Google Inc. and MySQL AB are close to finalizing a deal that could find the open-source database vendor incorporating powerful features created by the search giant into future versions of the popular database.

On Monday, Google publicly released the source code for several custom features it had built in-house to enhance the performance and reliability of its search engine. The add-ons were released via the General Public License (GPL).

Google’s announcement, done without MySQL and on the eve of MySQL’s annual worldwide conference in Santa Clara, Calif., appeared to be a subtle attempt to put pressure on MySQL to add the features to the official version of the software, something the company has until recently been loath to do.

Since then, sources say Google has signed a Contributor License Agreement (CLA), a key legal document required by MySQL to accept source code from outside companies or developers and port it to its popular database, reportedly used in 11 million servers worldwide.

Google is widely believed to be the largest MySQL user in the world, with hundreds or even thousands of MySQL servers running in data centers around the world.

What remains to be worked out are the exact features that Google will transfer to MySQL and the compensation MySQL will offer in return, which could range from symbolic gifts such as T-shirts to monies up to hundreds of thousands of dollars, said Steve Curry, a MySQL spokesman. Curry declined to confirm the status of the deal.

Read More

Around $1.7 billion of unpaid VAT did not appear on a U.K. Revenue and Customs debt case management system because of a failure to transfer data from the main VAT computer system, legislators have been told.

Edward Leigh, chair of the powerful Commons public accounts committee, highlighted a series of problems with major government IT projects in a parliamentary debate on the committee's inquiries

He told MPs: "We found that not all information on VAT debt recorded on the main VAT computer system had been transferred to the so-called trader register.

"That may appear to be an obscure point, but it meant that some $1.7 billion of debt failed to appear on the debt case management system. That is hardly a first-rate example of financial management by a department that should be at the forefront of such matters."

Leigh cited evidence given to the committee earlier this month by Ian Taylor, a past president of the Chartered Institute of Purchasing and Supply who is now director of the center for procurement performance at the Department for Education and Skills.

Taylor had told the PAC "that in his view, public sector people are every bit as skilled as those in the private sector, but the information systems in the public sector are so bad that no private sector firm could afford to put up with them. They would simply go out of business," Leigh said.

The committee chair added: "They do not provide the data that public sector leaders need to manage effectively or to develop robust strategies for delivery."

Leigh also hit back at the government after it attempted to deflect criticism of the NHS's $23.4 billion IT program by claiming that a damning PAC report was based on "out of date" findings by the National Audit Office.

The PAC warned that the NHS scheme was unlikely to deliver significant benefits, unless there was a fundamental change in the rate of progress on the 10-year project. 

The committee chair told MPs he had spoken to Sir John Bourn, head of the NAO, to put a timescale on the auditors' promised -- and unprecedented -- second examination of the project. "Following my encouragement, we are to have another NAO report on the NHS computer in the next year so that we can have an update to check whether all the excellent recommendations of the NAO and the PAC... are being carried out."

Responding to the debate -- which also touched on the IT fiasco at the Rural Payments Agency that is estimated to have cost $940 million -- Treasury minister John Healy gave an indication that the government might reconsider its hardline stance against making public the findings of Office of Government Commerce "gateway reviews" of major IT schemes.

Microsoft Corp. is posting the final beta and first publicly available and feature-complete version of Windows Server "Longhorn," marking the final time the product will be available for testing and feedback before the long-awaited server update is available later this year.

Microsoft is making downloads of Longhorn Beta 3 available from the company's Web site, said Ward Ralston, senior technical product manager for the software. It's the first time that anyone who is interested can get their hands on the product, which has been in private beta release only until now.

It is also the first time users can get a look at the new scripting and command-line technology, Microsoft PowerShell, in the Longhorn server, he said. The technology, which allows administrators to more easily automate tasks across Windows servers on a network, was previously available as a separate add-on, but it will be built directly into Longhorn and is making its first appearance in a test version of the product.

Customers also can get a first look in Beta 3 at two new Longhorn features -- a new always-on firewall in Server Manager and an installation option called Server Core.

Server Manager in Longhorn is designed to keep the server firewall up 100% of the time, which means server administrators will have to unlock the firewall using the Server Manager console when they want to install components, he said. This allows administrators to install components needed for certain server roles, leaving anything extraneous out of the system.

The server also will intelligently know what dependencies and restraints the roles will have once installed, and it will configure the server automatically to run most effectively in those scenarios, Ralston added.

Server Core is a minimal installation option for Windows Server that installs only components for eight server roles -- out of a possible 18 -- on the server and automatically configures them for the most reliable performance. This limits the amount of code that needs to run on the server and should decrease the time needed for and the number of updates because the server will only need to be rebooted for updates related only to those roles, Ralston said.

Longhorn is due for final release sometime in the second half of the year, a time frame that was revised several times.

Legislation that would lift an online gambling ban imposed by Congress last year was introduced on Thursday by the chairman of the House Financial Services Committee.

Calling the Internet gambling prohibition "imprudently adopted," Democratic Rep. Barney Frank of Massachusetts outlined a bill to make it legal again for banks and credit card companies to make payments to online gambling sites.

"The fundamental issue here is a matter of individual freedom," Frank told a news conference, adding his committee would hold a hearing on the matter in June.

The bill includes provisions for licensing and regulating online gambling companies to protect against underage gambling, compulsive gambling, money-laundering and fraud.

But Frank conceded, "The votes aren't there to change it right away" and he listed only 11 co-sponsors in the 435-member House for lifting the ban.

Frank said his proposal could face opposition from religious conservatives, and from some liberals who find gambling "tacky." However, he also said the ban imposed by Congress had awakened many voters to the issue and predicted support for the bill could grow.

An anti-spam organization filed a federal lawsuit Thursday targeting so-called spam harvesters, who facilitate the mass distribution of junk e-mail by trolling the Internet and collecting millions of e-mail addresses.

The lawsuit was filed in U.S. District Court in Alexandria by a Utah company called Unspam Technologies Inc. The company runs a Web site called Project Honey Pot dedicated to tracking spam harvesters worldwide.

Project Honey Pot has collected thousands of Internet addresses that it has linked to spam harvesters, but it so far has been unable to link those addresses to an actual person.

The lawsuit names a variety of John Does as defendants, and the plaintiffs hope that the legal process will allow them to track the actual people who are harvesting the e-mail addresses, said lead attorney Jon Praed with the Arlington-based Internet Law Group.

Collecting e-mail addresses is not by itself illegal, but Praed said the plaintiffs will be able to link the harvesting to spam e-mails, which are illegal under federal and state laws. Those laws allow individuals who receive unwanted spam to seek civil damages.

Praed said legitimate businesses are afraid to post e-mail addresses on their Web sites for fear that automated Web crawlers will find the addresses, record them and sell them to spammers who will inundate them with junk e-mail.

Praed said the lawsuit will "focus on the worst of the worst," using information that Project Honey Pot has already collected and analyzed.

If you thought the Core micro architecture was a vast change from the Netburst Pentium 4 range, just wait until you get a look at what Nehalem has in store! With AMD ramping up the game as it seeds Fusion and other technologies to integrate more into the CPU core, we all wondered how Intel was going to react.

While the expressed details are still to be confirmed, we have learned that there are a lot of changes in store for Intel's upcoming platform, and that perhaps the ideas and methods adopted by the green camp weren’t so bad after all.

Firstly Nehalem will arrive in Q208 and is being designed from the ground up on the 45nm process. Intel has confirmed it will contain a variant of Hyper-Threading technology previously seen on the Pentium 4 CPUs, although it won’t be a hacked on addition in response to expected poor IPC and long pipeline, like it was in the Netburst days. SMT (Simultaneous Multithreading) is being optimised to make use of the many cores and shared cache in a way that “intelligently” uses the available resources.

Intel is aiming to have a scalable performance and core structure including 8+ cores with 16+ threads running. What gets very interesting is that Intel describes Nehalem as having a Multi-Level shared cache architecture, without specifically denouncing something along the lines of the L3-shared cache that AMD’s next generation Barcelona will have.

Integrated memory controller... on an Intel?

Say goodbye to the northbridge, because Nehalem will integrate the memory controller into the CPU core. Intel is finally ready to do what AMD has been doing for years with the K8 architecture - incorporate an on-die memory controller, to lower memory access latencies, reduce power consumption of the whole platform and make designing future motherboards far easier.

This could be be a marketing nightmare for Intel’s PR and the green camp is going to be rolling around the floor in fits of glee at this news, but respect to Intel for ultimately biting the bullet and making the right choice. That said, Intel was in a similar situation when it created the Pentium M and had to convince the market the MHz wasn’t the only performance rating that mattered after years of preaching the contrary – and that turned out to be one of the most successful moves for Intel in recent history.

By combining the architectural power of Core with an incredibly low latency memory controller and some super bandwidth DDR3 we should see massive gains in multi-core applications that are now suddenly freed of the northbridge front side bus (FSB) limitation.

Traditionally, Intel CPUs in a multi-core scenario had to queue and wait for the northbridge to serve commands to the memory, with the scenario getting progressively worse as the latency increases in every CPU you add.

A hacker managed to break into a Mac and win a $10,000 prize as part of a contest started at the CanSecWest security conference in Vancouver.

In winning the contest, he exposed a hole in Safari, Apple Inc.s browser. "Currently, every copy of OS X out there now is vulnerable to this," said Sean Comeau, one of the organizers of CanSecWest.

The conference organizers decided to offer the contest in part to draw attention to possible security shortcomings in Macs. "You see a lot of people running OS X saying it's so secure and frankly Microsoft is putting more work into security than Apple has," said Dragos Ruiu, the principal organizer of security conferences including CanSecWest.

Initially, contestants were invited to try to access one of two Macs through a wireless access point while the Macs had no programs running. No attackers managed to do so, and so conference organizers allowed participants to try to get in through the browser by sending URLs via e-mail.

Dino Di Zovie, who lives in New York, sent along a URL that exposed the hole. Since the contest was only open to attendees in Vancouver, he sent it to a friend who was at the conference and forwarded it on.

The URL opened a blank page but exposed a vulnerability in input handling in Safari, Comeau said. An attacker could use the vulnerability in a number of ways, but Di Zovie used it to open a back door that gave him access to anything on the computer, Comeau said. The vulnerability won't be published. 3Com Corp.'s TippingPoint division, which put up the cash prize, will handle disclosing it to Apple.

The prize for the contest was originally one of the Macs. But on Thursday evening, TippingPoint put up the cash award, which may have spurred a wider interest in the contest.

One reason Macs haven't been much of a target for hackers is that there are fewer to attack, said Terri Forslof, manager of security response for TippingPoint. "It's an incentive issue. The Mac is not as widely deployed of a platform as say Windows," she said. In this case, the cash may have provided motivation.

Vertical Computer Systems Inc. is suing Microsoft Corp. for patent infringement related to Microsoft's .Net framework for building Windows-based software.

Vertical filed suit April 18 in a U.S. District Court in Texas alleging that Microsoft has infringed on its Patent No. 6,826,744, for a "system and method for generating web sites in an arbitrary object framework."

The patent is for Vertical's SiteFlash technology, which utilizes XML (Extensible Markup Language) to create a component-based structure to build and efficiently operate Web sites, according to the company's Web site. A Vertical spokesman could not be reached for comment.

The complaint says Microsoft is still infringing on the patent despite Vertical having put Microsoft on notice about it on Feb. 7. Vertical is asking for a jury trial.

Vertical, based in Fort Worth, Texas, describes itself as a global Web services provider. It went public in 2000 but is not listed on a major stock exchange.

The Social Security numbers of 63,000 people who received Agriculture Department grants have been posted on a government Web site since 1996, but they were taken down last week. Free credit monitoring is being offered to those affected.

The Agriculture data that included Social Security numbers were removed from the Web on April 13 and similar data from 32 other agencies were taken down April 17 as a precaution, said Agriculture spokeswoman Terri Teuber.

A review has determined that none of the other 32 agencies had a similar problem, said Sean Kevelighan, spokesman for the Office of Management and Budget.

"There is no evidence that this information has been misused," Teuber added. "However, due to the potential that this information was downloaded prior to being removed, USDA will provide the additional monitoring service."

The breach was discovered by Marsha Bergmeier, president of Mohr Family Farms in Fairmount, Ill. "I was Googling my farm name at 11 p.m. when I couldn't sleep," she said in a telephone interview, and details of her land loan came up in the second listing of the Google search, a private Web site that reposted the government data.

The next morning, April 13, she contacted the Agriculture Department, her congressman, Rep. Tim Johnson, the private Web site and the Census Bureau and was surprised by how quickly they removed the personal information.

"If somebody downloaded it, it's still out there in the world," she said. "That will never be a private number again."

We recently spent quite a long time before deciding on our filtering solution. We required a number of things that it appears the big boys do not seem to understand.  Like the biggest and simpliest we have stated time and time again. If your email solution does not offer you a method of white-listing just leave!  We have stated this many times with AOL! Comcast and now even ATT have joined the list of "LAME" ISP's who simply do not understand the importance of this simple requirement for their users.

Anyone who seeks a new provider should ask! Do you use BrightMail or GoodMail? You should ask if they can offer another alternative? These propreitary applications have some issues which ComCast has reported as a glitch, give me a break, this is simply not the problem.

Server response to MAIL FROM:

550-64.4.207.8 blocked by ldap:ou=rblmx,dc=comcast,dc=net 550 Blocked for abuse. Please send blacklist removal requests to blacklist_comcastnet@cable.comcast.com - Be sure to include your mail server IP ADDRESS.

Great Article and Frustating ISP comments about ComCast.

Have some Fun here.

The point here is simple when big companies throw large dollars at a solution without alternative methods of adjustment for their clients, they are making a serious blunder.

The Database Publishing Wizard enables the deployment of SQL Server 2005 databases (both schema and data) into a shared hosting environment on either a SQL Server 2000 or 2005 server.

The tool supports two modes of deployment:

1. It generates a single SQL script file which can be used to recreate a database when the only connectivity to a server is through a web-based control panel with a script execution window.
2. It connects to a web service provided by your hoster and directly creates objects on a specified hosted database

The Database Publishing Wizard provide both a graphical and a command-line interface. In addition, it can integrate directly into Visual Studio 2005 or Visual Web Developer 2005.   "Get it here"

Security professionals said the bell has tolled for the WEP protocol, which is used as a default intrusion-prevention system for IEEE 802.11 wireless LAN Wi-Fi devices.

The troubled protocol suffered its first blow in 2001, when a flaw was revealed in the WEP protocol's RC4 key scheduling algorithm, which allowed radio sniffer programs to extract and inject wireless data packets from and into the network where statistical analyzers, known as WEP crackers, can recover the encryption key to unscramble the data. However, the WEP security key required about 4 million packets to be intercepted for it to be calculated. Now, security experts in Germany have claimed that they can outfox the beleaguered protocol in three seconds, down from the previous best of about five minutes, which kept up with changing security keys.

The experts said they can extract a 104-bit WEP key from intercepted data using a 1.7-GHz Pentium M processor so much faster that the process could be performed in real time by someone walking through an office. Bank of Queensland IT security manager Grant Slender agreed that the WEP protocol is lax and said he would not trust anything built on it.

"We don't use wireless technology, and we wouldn't rely on any form of built-in encryption; we would treat it akin to an untrusted Internet connection," Slender said. "We wouldn't put the same applications over wireless as we would for a cable connection because the wireless security standards have been compromised," he said. "It's simply easier for us to consider the WEP protocol untrusted."

Full Article

JavaScript coding errors and Web developers who are inexperienced at working with emerging programming techniques represent serious threats to the security of many Internet sites and the people who visit them, according to malware researchers.

Speaking at the ongoing ShmooCon hacker convention on March 24, Billy Hoffman, lead research engineer at Atlanta-based software maker SPI Dynamics, detailed what he views as an epidemic problem in today's online world. SPI markets penetration testing tools used by businesses to ferret out security issues from their online sites and applications.

The proposed threat is centered on the prevalence of JavaScript errors and insecure use of so-called Web services programming languages such as AJAX -- which combines asynchronous JavaScript with XML -- in many popular Web sites and applications.

In addition to opening holes in Web applications, Hoffman illustrated how JavaScript and AJAX-based tools can be used by hackers to find new vulnerabilities online, and build XSS (cross-site scripting) attacks that can move from one online domain to another, which he cited as a relatively cutting-edge malware development.

"In the last two years, we've seen JavaScript go from stealing cookies to doing key-logging, screen-scraping and all sorts of phishing attacks," Hoffman said. "JavaScript used to be something that was more annoying than anything, but now it's being used in port scanning, to create self-propagating malware and to steal browser histories."

The researcher, who said that JavaScript vulnerabilities are present in sites maintained by everyone from well-known online retailers to large financial services companies, demonstrated a proof-of-concept exploit based on a JavaScript flaw on CNN.com, and how it could be used to manipulate content on the news site's pages. The issue was reported in security forums several months ago, and sent to CNN by researchers, but it still hasn't been fixed.

Malicious-code writers are using the same techniques to create cross-site scripting threats -- malware attacks that inject code into end users' browsers via holes in legitimate sites -- to mislead consumers into handing over their passwords and giving hackers access to their personal information, according to the researcher.

PayPal and MySpace.com are among the major Web properties that have been targeted by major JavaScript-based XSS attacks in recent months. More Here

Almost 70 percent of all electronic mail from Asia is "spam", or unsolicited advertisements, an anti-virus firm said Friday.

The Philippines had the worst record with spam making up 88 percent of all emails, Symantec Corp. said in excerpts of its Internet Threat Security Report released here.

The average percentage of emails sent from the Asia-Pacific region that were spam was 69 percent, the report added.

Although the Philippines had the highest proportion of spam, China was the largest source of spam by sheer volume, the report said.

Thirty-seven percent of all spam detected from Asia-Pacific originated from China.

Symantec said in a statement that it could not provide the total number of e-mails monitored but that the results was based on data from over two million "decoy accounts" attracting email from 20 different countries.

A federal judge dealt a blow to Vonage Holdings Corp. that sent its stock reeling on Friday, when he agreed to bar the company from using Internet phone call technology patented by Verizon Communications Inc.

Vonage said it was confident its customers would not experience service interruptions, but investors sent its shares down nearly 26 percent.

U.S. District Judge Claude Hilton said he would delay signing the order for two weeks to give Vonage time to try to convince him to stay the injunction while it appeals the entire patent infringement case. "I will sign the injunction at the time I rule on the stay," Hilton said at a hearing.

Hilton agreed with Verizon that it would suffer irreparable harm if he allowed continued infringement of the Voice-over-Internet Protocol (VoIP) technologies that allow consumers to make calls over the Internet.

He rejected arguments by Vonage that the harm to Verizon, the No. 2 U.S. telephone company, was outweighed by other factors, including the public interest.

"I don't think it's going to kill Vonage," said Albert Lin, an analyst at American Technology Research. But he said the legal costs and management distractions were disruptive.

Another Trojan horse is spreading through the Internet telephone network of Skype Ltd.

The malicious code, known as both Warezov and Stration, is similar to an earlier version detected in February, but with a new URL (uniform resource locator) and a new version of the malicious code, according to an alert posted Thursday by Websense Inc.

Websense warns Skype users to watch for the message "Check up this," with a URL containing a hyperlink.

The code itself isn't self-propogating but when it runs, the URL is sent to everyone on the user's contact list.

When users click on the link, they are redirected to a site that is hosting a file named file_01.exe. Users are then prompted to run the file and if they do, several other files are downloaded and run. The downloaded files are other versions of the Waresov/Stration malicious code.

However, that server doesn't appear to be operating, according to Websense.

It's the early 21st Century, the United States is the reigning capital of computer attacks, hackers have become international crime rings, and you can buy a stolen credit card number for as little as $1 or a complete identity for $14.

This might read like near-future science fiction, but it's reality, according to a new security report released Monday by Symantec, covering the last six months of 2006.

The Internet Security Threat Report, issued twice yearly by the computer security firm, paints a grim picture. "Attackers are now refining their methods and consolidating their assets to create global networks that support coordinated criminal activity," the report stated.

While a recent report from McAfee showed that Internet domains from Romania, Russia, and the tiny island of Tokelau were among the riskiest in relative terms, the Symantec report found that the U.S. is the source of about 31 percent of all malicious computer activity, beating China (7 percent) and Germany (7 percent).

As for servers used for buying or selling stolen personal information, 51 percent were located in the U.S.

In most areas profiled in the report, the situation has gotten worse. Nearly 30 percent more computers are part of botnets than the previous six months. Trojans can take over a computer without the user knowing it, turning it into a zombie machine used for pumping out spam, launching denial-of-service attacks, or participating in other nefarious activities at the behest of the remote hackers.

On a given day in the period the report covered, there were an average of about 64,000 active bot computers, with China having the highest number.

If you thought you're seeing more and more junk mail, you're right. Spam makes up an astounding 59 percent of all email traffic, the report said, an increase of 5 percent over the first half of the year.

Intel privately shared parts of its roadmap for memory technologies through 2008. Intel’s progress on phase-change memory, PCM or PRAM, will soon be sampled to customers with mass production possible before the end of the year.

Phase-change memory is positioned as a replacement for flash memory, as it has non-volatile characteristics, but is faster and can be scaled to smaller dimensions. Flash memory cells can degrade and become unreliable after as few as 10,000 writes, but PCM is much more resilient at more than 100 million write cycles. For these reasons, Intel believes that phase-change memory could one day replace DRAM.

“The phase-change memory gets pretty close to Nirvana,” said Ed Doller, CTO of Intel’s flash memory group. “It will start to displace some of the RAM in the system.”

For its implementation of phase-change memory, Intel has since 2000 licensed technology from Ovonyx Inc.. The Ovonyx technology uses the properties of chalcogenide glass, the same material found in CD-RW and DVD-RW, which can be switched between crystalline and amorphous states for binary functions.

Every potential PCRAM memory maker thus far licenses Ovonyx technology. According to Ovonyx’s Web site, the first licensee of the technology was Lockheed Martin in 1999, with Intel and STMicroelectronics in the following year. Four years after that, Nanochip signed an agreement.  Elpida and Samsung were the next two in 2005, and Qimonda marks the latest with a signing this year.

Mozilla has issued another minor update to its Firefox 2.0 web browser. New for Firefox 2.0.0.3 is a single security fix that patches up a hole in the browser’s FTP PASV functionality. A malicious web page hosted on a specially-coded FTP server could use this feature to perform a rudimentary port-scan of machines inside the firewall of the victim.

Mozilla says that by itself this causes no harm, but information about an internal network may be useful to an attacker should there be other vulnerabilities present on the network. Also new in 2.0.0.3 are fixes to improve Web site compatibility.

The last time the Firefox was updated was less than a month ago when 2.0.0.2 was released to address issues with AutoComplete, how the "Save" dialog box displays for known file extensions, a bug where a mouse's scroll wheel would stop working, two memory leaks and a number of security-related concerns.

Firefox users can download 2.0.0.3 from Mozilla's homepage or use the auto update function within the browser.

PayPal has been dying! This has got the attention of the media. Which gets more attention from the general public. Which gets more attention of the media. Eventually it'll get the attention of law enforcement. With Enron and MCI going down, people realize again that just because you are a big publicly traded business doesn't mean you are honest. (FAR FROM IT!)

In addition, we've been getting interview requests from additional media. It started with Forbes several months ago. But as each of them pick up the story, so will 10 more. We now have reached "critical mass." We are too big to ignore anymore. So now the media has to pay attention. Now is the time to strike back harder than ever. Not with truck bombs or pipe wielding thugs but with our keyboards, telephones, and pens.

There are options here is but one.

As promised, Microsoft Corp. did not unveil any security fixes for March. But it did push out several other patches it deemed "high priority," including two for Windows Vista.

The last time Microsoft went a month without releasing security fixes was September 2005.

Among the four updates Microsoft pegged as "non-security, high-priority" today were the usual monthly revamp of the Microsoft Malicious Software Removal Tool and new signatures for the Outlook 2003 and Outlook 2007 antispam filters.

One Vista-specific update was also on the list, as was another that affected both XP and Vista.

The first, dubbed "March 2007 Windows Vista Application Compatibility Update," added compatibility "shims" -- code that makes an application think it's actually running on a pre-Vista PC -- for older Windows titles, including Trend Micro's Internet Security, Windows Server 2003 (SP1) Administration Tools Pack and RealNetworks' RealPlayer 6.0.12.

The second was another revision to the Windows Media Format 11 SDK (software developer's kit) code. In the associated support document, Microsoft said that the update corrected a problem that some portable music players had in synchronizing data with subscription services.

The rare no-patch Tuesday caught some security analysts and professionals trying to figure out how to spend their free time.

The SEC is serious in its effort to combat stock spam -- bulk e-mail messages pushing unknown stocks in get-rich-quick schemes. On Thursday, the federal agency suspended trading for 10 days in 35 stocks highlighted in spam campaigns.

By most accounts, spam now represents roughly 90 percent of all e-mail sent or received on the Internet, with stock-pushing spam accounting for as much as a third of all unsolicited commercial e-mail -- as many as 100 million e-mails each week, according to the SEC.

The kinds of e-mail that the SEC is pursuing usually push a company that has only a relatively small number of shares available to the public. The e-mails are readily recognizable with subject lines such as "Ready to Explode," "Ride the Bull," and the unsubtle "Fast Money."

Those spam victims who do buy the stock often find the value dropping quickly after the spammers have seen a spike in prices and sold their shares. The SEC said this could account for hundreds of millions of dollars in losses.

As one of several examples, the SEC cited Apparel Manufacturing Associates, Inc., which trades as APPM. It closed on a Friday in December of 2006 at $0.06 a share, with 3,500 shares traded.

After a weekend spam campaign, touting "huge news expected out of APPM," it spiked to $0.19 a share on Monday, with nearly 500,000 shares trading, before collapsing back down to $0.10 about a week later.

AV-Comparatives, a project in Austria overseen by security researcher Andreas Clementi, published the antivirus comparison report, which also looked at products from Symantec Corp., McAfee Inc., Kaspersky Lab Ltd., BitDefender, Fortinet Inc., F-Secure Corp. and several other antivirus products from smaller vendors.

In detecting Windows viruses, worms, macros, scripts and other OS threats, Microsoft ranked last out of the 15 vendors tested, detecting them 91 percent of the time. G Data Software AG's Anti-Virus Kit (AVK) ranked first with 99.6 percent detection, while products from three vendors-- Kaspersky Anti-Virus, MicroWorld Technologies Inc.'s eScan and F-Secure Anti-Virus-- tied for second with 99 percent detection. TrustPort Antivirus Workstation from AED Ltd. came in third with 98.9 percent detection.

In preventing intrusion through backdoors, Trojans and in other malware detection, Windows OneCare also ranked last out of 13 vendors, with 79.6 percent detection. TrustPort came in first at 99.5 percent detection; AVK came in second with 99.4 percent detection; and AVIRA GmbH's AntiVir Personal Edition Premium came in third with 98.9 percent detection.

If ranking low in its rates of malware and virus detection isn't enough to irk users, a recent update to the product has been quarantining the Outlook.PST file, which stores mail in Outlook and Outlook Express, users reported recently on a Microsoft Windows user form.

"This is the most unacceptable act Microsoft has ever committed," groused one user, with the log-in TG4752, on the forum. "I run a small business and I am screwed. I have no way to respond to e-mails because I made the mistake of trusting Microsoft... and all of my e-mails and contacts are gone."

Microsoft confirmed the problem and has patched it.

Meta Tag Generator 1.1

Meta Tag Generator 1.1 builds HTML META tags for better search indexing by robot-based search engines. In addition the software allows you to view the meta tags of the top 100 results for a given search query as retrieved from the Yahoo search engine.

SCSI vs SATA
       It is a relatively common belief that SCSI, or serial attached SCSI (SAS) in its newest incarnation, is faster than SATA for any and all situations. While this may be true for server usage patterns, and may have been true at one point for desktop applications, it no longer applies.

MTBF
      This is a measurement of a hard drive’s reliability that is often quite misunderstood. The MTBF, or mean time between failures, is a length of time that is achieved by monitoring failure rates for a large number of drives. For example, if drive A has a 600,000-hour MTBF and drive B has a 1.2 million-hour MTBF, don’t assume that drive A will last 68 years and drive B will last 137 years, it just isn’t going to happen.

SATA I/O
      The term ‘SATA II’ is often used, incorrectly, to indicate that a drive has a 300MB/sec interface. The organisation that penned out the features of the newest SATA standard was named ‘SATA II’ which is where the confusion came from; the name is now changed to SATA-IO in an attempt to stop manufacturers from using incorrect terminology.

NCQ
      Native command queuing, or NCQ, is a feature that has been included in many consumer SATA drives in the last few years. Command queuing is a technology that was introduced in 1994 as TCQ (tagged command queuing) with the SCSI2 standard, so it’s by no means a new development. The technology allows for significant performance improvements when used in server environments by reordering commands sent to the drive, optimising them so that there is as little head movement as possible when servicing the commands.

Full Article

Microsoft Corp. quietly deployed a patch to its Windows Live OneCare security suite earlier than expected to fix a bug that has erased some users' e-mail.

"On Sunday, March 11, the Windows Live OneCare team released a new anti-malware engine that will fix the issue of OneCare erroneously quarantining certain Outlook .pst or Outlook Express .dbx files when infected files were detected within them," a Microsoft representative confirmed today. "Windows Live OneCare customers whose PCs are connected to the Internet will automatically get this fix."

Last week, Microsoft responded to user complaints that their Outlook and Outlook Express mail had vanished by acknowledging the bug and naming today as the patch date. As complaints continued to mount, it released the patch ahead of schedule.

1) Create a text file and name it Backup.sql (or what ever you want).

2) Paste the below script in it:

DECLARE @BackupFile varchar(255), @DB varchar(30), @Description varchar(255), @LogFile varchar(50)
DECLARE @Name varchar(30), @MediaName varchar(30), @BackupDirectory nvarchar(200)
SET @BackupDirectory = 'E:\SQLBackup\'
--Add a list of all databases you don't want to backup to this.
DECLARE Database_CURSOR CURSOR FOR SELECT name FROM sysdatabases WHERE name <> 'tempdb' AND name <> 'model' AND name <> 'Northwind'
OPEN Database_Cursor
FETCH next FROM Database_CURSOR INTO @DB
WHILE @@fetch_status = 0

    BEGIN
    SET @Name = @DB + '( Daily BACKUP )'
    SET @MediaName = @DB + '_Dump' + CONVERT(varchar, CURRENT_TIMESTAMP , 112)
    SET @BackupFile = @BackupDirectory + + @DB + '_' + 'Full' + '_' +
    CONVERT(varchar, CURRENT_TIMESTAMP , 112) + '.bak'
    SET @Description = 'Normal' + ' BACKUP at ' + CONVERT(varchar, CURRENT_TIMESTAMP) + '.'

    IF (SELECT COUNT(*) FROM msdb.dbo.backupset WHERE database_name = @DB) > 0 OR @DB = 'master'
    BEGIN
    SET @BackupFile = @BackupDirectory + @DB + '_' + 'Full' + '_' +
    CONVERT(varchar, CURRENT_TIMESTAMP , 112) + '.bak'
    --SET some more pretty stuff for sql server.
    SET @Description = 'Full' + ' BACKUP at ' + CONVERT(varchar, CURRENT_TIMESTAMP) + '.'
    END
    ELSE
    BEGIN
    SET @BackupFile = @BackupDirectory + @DB + '_' + 'Full' + '_' +
    CONVERT(varchar, CURRENT_TIMESTAMP , 112) + '.bak'
    --SET some more pretty stuff for sql server.
    SET @Description = 'Full' + ' BACKUP at ' + CONVERT(varchar, CURRENT_TIMESTAMP) + '.'
    END
    BACKUP DATABASE @DB TO DISK = @BackupFile
    WITH NAME = @Name, DESCRIPTION = @Description ,
    MEDIANAME = @MediaName, MEDIADESCRIPTION = @Description ,
    STATS = 10
    FETCH next FROM Database_CURSOR INTO @DB
END
CLOSE Database_Cursor
DEALLOCATE Database_Cursor

Open scheduler and create a new task that calls the below command line:
            sqlcmd -S . -i "E:\Backup.sql"

Clean up Old Backup Files.

If you are running Windows Server 2003 you can also run a command utility to delete any files older then x number of days. This helps keep it cleaned up. Just paste this in a batch file and schedule the batch file.

echo on

rem First Delete old SQL Backup Files

FORFILES /p E:\SQLBackup /s /m *.* /d -3 /c "CMD /C del /Q @FILE"

rem pause

Windows contains a trap in which quite a few computers seem to get caught sooner or later. The trap was described in a Web article whose link no longer works (and also in another one mentioned below):

PIO mode is enabled by default in the following situations:

For repeated DMA errors. Windows XP will turn off DMA mode for a device after encountering certain errors during data transfer operations. If more that six DMA transfer timeouts occur, Windows will turn off DMA and use only PIO mode on that device.

In this case, the user cannot turn on DMA for this device. The only option for the user who wants to enable DMA mode is to uninstall and reinstall the device.

Windows XP downgrades the Ultra DMA transfer mode after receiving more than six CRC errors. Whenever possible, the operating system will step down one UDMA mode at a time (from UDMA mode 4 to UDMA mode 3, and so on).

If you're not interested in the details, but just want to fix this problem as quickly as possible:

1. Click here.
2. Despite any warnings click on the [Open] or [Execute] buttons as required to execute the file resetdma.vbs. (If you fear that this web site could be malevolent, you can use the manual method instead, which is described below. Or you could download, save, and inspect the program with an editor like the Windows Notepad. It is a script text file.)
3. If the program found any ATA channel to reset, reboot your computer and test all drives.
4. If the problem is still not solved, set the offending channel to PIO manually, reboot your computer, set the channel back to DMA, and reboot again.

Full article

Insulting the country's founder, Mustafa Kemal Ataturk, is a crime in Turkey punishable by prison.

Turk Telekom, the country's largest telecommunications provider, immediately began enforcing the ban Wednesday. Those who tried to access the YouTube site from Turkey encountered the message: "Access to this site has been blocked by a court decision!..."

"We are not in the position of saying that what YouTube did was an insult, that it was right or wrong," the head of Turk Telekom, Paul Doany, told the state-run Anatolia news agency. "A court decision was proposed to us, and we are doing what that court decision says."

A message in both Turkish and English at the bottom of the page said, "Access to http://www.youtube.com site has been suspended in accordance with decision no: 2007/384 dated 06.03.2007 of Istanbul First Criminal Peace Court."

The court — acting on a petition from Turk Telekom — ruled later Wednesday that it would revoke the ban as soon as it ascertained that the offending videos had been removed from YouTube. YouTube is owned by internet search engine giant Google.

In recent days, Turkish media publicized what some called a "virtual war" between Greeks and Turks on YouTube, with both sides posting videos to belittle and berate the other.

The video prompting the ban allegedly said Ataturk and the Turkish people were homosexuals, news reports said. The CNN-Turk Web site featured a link allowing Turks to complain directly to YouTube about the "insult."

On its front page on Wednesday, the newspaper Hurriyet said thousands of people had emailed YouTube and that the Ataturk videos had been removed from the site. "YouTube got the message," the headline said.