is presently fighting off an incurable lung cancer, think I maybe winning (mesothelioma)
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
FBI shuts down hacked e-mail accounts
02/04/05
http://www.gcn.com/vol1_no1/daily-updates/35019-1.html
By Wilson P. Dizard III
GCN Staff
The FBI late Friday confirmed reports that parts of its fbi.gov e-mail system had been hacked.
“The FBI is aware of a compromise to a commercial e-mail system which hosts a limited number of fbi.gov accounts,” according to a bureau statement. “The e-mail service is provided by a commercial vendor.
“These accounts are used for nonsensitive, nonsecure communications and do not impact secure internal and external FBI e-mail accounts,” the statement continued. “The FBI has suspended use of these fbi.gov accounts pending completion of a review of the matter.”
An FBI official confirmed that some of the accounts involved were provided by AT&T Corp.
The hacking incident is the latest in a rough period for the bureau, during which its top IT leadership admitted that the FBI has wasted more than $100 million in a failed attempt to build a new case management system called Virtual Case File.
Anti-spyware tool to become standard issue for Windows
By William Jackson
GCN Staff
http://www.gcn.com/vol1_no1/daily-updates/35067-1.html
SAN FRANCISCO—Microsoft Corp.'s new AntiSpyware tool will be available at no charge to all Windows users, company chairman Bill Gates said today. "Spyware has been on the rise and is a very serious problem," Gates said during his keynote address at the RSA Security Conference. "All of our Windows licensees should have this capability." Gates also announced a new version of Internet Explorer that will include significant security upgrades, an antivirus product and more streamlined versions of software update systems. The initiatives follow the release five months ago of Service Pack 2 for Windows XP, a major security upgrade of the XP operating system. Gates said there have been 170 million downloads of the service pack. "That has gone super, super well," he said. But deployment in large enterprises is a long-term process that is far from complete.
"For our corporate users, we have a nuanced message," he said. "If you have machines that are behind a firewall, the urgency is not as great as for mobile machines that are going outside and hooking up." Microsoft AntiSpyware is a result of the company's acquisition in December of Giant Company Software. The company released the initial beta version last month and is readying a second beta now. "We have gotten very positive feedback on the beta," said Amy Roberts, Microsoft's director of security, business and technology. There is no date for a general release. "There is clearly a lot of work we have to do," she said. AntiSpyware includes a scanning and removal capability, as well as a blocker to halt the download of malicious programs. Microsoft is developing a library of signatures through the SpyNet system, which lets users report suspicious programs to company researchers.
There have been 6 million downloads of the first beta, and about 3 million of those users participate in SpyNet. Microsoft receives about 500,000 reports of suspicious code each day. The next version of Internet Explorer browser will be independent of next year’s release of the next Windows OS. Microsoft expects plans to roll out an Explorer beta by early summer. It will be available to all users of Windows XP running Service Pack 2. Security features in Version 6 of the browser, which the company released with Service Pack 2, focused on vectors of attacks, Roberts said. Version 7 will focus on preventing specific attacks, such as URL spoofing that can make phishing easy. The company wants to simplify updating software with the release of Microsoft Update. It will replace Windows Update. Update is a consumer service but provides only patches for the operating system. The new service will be broader and include patches for Microsoft Office and other applications. The beta is slated for release next month. Microsoft now is in the process of acquiring Sybari Software Inc. of East Northport, N.Y., which makes Antigen. Microsoft eventually will roll out its own antivirus product based on the Sybari tools. "Our plan, because Sybari solutions make use of multiple scanning engines, is to also include Microsoft's engine as one of them," Roberts said. This will be included in a product for release later this year, she said.
yaya! - t'Least somebody out there luvs us. LOL eom
Still floundering in the dark! eom/
Industry wants administration to focus on cybercrime
2/11/05
http://www.gcn.com/vol1_no1/daily-updates/35051-1.html
By William Jackson
GCN Staff
IT industry executives yesterday called for the creation of a presidential commission on organized cybercrime and identity theft.
The proposal was made during two days of talks between chief technology officers of prominent hardware and software companies and government policymakers and administration officials. The Business Software Alliance organized the meetings.
Among administration officials involved in the discussions were John Marburger, director of the White House Office of Science and Technology Policy; Phillip J. Bond, Commerce Department undersecretary for technology; and Karen Evans, the Office of Management and Budget’s e-government and IT administrator.
“We talked about a commission, which I think resonated with the administration,” Chris Voice, vice president of technology for Entrust Technologies Inc. of Richardson, Texas, told reporters afterward.
The concern is that eroding confidence in online transactions will slow adoption of new technology and devalue existing IT investments. Voice called this a “compelling macro-economic argument.”
“We don’t want to say the sky is falling, but it is something that should be addressed,” he said.
The commission would produce short-term recommendations for government, industry and consumers to raise awareness of threats and the defenses against them.
Christopher Bolin, CTO of McAfee Inc. of Santa Clara, Calif., said new examples of adware and spyware now outnumber conventional viruses among the malicious code the company identifies. They represent a more organized and more serious threat, he said.
“It’s a completely different guy at the other end than we’re used to dealing with,” he said. “He’s got a business plan.”
Laws already prohibit many kinds of spam and online fraud, and anti-spyware legislation has been introduced in Congress. But there is a limit to what legal sanctions can do.
“Technology has done more to stop spam than the law has,” said Robert A. Clyde, CTO of Symantec Corp. of Cupertino, Calif.
But laws provide a necessary deterrence and definition for malicious activity, and the executives said a presidential commission could help focus attention on the threats of cybercrime. It also could help deal with what Microsoft CTO Craig Mundie called the “porous borders of the Internet,” which make enforcement difficult.
“We’re asking the government to do what only government can do, which is engage with other governments,” Mundie said.
Other concerns discussed with government officials included government funding for basic research and development programs, education of a future IT workforce and reform of intellectual property laws, particularly the IT patent process.
PR gloves coming off?? - Allen's presentation will show how trusted computing, using
industry-standard security chip technology to defend the computing
platform against software-based attacks, promises to make the internet
safer terrain for enterprises, government and individuals ready to
engage in high value digital transactions. eom/
Interestingly! - Having reloaded the revamped TVT, it now works fine on my machine. eom/
Nearly fell outa' my ski's when I picked up the French banking
Wave adoption alert on this new WAP phone, seems we're picking up mega street cred' nicely here. eom/
cosign - TCG pals - Check this out! e/
http://securitypronews.com/articles/security/spn-23-20040908EmbeddedSystemsDesignerstoSeeTrustedComp...
Hipaa & IT! - Must be a nightmare scenario there - with more internal resignations per week, but some headway being made now, with Dr. Brailer pushing, it's no doubt a upward slog!!!- Like many large organisations they await the massive tpm deployment needed, and it's nicely fitting in with some of our own and other recent developements. eom/
01/08/05
National health IT chief sees 2005 as a breakthrough year
By Mary Mosquera
GCN Staff
Health systems and connectivity will soon let physicians, hospitals and other providers in the civilian world participate in interoperable regional health networks.
So contends Dr. David Brailer, the Bush administration’s national health IT coordinator. His office at the Health and Human Services Department coordinates $4 billion in federal health IT initiatives. Right now, Brailer’s team is studying industry responses to a request for information on how to build a medical Internet.
“I view 2005 as when we get the basic ideas in place and 2006 to build it, and in 2007, there’s going to be significant [electronic health record] adoption,” Brailer said.
Digitizing health information in private medical care also will help the government’s two chief medical services providers, the Defense and Veterans Affairs departments. The next step would be data integration among government and industry health care providers.
“We have a pressing need to exchange information with the private sector because an estimated 40 percent of veterans we treat each year get care outside of VA,” said Dr. Robert Kolodner, VA’s acting deputy CIO for health. “To give them the best care, we’d like to have all information from their health care providers outside of VA.”
Wow 2.9mill traded and up another 3 cents! - Heady stuff ...feeling a bit swimmy..think I'd better lie down. e/
Pre-Market Volume: 273,880
Last: $1.28 Pre-Market
Best Bid: N/A Pre-Market
High: $1.50
Pre-Market
Best Ask: N/A Pre-Market
Low: $1.15
Nice move! - Another half a dozen steps forward. eom
'ORC is pleased to be joining forces with Wave Systems in making available
trusted computing solutions embedded with ECA digital certificate capabilities
to all branches of government, and beyond," stated Daniel E. Turissini,
president and CEO of ORC.'
Hackers Tune In to Windows Media Player
By Ryan Naraine
January 10, 2005
4 comments posted
Add your opinion
Hackers are using the newest DRM technology in Microsoft's Windows Media Player to install spyware, adware, dialers and computer viruses on unsuspecting PC users.
Security researchers have detected the appearance of two new Trojans, Trj/WmvDownloader.A and Trj/WmvDownloader.B, in video files circulating on P2P (peer-to-peer) networks.
"When a user tries to play a protected Windows media file, this technology demands a valid license. If the license is not stored on the computer, the application will look for it on the Internet, so that the user can acquire it directly or buy it," Panda Software explained.
An unsuspecting user attempting to download the DRM (digital rights management) license will instead be redirected to a Web site that loads a large quantity of adware, spyware, modem dialers and other viruses, the company said in an advisory.
"It's pretty ingenious," said Patrick Hinojasa, chief technical officer at Panda Software. "To take an anti-piracy feature and use it to feed spyware is extremely ironic."
Hinojasa told eWEEK.com that the use of Windows Media files as a spyware vehicle is another sign that virus writers and companies supporting spyware are looking for new entry points to infect computers.
"In this case, they're using technology meant to secure content. It just shows that the more bells and whistles you add to the technology, the more you open doors for the bad guys," he said.
Even though these Trojans have been detected in video files on P2P networks such as Kazaa or eMule, Hinojasa warned that these files can be distributed via e-mail, FTP or other Internet download avenues.
Ben Edelman, a Harvard University student who tracks and comments on the spyware scourge, also spotted the spyware-laden media files. In a research note, Edelman posted a demonstration of the exploits and warned that users with older versions of Windows will receive "confusing and misleading messages" regarding the DRM licenses.
After attempting to download the DRM, Edelman said: "On a fresh test computer, I pressed Yes once to allow the installation. My computer quickly became contaminated with the most spyware programs I have ever received in a single sitting."
"All told, the infection added 58 folders, 786 files and an incredible 11,915 registry entries to my test computer. Not one of these programs had showed me any license agreement, nor had I consented to their installation on my computer," he added.
Check out eWEEK.com's Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's Weblog.
OT wavxmaster - As an old ex ski-racer! - Trees and rocks on mountains are forever a danger,I feel especially keenly for Tony, yourself and family, hopefully he was helmeted and with his being fit,was able on falling to mitigate some obstacle collisions. Regards Boom
barge - I think the clever money is very much aware IMHO. e/
eamonnshute - A great accolade! - Well done!! e/
awk - So that it seems is the finish of the freebie TVTonic tryout! eom
Would be very interesting to know how many workers/management at Microsoft, are presently Wavx shareholders? eom/
Maybe ties in with the WXP unexplained delay, for TVT SP2 users! e/
secur! - Have faith comrade, have faith. The force is with us. LOL e/
Whatever! - An excellent start to our finest year IMHO e/
Nice sized bids being met! e/
Maybe need to remove + re-download TVT with Win SP2. eom
kitesurf! - TVT is that still pre SP2, or is there a fix available now? eom
Two's up on that Hammy!!!! eom
The buying begins! eom
OT rick! - Muchas gracias. ;?0 eom
Disapointing intregation progress 2004 year for HIPAA and associations despite new appointments - has to improve! E-commerce will suffercate under the malicious internet crud unless there's a awareness tech' turnaround IMO. e
Will 2005 Bring a Safer Internet?
By Larry Seltzer
December 24, 2004
Opinion: I want to be optimistic, but the security situation—including spam, bugs, browser holes and spyware—is bound to get worse before it gets better.
Sometimes writing about security is just too easy. Making predictions about next year is like this in some ways.
Let's pick some of the low-hanging fruit early. Even though most spam-tracking companies show that spam already comprises 75 percent or more of all e-mail, that proportion will go up in 2005. We are approaching the situation in which, I have always assumed, users will begin to withdraw from e-mail because it is so unpleasant.
It seems to me that the consensus number at the end of last year was at or just above 50 percent, so I'll assume it will go up another 50 percent of legit percentage, up to 87.5 percent. Of course, with an overall number like that, there will be many days where 95 percent or more of all e-mail is spam. No matter how good filters are, more and more is going to get through.
Fed up with spam? Read eWEEK.com's special report "Canning Spam."
Will authentication, the last great hope to save e-mail, make a difference? We can hope that by the end of 2005 it will have taken deep roots, but will we be in a position where domains can really begin blocking and rejecting mail that isn't authenticated? That's the ultimate goal, and I think it will take longer.
Perhaps this is some more low-hanging fruit. You might have noticed that December has so far been a gangbusters month for vulnerability reports. Microsoft is well-represented, not just on its own controversial December patch day, but with a separate report about the Windows Firewall and an independent report about Internet Explorer.
But it's not just Microsoft. We've also had reports this month of vulnerabilities in products from Cisco and Veritas, along with the Samba file-sharing system.
There were separate reports about the PHP Web programming system and Mozilla-based Web browsers. And let's not forget the 16 serious holes Apple reported early this month.
December must have been the most bug-ridden month of 2004, but researchers tell me that inventories of unpublished vulnerabilities are running high. I think that months like December will become more the norm than the exception in 2005.
We'll need some new metric to quantify this, but I think the average number of vulnerabilities reported per month in 2005 will increase substantially over 2004.
On a related point, we and others have been reporting that usage of the Firefox browser has been increasing rapidly. I'm actually skeptical of the numbers, but let's take them for granted for the sake of argument.
If they're true, then Firefox and Mozilla are on track to reach the point of penetration where malware programmers will begin targeting them specifically.
I don't want to overstate things—Firefox has a long way to go before its problem list rivals that of Internet Explorer, but it does have problems, some of them serious. I pointed to a new one just above, and there are other fairly recent ones here, here, here and here.
It's not hard to imagine attacks on Mozilla and Firefox originating with spam messages aimed at them. "Subj: Attention Firefox Users - Sign Up for Update Notification" or something along those lines. What, you think only IE users are stupid enough to click through?
Speaking of user error, most of us pundits a year ago predicted an increase in phishing, but boy, was there an increase in phishing! Most of it is rather unimaginative stuff, simply trolling for Paypal account information.
I've seen an increase recently in the cleverness of these attacks and I think the attackers have barely scratched the surface of what is possible. So, look for another large increase in the volume of phishing attack e-mails, but look especially for an increase in the quality of the attack.
Spyware got annoying enough in 2004 for the mainstream security industry to start ramping up to attack it, either through their own products or through buying established anti-spyware/-adware companies (as Computer Associates did with PestPatrol).
Look for the security industry to try to push new anti-spyware products, especially in the corporate market. In fact, this has already begun.
Click here to read about Microsoft's acquisition of anti-spyware startup Giant Company Software.
I hope, but won't predict, that buyers reject getting shafted on this anti-spyware scam. This is a function that the anti-virus companies should have taken on all along as part of what their products do. I'll dig further into this subject soon.
To quote Peter Coffee quoting Bill Gates, "There is a tendency to overestimate how much technology will change in the next two years, and a similar tendency to underestimate how much things will change in the next 10 years."
Ten years ago, most of us barely had our feet wet in the Internet. Who would have thought it would be such a hostile place and that so much of our attention would be spend trying to protect ourselves from criminals running rampant? I can't predict that it will be a safer place a year from now, but it will have to be in 10 years; there's a limit to how much of this security stuff we can all tolerate.
Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.
Check out eWEEK.com's Security Center at http://security.eweek.com for security news, views and analysis.
OT Vacationhouse - Amongst all our 'focussed' members of this Wavx investment board, you are indeed our shining light - thank you! Your humility shames us all. Eom
Jaybeaux - don't worry he's amongst friends - there's quite a few here that rode the $50 rocket ride and back LOL. eom
Good to see some hearty Wavx action occurring, especially of the 4 mill sort. e/
Big mistake imo! to underestimate Wave's humongous potential markets here, talk of buyouts will vanish as the road widens, Wave Systems it is said - is going all the way, and maybe just perhaps we will be doing the buyin' JMO eom
Nice work kitesurf! - Better out than in. Lol e/
Well done Flyer! - Best of luck & health with your better half.
eom
Wow guys! - looks like there's been some action going on here, better go check it out. eom
OT Thanks yaya! - roll on the tideth, Hold the fort guys! -away on my Monoshee sabatical, back for xmas. e/
This volume takes the biscuit! - many currents swirling here! IMO e/.
Still think! - Something's screwy, with half a mill traded, I do know I would have given my back teeth to have originally bought in at these prices. eom
Maybe early xmas bargain shopping. eom
Yes! - But 200k @ .79 already seems strange