Slashdot Mirror

I skimmed more than 100 listing on Google and only managed to find two Microsoft patent lawsuits here and here. Amazingly both appear to be defensive counter suits!

Before you start to feel too safe, take a look here where they discuss microsoft's "range of software patents that the company can potentially use down the line to attack and try to restrict the development and distribution of open-source software". It mentions at least one known patent Microsoft can use to attack Linux. Bruce Perens, Hewlett-Packard Co.'s open-source and Linux strategist theorizes that "They are going to hold onto these patents until they see what happens with the antitrust case against them. Once that is resolved, they will then use them against the open-source industry."

Oracle tells the future.

I'll second that emotion.
It would be particularly unsettling if the same government that is now demanding sweeping domestic spying capabilities also ignored good evidence that a major terrorist attack was coming via the airlines to American soil, wouldn't it? It might be enough to make you wonder just what they want the increased surveillance powers for if they intentionally ignore the critical intelligence they're already getting from sigint and allied spy networks.

Did administration officials receive advance knowledge of attacks with frightening indifference ?

Did administration officials smother a friendly, timely warning with shocking obtuse ness

Did adminstration officials shitcan a timely bipartisan report on America's vulnerabilty to airborne terror because it did not suit their political agenda of pressing for utterly irrelevant Buck Rogers style intercontinental missile defense?

These people simply do not deserve to be trusted with broader powers. Take your pick of reasons to distrust them, they're all equally valid, probably. We should be considering instead how to limit the further damage they can do of granting them a permanent, legislated hold on what should be only "National State of Emergency" wartime powers to be granted in the last resort in a fight against a dangerous foe like Nazi Germany/ Kaisarean Germany before that or the Confederacy even earlier.

• On September 11, someone allegedly threatened the president with codes indicating inside knowledge of the president's whereabouts. If this story true, it means there is a traitor somewhere at a high level in the administration. If it's false, it means that the government is deliberately leaking false information, in an attempt not to make the president look bad.
• There is some evidence that there were warnings of the attack:
  Security heightened at WTC, Bin Laden warnings, State Dept. advisory
  Echelon warnings
  Israeli intelligence
  San Francisco Mayor Willie Brown
  A crazed Iranian in Germany
  A US army base in New Jersey
• Circumstantial evidence of the US training terrorists.

So why is it unreasonable to speculate about the US government?

"This was a miscalculation"

I would like to think that, and it very well may have been, even probably. But I find this report disturbing, to say the least.

Just ask Benign.

According to the intruder, who says he worked alone and doesn't belong to a hacking group, two insecure Windows 2000 (Win2K) systems on the periphery of Microsoft's network were used to gain entry to the company's firewalled corporate network. Besides being connected to the Internet, the vulnerable systems were "dual-homed" and linked to an intranet that was part of Microsoft's corporate network, said the man, who claimed to be a graduate student in his thirties.

GOD! I love Microsoft! They make it so EASY!

I think some Linux-folks recently beats AIX. Look at: http://www.newsbytes.com/news/01/169200.html

Dave Farber's mailing list passed along Microsoft's Hotmail Is Red Hot From Worm from Newsbytes

From small ISP bosses to world leaders and FBI agents:

CNN story about Ukraine President getting SirCam.

Newsbytes story about FBI agent w/SirCam.

see this register's article about smart tags;

http://www.theregister.co.uk/content/4/19943.html

Also, there is this interesting URL;

http://smarttags.manilasites.com/

This is an interesting story dealing with the legality of smart tags;

http://www.newsbytes.com/news/01/166676.html

When Napster made it's case before congress this spring.

It would be good for consumers, but the music industry will fight it to the death. They don't want anything that might harm $25 CD sales.

That also assumes that congress gets behind such an idea. But we already know that music industry 0wn5 congress.

With all this tracking going on (Facial recognition in Tampa Bay, EZ-Pass for speeding, etc.) companies with these so called "new and hi tech" gadgets are going to end up making criminals look to hi tech gadgets in the future. Something law enforcement will end up dreading more than radar detectors.

Or we'll all end up zombies who won't learn the difference between right and wrong, since tech will end up deciding for us, and law enforcement will end up becoming a large military since crime won't exist, so many will end up getting replaced by a gadget. I'm glad to see that politicians have started acting out against what's being done nowadays. There's a lot of room for abuse in tech too. (Echelon used to spy against Japan, Echelong used to spy on Airbus for Boeing [10.7], etc.)

Anyone ever watch the movie Patriot Games, when Harrison Ford is watching thermal imaging of an assassination taking place, or Enemy of the State? Last Saturday I was watching "Eyes in the Sky" on Discovery Channel about Satellite Communications, and the things they stated were scary.

So what's next for government? Implants to monitor your every move, heartbeat, body temp, all connected via GPS? Spoke too soon

Both the crappytire decision and the michaelbloombergsucks decision are listed at domainbattles.com.

The crappy tire decision links from this site:

• CrappyTire.com complaint denied WIPO decision
• CrappyTire decision Newsbytes

The site also has a link to the decision for the current topic:
MichaelBloombergSucks.com complaint denied NAF decision

http://www.newsbytes.com/news/01/166676.html

"Sanford said that the Smart Tags operate on an open architecture that will allow virtually any group to create a class of Smart Tag links, which Internet Explorer users in turn will be able to download and add to their files. Users will be able to determine whose Smart Tags they use under the IE platform, Sanford added."

"In the initial versions of IE 6.0, the Smart Tag technology will be set to a default setting of 'off.' Users who want to employ the technology will have to turn Smart Tags on, Sanford said."

oh?

Freenet coordinator Ian Clarke's side venture Uprizer says different. He scored
$4mil in April.

Uprizer looks like its trying to compete in the CDN realm. The idea is a good one, Freenet has a number of unknowns in it, ie content expiration, that wouldn't make it suitable for certain business applications. It probably trades off some of Freenet's anonymity requirements for certainity. Similar to the idea of businesses not using the Internet for applications that need guarenteed data rates, they don't use the commodity Internet they buy a dedicated circuit.

What's interesting about the document written by Felten and his associates is the fact that it goes into no details on how to actually circumvent SDMI, but just details the inherent weaknesses in the system.

This will be a very important verdict for free speech as a whole, and the case is being fast-tracked because the USENIX conference is quickly approaching (and because matters of this nature are usually treated in this fashion).

I found out about the teleconference through the 2600 web site, but I was shocked to hear some of the things that the EFF's Cindy Cohn said about 2600's lawsuits. According to her, the EFF has a better chance of winning this case because colleges are who the laws are "meant to protect", insinuating (at least to me) that 2600 has lost its cases because they're seen as hackers and subversives. That didn't leave a very pleasant taste in my mouth.

Cohn does make a very good argument for the case against the DMCA, saying that the RIAA needs to "stop interfering with the scientific process."

The conference was quite interesting, however. I really regret not recording it. There was definitely a good news media turnout. Hiawatha Bray of the Boston Globe, NewsBytes, NPR, AP, and a whole slew of independent radio and newspaper reporters that Roblimo completely has failed to mention.

Very informative. You all should have called in.

Though the link is correct, the bill number is 1846. (I submitted this damned story twice with the correct info. Sigh.)

There's a short but lucid writeup at Newsbytes

I especially like Grucci's quote:
[people who used anonymous services were]
"radical organizations are made up of loosely knit groups from across the country that endorse militant action in the name of a particular cause"

Yeah, in our Land of the Free, no one needs anonymous speech, because of our first amendment protections. Tell that to Keith Henson, $c|ent010gy protestor, if you can find him, since he fled to Canada...

Microsoft files a lot of patents. Microsoft is better known for being sued for infringing on the partner's patents than for suing over patents. Microsoft has sued other companies over patents. Microsoft has been accused many times of using patents as leverage against competitors. I recall a story from over five years ago of Microsoft slipping a clause into its site licensing agreements saying that licenees agreed not to sue Microsoft for using their patents: buy our software, give up your patents to us. I can't find a link though, so you can just take it as a rumor.

One might observe that Microsoft decreased the number of lawsuits it launched as publicity over their illegal and allegedly illegal activiates increased(the several DOJ trials, and the IRS trial.

Microsoft sues over the name of the Python language Microsoft sues over Compression Patent
Microsoft sues over mouse cable patent
FTC investigate Intel
Microsoft sues for access to patent
Microsoft fails to disclose CSS patent to W3C
Let's not forget Microsoft threatening to not release software for Apple's platform and the whole question of patents that Apple brought up. This is a really interesting story, but I don't have time to post more links. A quick google search should get you lots of background on the Apple vs. Microsoft thing.
Microsoft has so many patents they developed an in-house application to search and manage them.
Microsoft doesn't like look-alike mouse, claims infringment

There are also many more cases of Microsoft being sued for Patent infringment. But I won't bother to list them; typically they involve a small company who pitched their product to Microsoft only to be rejected and find that MS released a similar product a year later.

Microsoft files a lot of patents. Microsoft is better known for being sued for infringing on the partner's patents than for suing over patents. Microsoft has sued other companies over patents. Microsoft has been accused many times of using patents as leverage against competitors. I recall a story from over five years ago of Microsoft slipping a clause into its site licensing agreements saying that licenees agreed not to sue Microsoft for using their patents: buy our software, give up your patents to us. I can't find a link though, so you can just take it as a rumor.

One might observe that Microsoft decreased the number of lawsuits it launched as publicity over their illegal and allegedly illegal activiates increased(the several DOJ trials, and the IRS trial.

Microsoft sues over the name of the Python language Microsoft sues over Compression Patent
Microsoft sues over mouse cable patent
FTC investigate Intel
Microsoft sues for access to patent
Microsoft fails to disclose CSS patent to W3C
Let's not forget Microsoft threatening to not release software for Apple's platform and the whole question of patents that Apple brought up. This is a really interesting story, but I don't have time to post more links. A quick google search should get you lots of background on the Apple vs. Microsoft thing.
Microsoft has so many patents they developed an in-house application to search and manage them.
Microsoft doesn't like look-alike mouse, claims infringment

There are also many more cases of Microsoft being sued for Patent infringment. But I won't bother to list them; typically they involve a small company who pitched their product to Microsoft only to be rejected and find that MS released a similar product a year later.

Microsoft files a lot of patents. Microsoft is better known for being sued for infringing on the partner's patents than for suing over patents. Microsoft has sued other companies over patents. Microsoft has been accused many times of using patents as leverage against competitors. I recall a story from over five years ago of Microsoft slipping a clause into its site licensing agreements saying that licenees agreed not to sue Microsoft for using their patents: buy our software, give up your patents to us. I can't find a link though, so you can just take it as a rumor.

One might observe that Microsoft decreased the number of lawsuits it launched as publicity over their illegal and allegedly illegal activiates increased(the several DOJ trials, and the IRS trial.

Microsoft sues over the name of the Python language Microsoft sues over Compression Patent
Microsoft sues over mouse cable patent
FTC investigate Intel
Microsoft sues for access to patent
Microsoft fails to disclose CSS patent to W3C
Let's not forget Microsoft threatening to not release software for Apple's platform and the whole question of patents that Apple brought up. This is a really interesting story, but I don't have time to post more links. A quick google search should get you lots of background on the Apple vs. Microsoft thing.
Microsoft has so many patents they developed an in-house application to search and manage them.
Microsoft doesn't like look-alike mouse, claims infringment

There are also many more cases of Microsoft being sued for Patent infringment. But I won't bother to list them; typically they involve a small company who pitched their product to Microsoft only to be rejected and find that MS released a similar product a year later.

Microsoft files a lot of patents. Microsoft is better known for being sued for infringing on the partner's patents than for suing over patents. Microsoft has sued other companies over patents. Microsoft has been accused many times of using patents as leverage against competitors. I recall a story from over five years ago of Microsoft slipping a clause into its site licensing agreements saying that licenees agreed not to sue Microsoft for using their patents: buy our software, give up your patents to us. I can't find a link though, so you can just take it as a rumor.

One might observe that Microsoft decreased the number of lawsuits it launched as publicity over their illegal and allegedly illegal activiates increased(the several DOJ trials, and the IRS trial.

Microsoft sues over the name of the Python language Microsoft sues over Compression Patent
Microsoft sues over mouse cable patent
FTC investigate Intel
Microsoft sues for access to patent
Microsoft fails to disclose CSS patent to W3C
Let's not forget Microsoft threatening to not release software for Apple's platform and the whole question of patents that Apple brought up. This is a really interesting story, but I don't have time to post more links. A quick google search should get you lots of background on the Apple vs. Microsoft thing.
Microsoft has so many patents they developed an in-house application to search and manage them.
Microsoft doesn't like look-alike mouse, claims infringment

There are also many more cases of Microsoft being sued for Patent infringment. But I won't bother to list them; typically they involve a small company who pitched their product to Microsoft only to be rejected and find that MS released a similar product a year later.

Microsoft files a lot of patents. Microsoft is better known for being sued for infringing on the partner's patents than for suing over patents. Microsoft has sued other companies over patents. Microsoft has been accused many times of using patents as leverage against competitors. I recall a story from over five years ago of Microsoft slipping a clause into its site licensing agreements saying that licenees agreed not to sue Microsoft for using their patents: buy our software, give up your patents to us. I can't find a link though, so you can just take it as a rumor.

One might observe that Microsoft decreased the number of lawsuits it launched as publicity over their illegal and allegedly illegal activiates increased(the several DOJ trials, and the IRS trial.

Microsoft sues over the name of the Python language Microsoft sues over Compression Patent
Microsoft sues over mouse cable patent
FTC investigate Intel
Microsoft sues for access to patent
Microsoft fails to disclose CSS patent to W3C
Let's not forget Microsoft threatening to not release software for Apple's platform and the whole question of patents that Apple brought up. This is a really interesting story, but I don't have time to post more links. A quick google search should get you lots of background on the Apple vs. Microsoft thing.
Microsoft has so many patents they developed an in-house application to search and manage them.
Microsoft doesn't like look-alike mouse, claims infringment

There are also many more cases of Microsoft being sued for Patent infringment. But I won't bother to list them; typically they involve a small company who pitched their product to Microsoft only to be rejected and find that MS released a similar product a year later.

Microsoft files a lot of patents. Microsoft is better known for being sued for infringing on the partner's patents than for suing over patents. Microsoft has sued other companies over patents. Microsoft has been accused many times of using patents as leverage against competitors. I recall a story from over five years ago of Microsoft slipping a clause into its site licensing agreements saying that licenees agreed not to sue Microsoft for using their patents: buy our software, give up your patents to us. I can't find a link though, so you can just take it as a rumor.

One might observe that Microsoft decreased the number of lawsuits it launched as publicity over their illegal and allegedly illegal activiates increased(the several DOJ trials, and the IRS trial.

Microsoft sues over the name of the Python language Microsoft sues over Compression Patent
Microsoft sues over mouse cable patent
FTC investigate Intel
Microsoft sues for access to patent
Microsoft fails to disclose CSS patent to W3C
Let's not forget Microsoft threatening to not release software for Apple's platform and the whole question of patents that Apple brought up. This is a really interesting story, but I don't have time to post more links. A quick google search should get you lots of background on the Apple vs. Microsoft thing.
Microsoft has so many patents they developed an in-house application to search and manage them.
Microsoft doesn't like look-alike mouse, claims infringment

There are also many more cases of Microsoft being sued for Patent infringment. But I won't bother to list them; typically they involve a small company who pitched their product to Microsoft only to be rejected and find that MS released a similar product a year later.

Microsoft files a lot of patents. Microsoft is better known for being sued for infringing on the partner's patents than for suing over patents. Microsoft has sued other companies over patents. Microsoft has been accused many times of using patents as leverage against competitors. I recall a story from over five years ago of Microsoft slipping a clause into its site licensing agreements saying that licenees agreed not to sue Microsoft for using their patents: buy our software, give up your patents to us. I can't find a link though, so you can just take it as a rumor.

One might observe that Microsoft decreased the number of lawsuits it launched as publicity over their illegal and allegedly illegal activiates increased(the several DOJ trials, and the IRS trial.

Microsoft sues over the name of the Python language Microsoft sues over Compression Patent
Microsoft sues over mouse cable patent
FTC investigate Intel
Microsoft sues for access to patent
Microsoft fails to disclose CSS patent to W3C
Let's not forget Microsoft threatening to not release software for Apple's platform and the whole question of patents that Apple brought up. This is a really interesting story, but I don't have time to post more links. A quick google search should get you lots of background on the Apple vs. Microsoft thing.
Microsoft has so many patents they developed an in-house application to search and manage them.
Microsoft doesn't like look-alike mouse, claims infringment

There are also many more cases of Microsoft being sued for Patent infringment. But I won't bother to list them; typically they involve a small company who pitched their product to Microsoft only to be rejected and find that MS released a similar product a year later.

RTFA. If I didn't explain why I'd be flaming you so here goes:

Anti-Virus "experts" always assumed that they could apply biological models to computer viruses. But Mellissa != Polio. The reason (which they just figured out) is because there's always a computer that isn't protected but is connected to an infected computer, via the internet. I guess it's statistically inevitable.

The signifcance of it is that those small percentage (less then 1%) Mellissa infections maintain a persistence unlike meatspace viruses, which eventually go away when the numbers are that low. You have to admit that changes the scene a little for AV makers.

That's really the basic rundown of it but NewsBytes.com has a better write up of it . It seems more geared towards people like us. SecurityPortal reported this about a week ago. But check out the link I posted. Maybe it wont seem so boring.
"Me Ted"

Vice President Al Gore urged Congress on Monday to pass legislation that would require schools and libraries using federal subsidies for Internet access to block inappropriate material from children. "As we connect every school and classroom to the Internet, we must protect our children from the red-light districts of cyberspace," Gore said. http://www.techweb.com/news/story/TWB19980323S0011

And it passed: http://techlawjournal.com/censor/19990624.htm and allowed to stand by the Supreme Court. http://www.newsbytes.com/pubNews/00/149865.html. So for many rural and urban school districts, they don't have any choice. Censorship is required by law -- either that or back to a single dialup connection. :)

Of course, the school may not receive e-rate funding, in which case, they may be required by other local/state laws to filter access.

St. Petersburg Times - Tampabay: Cameras scanned fans for criminals. Super Bowl fans had their privacy invaded by the technology, critics say. Law officials cite security.

Is the new surveillance system the latest twist on Big Brother? Face-matching surveillance already is well established at more than 70 casinos. But the system's biggest opportunities lie in more benign functions: Identifying customers at ATMs or participants in welfare programs, and screening people who want to enter secure workplace areas.

At Raymond James Stadium, surveillance system cameras were focused only on people entering at turnstiles. No cameras were used inside to pan the fans inside. But cameras did sweep the crowds at the NFL Experience, indicating the growing reach of database systems to try and match faces even in large groups.

At UCLA, professor Borgman questioned the technical ability of a system to identify individual faces so quickly.

"If these surveillance systems spread, there may be a considerable margin of error in determining the identity of people who get snagged," she said. "And that is a big price to pay for your civil rights."

The FaceTrac(TM) core facial recognition technology provides the ability to locate faces, to build 'face print' templates and to recognize matches to images stored in a database. When integrated with G-TEC's law enforcement database, FaceTrac(TM) allows rapid search, comparison and identification of suspect facial photos within the database. FaceTrac(TM) may be used for surveillance with multiple locations networked to a high capacity site, for analysis and system-search results. G-TEC installed FaceTrac(TM) at the Raymond James Stadium as a single site system, integrated with a custom designed database and search result notifications for tracking faces in a crowd and monitoring access to secure areas.

The system used for the Super Bowl project, first reported yesterday by the St. Petersburg Times, was lent by companies seeking to market the technology to law enforcement agencies. Tampa police accepted the free use of the system as an experiment and worked with local and national police agencies to manage it during the week of the game, said Durkin.

Dave Watkins, managing director of Graphco Technologies Inc., said the event gave the company a chance to learn how the software would perform, which camera angles were most effective and how the lenses of the 20 video cameras should be focused in a public place.

The American Civil Liberties Union("ACLU") opposes the involuntary capture of biometric details, such as face-recognition data, DNA and retina scans. The organization, in its list of "Privacy Principles," considers the fingerprinting of convicted criminals a worthy exception.

"We are quickly moving to the point where law enforcement and the private sector will be able to identify us no matter where we go, no matter how anonymous we think we are," said Barry Steinhardt, the ACLU's associate director. "Not only is it going to rob us of our anonymity, but it's going to be used as a tool of law enforcement to round up 'the usual suspects' and to hassle people on the streets."

The practice is almost certainly legal, but it is in an emerging area of the law that has not been fully tested in court, said Harvard Law School professor Bill Stuntz.

Super Bowl 2001 fans were secretly treated to a mass, biometric scan in which video cameras tied to a temporary law-enforcement command centre digitised their faces and compared them against photographic lists of known malefactors.

Everyone entering Raymond James Stadium in Tampa, Florida last Sunday was subjected to the surveillance system cameras, set up at the entrance turnstiles. No notice or disclosure was ever given, and no one, therefore, had an opportunity to decline to enter the stadium if they should have objected to this unprecedented treatment.

[ ... ]

"The Company's face-recognition technology is unique because of its capabilities of both rapid and accurate real-time acquisition as well as its scalability to databases containing millions of faces. Therefore, the software can instantly calculate an individual's eigenface from either live video or a still digital image, and then search a database of millions in only a few seconds in order to find similar or matching images."

'Similar or matching.' This clearly acknowledges the possibility that innocent civilians going about their peaceable business may be stopped, hassled, even arrested, merely for resembling someone naughty. This raises sticky issues regarding the presumption of innocence many of us were encouraged to believe in during our grammar-school civics lessons. Is there a violation of this principle when a person is required to produce evidence that they are not, in fact, the evil bastard whom they unfortunately resemble?

Unknown to the 100,000 people who passed through the turnstiles at Sunday's Super Bowl, hidden cameras scanned each of their faces and compared the portraits with photos of terrorists and known criminals of every stripe.

In a command post at Raymond James Stadium in Tampa, Fla., the digitized images of fans and workers were cross-checked against files of local police, the "FBI" and state agencies at the rate of a million images a minute.

The cameras identified 19 people with criminal histories, none of them of a "significant" nature, Tampa authorities said. But the undisclosed first test of the technology at a major U.S. sporting event raised arguments about privacy versus security and questions about the future of such spying and its uses.

"Oh my God, it's yet another nail in the coffin of personal liberty," said Bruce Schneier, founder and chief technical officer of "Counterpane" Internet Security Inc., a security monitoring company.

"It's another manifestation of a surveillance society, which says we're going to watch you all the time just in case you might do something wrong," said Schneier, whose book "Secrets & Lies: Digital Security in a Networked World" warned of the increasing encroachment on civil liberties in high-tech society.

[ ... ]

Other applications are expected to include ATM machines and public events such as the 2002 Winter Olympics in Salt Lake City.

The weekend did not manage to quell the massive amounts of coverage the Microsoft infiltration continues to garner. Virtually every news organization has its own version of the Microsoft debacle, of which we've provided a sampling below. Meanwhile, we are left wondering why the crown jewels of Microsoft were left at the mercy of passwords. There are all sorts of other authentication technologies that we have no doubt Microsoft will be investigating. Perhaps utilizing the smart card support in Windows 2000 wouldn't be a bad idea. It's a shame it takes negative incidents like this to get people to consider security as a strategic business issue. Shame on you, Microsoft.

• The Wall Street Journal via MSNBC
• CNET
• MSNBC via ZDNet
• Reuters via Yahoo
• The Register

ou've heard it before and you'll hear it again. Threats are evolving. We've seen viruses retrieve and forward passwords before on a large scale, now they are becoming targeted and fast. Threat evolution is something that cannot be dealt with reactively; it must be part of infrastructure planning and design. Today, all attention is focused on Microsoft. The world's favorite target has fallen victim to a password-stealing virus that got a hold of passwords that can access the source code to upcoming versions of Windows and Office. It is unclear whether or not the perpetrators were able to use the passwords to actually access and manipulate the source code, however if the source code was accessed two questions remain. 1. Was the code manipulated in some way that could open the door for later attacks or other problems? Microsoft claims no, the code has maintained it's integrity. Other than to trust Microsoft's word we may never know the answer. 2. Does the ability for a criminal group to view the source code destroy the security by obscurity that is key to so many commercial software products? In the open source community, numerous hackers examine products and contribute solutions to flaws in the products. In the commercial world, many companies rely on their development team to produce secure code and then keep the source code secret to not only protect their intellectual property, but also to minimize potential attacks that could be launched against the product. In this case, the loss of security by obscurity could result in a criminal having intimate knowledge of the product development cycle to be able to develop targeted attacks on future Microsoft products. Regardless of the quality of Microsoft products, the mere fact that the company was able to recognize that this incident occurred is unfortunately unique. Many corporations might never know this had happened to them. In fact the ability to isolate the incident to specific networks or machine is quite difficult in many environments. The other interesting thing going on here is the Trojan horse attack. These attacks have been discussed for several years now and the current solution has been to use content filtering software to detect the attack. If you are one of the world's favorite targets, the Trojan horse writer will write the attack specifically at you. By the time the anti-virus companies know about the Trojan horse and are able to detect and stop it, it's too late. Unfortunately, it has taken a high profile incident like this for awareness to spread. One solution is to seperate general purpose computing such as internet surfing and email from sensitive computing such as accessing source code or controlling IT infrastructure. This is what the military does. They run 2 networks that are physically isolated from each other. A less expensive solution is to keep all executable content from reaching workstations such as executable programs, active HTML content, or documents that contain macros. This is difficult to acheive in reality so physical seperation is the the only way to be sure you are secure. The Wall Street Journal broke this story and pretty much everybody is currently running it. Look for more information and speculation to filter out through the rest of the day.

• Wall Street Journal via MSNBC
• Reuters
• CNNfn
• CNET
• Newsbytes
• AP via ABC News
• Reuters via Excite re: Microsoft Stock Price
• http://www.symantec.com/avcenter/venc/data/w32.hll w.qaz.a.html
• F-Secure's Qaz description via datafellows.com

No it's not. And it won't be for quite some time. Check out this page for the reason why, complete with actual numbers. Where I live (rural NH, USA), we won't have a high speed internet connection until/unless 2-way satellite systems come online at an affordable price. No way will I ever see cable or ADSL here, ever. Population density is simply too low.

Y'all might want to keep this article in mind while designing your web pages :-)

- sgage

Here is an aritcle with more details on the work being done:

http://newsbytes.com/pubNews/00/149716. html

In case anyone missed it, Howard King, the lawyer in this case has accused the metallica file sharers of being liars, because every one on them was 'making Metallica tracks available for upload'.
This man is a fool.
Additionally, what's to stop the profusion of the warez naming convention arising? How long before m3t4771c4 or similar is de-rigeur?

Potentially the most worrisome (at least to the general public), but least covered in the press of the recent cracker attacks against major websites, early Sunday crackers managed to replace the main page of www.rsa.com with their own message.

Here is the Newsbytes story.

newbytes is reporting on a fresh outbreak in Sonohomish County, WA.

I was given the address of the editor of Newsbytes by the fine people at ComputerCurrents.net.

Her name is Wendy Woods, wendy@newsbytes.com

I don't enjoy poster her personal email here, but she's an editor; she needs to take responsibility.

First, find a faster-loading version of the article at newsbytes, here. (Even in the original, author forgot to tell us who "Nelson" is).

Article does NOT blame Linux. It's just a minimally-retouched press release for an update to McAfee's CyberCop on Linux and Solaris.

The software update addresses some DDoS pattern(s), and that's all that's claimed in the article. Nobody is quoted as saying the attacks came from Linux computers. In fact, it's the same kind of story as the FBI's Linux and Solaris tools released yesterday. No FUD here.

McAfee and Dittrich (author of "FBI" tools) just don't have versions available to patch Windows. Maybe it's more difficult, which would make Linux look good. That's a good question for Dittrich.

Newsbytes also has a followup article here, although it's mostly similar.

First, find a faster-loading version of the article at newsbytes, here. (Even in the original, author forgot to tell us who "Nelson" is).

Article does NOT blame Linux. It's just a minimally-retouched press release for an update to McAfee's CyberCop on Linux and Solaris.

The software update addresses some DDoS pattern(s), and that's all that's claimed in the article. Nobody is quoted as saying the attacks came from Linux computers. In fact, it's the same kind of story as the FBI's Linux and Solaris tools released yesterday. No FUD here.

McAfee and Dittrich (author of "FBI" tools) just don't have versions available to patch Windows. Maybe it's more difficult, which would make Linux look good. That's a good question for Dittrich.

Newsbytes also has a followup article here, although it's mostly similar.

Seriously Slashdot gives way to much play to ZDNet articles and PCWeek. Why do we so rarely hear about articles from Information Week (sometimes from InfoWorld Electric), Newsbytes, First Monday, or IEEE Journals (hey, now the IEEE has NEWS FOR NERDS!).

Newsbytes is pretty pedestrian but the news is usually raw (uncooked, uninterpreted) and more appropriate for discussion.

There is an article on NewsBytes about this. I submitted this this morning to /. and the submission was rejected. Go figure.