We support Microsoft .NET Framework 2.0 & 1.1, all versions of Access, SQL 2000, SQL 7.0, SQL 2005 Express, SOAP, FrontPage 2002, 2003, Visual Studio 2005, Index Server, XML, UDDI, & Mobile device support. We also offer great third party tools like SmarterMail, Merak Mail, SmarterStats, PHP, Perl, MySql, DeepMetrix Livestats XSP 8.0.   We support Microsoft .NET Framework 2.0 & 1.1, all versions of Access, SQL 2000, SQL 7.0, SQL 2005 Express, SOAP, FrontPage 2002, 2003, Visual Studio 2005, Index Server, XML, UDDI, & Mobile device support. We also offer great third party tools like SmarterMail, Merak Mail, SmarterStats, PHP, Perl, MySql, DeepMetrix Livestats XSP 8.0.
 Monday, July 25, 2005

The Pew Internet & American Life Project survey quizzed online users about their familiarity with Internet buzzwords such as spam, firewall and Internet cookies. The results reflect how many of those terms have worked their way into mainstream consciousness. It appears a few of the latest Internet trends still have a long way to go:

• Only 9 percent of respondents said they had a "good idea'' of the definition of RSS feeds, which lets people who enjoy reading blogs, or online diaries, subscribe and receive the latest post as soon as it is published.

• About 13 percent knew the term podcasting, or programs such as radio shows that are broadcast through the Internet and downloaded onto digital-music players, most commonly the Apple iPod.

• And 29 percent were familiar with Internet phishing, which occurs when unsolicited e-mails pretend to come from a business or a trustworthy person -- such as a missive that purports to be from your bank -- and try to get the users' personal data.

7/25/2005 10:41:15 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 
 Sunday, July 24, 2005

Rick Samona shows enhancements to Visual Studio 2005 that help make applications more secure. Learn fundamental design principles for building secure apps. See how FxCop and Code Access Security help create more secure managed code apps, while PREfast and the /GS switch help secure native code apps.


Dev
7/24/2005 8:33:33 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

Microsoft Corp. has announced the official name for its upcoming operating system, previously known under the code name Longhorn. The operating system, now due out in 2006, will be called Windows Vista, with the tag line "Bringing clarity to your world."

The software company also revealed that Beta 1 of Windows Vista will be available to developers and IT professionals in less than two weeks, by Aug. 3.

The first beta will include only some of Vista's promised functionality, such as virtual folders and a new desktop search engine, but will not include much of the graphical user interface (GUI) enhancements of the finished product, said Greg Sullivan, a group product manager with Windows Client for Microsoft.

Those features will be available in beta 2, Sullivan said. He did not disclose a time frame for that release, saying that depends on the feedback Microsoft receives about beta 1.

Microsoft is also widely expected to release more Vista bits to developers at its Professional Developers Conference (PDC) in Los Angeles in mid-September, but Sullivan said that has not been decided on yet. "There will certainly be more disclosure on features that will be added post beta 1 [at the PDC]," he said.

Microsoft first disclosed the official name for the next version of Windows yesterday at its annual sales meeting, Microsoft Global Business (MGB), in a presentation by Brian Valentine, senior vice president of the Windows Core Operating System Division. The company made the name change public in a Webcast today.

Microsoft has part of its Web site set up for Vista at http://www.microsoft.com/windowsvista/

7/24/2005 8:17:10 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 
 Friday, July 22, 2005

The Web services technology enables cross-platform integration by using HTTP, XML and SOAP for communication thereby enabling true business-to-business application integrations across firewalls. Because Web services rely on industry standards to expose application functionality on the Internet, they are independent of programming language, platform and device.

Remoting is .a technology that allows programs and software components to interact across application domains, processes, and machine boundaries. This enables your applications to take advantage of remote resources in a networked environment.

Both Web services and remoting support developing distributed applications and application integration, but you need to consider how they differ before choosing one implementation over the other. In this article, I will show the differences between these two technologies. I will present samples for each type of implementation and identify when to use which technology.

Full Article here

Dev
7/22/2005 8:31:48 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 
RSS feeds can significantly increase website traffic take a look at the graph to see the significant impact RSS feeds can have on website traffic.

Create, Edit and Publish RSS Feeds with Software

Existing RSS feeds can be repaired and enhanced with FeedForAll.

RSS feeds generated by other means can be automatically repaired, so that they conform to the RSS 2.0 specification.
 
Existing feeds can be enhanced to contain advanced feed properties, and give them a more professional look.

Day to day feed maintenance can be handled simply.
Feeds can be exported to HTML, CSV or text files.

FeedForAll
7/22/2005 8:08:55 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

Cut Through Outlook Email Overload and Turbocharge Your Email Efficiency

An Essential Collection of Outlook Add-ins 15 indispensable Outlook Add-ins that cut through email overload and make Outlook work the way you want it to work. Increase your email efficiency, take control of your contacts and stay on top of your calendar. You Perform is a collection of 15 essential add-ins that integrate directly into Microsoft Outlook to make using Microsoft Outlook better, faster and easier. You Perform enhances and expands the capabilities of Outlook so your email, contact manager and calendar work harder and smarter, just like you.

Learn more Buy NOW!

7/22/2005 7:06:26 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 
 Tuesday, July 19, 2005

A startup security firm is taking the fight to spammers by enlisting end users to create what's called a Do-Not-Intrude registry whose purpose is to make it too painful for junk mailers to operate.

If a spammer sends you spam, you have a right to complain, said Eran Reshef, the chief executive of Menlo Park, Calif.-based Blue Security. If they send you one spam, you complain one time. If they send you a thousand spams, you can complain a thousand times.

It's the volume on which spam operates and Blue Security's plan hinges.

Starting Monday, users can download Blue Security's Blue Frog client and sign up with the Do-Not-Intrude registry. Once the software's installed, users can register up to three e-mail addresses to monitor for spam. Blue Security, however, watches not only those addresses but up to a dozen accounts it sets up for that act as additional "honeypots," or accounts designed to attract spam.

Blue Security analyzes the messages it receives from the users' accounts (as well as all others who sign up), then follows the links inside the spam to (hopefully) the originating site where, for instance, products or services pitched by the junk mail are sold. There, forms are identified that accept text -- an order form, perhaps, or a customer service form -- and its fields are automatically filled with a message demanding that the e-mail account's address be removed from the spammer's list.

"I kindly ask that you cease sending me or other registered users spam," the message reads.

The idea, said Reshef, is to punish the spammer for his actions. Although the scheme doesn't generate mail to the spammer -- spam for spam, so to speak -- the volume of Web traffic should be enough to cripple the spammer's Web site.

"The sheer amount of complaints going to the spammer's site is going to make it hard [for that site] to do anything else, said Reshef.

Spam is analyzed by Blue Security staff, said Reshef, who investigate the spam, verify that it violates the federal CAN-SPAM Act, trace the message to a Web site, and pinpoint a form on the site that can be used to complain. The Blue Frog handles everything else for the end-user.

The opt-out complaints are synchronized, so that all users whose accounts are monitored file simultaneously.

Although Reshef repeatedly said that the practice was not illegal, the end result is very close to a denial-of-service attack, in which a collection of computers simultaneously try to access a Web server with the intention of bringing it down under the sheet volume of traffic.

Reshef aggressively defended the concept and rejected the idea that it was a DoS in disguise. "We have a right to complain," he said. "The spammers have the right to send us spam, and we cant say anything? No, thats not right.

"Were not creating any harm. Were not trying to shut down any Web sites. But we have the right to complain, one for one," he added.

Other fight-back tactics against spammers have failed in the past. Last year, Lycos Europe rolled out a screensaver that conducted DoS attacks against known spammers. Within days, however, Lycos buckled under pressure from security groups -- which called it vigilantism -- and ISPs, who worried that attacks originating from their members would make them liable to legal action on the part of spammers.

"Our effort is completely different from what Lycos did," said Reshef. "Lycos used a hit list of spammers. We're only responding to actual spam. And each user is responding only to the spam he or she received."

Some may see it as a difference in semantics. But Reshef sees it as effective.

"We've already seen it work," he said. "The spammers don't like what we're doing, and some of them during our tests tried to modify their site on the fly to keep out complaints." Two other sites that he declined to name, he said, have agreed to stop sending spam to the real and honeypot accounts.

"We need a critical mass of users for this to work," Reshef acknowledged. "If enough people abandon the idea of passively filtering spam and realize that unrelenting action is required, we can together stand up for our online rights."

Once its built up a sufficient community of users to ding spammers' Web sites, Blue Security plans to offer the service to enterprises for a fee.

The Blue Frog client can be downloaded free of charge from the Blue Security Web site.

7/19/2005 1:39:11 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

An email worm is recruiting computers for a coordinated attack on antivirus vendor Symantec's website.

Since Friday, 7-15-2005 email filtering vendor MessageLabs has intercepted 13,717 copies of the worm, dubbed Breatel.A-mm, and has issued a medium-level warning.

The worm travels as an email attachment, under the subject lines: "Message could not be delivered", "Error", or "Mail Delivery System".

If the attached file is opened, the computer connects to a botnet — a network of thousands of hacker-controlled computers used for illegal activity – and begins to send data to the Symantec website in the hope of crashing it.

According to antivirus company F-Secure, the worm attachment contains a message to Symantec that says: "easy to talk but hard to work :)  what about working in symantec? :P  it is not only a mass mail worm it is also a lsass worm :)"

A Symantec spokesman said that the company's infrastructure was built to withstand such attacks.

The first copy of the worm was sent from Northern Ireland, MessageLabs said.

7/19/2005 1:10:32 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 
EFF: Fighting for Bloggers' Rights

If you're a blogger, this website is for you.

EFF's goal is to give you a basic roadmap to the legal issues you may confront as a blogger, to let you know you have rights, and to encourage you to blog freely with the knowledge that your legitimate speech is protected.

To that end, we have created the Legal Guide for Bloggers, a collection of blogger-specific FAQs addressing everything from fair use to defamation law to workplace whistle-blowing.

We also invite you to join us on July 19th for our BayFF gathering to talk about bloggers' rights.

7/19/2005 12:54:33 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

While Distribution is not high, Damage Level is Extremely High.

We have written many articles on the subject of key loggers. We view these as one of the highest possible threats as hackers are looking over your shoulder so to speak. You typically have to go through alot to remove or detect them. Unlike a virus these keyloggers make your machine one of the most dangerous places to store your confidental information.

We as computer users find every country in the world seems unwilling to react to the threat these little applications pose. The facts are you could be being watched right now without your knowledge. People think the internet is safe. However, opening attachments and browsing the web at a cyber cafe, or WIFI network, or even doing a web search, may make you the target of the type of people who look at you as nothing more than a mark.

We want to warn that just doing a search of keyloggers on the web can start the process of stealing your identity. This is a very spooky thing indeed. Personally one would think that any web site that would be allowed to inject such a thing in your computer without your knowledge should be shut down and all the people rounded up and taken off to prison.

We should all demand that any web site indexed by all search engines which does any type of popup request be dropped at once from the search engines index list. This action would not allow indexing of this domain again for 90 days. Yes this would be rude we admit. Over night we would cut the internet risks. After all the majority of proper business people do not or should not be using popups and people of course should have their machines configured so that these things do not insert without your knowledge. Honestly though it is a case where people who are ignorant of these things are the prime targets.

We also know from a technical stand point requesting that a search engine like Google, Yahoo, or MSN to do this with their spiders is asking alot. Let me say it a different way then. If you do it you will have the winning search engine on the web. Money is the driving force for the web having the safest search sounds like a winner. Any search engine which says it is technically too difficult would not be used and will die on the vine. "Safe Searching" what a concept. No Police Force seems to have a clue. So what about the white hats are you all just overwhelmed with defense?

The internet was designed and built by basically honest people. It is type of mindset that seems to have given criminals a place to pray on others. If something is not done honestly the numbers of people who ran to the web and its technology will simply leave. After all there was life before the web. Not changing will simply make people avoid it again saying we are not smarter than the bad guys. We are sure everyone could just blame Microsoft for all the worlds problems and move away. However this is a bigger issue than that.

Removal Instuctions for this

7/19/2005 10:34:24 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

Extremely High Distribution

Yet another of the family of Mytob worms. Removal tool gives a list of these viruses which it will remove.

We have given this a Very high threat level since are seeing large numbers of these trying to transit our mail servers.

W32.Mytob@mm is a mass-mailing worm that opens a back door and lowers security settings on the compromised computer.

Also Known As: Net-Worm.Win32.Mytob.bi [Kaspersky Lab], W32/Mytob.gen@MM [McAfee], WORM_MYTOB.FH [Trend Micro]
 
Type: Worm
Infection Length: 45,320 bytes.
 
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
7/19/2005 9:52:02 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 
 Sunday, July 17, 2005

In the past week I personally experienced a case where a bit of anti-spyware I had running on my machine lost its database. As a result of that, it decided to go about editing all my registry key values. Oh boy! Every time it said it would edit this value I told it no do not do that. Well this is a very "smart application", which smart application only means it thinks it is protecting you. NOT! Since this happened to me, I figured it has and could happen to other people.

In my case the anti-spy ware actually removed all the file association attributes in the system. Though it was not so bad as to prevent me from rebooting the machine. Every icon on the machine had no way of knowing where it was pointing. It was pretty bad, it did not even know where notepad was or how to open it. Every bit of third party software in my machine had no way of knowing where it was or how to get at it. One could sit there for days resetting the paths but sorry life is too short for that.

Without a backup people would be facing a catastrophic event. With a backup you would simply restore the system state from the last back up and be no big deal at all. Doing a repair did not help really, as the repair made the same mess we had. Boot to last known good did not work either as it too was toast.

We are constantly told by clients and users that they have no idea how to do a proper backup of their machine. It is hard to understand why people do not understand this. We will now go through the complete process with screen shots. It simply makes no sense to have a machine and not have any proper backups.

Windows Backup Made Simple!

7/17/2005 7:07:33 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 
 Thursday, July 14, 2005

The speed of Mac OS X running on Intel hardware is impressing some developers who've been privy to one of Apple's first Intel-based developer transition systems.

The systems started shipping to Mac OS X developers three weeks ago, each equipped with a 3.6 GHz Intel Pentium 4 processor with 2 MB L2 Cache, 800MHz front-side bus, 1GB of 533MHz DDR2 Dual Channel SDRAM, and an Intel Graphics Media Accelerator 900.

Developers are renting the $999 hardware from Apple for a period of 18 months in order to get a head start in porting their applications to run on the Intel version of Mac OS X.

"It's fast," said one developer source of Mac OS X running on Intel's Pentium processors. "Faster than [Mac OS X] on my Dual 2GHz Power Mac G5." In addition to booting Windows XP at blazing speeds, the included version of Mac OS X for Intel takes "as little as 10 seconds" to boot to the Desktop from when the Apple logo first displays on screen.

Included with the Mac OS X for Intel distribution is an Applications folder stocked with a mixture of PowerPC and Intel-native applications. Applications that are compiled only for PowerPC processors are of filetype "Application (PowerPC)" whereas Intel-native binaries are labeled of standard type "Application".

Developers sources say the early version of Rosetta, a dynamic binary translator that is designed to run unaltered PowerPC applications on Intel Macs, is also impressive. "Rosetta is completely 100 percent seamless and nothing like the Classic environment used to run older Mac OS 8 and 9 applications under Mac OS X," one source told AppleInsider.
Full Article

7/14/2005 6:57:14 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 
 Saturday, July 09, 2005
 

 

Stylus Studio® 6 XML Enterprise Edition, Release 3 is an advanced XML Integrated Development Environment (XML IDE). Stylus Studio® 6 adds powerful new features, again pushing the innovation envelope that helped establish Stylus Studio as the premier XML IDE. Stylus Studio's best-in-class features for working with XML, XQuery, XSLT, XML Schema/DTD, XPath, SQL/XML, XHTML, and Web services set a new benchmark for XML productivity. Download a free 30-day evaluation copy today!

7/9/2005 3:10:22 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

Microsoft's rationale for changing the default recommendation of four Claria applications -- Dashbar, Gator, PrecisionTime, and Weatherscope -- saying that published criteria for defining spyware and adware required it to review how AntiSpyware treated the quartet.

"We decided that adjustments should be made to the classification of Claria software in order to be fair and consistent with how Windows AntiSpyware (Beta) handles similar software from other vendors," the letter continued.

Also late Friday, a Microsoft spokesperson acknowledged that after Microsoft acquired Giant Company Software, the developer of what became AntiSpyware, but before publishing its adware/spyware criteria, the Redmond, Wash.-based company "received lots of vendor disputes."

"A few of these came from Claria," the spokesperson said.

Some anti-spyware vendors have similar policies in place for settling disputes with adware vendors. Computer Associates, for instance, which markets Pest Patrol, used such a policy in late March to re-evaluate Claria's adware, and found it met its requirements for detection.

"After review, Microsoft found that Claria['s adware products] still needed to be detected, but decided to make changes in the recommendations made to the users. It did this to be fair, to treat Claria the same way it treated other software vendors," the spokesperson said.

Before March 1, Microsoft AntiSpyware recommended "Quarantine" for the four Claria adware programs, which essentially removed them from the PC. After March 1, Microsoft's software recommended "Ignore," which if followed by the user leaves the adware in place.

7/9/2005 1:44:06 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

What is it? A small, self-replicating application— most often created by a vandal rather than a corporate spy—that infects a host computer and then copies itself to every other computer attached to the host. Most network worms can saturate a network in hours or days because they grow logarithmically—every infected computer represents not one but an array of other possible victims, so that 10 infections become 100, which become 1,000, which become 10,000, and so on.

Isn't this just a regular worm? Yes, but there is more than one meaning for "regular."E-mail worms and viruses are designed to spread by using the e-mail system itself as a carrier. A network worm is more insidious. It might arrive via e-mail, but could also slip in attached to files in a portable hard drive, a flash-memory stick, a PDA or, increasingly, a cell phone.

Why the distinction? Because it's possible to screen out most, if not all, e-mail worms and viruses using virus scanners at the firewall or on the e-mail servers. But network worms can come in via pathways that become more numerous with every advance in mobile computing, wireless networks and smart phones. Many companies aren't sufficiently aggressive about virus screening inside the firewall. So network worms not only have more ways to get into a corporate network, but once they're in, they're more likely to be free to operate uninterrupted.

How does a network worm attack? Most simply copy themselves to every computer with which the host computer can share data. Most Windows networks allow machines within defined subgroups to exchange data freely, making it easier for a worm to propagate itself. Some worms can also lodge in the startup folder of a networked computer, launch when that computer is restarted and reinfect a network that may have already been cleaned out. A worm that lodges in a server can infect every user who logs on to that server.

Full Article here:

7/9/2005 1:36:19 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 
 Friday, July 08, 2005

We are often overwhelmed by the number of people who say they do not know how to zip and have windows XP. This is so simple and requires no software out of the box to do this. In the screen shot example I have selected the files and they will be compressed to their own folder in the root folder space. You could also compress the entire folder in this example the root folder on the left would be Merak. So compressing folders or files is quite simple.

If you are on windows 98, ME, or 2000 these have no zip functions build into the OS. Here is a download for a free utility that will offer the same features.  Get it here. Though if you have to be told this one would question a need for more powerful tools Like Win Rar or Win Zip which will allow you to backup and zip protect files on your system running a bat file. We have offered the links to our personal favorites anyway.

7/8/2005 9:10:17 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

A highly critical vulnerability has been found in XML-Remote Procedure Call (define), which impacts many open source applications that use the vital software component. The flaw could allow an attacker to take control of a vulnerable Web server.

Open source projects and Linux vendors alike have issued advisories and updates and the SANS Internet Storm Center has warned that the flaw could trigger an epidemic.

XML-RPC is set of implementations based on a specification originally drafted by Dave Winer, who's credited with creating RSS (define). XML-RPC is a cross-platform spec that allows for software to make procedure calls using XML for encoding and HTTP for transport.

The vulnerability has been found in PHP (define) implementations of XML-RPC from both the PHPXMLRPC and PEAR (The PHP Extension and Application Repository download sites, which are included in "dozens" of applications written in PHP, according to the advisory.

The XML-RPC implementations are at a "very high risk" from the PHP code execution vulnerability according to security firm GulfTech Research, which reported the flaw late last week.

GulfTech Research said "the vulnerability is the result of unsanatized data being passed directly into an eval() call in the parseRequest() function of the XMLRPC server."

GulfTech's advisory goes on to note that can attacker could easily execute exploit PHP code on the target server by creating an XML file that includes single quotes in order to escape into the eval() call.

PEAR and PHPXMLRPC have issued updates to fix the issue. Various blog, Wikis and Content Management Systems (CMS) that utilize the XML-RPC libraries have issued advisories to their users to update as well. Among the many affected programs are Serendipity, phpAdsNew, phpWiki, PostNuke, WordPress, Drupal, phpMyFAQ, b2evolution, TikiWiki. phpGroupWare and BLOG:CMS.

Among Linux vendors, Gentoo and Mandriva issued advisories on the issue.

Over the weekend, the SANS Internet Storm Center warned that the XML-RPC flaw combined with the unpatched Microsoft IE flaw could lead to an Internet "storm".

7/8/2005 7:58:00 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 
More that 90 percent of Internet users in the United States have altered their online behavior significantly to counter the threat of spyware programs, according to a study released by the Pew Internet & American Life Project.

The Pew report (PDF file), written by associate director Susannah Fox, highlights the increased awareness of privacy and other threats presented by adware and spyware programs.

Overall, the project's survey found that nine out of 10 of Internet users have made at least one change in their online behavior to avoid unwanted software programs.

These behavior changes include not opening e-mail attachments unless they are sure these documents are safe or not visiting specific Web sites that they fear might deposit unwanted programs on their computers.

Full Article Here

7/8/2005 7:32:36 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

Microsoft has provided advance notice that three "critical" security bulletins will be released in this month's patch batch.

The bulletins will include patches for flaws in Microsoft Corp.'s flagship Windows operating system and the Microsoft Office desktop productivity suite.

As is customary, the software giant isn't providing any details until July 12, when the bulletins are posted.

The three updates represent a relatively small batch of patches, coming on the heels of last month's barrage when Microsoft shipped 10 bulletins, including a "critical" update for the Internet Explorer browser.

This time around, security researchers are expecting another cumulative IE patch to address a known code execution flaw in the widely deployed browser.

Over the last week, Microsoft has been providing pre-patch workarounds and mitigation guidance alongside warnings that potentially destructive exploit code has been posted on the Internet.

Microsoft typically includes IE patches under the Windows umbrella in its Security Bulletin Advance Notice mechanism. However, because IE patches require extensive testing, there have been long delays in the past to get a cumulative browser update out the door.

"When they're motivated to fix things quickly, they can," he added.

eEye maintains a list of unpatched security vulnerabilities and the time that has elapsed since the bug was first reported to the company. According to Maiffret, there are four Microsoft flaws that have not been addressed, including one that is 40 days overdue.

Microsoft is also expected to release an updated version of its malicious software removal tool to add detection for new worms, Trojans and virus variants.

The company will also push out a non-security, high-priority update for Microsoft Office.

7/8/2005 7:25:07 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 
 Thursday, July 07, 2005

A study released yesterday found that hackers and virus writers are recognizing and exploiting the opportunities presented by IM-based attacks, the numbers of which have risen sharply over the last two quarters.

The number of IM attacks such as viruses, worms, and phishing scams has increased from twenty for all of 2004 to 571 in the second quarter of 2005 alone, representing an increased threat to both enterprise users and the average consumer, the study from instant messaging security vendor IMlogic Inc. said.

The study, performed by the IMlogic Threat Center with the support of IT security companies Symantec Corp., McAfee Inc., and Sybari as well as IM leaders America Online Inc., Yahoo Inc., and Microsoft Corp., reported that 70% of IM-based attacks target public IM networks and 30% target enterprises.

"IM usage has reached critical mass and virus writers have now recognized it as a mostly undefended medium," said IMlogic CEO and co-founder Francis deSouza. "These [viruses and worms] are mutating, high velocity, and invisible to most companies until they hit. All these factors combine to create a serious risk."

IM attacks act much like e-mail worms and viruses, stealing information from the user's computer or turning that computer into a so-called zombie by tricking users into clicking on phony links or into opening malicious attachments. IM-based attacks can be even more threatening because people receive false instant messages from a name on their buddy list rather than a strange e-mail address, DeSouza said.

"Having an army of zombies is the economic equivalent of having an oil well," said analyst Alan Paller of the SANS Institute. "The two most important things [for a user] to do are block all attachments on IM and to filter IM traffic so you only get it from trusted sites."

In corporate environments the Kelvir, Opanki and Gabby worms were the most common, the study said.

Some attacks are tailored to a specific user and appear to be, for instance, a highly personalized message. The study said that these attacks made up less than 1% of the recorded IM attacks. For the most part, IM attackers aren't sophisticated enough to single out any one user, Paller said. However rare "targeted" attacks may be, Paller emphasized that they are the most dangerous.

The vast majority -- 86% -- of reported attacks involved viruses or worms that capitalize on real-time protocols. The study showed that all of the most successful IM services -- AOL Instant Messenger, MSN Messenger, Windows Messenger, and Yahoo Messenger -- were vulnerable to IM attacks.

We certainly also recommend that you have either.  Nod32 Anti-virus and the free anti-virus from  AVG and AVast some of these offer protection for IM and Outlook as real-time plug-in.

7/7/2005 7:39:33 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

We are listing this threat as high to assure that people do not just ignore the level. Don't let themself fall pray to it.

Microsoft Corp. has released software that can be used to mitigate a critical vulnerability in Internet Explorer that was first reported last week.

The bug, which concerns the way Internet Explorer handles ActiveX components, can cause the browser to crash and could be used by an attacker to run unauthorized software on the user's machine, Microsoft said.

Yesterday, Microsoft released software that in the registry disables a file called Javaprxy.dll, which is used to run these components in Internet Explorer. This file is used by the Microsoft Java Virtual Machine, the company said.

Microsoft has not yet decided whether it will release a software patch that would fix the underlying problem, a spokeswoman said. "The work-around that they've offered here doesn't fix the underlying vulnerability, but it removes the functionality," she said.

Danish security company Secunia gave the vulnerability its most serious rating, calling it "extremely critical."

The Austrian security researchers who discovered the flaw expect Microsoft eventually to issue a full-blown patch.

"Right now, it's not that dangerous," said Martin Eisner, chief technical officer at security consulting company SEC Consult Unternehmensberatung GmbH. "But of course within a couple of weeks there will be somebody who has a little bit more time than we have and there will be an exploit then," he said in an interview last week.

Microsoft is unaware of any software that has exploited the bug, the spokeswoman said.

Microsoft has issued a security advisory that provides more details on the bug and lists other possible work-arounds to the problem.

7/7/2005 7:16:50 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 
 Monday, July 04, 2005

Intel Corp. will mark July 2005 as its entry into the dual-core processor server age.

Later this month, the chip maker will begin rolling out the first of four new dual-core server platforms for machines ranging from inexpensive, single-processor boxes for small businesses to multiprocessor Xeon servers and high-end Itanium machines for large businesses.

Based on its new chips' capabilities, Intel expects to see a relatively quick transition from single-core processors to dual-core processors in servers using its chips.

The dual-core chips, which contain two-processor cores versus the one present in a single-core chip, offer businesses a significant performance boost for what are likely to be relatively small increases in price.

More Info and Flash* Demo

7/4/2005 6:48:44 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

Deep Impact Kicks Off Fourth of July With Deep Space Fireworks
After 172 days and 431 million kilometers (268 million miles) of deep space stalking, Deep Impact successfully reached out and touched comet Tempel 1. The collision between the coffee table-sized impactor and city-sized comet occurred at 1:52 a.m. EDT.

"What a way to kick off America's Independence Day," said Deep Impact Project Manager Rick Grammier of NASA's Jet Propulsion Laboratory, Pasadena, Calif. "The challenges of this mission and teamwork that went into making it a success, should make all of us very proud."
"This mission is truly a smashing success," said Andy Dantzler, director of NASA's Solar System Division. "Tomorrow and in the days ahead we will know a lot more about the origins of our solar system."

Great Movies and Pictures

7/4/2005 6:16:56 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 
 Sunday, July 03, 2005

When the user selects a single page deep within the site, We would like to show them their current position and, at the same time, make it easy to move back up the hierarchy to any point. They will have a TreeView, of course, but we don't think that a tree is as clear and easy as a horizontal list of past locations. So, We decided that We would create a breadcrumb control in Windows Forms.

When you are looking at the code sample, you'll notice that my control is called an "Eyebrow" instead of a breadcrumb. Eyebrow is the name used in MSDN code, and it just stuck in my mind. You're probably wondering how this control relates to an eyebrow. So are we. We know my eyebrows don't have any information about my current position, and they certainly don't help us get around, but that's what they're called in the code, so that's how it'll be.

Back to the control. The control works by being associated with a TreeView. You can configure that association programmatically or through the property grid in Visual Studio® at design time. The control's rendering is then based on information in the associated TreeView, namely the currently selected node.

By hooking the tree's selection changed event (AfterSelect), the control is notified whenever it needs to be redrawn. The associated TreeView is accessed directly to find the currently selected node, to navigate up through all of the parent nodes, and to change the selected node when the user clicks on one of the hyperlinked items. By obtaining all of its navigational information from the TreeView, the breadcrumb control doesn't have to know anything about your particular application. As long as you set up and populate your TreeView and handle the tree's events, this control should work within your application.

Full Article here

Dev
7/3/2005 8:04:37 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 
 Friday, July 01, 2005

We have talked many times about Intel and their lack of competition in the chipset side of the business. Now it seems they are seeing the light and learning.  This nForce4 Intel chipset is different to the AMD nForce4 version in that the memory controller is not included as Intel have included in their architecture which has caused Nvidia to move to two chips and have been able to add some more enhancements to this nForce4.

Also with two independent SATA controllers for four SATA ports complying to SATA II specifications and with full support for native command queuing (NCQ) and 3 GBit's operation and various RAID setups.

With processors both AMD & Intel having L1 cache memory all-be-it smaller than in earlier years it is very fast while the L2 is bigger but slower. These are for data that is repeatedly used over a short time interval or data that is close to data recently used. Processors with their in-chip prefetch units predict the memory page needed. Nvidia with their Dynamic Adaptive Speculative Processor (DASP) works on top of the processor prefetch to track each core and thread to prefetch data using their sophisticated algorithms for quicker processing so the story goes.

This is a great review for the nVidia nForce4 in a intel or IE Intel Edition environment. Click here

7/1/2005 10:49:11 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

    The Justice Department seized hundreds of computers and arrested four people in an international crackdown on Internet pirates illegally distributing copyrighted video games, software and movies, such as the latest episode of ``Star Wars.''

Agents executed 90 search warrants in the United States and 10 other countries as part of Operation Site Down. The raids, which began Wednesday, shut down at least eight major online distributors and seized pirated works worth more than $50 million, authorities said.

At a news conference Thursday, Attorney General Alberto Gonzales credited the busts with ``striking at the top of the copyright piracy supply chain.'' Gonzales said the piracy rings are responsible for providing ``the vast majority of the illegal digital content now available online.''

Online piracy rings are known as ``warez,'' pronounced ``wares.'' They function as underground cyberspace co-ops, in which members swap the latest copyrighted material. Warez groups are notoriously difficult to penetrate. Many are based overseas and users are tech-savvy, communicating in encrypted messages and requiring codes and passwords.

The federal operation targeted ``first-providers,'' or those who provide the copyrighted work to the groups.

Arrested were: William Venya, 34, of Chatsworth; Chirayu Patel, 23, of Fremont; Nate Lovell, 22, of Boulder, Colo.; and David Fish, 24, of Watertown, Conn. Criminal complaints charged each with copyright infringement and conspiracy to commit criminal copyright infringement.

The four have been ordered to appear July 14 before U.S. Magistrate Judge Howard R. Lloyd in San Jose.

7/1/2005 9:19:59 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

 

W32.Toxbot.C is a worm that opens an IRC back door on the compromised computer and spreads by exploiting vulnerabilities.

Note: LiveUpdate Virus definitions released June 29, 2005 detect this threat as W32.Toxbot.

Type: Worm
Infection Length: 47,616 bytes
 
 
 
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
7/1/2005 7:43:54 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

Another new wave of spam that disguises itself as a Microsoft Corp. security bulletin contains a link to malicious software that gives attackers complete access to the infected machine, security researchers are reporting.

The e-mail, which began circulating late Tuesday, identifies itself as Microsoft Security Bulletin MS05-039, and offers a link to what it claims is a patch against the Sober Zafi and Mytob worms.

In fact, there is no such thing as Microsoft Security Bulletin MS05-039, and real Microsoft security bulletins offer links to a Microsoft download site, rather than to the patches themselves, said Mikko Hypponen, director of antivirus research at F-Secure Corp.

The phony patch is a variant of the SDBot Trojan software, which is at present not detected by antivirus software products, according to a report from security research firm WebSense Inc.

The risk of someone downloading this Trojan appears to be very low right now, because the server hosting the Trojan downloads no longer appears to be active.

7/1/2005 7:17:58 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   | 

Microsoft late Thursday confirmed a security flaw in its dominant Internet Explorer browser could be potentially exploited by malicious hackers to take "take complete control of the affected system."

The software giant released a security advisory acknowledging the vulnerability and recommended that IE users set Internet and local intranet security zone settings to "High" before running ActiveX controls in these zones.

All supported versions of Internet Explorer, including IE 6.0 in Windows XP SP 2 (Service Pack 2) are affected.

Microsoft Corp.'s confirmation comes less than 24 hours after private security research firm SEC Consult published a working exploit to show that the bug could crash the browser or exploited to execute arbitrary code in the context of IE.

Microsoft said it was not aware of any attacks attempting to use the reported vulnerability or customer impact and promised a patch would be made available once an investigation is completed.

"A COM object, javaprxy.dll, when instantiated in Internet Explorer can cause Internet Explorer to unexpectedly exit. We are investigating a potentially exploitable condition," Microsoft said in the advisory.

The company said a successful attacker could exploit the flaw by creating a malicious Web page and persuading the user to visit the page.

"An attacker could also attempt to compromise a Web site to have it display a Web page with malicious content to try to exploit this vulnerability."

Microsoft accused SEC Consult of publishing details and proof-of-concept that put customers at risk. However, the research outfit said it only posted the details after Microsoft said it could not confirm the existence of the flaw.

"Microsoft [did] not confirm the vulnerability, as their product team can not reproduce condition," SEC Consult said in an advisory. After the publication of SEC Consult's advisory, Microsoft later reproduced the issue and posted its advisory.

More information on suggestion actions is available in Microsoft's security advisory.

7/1/2005 7:11:58 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |   |