US-Cert has published a report on spyware, http://www.us-cert.gov/reading_room/spyware.pdf, a 15-page document that includes an overview, definition and examples of different types of threats. Some of the recommended defensive measures include the following:

1. Don't trust unknown or known high-risk sources.
2. Read the fine print.
3. Pay attention when installing applications.
4. Keep operating systems and software patched.
5. If you are running Windows XP, install Service Pack 2.
6. Use trusted anti-virus and anti-spyware tools.
7. Alternative internet applications.
8. Browser configuration.

Computer Associates announced a 6.9 million dollar contract to protect Department of Defense (DOD) computers from spyware. The need for the contract indicates spyware has infected military computers. An article from FCW.com about antispyware software at Fort Hood just read the quote from Army Maj. Bert Belisch:

Unlike with viruses, no one has offered the public a complete catalog of spyware threats. And until that happens, we're left with a lot of hype and fear instead of facts and solutions. In short, despite all the antispyware apps being produced these days, we're no closer to eradicating the spyware problem.

Antispyware vendors typically use three types of databases. Some use a community database which is drawn from subscribers who report suspected spyware. It was reported by Cnet that Microsoft uses Skynet for its spyware collection. Webroot (makers of SpySweeper) primarily use its Phileas Technology to crawl all over the Internet and find new examples of spyware. Finally, there are hybrid databases, combining the above two methods.

With the total failure of The Consortium of Anti-Spyware Technology vendors (COAST) which were a group founded by PestPatrol (now part of Computer Associates), Webroot (makers of SpySweeper), and Aluria (makers of Spyware Eliminator), but the group ceased to exist a few months ago after vicious in-fighting regarding the very definition of spyware. What then is the interest of any one to even define what it even is. As long as it is all driven by money there is no serious solution. The rambling will simply continue and every consumer will suffer.

Opinion: Nobody who takes security seriously could get hit through Windows 2000 PnP vulnerability, yet lots of large corporations were hit. You do the math.

Quotes From Larry Seltzer
August 16, 2005

After reading both of Larry Seltzers posts on the 16th over a patch MS05-039 that MS released on August 9th. It really is amazing that while this seemed to be straight forward worm easy enough to prevent it was over the network news channels as if it were terminal.

There are many unique terms associated with search engine optimization and search engine marketing. Keyword Effectiveness Index – A WordTracker term that refers to the number of times a Keyword has appeared in WordTracker’s database compared with the number of competing Web pages.

DETAILED EXPLANATION

The KEI for a keyword should increase if its popularity increases. Popularity is defined as the "Count" or number of times it appears.

The KEI for a keyword should decrease if it becomes more competitive. Competitiveness is defined as the number of sites which a search engine e.g. Google displays when you search for that keyword using exact match search.

Exact match search means that a search engine searches for only those sites which use the keyword exactly as typed in by the user. It is the equivalent of entering:

 

Partial match search means that a search engine also searches for sites which contain the individual words of the keyword but not necessarily occurring together or in the order typed in by the user. It is the equivalent of entering:

 

Partial match search presents a distorted picture of the competitiveness of a keyword because when you optimize your site for a particular keyword, you are actually competing with sites which have used the keyword exactly as typed in by the user.

I have personally found Word Tracker a great resource for everyone who really understands the importance of market speak. It really can profoundly effect the outcome of any web enterprise. Today in the news I also found this article provides some insight. It might make the experienced SEO pro say no kidding. Though when discussing the topic of KEI, the object is to remove as much of the ambiguity as possible.

CVE Reference : GENERIC-MAP-NOMATCH
Rated as : Critical 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-08-21
 

	Some Questions for your developer. Make sure before you decide who will develop your website you have a good idea that the money is well spent. There are massive differences between developers. Everything about a web site does not hinge totally on their ability to write dynamic content. Though this is a important factor it is but one.
	Doing a search the Internet you see it for yourself.  Note the difference in the designs of the sites you visit. Some look like they were created by expensive media agencies while others look like a 12-year-old did it for his school project. Which might be the case.

Here are 5 questions your web site developer might not want you to ask. Click Here

Have you noticed your search engine rank slipping? Perhaps it is due to the fact that people are copying your content. How can you find out about this and track down who is using your content?

Well I have found that the easiest way is to simply go to this link and you run your domain name.

http://www.copyscape.com/

Below are some of the most useful options set and in their suggested order: If your developer is does not use these on your site, or if this is not part of any development costs then make sure they are. Also make sure to be aware of who will be defining the keywords for your web site. Having this established before hiring a developer is important. You also want to know what their SEO experience is. I have seen quoted prices for doing this part, ranging from $10.00 per page to $300.00 per page. With many things in life you get exactly what you pay for. It does not mean that the developer is trying to dupe you but in most cases it is only fair to compare what you get for your money evenly. This is the best way to make sure that the developer doing this work is being compared openly and fairly.

<title>Whatever Items for Sale</title>
<meta name="description" content="Description">
<meta name="keywords" content="keywords">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="expires" content="30 days">
<meta name="author" content="John Doe">
<meta name="copyright" content="Copyright 2004 www.domainname.com">
<meta name="distribution" content="global">
<meta name="robots" content="index, follow">
<meta name="rating" content="Safe For Kids">

This article was pubished on 8-8-2005. Thinking this article might be usefull. I go to the source SpamButcher which sells yet another anti-spam application for only $29.95. Which I am sure it is as good as any though I did not test it. Since SpamBayes is my personal choice as it is a plug-in to the outlook client and is free. I was still interested in the article none the less it might prove useful.

The article starts with this quote. "This document is intended to help people with relatively little networking experience identify if they have a spam zombie problem and provide some basic strategies for dealing with them."  Let's cut to the chase, and find how we can get rid of the bad guys.

So, what should you do?

1. Disconnect the system from the network - do this now!
2. Backup any important data (just get your data- try to avoid copying any installers or executables that could've been the source of the zombie or exploit)
3. Format all drives

This may seem a bit extreme, but is generally a good idea. The best practice in any situation you've had a security compromise that you can't account for 100% is to "level" the computer in question."

We can make it much simplier than a five page article. The statement was that there are millions of hacked and zombied sytems. Everyone who has an infected computer format and start from scratch. Also don't worry about a backup just reinstall everything from scratch. This way you can be certain you are not inserting mal-ware. Also make sure you do the same for all the infected machines in your LAN. Inject dry humor here.

I personally view having to format your disks as a a bit of a pain. So can we look at the menu again, perhaps another option?

Online criminals trying to pry passwords and other sensitive information out of companies have started using phony e-mails that look as if they were sent from powerful executives of the targeted organizations, experts said yesterday.

Known as "spear phishing," the technique is an ingenious wrinkle on the "phishing" e-mail scams that try to trick consumers into giving up bank-account information and other sensitive details that can be used in identity theft.

Businesses are typically reluctant to publicly disclose when they are the targets of online attacks, but online security company MessageLabs Inc. said in June that it has seen the tactic grow steadily during the year to the point where it now sees one to two spear-phishing campaigns a week.

Rather than posing as a bank or other online business, spear phishers send e-mails to employees at a company or government agency that appear to come from a powerful person within the organization, several security experts said.

Unlike basic phishing attacks, which are sent out indiscriminately, spear phishers target only one organization at a time. Once they trick employees into giving up passwords, they can install Trojan horse programs or other malicious software to ferret out corporate or government secrets.

Spear phishing can be devastatingly effective even among employees who are aware of online threats.

At the U.S. Military Academy in West Point, N.Y., several internal tests found that cadets were all too willing to give sensitive information to an attacker posing as a high-ranking officer, said Aaron Ferguson, a visiting faculty member there.

"It's the 'colonel effect.' Anyone with the rank of colonel or higher, you execute the order first and ask questions later," he said.

Cadets in more recent tests have been somewhat more likely to report the messages as suspicious as awareness has grown, he said.

CUPERTINO, Calif. - August 16, 2005 - Symantec Corp. (Nasdaq: SYMC) today announced that it has signed an agreement to acquire Sygate Technologies, a technology leader in endpoint compliance solutions. Sygate’s technology will complement Symantec’s presence on the endpoint to create a holistic solution to address the security, compliance, and remediation requirements of today’s large enterprises. The acquisition is expected to close shortly after receiving customary regulatory approvals.

"Securing the ‘endpoints’ of a corporate network is a challenge that affects all enterprises," said Chris Christiansen, vice president of security products and services, IDC. "Companies are looking for integrated offerings that can both protect the network and ensure that endpoints are compliant with security policies. This acquisition will give customers a complete endpoint compliance solution while helping to reduce complexity and cost."

Endpoint compliance solutions help enterprise organizations enforce security by guaranteeing that all devices connected to a network – desktops, laptops, servers, and mobile devices – are running the appropriate security solutions, are configured correctly, and possess up-to-date patches. Symantec will now be able to help businesses enforce business policies and automate security practices to regain control of network security, reduce costs, and ensure compliance across the organization.

“It is critical to have an endpoint compliance solution that will allow companies to leverage their existing IT infrastructure to control the myriad devices connecting to the network,” said Enrique Salem, senior vice president, Security Products and Solutions at Symantec. “A recognized leader in endpoint compliance, Sygate provides the first universal network access control system designed to protect the entire enterprise network – from mobile devices to servers to unmanaged devices. The fact that their technology is built on industry standards means that companies don’t have to implement expensive infrastructure changes to deploy this solution.”

Original release date: 8/19/2005
Source: US-CERT/NIST

Keyloggers are one of the most dangerous spyware parasites.

Activity of these usually small malicious programs is really catastrophic. Although keyloggers do not destroy the operating system or installed software and don't corrupt files, they steal the most valuable user information, including all the passwords, login names, everything written in priceless documents, every letter in a chat conversation or e-mail message.

A typical keylogger not only records all keystrokes, but also captures screenshots of user activity, logs software usage, exact addresses of visited web sites, even mouse clicks and time when the user turns off his computer and sends all quietly sends gathered data to a predefined e-mail address. What can be worse? Keyloggers allow the attacker to be well informed about all your secrets, current works, contacts, interests, your entire life. However, you can prevent such an intervention. In most cases keystroke capture can be revealed and avoided. In this article I will give you several advices that you should always keep in mind.

Depending upon the nature of the information gathered, each piece of spyware may function differently. Some spyware applications simply gather information about a user's surfing habits, purely for marketing purposes, while others are far more malicious. In any case, the spyware attempts to uniquely identify the information sent across a network by using a unique identifier, such as a cookie on the user's hard disk or a Globally Unique Identifier (GUID). [ref 2] The spyware then sends the logs directly to a remote user or a sever that is collecting this information. The collected information typically includes the infected user's hostname, IP address, and GUID, along with various login names, passwords and other keystrokes. " Full article "

The National Institute of Standards and Technology (NIST) has unveiled its mega-database, otherwise known as the National Vulnerability Database. The NVD will issue daily updates of viruses that are wrecking havoc on popular software products and post notices on security trends.

The database was created as a means to warn users about security threats both big and small, according to a report in SecurityFocus.

NVD is a comprehensive cyber security vulnerability database that integrates all publicly available U.S. Government vulnerability resources and provides references to industry resources. It is based on and synchronized with the CVE vulnerability naming standard.

When Zotob infects a computer, it attempts to deliver a malicious file, which is named differently depending on the variant that has infected the computer. If your computer has been infected, this file will be present and your registry will show changes. Use any of the following methods to check for infection. (If you find the file, you do not need to check the registry, and vice versa.)

Learn More about the Malicious File

So many times I get the question about putting a large disk in a windows box that is not seen as the proper size. Whether it is windows 2000 or XP we can point you to the proper page at MS but after that you are on your own. If you are terrified by regkey edits call someone who can do this for you.

XP   http://support.microsoft.com/default.aspx?scid=kb;en-us;303013

Sterling Energy Systems announced an agreement with Southern California Edison on Thursday to build a solar power facility capable of generating 500 megawatts of power. It will be installed over 4,500 acres in the Mojave desert north of Los Angeles.

The system calls for the installation of the company's 37-foot-high dishes which reflect sun into a tube of a Sterling engine where hydrogen is kept. The heat from the sun is focused on hydrogen, which expands and creates enough pressure to turn a piston and crank shaft.

Sterling Energy Systems is testing another installation with Sandia National Laboratories in New Mexico. The Deal.com reports more on the people and business model behind the Phoenix-based start-up.

More commonly used solar installations use photovoltaic cells to convert the sun's energy to electricity.

Meanwhile, FedEx turned the switch on a large solar installation in Oakland, California last week. According to an article in RenewableEnergyAccess.com, the FedEx-owned installation will 904 kilowatts of electricity and be the largest corporate-owned solar installation in California.

Apple executives insisted that Mac OS X would only run on x86 chips used in Apple-developed hardware. Intel PCs distributed to Apple developers with the x86 version of Mac OS X used a security chip to prevent developers from copying Mac OS to other Intel PCs, according to several reports this week from Mac enthusiast sites.

However, several enterprising hackers have figured out ways to bypass the security chip and run the developer's version of MacOS for x86 on any x86-based PC, according to a posting on the Web page of The OSx86 Project. Posters on that site, as well as other sites within the Mac community, claim to have used the instructions to run Mac OS X on their Intel or AMD PCs, with some posting pictures and videos of x86 PCs booting Mac OS X.

The process requires a copy of Mac OS X version 4 (Tiger), VMware's virtualization software, the PearPC emulator that can run operating systems written for PowerPC on any architecture, Apple's Darwin 8.0.1 software, an x86 processor that supports SSE2 (Streaming SIMD Extensions 2), and two files created by an independent developer that can be downloaded using the BitTorrent file-sharing system.

As of Friday afternoon, detailed instructions were available in a wiki created by The OSx86 Project. Another site had posted instructions for installing Mac OS X without using VMware's software.

Simply the most different cooler design seen to date. "More Details" from Tom's   More details "Digital Daily"

A structure like that is already a good radiator which can be successfully used for passive cooling of a low power-consumption processor (e.g. I used Athlon 64 266x4 (Winchester core) with the Cool'n'Quiet enabled, at Vcore = ~1.0V). Very few users would dare for an experiment like that, so most are more interested in the nominal operation mode of StarIce cooler.