Slashdot Mirror

← Back to Domains

Domain: eweek.com

Stories and comments across the archive that link to eweek.com.

Stories · 701

  1. MS Research Automates Search Engine Spam Hunt

    · posted by ryuzaki0 · from the i'm-all-for-less-junk dept. · 68 comments
    Barbie Dollar writes "Researchers at Microsoft are working on an ambitious new project to hunt down and neutralize large-scale search engine spammers. The project, called Strider Search Defender, automates the discovery of search spammers through non-content analysis. The project integrates technology from two previous Microsoft Research prototypes (Strider HoneyMonkey and Strider URL Tracer) and promises a new approach to removing junk results from search engine queries."

  2. Virus Trackers Find Malware With Google

    · posted by ryuzaki0 · from the bug-hunters dept. · 113 comments
    Casper the Angry Ghost writes "Malware hunters have figured out a way to use the freely available Google SOAP Search API, as well as WDSL, to find dangerous .exe files sitting on thousands of Web servers around the world. Queries can be written to examine the internals of web-accessible binaries, thus allowing the hunters to identify malicious code from across the internet." From the article: "We're finding literally thousands of sites with malicious code executables. From hacker forums, newsgroups to mailing list archives, they're all full of executables that Google is indexing. About 15 percent of the results came back from legitimate Web sites hijacked by malicious hackers and seeded with executables."

  3. OSS Web Stacks Outperformed by .Net?

    · posted by ryuzaki0 · from the sad-penguin dept. · 349 comments
    Gimble writes "eWeek has an article up that looks at the performance of portals using open source stacks and comparing them to their MS equivalents. The article's conclusion is that .Net outperforms the open source stacks, mainly because of its tighter integration, but also notes that running the open source stacks on Windows (WAMP) delivered strong performance." From the article: "Based on our forays into user forums for many top open-source enterprise applications, there are many IT managers attempting to run open-source products on Windows servers--attracted, no doubt, to the benefits and efficiencies of using open source without having to become Linux administrators. The results of our WAMP stack tests indicate that these folks might be on to something."

  4. Voice Phishing Hits PayPal

    · posted by ryuzaki0 · from the eight-six-seven-five-three-zero-nine dept. · 191 comments
    Chai Vanilla writes "The latest social engineering phishing attack is now using phones instead of fake web sites. Identity thieves have spammed fake PayPal account compromise warnings to lure users into dialing a phone number and giving up credit card information. Unlike normal phishing e-mails, there is no URL or response address. Instead, the e-mail urges the recipient to call a phone number and verify account details."

  5. Microsoft's Open XML Project A Short-Term Fix

    · posted by ryuzaki0 · from the patching-a-sinking-ship dept. · 94 comments
    TechPro writes "In an interview with eWeek the managing director of the ODF Alliance (Marino Marcich) was pretty dismissive of Microsoft's Open XML Translator project. While the move was a recognition of the ODF Format's acceptance by government's around the world, the installable software plug-ins that would be created under the project were really 'only a bridge, a stopgap measure that will probably not be acceptable to government's around the world over the long term. Plug-ins simply don't give the benefits of open file formats and standards,' he said."

  6. Undetectable Rootkits Through Virtualization?

    · posted by ryuzaki0 · from the two-rooted-plants-die dept. · 237 comments
    techmuse writes "eWeek has an article about a prototype rootkit that is implemented using a virtual machine hypervisor running on top of AMD's Pacifica virtualization implementation. The idea is that the target OS, or software running on it, would not be able to detect the rootkit, because the OS would be running virtualized on top of the rootkit. The prototype is supposed to be demonstrated at the Syscan conference and the Black Hat Briefings over the next month."

  7. New Continuous Support System

    · posted by ryuzaki0 · from the minding-the-store dept. · 75 comments
    An anonymous reader writes "eWeek is reporting on a new continuous open-source support system that helps to keep tabs on your mission-critical applications by providing constant diagnostic monitoring. The system is designed to match specific 'signatures' from your applications to a database of over 200,000 possible 'problem' signatures and alert the user for correction or analysis. From the article: 'SourceLabs' Continuous Support System features what Sebastian calls "adaptive diagnostic probes" that are fully integrated and configured for customer environments. The probes identify production issues and begin to gather diagnostic information to help get to the root of the problem, he said. Indeed, the probes can be configured so that as soon as a problem occurs, the SourceLabs support team extracts system information to find and resolve the problem. And the system includes a database of more than 200,000 signatures of problems that might occur.'"

  8. Automated Tiered Storage Coming to Desktops?

    · posted by ryuzaki0 · from the not-the-droid-jpgs-you're-looking-for dept. · 110 comments
    roj3 writes "Tiered storage has been the scourge of administrators because the vendors tell us to hold meetings with all departments and then classify data to storage tier based on its type or relative importance. eWeek has a story about a new approach to tiered storage — sorting it all by usage patterns. Regularly used data goes on high-performance storage, idle data goes on slower/cheaper storage. Volumes and files even span several types of drives or RAID levels. Is automated tiered storage headed to desktops?"

  9. Google Video Runs Ads & Shares the Profits

    · posted by ryuzaki0 · from the well-isn't-that-sweet-of-them dept. · 80 comments
    god4twenty writes "Google announced yesterday that they are testing ads on videos on the Google Video service, matching capabilities that other video services have had for a while. Up to now, Google Video uploaders could make their video available either for a fee or for free. The new ad-laced videos are available on Google Video's "free today" section. The new ads appear as banners above the video.

    When the test concludes, Google plans to run auctions where advertisers bid to have their ads displayed on each video. The ad revenue will be split with the video owner. "     Time for me to start collecting phat bank from the videos I have up there.

  10. Internet Search Company Execs Disagree on Future Search Technology

    · posted by ryuzaki0 · from the 4-people-with-5-opinions dept. · 74 comments
    Techie writes A panel of search engine executives at the Supernova 2006 conference in San Francisco agreed that there is still much that can be done to enhance the user's search experience, but seemed unable to agree on much else.

  11. Microsoft's Mundie to Continue OSS Outreach

    · posted by ryuzaki0 · from the so-much-excitement-for-one-guy dept. · 244 comments
    Techie writes "In an interview with eWeek Craig Mundie, Microsoft's new co-head-honcho and chief research and strategy officer, says he plans to continue to push the Redmond software titan forward with its goal of greater interoperability with software licensed under the GPL." From the article: "Even in Bill's own public remarks, he pointed out that he thought his iconic status and the way that was reported tended to overemphasize his role in the company's innovation and execution. This is really a transition that has been in the works for a couple of years, with a couple to go before, and we will see the emergence of a lot of great talent that has today been portrayed as all Bill. This is a company with, in many cases, the best people in the world. "

  12. Microsoft Confirms Excel Zero-Day Attack

    · posted by ryuzaki0 · from the 0day-warez-is-fun-to-say-though dept. · 199 comments
    Guglio writes "Eweek has a story about a new, undocumented Excel flaw that is being used in a targeted attack against an unnamed business. The latest zero-day attack comes just two days after Patch Tuesday (coincidence?) and less than a month after a very similar, 'super, super targeted attack' against business interests overseas. The back-to-back zero-day attacks closely resemble each other and suggest that well-organized criminals are conducting corporate espionage using critical flaws purchased from underground hackers."

  13. Microsoft Calls for Truce With GPL and Linux?

    · posted by ryuzaki0 · from the dogs-and-cats-you-know-the-drill dept. · 464 comments
    An anonymous reader writes to mention an eWeek article discussing Microsoft's efforts to reach out to the open source community. The company is hoping to find a common ground with softare released under the GPL, so that OSS and Microsoft products can interoperate. From the article: "The goal, from both sides, is to meet customer needs, he said, adding, 'This is just the more mature view of the way the world is evolving, and we want to make sure that if customers are choosing Linux or other open-source-based products that we have ways of interoperating and working effectively with that.'" A related article mentions Windows server Expert Jeremy Moskowitzs' call for a truce between the Linux and Windows communities.

  14. Microsoft Calls for Truce With GPL and Linux?

    · posted by ryuzaki0 · from the dogs-and-cats-you-know-the-drill dept. · 464 comments
    An anonymous reader writes to mention an eWeek article discussing Microsoft's efforts to reach out to the open source community. The company is hoping to find a common ground with softare released under the GPL, so that OSS and Microsoft products can interoperate. From the article: "The goal, from both sides, is to meet customer needs, he said, adding, 'This is just the more mature view of the way the world is evolving, and we want to make sure that if customers are choosing Linux or other open-source-based products that we have ways of interoperating and working effectively with that.'" A related article mentions Windows server Expert Jeremy Moskowitzs' call for a truce between the Linux and Windows communities.

  15. Web 2.0, Meet .Net 3.0

    · posted by ryuzaki0 · from the higher-number-means-better-code dept. · 177 comments
    An anonymous reader writes to mention an eWeek article about Microsoft's move to rename WinFX to .Net Framework 3.0. Microsoft has also announced the availability of the beta version of the MSDN Wiki, the company's first step toward allowing customers to contribute to Microsoft's developer documentation. From the article: "It is purely a branding change, company officials said. The gist of the issue is that Microsoft has two successful developer brands in WinFX and .Net, and the company has seen 320,000 downloads of WinFX -- and 700 signed GoLive licenses -- since the December Community Technology Preview, and more than 35 million downloads of the .Net Framework since the November launch. "

  16. Working Model of MIT $100 Laptop a Hit

    · posted by ryuzaki0 · from the encheapening dept. · 440 comments
    capt turnpike writes "The One Laptop per Child association and its chairman, MIT Media Labs's Nicholas Negroponte, unvelied a working model of their $100 laptop at the Massachusetts Innovation and Technology Exchange (MITX) show, and the little laptop that might was a hit. It's got a version of Fedora Linux, is rugged, and each unit will work as part of a wireless mesh automatically. From the article: "However, as Negroponte put it in his address, One Laptop per Child isn't all about the laptops. The main goal is to tap into the ability of every child to toss away a manual and figure out how to make gadgets work on their own, thus helping children help themselves to learn." eWEEK.com also has photos."

  17. Working Model of MIT $100 Laptop a Hit

    · posted by ryuzaki0 · from the encheapening dept. · 440 comments
    capt turnpike writes "The One Laptop per Child association and its chairman, MIT Media Labs's Nicholas Negroponte, unvelied a working model of their $100 laptop at the Massachusetts Innovation and Technology Exchange (MITX) show, and the little laptop that might was a hit. It's got a version of Fedora Linux, is rugged, and each unit will work as part of a wireless mesh automatically. From the article: "However, as Negroponte put it in his address, One Laptop per Child isn't all about the laptops. The main goal is to tap into the ability of every child to toss away a manual and figure out how to make gadgets work on their own, thus helping children help themselves to learn." eWEEK.com also has photos."

  18. Adobe Threatens Microsoft With Suit

    · posted by ryuzaki0 · from the waving-a-big-stick-around dept. · 362 comments
    lseltzer writes "Adobe has threatened an antitrust suit against Microsoft, over PDF writing in Office 2007. Adobe wants Microsoft to separate the feature and charge extra for it. Microsoft has agreed to remove PDF writing, but won't charge extra." From the eWeek article: "In February, Adobe Chief Executive Bruce Chizen told Reuters he considered Microsoft to be the company's biggest concern. 'The competitor I worry about most is Microsoft,' Chizen said at the time. Adobe's PDF technology lets producers create and distribute documents digitally that retain designs, pictures and formatting. "

  19. OpenSUSE 10.1 Review: "Versatile but Uneven"

    · posted by ryuzaki0 · from the those-darn-lab-boys dept. · 38 comments
    capt turnpike writes "Calling it 'solid,' the eWEEK.com lab boys tested OpenSUSE 10.1. The upshot? FTA: "We appreciated the ambitious scope of OpenSUSE 10.1's configuration tools, but we also ran into some areas in which Yast's reach frustratingly exceeded its grasp." What does that mean for Novell's newest version of Linux? And when will it catch up numerically to Apple, which is already at 10.4.6?"

  20. Symantec AntiVirus Hole Found

    · posted by ryuzaki0 · from the safer-than-sorry dept. · 241 comments
    Hotwater Mountain writes "eWeek has a story about a gaping security flaw in the latest versions of Symantec's anti-virus software suite that could put millions of users at risk of a debilitating worm attack. According to eEye Digital Security, the company that discovered the flaw, the vulnerability could be exploited by remote hackers to take complete control of the target machine 'without any user action.'"

  21. MS Word Zero-Day Exploit Found

    · posted by ryuzaki0 · from the don't-do-any-work-today dept. · 396 comments
    subbers writes "A zero-day flaw in Microsoft Word program is being used in an active exploit by sophisticated hackers in China and Taiwan, according to warnings from anti-virus researchers. The exploit arrives as an ordinary Microsoft Word document attachment to an e-mail and drops a backdoor with rootkit features when the document is opened and the previously unknown vulnerability is triggered. From the article: 'The e-mail was written to look like an internal e-mail, including signature. It was addressed by name to the intended victim and not detected by the anti-virus software.'"

  22. Sun Announces $100k Contest for Grid App Developers

    · posted by ryuzaki0 · from the win-some-megabucks dept. · 80 comments
    C-Shalom writes "EWeek reports that Sun announced a contest where developers can compete for $100k in prizes for developing applications that utilize the Grid. This is in addition to 100 free CPU hours on the Grid. From the article: 'Sun is hosting a competition where developers can compete for $50,000 in prize money. The winners of the Sun Grid Compute Utility Cool Apps Prize for Innovation contest will be determined based on the software they develop on the grid, MacRunnels said. Sun is planning additional contests for later in the year, which will bring the total potential winnings to $100,000.' The press release contains more info not included in the article."

  23. Apple Patch Released, But Is It Enough?

    · posted by ryuzaki0 · from the conflicting-viewpoints dept. · 338 comments
    entenman writes "Apple Computer's security update train rumbled into the station with fixes for a whopping 43 Mac OS X and QuickTime vulnerabilities. The Security Update patches 31 flaws in the Mac OS X, most of them serious enough to cause 'arbitrary code execution attacks.'" Unfortunately, InfoWorldMike writes "InfoWorld.com reports that Independent researcher Tom Ferris said there were still holes in Safari, QuickTime, and iTunes that he reported to Apple but were not patched in the latest release on Thursday. Ferris told InfoWorld he is considering releasing the details of the unpatched holes on May 14 on his Web site. He also says he has found new holes in OS X affecting TIFF format files and BOMArchiver, an application used to compress files. He did not provide details about the flaws or proof of their existence."

  24. The Dark Side of Paid Search

    · posted by ryuzaki0 · from the is-the-darkside-stronger-no-no-quicker-easier dept. · 125 comments
    Tough Lefty writes "A new study by McAfee's SiteAdvisor Web ratings finds that sponsored results from some of the biggest names in the search engine business contain spyware, spam, scams and other Internet menaces. The key findings were that major search engines returned risky sites in their search results for popular keywords and sponsored results contained two to four times as many dangerous sites as organic results. Overall, MSN search results had the lowest percentage (3.9%) of dangerous sites while Ask search results had the highest percentage (6.1%). Google was in between (5.3%). Check the comprehensive study for all the data."

  25. Microsoft To Automate Malware Classification

    · posted by ryuzaki0 · from the virus-a947qalpha dept. · 124 comments
    Kuzulu Kuhuru writes "Researchers in Microsoft's anti-malware engineering team are using distance measure and machine learning technologies to automate the process of classifying new strains of computer viruses, Trojans and other malicious software programs." From the article: "Microsoft's proposal will take a 'holistic approach' to tackle the classification problem, Lee said, pointing out that the machine learning aspects will deal with everything, from knowledge consumption, representation and storage, to classifier model generation and selection. It aims to consume knowledge about the malware sample efficiently and automatically and represent that knowledge in a form that results in minimal information loss. "

  26. Dell Cheating on the Direct-Sales Model?

    · posted by ryuzaki0 · from the i-won't-tell-if-you-won't dept. · 116 comments
    capt turnpike writes "Despite its CEO saying that the direct model is the company's 'religion', according to eWEEK.com, Dell seems to be moving away from direct sales and working with value-added resellers." From the article: "Still, 'they'll never admit it or make [the channel] a formal program,' said one analyst who asked not to be identified. 'If you look at Dell's stock versus HP's, part of the difference has to do with Dell's reputation for owning the customer. There's a sense they own the entire margin and have higher profits because they sell directly. It makes them appear more valuable to Wall Street.'"

  27. Vendor Pays OSS Developers for Enterprise Support

    · posted by ryuzaki0 · from the hard-niche-to-fill dept. · 73 comments
    Anonymous Coward writes "eWeek is reporting that a company called OpenLogic is paying qualified experts in the open-source community to provide enterprise support for projects they are intimately familiar with. OpenLogic calls its new initiative its Expert Community program."

  28. Oracle Patch Day Becoming Irrelevant

    It · Security · · posted by Zonk · from the patches-on-patch-day-seems-logical dept. · 76 comments
    mocirac wak writes "Oracle's scheduled quarterly patch day is becoming more and more irrelevant. Oracle critical patches announced in the April 2006 CPU are still not available for download and the ETA is now set for May 15. The whole idea of a patch day was to let DBAs get prepared for testing and deployment. What's the use of having a patch day when there are no patches to download?" From the article: "... Oracle's explanation that patch testing is not yet done points to serious shortcomings and an absence of a good patch development process. 'For such a big organization with a lot of financial resources, they should be ready to handle this without problems. But they are amateurs on everything security related,' Cerrudo said. 'They spend a lot of time creating these patches. Then, patch day comes around and the patches aren't available. Then, when the patches are finally released, it's normal to find that they are incomplete and fail to address the actual vulnerability,' he added."

  29. Will Sun Open Source Java?

    · posted by ryuzaki0 · from the free-coffee dept. · 700 comments
    capt turnpike writes "According to eWEEK.com, there's an internal debate going on at Sun whether to open-source Java. (Insert typical response: "It's about time!") Company spokespersons have no official comment, as might be expected, but perhaps we could hear confirmation or denial as early as May 16, at the JavaOne conference. One commentator said, "Sun should endorse PHP and go one step forward and make sure the 'P' languages run great on the JVM [Java virtual machine] by open-sourcing Java." Would this move Java up the desirability scale in your eyes? Could this be a way to help improve what's lacking in Java?"

  30. IT Certification Less Important Now?

    · posted by ryuzaki0 · from the i-never-valued-it-in-the-first-place dept. · 459 comments
    lpq writes "IT certifications, popular after the dot-com bust, seem to be hurting careers now according to this article in the current Eweek.com issue. Guess employers are getting hip to the idea that those who don't have experience or can't "do", get certified..."

  31. Apple Grooming Next Gen of Executives

    · posted by ryuzaki0 · from the execs-2.0 dept. · 120 comments
    capt turnpike writes "The modern Apple as we know it -- the good one with open-source Darwin, with Unix-based OS X, and so on -- was mainly the creation of NeXT: Steve Jobs, Avie Tevanian and Jon Rubenstein. What's going to happen to Apple once this troika leaves? eWEEK.com looks at the orderly transition out of Jon and Avie and asks whether things could go as smoothly should Jobs need to retire." From the article: "At some companies, such a loss of leadership could leave the company with a power vacuum or a lack of direction. However, Apple seems to be conscious that no single person--except, perhaps, CEO Steve Jobs himself--is irreplaceable, and that new talent can always be groomed for the future."

  32. OpenBRR Launches Closed Open-Source Group

    · posted by ryuzaki0 · from the education-in-small-pieces dept. · 63 comments
    An anonymous reader writes "eWeek is reporting that SpikeSource co-founder and CTO Murugan Pal and the Open Business Readiness rating have launched a new initiative designed to maximize open-source software knowledge across organizations. While they are targeting corporate and Wall Street CIOs and IT directors as members, the current plan is not to open membership of the new OpenBRR Corporate Community to all, but to offer it on an invitation-only basis 'to ensure that only trusted participants are coming into the system,' Pal said. This would allow members to discuss sensitive issues and share information without having to worry that it would be made widely public, he said."

  33. First 802.11n Products Breaking Out

    · posted by ryuzaki0 · from the new-protocols-sooo-exciting dept. · 105 comments
    capt turnpike writes "If you're hooked up to a fat pipe, but want mobility, it looks like the new 802.11n standard might have some promise. eWEEK.com got their hands on some of the upcoming products and put the new devices through their paces." From the article: "The 802.11n task group is aware of the current draft's issues with legacy wireless LAN devices (specifically with how 802.11n shares bandwidth with attached legacy clients), and representatives from Cisco and Motorola broke off to look into the issues before the next meeting of the draft subcommittee, which is scheduled for May. Expectations vary widely, depending on whom you talk to. In previous conversations with Dave Borison, Airgo's director of product marketing, we leaned that Airgo is not making chip sets based on the draft standard because the company thinks the issue of legacy interoperability is significant enough to necessitate small modifications to the silicon."

  34. DARPA Funded Startup to 'Bird-Dog' Rootkits

    · posted by ryuzaki0 · from the tails-of-woe dept. · 124 comments
    Ski_Bird writes "DARPA is funding a startup the supposedly has a unique approach to detect rootkits. The startup, Komoku, is ready to 'emerge from stealth mode with hardware and software-based technologies to fight the rapid spread of malicious rootkits.' They have a PCI card that doesn't necessarily determine that a rootkit is installed, only that the O/S has changed dramatically enough to warrant investigation. Microsoft, however, demonstrated a rootkit running in a virtual machine outside of the user's O/S workspace that made detection impossible."

  35. Microsoft to Patch Problem Patch

    · posted by ryuzaki0 · from the just-don't-screw-up-the-repatch dept. · 156 comments
    slowroller writes to mention an eWeek article about a new patch to fix issues raised in their most recent release. From the article: "The company's plan is to target the rerelease only to Windows users who are affected. In a blog entry, Toulouse said the company's patch deployment technologies will have "detection logic" built into them to only offer the revised update to customers who don't have MS06-015 or are having the problem. The glitches, which Microsoft claims affect only a tiny fraction of the 120 million installations of the patch, stem from a new binary called VERCLSID.EXE that validates shell extensions before they are instantiated by the Windows Shell or Windows Explorer. On systems running Hewlett-Packard's Share-to-Web software, Sunbelt's Kerio Personal Firewall and some NVIDIA Drivers, users complained that the new binary stopped responding."

  36. Microsoft Admits to Hiding Flaw Details

    · posted by ryuzaki0 · from the on-a-need-to-know-basis dept. · 147 comments
    Spongeform writes "eWeek has an interview with a Microsoft security official admitting to hiding details on software vulnerabilities that are discovered internally. The reason? Microsoft believes that full disclosure of every security-related product change only serves to aid attackers. However, companies using host-based IPS that rely on flaw information to build signatures are basically left at risk because of Microsoft's silent fixes."

  37. Red Hat CEO Matt Szulik Explains the JBoss Deal

    · posted by ryuzaki0 · from the his-boss-wears-a-red-hat dept. · 37 comments
    Anonymous Coward writes "eWeek has an interview with Red Hat CEO Matt Szulik about the JBoss acquisition, where he says he approached Marc Fleury about the deal, never discussed the Oracle negotiations with him, and positions Red Hat as the next generation enterprise technology company." From the article: "It certainly broadens our product portfolio into an adjacent market, the middleware market. Over the last 18 months we heard growing requests from government and commercial accounts that had JBoss and were using Tomcat and Hibernate and wanted Red Hat to take a more direct position in that market. They also wanted the service competencies that we can deliver globally."

  38. Microsoft's Security Disclosures Come Under Fire

    · posted by ryuzaki0 · from the full-and-we-mean-full dept. · 150 comments
    Old Banana writes "Is Microsoft silently fixing security vulnerabilities and deliberately obfuscating details about patches in its monthly security bulletins? Matthew Murphy, a security researcher who has worked closely with the MSRC (Microsoft Security Response Center) in the past, is accusing the software maker of 'misleading' customers by not clearly spelling out exactly what is being patched in the MS06-015 bulletin released on April 11."

  39. Return of the Web Mob

    · posted by ryuzaki0 · from the cement-shoes-for-everyone dept. · 146 comments
    Parore writes "eWeek is running a story about the return of the web mob, highlighting all the similiarities between the online attacks and the real-world mafia. From the article: "Black hat hackers have set up e-commerce sites offering private exploits capable of evading anti-virus scanners. An e-mail advertisement intercepted by researchers contained an offer to infect computers for use in botnets at $25 per 10,000 hijacked PCs. Skilled hackers in Eastern Europe, Asia and Latin America are selling zero-day exploits on Internet forums where moderators even test the validity of the code against anti-virus software."

  40. Microsoft 'URL Tracer' Hunts Typosquatters

    · posted by ryuzaki0 · from the i-always-kinda-find-it-flattering dept. · 124 comments
    TonioSop writes "Microsoft Research has released a new tool to help pinpoint large-scale typosquatters that are known to be gaming pay-per-click domain parking services. The lightweight prototype, called Strider URL Tracer, builds on the work within Microsoft's Cybersecurity and Systems Management group to keep tabs on a sophisticated typosquatting scheme that uses multilayer URL redirection to make money from Google's AdSense for domains program. "

  41. Microsoft Says Recovery From Malware Becoming Impossible

    · posted by ryuzaki0 · from the angry-little-viruses dept. · 631 comments
    An anonymous reader wrote to mention an eWeek Story about Microsoft's assertion that PCs may no longer be able to recover from the most aggressive Malware. From the article: "[Danseglio] cited a recent instance where an unnamed branch of the U.S. government struggled with malware infestations on more than 2,000 client machines. 'In that case, it was so severe that trying to recover was meaningless. They did not have an automated process to wipe and rebuild the systems, so it became a burden. They had to design a process real fast,'."

  42. Eolas COO Says IE Changes A Shame

    · posted by ryuzaki0 · from the buh-wuh-huh dept. · 235 comments
    capt turnpike writes "Hot on the heels of Microsoft's announcement of a 60-day period in which Web developers will have to change their pages' architecture, the COO of Eolas, the company whose suit forced these changes, gives an interview to eWEEK.com in which he says these changes are a disappointment. Confused? From the article: 'There is no court order forcing Microsoft to do anything. Anything that is being done is of Microsoft's own choosing,' His position is that publicizing these forced changes strengthens MS's case."

  43. Hackers Serving Rootkits with Bagles

    · posted by ryuzaki0 · from the worm-in-the-apple dept. · 150 comments
    Iran Contra writes "Security researchers at F-Secure in Finland have discovered a rootkit component in the Bagle worm that loads a kernel-mode driver to hide the processes and registry keys of itself and other Bagle-related malware from security scanners. Bagle started out as a simple e-mail borne executable and the addition of rootkit capabilities show how far ahead of the cat-and-mouse game the attackers are."

  44. BBC Site Used as IE Attack Lure

    · posted by ryuzaki0 · from the reads-good-enough-to-be-true dept. · 83 comments
    capt turnpike writes "The hits just keep coming... according to eWEEK.com, someone is using actual excerpts of BBC news stories to 'launch drive-by downloads of bots, spyware, back doors and other Trojan downloaders.' One example is a story blurb masking the download and installation of a keylogger -- with no user interaction. And it doesn't even tell you it loves you."

  45. Anti-malware Vendors Stare Down Microsoft Threat

    · posted by ryuzaki0 · from the angry-eyes dept. · 207 comments
    Captain Rose writes "Matt Hines at eWEEK has stepped up to report the other side of the story CNET inked recently on the perceived death knell that Vista will deliver to independent anti-spyware vendors. There's definitely a fight in store (David v. Goliath), though who knows how long we'll have to wait to see it play out now that Vista's delayed yet again. Is this a bit of foreshadowing on how the new Microsoft OS will address the self-replicating, zero-day spyware threats?" From the article: "Most industry watchers concede that it will be hard for Microsoft to easily displace the enterprise security businesses of leading vendors such as Symantec, McAfee and Trend Micro, which market integrated packages of applications to companies wishing to solve long lists of problems. However, for firms that are focused on only one of those problem areas, analysts said, Vista and the other Microsoft security products could pose a significant threat."

  46. MS Gives 60-Day Deadline to Web Devs

    · posted by ryuzaki0 · from the annoyances-and-other-wastes-of-time dept. · 375 comments
    capt turnpike writes "Since losing the patent case filed by Eolas, Microsoft has to change radically the way IE works with a lot of content, especially video and other ActiveX controls. eWEEK is reporting that Microsoft has gotten a one-time, 60-day extension in which developers and companies can try to re-engineer their Web pages and ads to work with the new regime. If devs don't make that deadline, users could face pages asking them to activate much of the content, plus ads."

  47. Two Unofficial IE Patches Block Attacks

    · posted by ryuzaki0 · from the egg-is-good-for-the-complexion dept. · 233 comments
    Pentrex writes "eWeek reports that two well-respected Internet security companies (eEye and Determina) have released unofficial patches to correct the vulnerability being exploited to load spyware, bots and Trojan downloaders on Windows machines. Microsoft isn't sanctioning the third-party patches, which include source code for review. As always, the advice is to weigh the risks before opting for an unofficial hotfix."

  48. Office Delayed, Too

    · posted by ryuzaki0 · from the not-quite-ready dept. · 463 comments
    turnitover writes "And you thought calling it 'Office 2007' was just to make it seem all future-like -- but according to eWEEK.com's Mary Jo Foley, turns out calling it is truth in advertising: Office 2007 won't ship until 2007. What does this mean for Microsoft and its reputation as a company that can eventually ship software? What will this mean for office managers who have to plan upgrades and budgets? Will this make anyone look at OpenOffice.org?"

  49. Highly Critical Hole Found in IE

    · posted by ryuzaki0 · from the must-be-thursday dept. · 336 comments
    dotpavan writes "Eweek reports on a highly critical MS Internet Explorer hole found by Secunia Research's Andreas Sandblad. The vulnerability is due to the processing of the "createTextRange()" method call applied on a radio button control. From Secunia, "The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2." The vulnerability has also been confirmed in Internet Explorer 7 Beta 2 Preview (January edition) though it could be avoided by turning off Active Scripting, as suggested by Microsoft Security Response Center blog. How would this put MS in the market, hit by the ever-growing shots of vulnerabilties? And would the divorce of IE7 from Vista's Windows Explorer help?"

  50. Novell to Develop Cross-Platform Data Center Tools

    · posted by ryuzaki0 · from the say-that-ten-times-fast dept. · 36 comments
    Anonymous Coward writes to tell us eWeek is reporting that Novell is currently working on a new suite of tools that will assist in the management of data centers across Windows, Unix, and Linux environments. From the article: "The tools also help users maximize server utilization by setting up a series of workload policies based on the business application resources required. The project, currently titled "The policy-driven adaptive data center," will leverage virtualization, identity management and resource management to deliver a flexible and adaptive data center."