adam L. Penenberg writes in Wired News:

A few years ago, Diane Frerick and Kevin Steele, co-founders of Karaoke Star, a Phoenix-based karaoke equipment seller, were on their way to $3 million in annual revenue.

They owed much of their success to paid search advertising on Google and Yahoo Overture. By bidding anywhere from 40 cents to $3 for keywords revolving around karaoke (such as "karaoke player" or "karaoke song"), Frerick and Steele were able to generate $6,000 a day in sales from $2,000 in advertising, and were watching business grow at a brisk clip -- 35 percent a month compared with the year before. They dreamed of becoming the Home Depot of karaoke.

Then, in the summer of 2003, things came crashing down. Suddenly, the number of clicks on certain keywords jumped from 200 to 800, forcing Karaoke Star to burn through its advertising budget, but $2,000 in advertising yielded just $3,000 in sales. "Our orders went up thousands a day but our bills went up thousands a day," Frerick said. "The increased business cost more than it was worth."

Karaoke Star was a victim of click fraud, a web phenomenon that has been attracting increasing attention. In a way, it's like hordes of virtual ne'er-do-wells impersonating potential shoppers and generating a small fee every time they look at an advertisement. Over time, it can really add up. Karaoke Star estimates it lost close to $500,000 to click fraud. That led Frerick and Steele to plan legal action not just against the company they thought was trying to drive them out of business, but against Google and Overture. (Although all the parties have been served with papers stating Karaoke Star's intent to sue, the case has not yet been filed.)

Singapore cracks down on music file-sharing offenders

Nur Dianah Suhaimi writes for Reuters:

Three Internet users have been arrested in Singapore and charged with distributing digital music files in the city-state's first crackdown on illegal file sharing, Singapore police said on Thursday.

The three young men who were arrested, between the ages of 16 to 22, had shared more than 20,000 files in internet chatrooms.

It was the first time Singapore police have clamped down on web surfers who download pirated music and films since new copyright laws came into effect in January this year.

Under the amended Copyright Act, anyone who illegally downloads files on a "commercial scale" could face criminal charges, including five years in jail and fines of up to S$100,000.

Wednesday, August 17, 2005

Microsoft Ships Zotob Worm Removal Tool

Ryan Naraine writes in eWeek:

Microsoft Corp. late Wednesday shipped an update to its malware removal tool to detect and delete the fast-spreading "Zotob" worm family.

Microsoft typically updates the free utility once a month—on Patch Tuesday—but with at least a dozen "Zotob" variants squirming through unpatched Windows 2000 systems, the company added detections for 10 mutants to help with the cleanup process.

The new version of the Malicious Software Removal Tool will now zap the following worms: Zotob.A, Zotob.B, Zotob.C, Zotob.D, Zotob.E, Bobax.O, Esbot.A, Rbot.MA, Rbot.MB and Rbot.MC.

Canada: More firms hit by MS05-039 exploit/worm/bots

Via the Globe and Mail.

Among the companies hit were Canadian Imperial Bank of Commerce, BMO Nesbitt Burns Inc. and Bank of Nova Scotia. The attacks slowed Internet banking, but customers' security and personal information were never at risk, said Frank Switzer, a spokesman for Scotiabank. “We are back to normal today,” he added.

New N.Y. Law Targets Hidden Net LD Tolls

An AP newswire article by Michael Gormley, via Yahoo! News, reveals that:

A new law that's apparently the first in the nation threatens to penalize Internet service providers that fail to warn users that some dial-up numbers can ring up enormous long-distance phone bills even though they appear local.

A long distance call even within the same area code can cost 8 to 12 cents a minute, adding up to hundreds, even thousands of dollars a month.

Companies face fines of up to $500 for each offense, and consumers could pursue civil action claiming an unfair business practice.

The National Conference of State Legislatures said it knows of no similar law elsewhere.

Singapore's Internet Controls Shun Filters

An AP newswire article by Anick Jesdanun, via Yahoo! News, reports that:

Singapore maintains some of the world's tightest restrictions on free expression on the Internet, but unlike other regimes, it doesn't do it with technological filters. Instead Singapore controls the Web through an unusual mix of legal pressures and access restrictions, according to a new study from three universities.

Testing of 1,632 Web sites by the OpenNet Initiative found only eight blocked, mostly for pornography.

IETF forwards "Atom" as Proposed Standard

Lisa Vaas writes in eWeek:

Rising above the bickering of competing syndication format loyalists, the IETF on Wednesday approved the Atom 1.0 data format as a "proposed standard."

Atom is an alternative format to RSS for publishing an XML-based syndication feed.

Intel buys XML router company

"Think RSS." - ferg

Michael Singer writes in C|Net News:

Chipmaker Intel signaled that it's once again interested in selling communications equipment with its purchase on Wednesday of Sarvega, which makes network routers that use the XML standard to improve Internet traffic.

Terms of the deal were not disclosed, but Sarvega, based in Oakbrook Terrace, Ill., posted $7 million in revenue in 2003 and lists Intel as one of the supporters that contributed to Sarvega's $20 million venture capital fund.

The 5-year-old Sarvega has developed what it calls an "XML router," a device that can look at the content of a message using Extensible Markup Language and send it to the appropriate point on a network.

Industry analysts at ZapThink have projected that XML-based Internet and corporate network traffic will grow from 15 percent in 2004 to almost 50 percent in 2008.

User Friendly: "Crush our Enemies, Steve."

Via UserFriendly.org.



Click on image for enlargement.

Christian Science Monitor: Child porn rising on Web, prompting U.S. action

A Christian Science Monitor article by Ron Scherer, via USA Today, reports that:

Despite highly publicized arrests, law-enforcement officials say that the sexual exploitation of children on the Internet is growing dramatically.

Over the past four years, the number of reports of child pornography sites to the National Center for Missing & Exploited Children (NCMEC) has grown by almost 400%. Law-enforcement officials are particularly disturbed by the increased number of commercial sites that offer photos of exploited children in return for a credit-card number. Those fighting child porn say it has become a global multibillion-dollar industry.

Regulators Approve SBC Purchase of AT&T

An AP newswire article, via SFGate.com, reports that:

New Jersey regulators on Wednesday approved the acquisition of AT&T Corp. by SBC Communications Inc. after securing a pledge from SBC that it would keep several AT&T facilities in the state.

The New Jersey Board of Public Utilities also said it approved the merger after "a comprehensive analysis determined there would be a positive impact on competition, customer rates, service reliability and that there would be a better environment for job retention."

SBC agreed to keep AT&T's Network Operations Center and other facilities in New Jersey, the BPU said. Many of the AT&T facilities are at or near its headquarters in Bedminster.

The merger with San Antonio-based SBC met all statutory requirements, the BPU said.

Watch out for worm wars: Possible criminal activities as after-effect

Joris Evers writes in C|Net News:

The recent surge in worms could be part of an underground battle to hijack PCs for use in Net crimes, some security experts say--but others aren't convinced.

Signs of a turf war between cybercrooks lie in the behavior of the worms that have emerged since Sunday, said Mikko Hypponen, chief research officer at F-Secure, a Finnish security software company.

The dozen or so worms and variants all exploit a security hole in the plug-and-play feature in the Windows 2000 operating system. But some versions undo the effects of earlier worms, suggesting that the creators are battling to take over computers that others have already compromised, Hypponen said.

Okay, trade press being as it is....

Now, you can go read the rest of the article for yourself, but my opinion is that this is the prelude to a massive, and I mean massive, criminal effort to plant keyloggers (or other similar forms of malware) on pwn3d! computers, and perpetrate one of the largest collective ID and financial theft actitivities known thus far.

I don't mean to be an alarmist, but this has a preemptive smell to it, and I've been doing network security work for a long, long time. I hope I'm wrong.

As an example, in the initial establishment (initial MS05-039 infection vector) of zombified botnets I saw earlier this week, after the initial port 445 port scanning inside a particular prefix (a contiguous block of IP adresses) was completed, everything went pretty much quite. Of course, people fighting the fire would be lulled into a sense of satisfaction that they had pretty much neutralized the attack, but in reality, the zombie computers could have indeed been (at that point) downloading new malware onto the victimized host via commands from the C&C bot controller by IRC commands.

Actually, thinking of the depth and scope of this, it actually makes the hair on the back of my neck stand up...

Let's be careful out there....

0-day exploit: Microsoft Internet Explorer "Msdds.dll" Remote Code Execution Exploit

Via FrSIRT.

Advisory : FrSIRT/ADV-2005-1450
Rated as : Critical
http://www.frsirt.com/english/advisories/2005/1450

* Technical Description *

A critical vulnerability was identified in Microsoft Internet Explorer, which
could be exploited by remote attackers to execute arbitrary commands. This issue
is due to a memory corruption error when instantiating the "Msdds.dll"
object as an ActiveX control via its class identifier (CLSID), which could be
exploited by an attacker to take complete control of an affected system via a
specially crafted Web page.

This vulnerability has been confirmed with Microsoft Internet Explorer 6 SP2 on
Windows XP SP2 (fully patched).

* Exploits *

http://www.frsirt.com/exploits/20050817.IE-Msddsdll-0day.php

* Affected Products *

Microsoft Internet Explorer 6 SP1 on Microsoft Windows XP SP1
Microsoft Internet Explorer 6 for Microsoft Windows XP SP2
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 SP1
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 for
Itanium-based Systems
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 with SP1 for
Itanium-based Systems
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
Microsoft Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
Microsoft Internet Explorer 5.01 SP4 on Microsoft Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 2000 SP4

* Solution *

The FrSIRT is not aware of any official supplied patch for this issue.

* References *

http://www.frsirt.com/english/advisories/2005/1450
http://www.frsirt.com/exploits/20050817.IE-Msddsdll-0day.php

Exploit:
http://www.frsirt.com/exploits/20050817.IE-Msddsdll-0day.php


IT infrastructures could be battlefields of future wars

Patience Wait (C'mon--Is that her real name? - ferg) writes in GCN.com:

A professor from Auburn University has made the case that the United States may face a war in the future in which not a single shot is fired, but yet America loses.

There could be “pre-emptive achievement of military objectives strictly by information warfare techniques,” said John “Drew” Hamilton, associate professor of engineering and director of the Information Assurance Laboratory at the university.

Hamilton projected that such a conflict could take place by 2015—the time it would take to infiltrate computer development programs and insert malware into operating systems, applications software, firmware and hardware.

Acquisition trends in the military actually facilitate the possibility of such a scenario, Hamilton added. “You don’t expect the military to go to Home Depot to buy a [rocket launcher], but we expect them to go to Staples to buy software,” he said.

Worm Attacks Visa HQ in California

Via Red Herring.

After creeping through computer networks at some of the largest U.S. media organizations, a variant of the Zotob worm attacked hundreds of computers at Visa International’s headquarters in California, forcing some employees to head home Wednesday as technicians scrambled to sanitize its computers.

“Like a lot of businesses, we were impacted, too,” said Colin Baptie, a spokesperson for Visa. “We did apply the security patch and there has been no impact on our business.”

Visa declined to give any further details on the extent of the impact or why the operation in Foster City, California, was affected. Microsoft released a security patch for the worm on August 9, but it wasn’t clear what variant of the worm hit the Visa network.

Visa International is the world’s largest payment system, with more than 1 billion credit and other payment cards in circulation and 22,000 member banks. Visa was impacted by one of the six variants of the Zotob worm that has been in circulation since Sunday.

Saturn's rings have their own atmosphere

And now for something completely different.

Bjorn Carey writes over on Space.com:

New data from the Cassini spacecraft indicates that Saturn’s trademark rings have their own atmosphere, separate from the gas around the planet they encircle.

During close fly-bys of the rings, instruments on Cassini detected that the environment around the rings is atmosphere-like. More interestingly, though, is that the ring atmosphere is made up of molecular oxygen – two atoms of oxygen bonded together – like that found in Earth’s atmosphere.

The ice that makes up Saturn’s rings is also the source of the oxygen that makes up this atmosphere.

“As water comes off the rings, it is split by sunlight; the resulting hydrogen and atomic oxygen are then lost, leaving molecular oxygen,” said Cassini investigator Andrew Coates of the Mullard Space Science Laboratory at University College London.

EFF Weighs in on Computer Privacy Case in Washington

Thanks to a post over on Slashdot which pointed this out.

Via the EFF website.

Imagine if the law permitted the people who service your computer to share all the personal information on your hard drive with the police, without your consent and without a search warrant. A case on appeal to the Washington State Court of Appeals, State v. Westbrook, threatens to allow just that, turning your friendly neighborhood computer repair technician into a government informer.

Last week, the Electronic Frontier Foundation (EFF) filed a friend-of-the-court brief in support of the respondent, Robert Westbrook, arguing that citizens have a reasonable expectation of privacy in the contents of their computers, and that their Fourth Amendment rights don't disappear when a computer is delivered to a technician for servicing.

When Westbrook dropped off his personal computer at a Gateway Computer store for servicing, a technician saw private files on the computer that he thought might be illegal. Gateway called the police, who searched through personal files on Westbrook's hard drive looking for more evidence -- before ever getting a warrant. The trial court found, and EFF argues in its brief to the appeals court, that this violated Westbrook's Fourth Amendment rights.

"Customers who drop off their computers for servicing reasonably expect that their private data won't be handed over to the police without a warrant," said EFF Staff Attorney Kurt Opsahl. "Allowing computer technicians to snoop on people's private data is like putting surveillance cameras in dressing rooms. The violation of so many people's privacy far outweighs any benefits that might be gained. It would mean you couldn't use a personal computer for personal business."

EFF was assisted on the brief by criminal appeals specialist Suzanne Lee Elliott of Seattle, who served as local counsel.

.XXX Puzzle Pieces Start to Come Together: And the Picture is Ugly

Milton Mueller writes over on CircleID:

Americans who worried about governments somehow "running" the Internet through the United Nations failed to see the Trojan Horses that were rolled into ICANN's structure in 1998: the Governmental "Advisory" Committee and the special US Government powers over ICANN.

The attempt by the US Commerce Department to "recall" the delegation of .xxx to ICM Registry due to pressure from deluded right-wing groups in the US who think that it will add to pornography on the Internet is a major inflection point in the history of ICANN, and could represent the beginning of the end of its private sector/civil society based model of governance.

The issue is not only an assertion of censorship powers over top level domains, but the sudden assertion of authority through the GAC to overrule or veto decisions made by ICANN's own processes and its Board.

AOL Worker Who Stole E-Mail List Sentenced

An AP newswire article by Larry Neumeister, via Yahoo! News, reports that:

A former America Online software engineer was sentenced Wednesday to a year and three months in prison for stealing 92 million screen names and e-mail addresses and selling them to spammers who sent out up to 7 billion unsolicited e-mails.

"I know I've done something very wrong," a soft-spoken and teary eyed Jason Smathers told U.S. District Judge Alvin Hellerstein.

The judge credited the 25-year-old former Harpers Ferry, W. Va., resident for his contrition and efforts to help the government before he pleaded guilty to conspiracy charges. A plea deal had called for a sentence of at least a year and a half in prison.

In a letter from Smathers to the court that was read partially into the record by Assistant U.S. Attorney David Siegal, Smathers tried to explain the crimes that AOL has said cost the company at least $400,000 and possibly millions of dollars.

"Cyberspace is a new and strange place," Siegal said Smathers wrote. "I was good at navigating in that frontier and I became an outlaw."

Australia: Computer worms 'yet to take hold'

Via The Australian.

A COMPUTER virus targeting users of Microsoft's Windows 2000 operating system has not spread widely in Australia, a Melbourne IT expert said today.

RMIT University's information security programs leader, Dr Asha Rao, said the worm seemed to be taking many forms, including at least one which attacked executable files.

But Dr Rao said she did not believe the worm had spread widely in Australia.

"At this time, by most reports, the rate of infection is low. Whether this worm has affected many computers in Australia is not yet known, but it has not come up in discussions with my students," she said.

Another foreign radio station falls victim to "Great Wall" of the airwaves

Via Reporters sans Frontières.

Reacting to the recently-launched jamming of radio Sound-of-Hope, like Radio Free Asia and Voice of America before it, Reporters Without Borders today condemned China's latest advance in the construction of a "Great Wall of the airwaves."

"Beijing is stepping up its control of both the airwaves and the Internet," the press freedom organisation said. "Chinese radio listeners and Internet users only have a right to news and information controlled by the government."

Based in San Francisco, Sound-of-Hope broadcasts four hours a day of news and cultural programmes to China from transmitters outside of the country. Significant jamming has been noted in many Chinese cities including Dalian, Fuzhou and Xinjiang since June. At the behest of the National Security Bureau, Public Security Bureau and General Military Intelligence Sector II, its programmes are being drowned out by music or by the broadcasts of China's Central Radio Station. At best, listeners can catch the odd phrase. At worst, Sound-of-Hope can no longer be heard at all.

Similar jamming was already reported last October by the Voice of Tibet (based in Norway), the BBC World Service, Voice of America and Radio Free Asia. Thanks to transmitters, antennae and other equipment supplied by the French company Thalès, the government has been able to improve its jamming capabilities and can now effectively block shortwave broadcasts by foreign radio stations based in Europe and central Asia.

Daily gapingvoid.com fix...

Via gapingvoid.com. Enjoy!


Adware giant Direct Revenue interview with Newsweek

Brad Stone writes in his weekly Newsweek column "Plain Text":

Direct Revenue was once one of the least understood companies on the Internet. Like its rivals 180solutions and Claria Corp., its advertising software sat on millions of computers, spawning incessant pop-up ads to users who often had no idea how their computers ever caught the adware bug in the first place. But since a NEWSWEEK story about Direct Revenue in December 2004, the venture-backed New York City advertising startup has continued to make news—not all of it good. In early April, Chicago attorneys filed a class-action lawsuit against the company, alleging that its pop-ups damage computers. Later that month, the company’s new advertising client, “Aurora,” hit the Internet, sending another wave of annoyed Internet users to customer help bulletin boards on the Web looking for ways to remove the ad-spewing software from their infected PCs.

In May, Direct Revenue took a step to shake itself up. It hired a new CEO, Paris-born Jean-Philippe Maheu, who claimed to see a bright future for adware companies and said he intended to improve their visibility and relationship with Internet users. Maheu was in San Francisco this month, speaking to potential investors at the annual RBC Capital Markets Conference. When NEWSWEEK asked to interview the new CEO, a Direct Revenue representative at first declined, citing our unflattering earlier article. But soon afterward, Maheu got in touch himself and offered to meet for a coffee. “Things are changing very fast in the online advertising industry,” he says. “There is an opportunity to transform the company.” NEWSWEEK’s Silicon Valley correspondent, Brad Stone, spoke with Jean-Philippe Maheu.

Cisco Security Advisory: Cisco Clean Access Unauthenticated API Access

Via the Cisco website.

Summary:

Cisco Clean Access (CCA) is a software solution that can automatically detect, isolate, and clean infected or vulnerable devices that attempt to access your network.

CCA includes as part of the architecture an Application Program Interface (API). Lack of authentication while invoking API methods can allow an attacker to bypass security posture checking, change the assigned role for a user, disconnect users and can also lead to information disclosure on configured users.

Cisco has made free software patches available to address this vulnerability.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050817-cca.shtml.

Yahoo! Shoots Down VoIP Speculation

Jim Wagner writes over on internetnews.com:

Officials at Internet portal giant Yahoo are denying a report that it will launch a VoIP service in the next two weeks.

In a research report issued this week, Safa Rashtchy, an analyst with Piper Jaffray, said the Sunnyvale, Calif.-based company was likely to launch a service similar to the popular Skype application.

The analyst noted that such a service would "expand Yahoo's content footprint and further establish Yahoo's brand as a comprehensive provider of content, search and communication services," and likely run as both an advertising-based basic service and paid premium service.

That's not the case, Yahoo officials said.

U.S. Colleges Struggle to Combat Identity Theft

A Reuters newswire article, via eWeek, reports that:

Despite their image as leafy enclaves of higher learning shielded from the real world, universities across the United States are finding themselves on the front lines of the battle against identity theft.

With their huge databases, universities may rival financial institutions as attractive targets for the crime, estimated to affect over 9 million Americans a year at the total cost of more than $50 billion, experts said.

Nearly half of the publicized incidents of data breach since January occurred at universities, according to the San Diego-based Identity Theft Resource Center.

The focus on campus computer security comes as pending legislation in Congress seeks to address on a national level the growing problem of identity theft, in which criminals steal personal information so they can impersonate the victim to obtain credit and drain money from financial accounts.

T-Mobile International Set To Deploy High-Speed HSDPA

Via Mobile Pipeline.

T-Mobile International will work with Nokia to deploy high-speed HSDPA 3G service in German, the Netherlands and the United Kingdom, the companies announced Wednesday.

HSDPA is an add-on to UMTS, a version of 3G deployed by GSM cellular operators. HSDPA boosts typical cellular data speeds to more than 1 Mbps with theoretical and burst speeds many times that level. In the U.S., Cingular has said it will deploy HSDPA in the 2007 timeframe.

Nokia said that T-Mobile will first deploy HSDPA in Germany in 2006 and will deploy the technology in the Netherlands and the United Kingdom afterward.

While T-Mobile is advancing 3G service in Europe, T-Mobile USA, which also is a part of the larger Deutsche Telekom, has divulged any plans for 3G deployment.

F-Secure: Major botwar increases in scale and force

Via the F-Secure website.


Growing infection rates from worm variants based on three virus families: Zotob, Bozori and Ircbot are putting large organizations on the alert around the world.

Helsinki, Finland - August 17, 2005

On Tuesday the 9th of August, Microsoft released the monthly security patches for Windows. This included several critical patches, with one closing a vulnerability in Microsoft’s Plug-and-Play service (MS05-039).

On Wednesday the 10th of August, a Russian individual who goes by the name ‘Houseofdabus’ released working exploit code that could be used to take over Windows 2000 machines with the Plug-and-Play vulnerability.

On Sunday the 14th of August, the Zotob.A worm was found. An unknown party had incorporated the Houseofdabus exploit code to a worm that would spread automatically over the Internet. A very similar development happened in May 2004, when virus writer, Sven Jaschan incorporated Houseofdabus’ LSASS exploit code into his infamous Sasser worm.

By Wednesday the 17th of August, F-Secure has found nine more malware using the same exploit code to spread, including variants of the Ircbot, SDBot and Bozori families.

Together, these continue to infect Windows 2000 computers which have either failed to be patched or has not been rebooted after patch installation, and are not protected by a firewall.

Infections continue to be reported from large organizations, especially from the USA. In these, infection has most likely originated from infected laptops carried inside an organization’s perimeter firewall.

These new Plug-and-play worms only infect Windows 2000 machines that are not protected by a firewall. This worm replicates by scanning machines at port 445/TCP and, when a victim is found, uses the exploit code to download the main virus file via ftp. At this point it sets up an ftp server on the infected machine and starts scanning for more targets continuing its spread. “We seem to have a botwar on our hands. There appears to be three different virus writing gangs turning out new worms at an alarming rate – as if they would be competing who would build the biggest network of infected machines,” comments Mikko Hypponen, Chief Research Officer at F-Secure. “The latest variants of Bozori even remove competing viruses like Zotob from the machines!”

Qualcomm acquires UK software company for $57 million

Via the EE Times.

Wireless technology company Qualcomm Inc. has acquired Elata, a mobile content delivery software supplier based in the United Kingdom, for $57 million.

Qualcomm (San Diego) expects to combine Elata’s wireless content delivery system, with its BREW solution to give operators access to an extensive and modular offering of wireless data solutions and services. The unified delivery system will enable operators with existing wireless data solutions to improve and expand upon management, delivery and marketing of wireless content, while maintaining backwards compatibility with their current devices through open standards interfaces.

According to the companies, the unified delivery system is platform-agnostic, allowing operators to consolidate all of their content services with support for all device platforms. A broad array of content can be unified and managed, including ringtones, wallpapers, and Brew, Java, streaming and OMA-compliant content-- for the full range of feature phones and smartphones on operators' WCDMA networks.

Update: F-Secure: This is not a viruswar, this is a botwar!

Mikko writes over on the F-Secure "News from the Lab" Blog:




Here is a status update on the malware using the Plug-and-Play vulnerability (MS05-039).

For the last four days we got 11 different samples of malware using this vulnerability. Currently there are three Zotob variants (.A, .B and .C), one Rbot (.ADB), one Sdbot (.YN), one CodBot, three IRCbots (.ES, .ET and .EX) and two variants of Bozori (.A, .B).

Variants from both IRCBot and Bozori families are deleting competing PnP bots.

It seems there are two groups that are fighting: IRCBot and Bozori vs Zotobs and the other Bots.

See our high-tech illustration for details [above].

Update: Apparently, Reuters was quick to pick up on this story:

Computer worms that have brought down systems around the world in recent days are starting to attack each other, Finnish software security firm F-Secure said on Wednesday.

We seem to have a botwar on our hands," said Mikko Hypponen, chief research officer at F-Secure.

"There appear to be three different virus-writing gangs turning out new worms at an alarming rate, as if they were competing to build the biggest network of infected machines."

Hypponen said in a statement that varieties of three worms -- "Zotob," "Bozori" and "IRCbot" -- were still exploiting a gap in Microsoft Corp.'s Windows 2000 operating system on computers that had not had the flaw repaired and were not shielded by firewalls.

"The latest variants of Bozori even remove competing viruses like Zotob from the infected machines," Hypponen said in a statement on the company's Web site.


San Diego County "brought to it's knees" by worm....

Daniel J. Chacón writes in SignOnSanDiego.com:

An Internet worm that crashed computer systems nationwide wreaked havoc on the county government's network yesterday, shutting down 12,000 desktops and forcing thousands of employees to work the old-fashioned way: manually.

"We're looking at one another and wondering what the heck we used to do before we became so computer dependent," county Supervisor Ron Roberts said.

The worm, which affects Microsoft's Windows 2000 operating system, started to infect county computers at 11 a.m. and prompted officials to disconnect the entire system, county spokesman Michael Workman said.

"At this point, there's been no compromise of data, no compromise of records, but to deal with the problem, you have to shut down," he said.

About 200 people were working overnight installing patches on 3,000 of the "most critical" computers so they would be up by today, he said.

Why such success with a worm targeted at specific vulnerabilities in Win2k?

I'll tell you why -- the answer is spelled out (correctly) in an article written by Ina Fried in a June 28th, 2005, C|Net News article entitled "Windows 2000 moves to the back burner", which discussed Microsoft's end-of-life support for the OS platform.

Here are a couple of key excerpts:

Microsoft on Tuesday issued what is expected to be its last significant revision of Windows 2000.

The software maker released what it calls an Update Rollup for the 5-year-old operating system, which is due to shift at the end of this month from receiving mainstream support to extended support. Microsoft does not generally add features to a product under extended support, and the Update Rollup is largely a collection of previously released patches as opposed to a batch of new features.

In addition to already released fixes, the collection "may contain fixes for non-public low- and moderate-level security issues that did not warrant individual security bulletins," a Microsoft representative said.

...and:

Although Windows 2000 has been followed by several other Windows versions, the software remains extremely popular in corporations and small businesses. It still accounts for nearly half of all Windows-based business desktops, according to a recent survey by AssetMetrix.


So there you have it -- there's still a LOT of Windows 2000 out there...

Nominet: UK's internet industry 'thriving'

Via the BBC.

The .uk domain name business is thriving, according to a report by Nominet, the body which manages and oversees .uk domain name registrations.

More than 150 web addresses ending in .uk are created every hour, daily.

Separate research for Nominet also showed that almost half of web users, 47%, are more confident dealing online with companies that have a UK presence.

Nominet said that the rapid rise in take-up of broadband net had boosted the number of registered .uk sites.

San Francisco Moves Forward on Wi-Fi Plan

Lisa Leff writes in The Washington Post:

The city of San Francisco wants ideas for making the entire 49-square mile city a free _ or at least cheap _ Wi-Fi zone.

Taking a step toward bridging the so-called digital divide between the tech-savvy and people who can't afford computers, the city government on Tuesday issued guidelines for a plan to "ensure universal, affordable wireless broadband access for all San Franciscans."

The invitation, extended to nonprofit groups and businesses that could eventually bid on the project, puts San Francisco among a handful of major U.S. cities tackling the technological and political challenges of offering Internet service to its residents on such a wide scale.

San Francisco Mayor Gavin Newsom said the city is soliciting ideas for an ambitious system that would put Wi-Fi in the hands of people whether they are working in a high-rise office tower, riding on a cable car or living in a low-income housing project.

Australia: Telstra to be split

Thanks to a post over on Slashdot which alerted me to this item.

Michael Sainsbury writes in Australian IT News:

TELSTRA will be split in two in an effort to boost competition in the $30 billion telecommunications industry as part of a package of reforms ahead of its full privatisation.

The package, believed to have been approved by cabinet last night, will force a furious Telstra to create distinct network and retail divisions, with separate premises and management but under the same company structure.

If the measures are passed by the Coalition partyroom as early as today, legislation to sell Telstra could go before parliament next month.

That would allow the Government to sell its 51.8per cent stake in Telstra before the end of next year.

The concept of splitting Telstra into separate divisions - so-called operational separation - has been promoted as a means of reducing Telstra's dominance since deregulation of the telecoms market started in the mid-1990s.

Tuesday, August 16, 2005

Dell's Customer Satisfaction Drops, Survey Shows

Deborah Rothberg writes in eWeek:

Released today, the latest University of Michigan ACSI (American Customer Satisfaction Index) found that while overall customer satisfaction ratings within the PC industry are unchanged from a year ago, Dell suffered a sharp drop in customer satisfaction, and top-ranked Apple maintained its position.

Dell Inc., of Round Rock, Texas, which a few years ago had been ranked tops in the survey garnering a score of 80 points in 2000, slipped this year, from 79 percent to 74 percent.

The survey showed customer service from the company, and not its products, as respondents' primary area of complaint.