bruce_the_loon writes "They have blamed viruses. They have blamed neighbors. They have accused police of planting it. In rare cases, they have admitted downloading it. This is the first time someone has accused a cat of downloading child porn onto their computer. This seems like a defense almost too stupid to be made up."

An anonymous reader sends news from The Washington Post's Security Fix blog of a new Trojan horse program that takes click fraud to the next level. The Trojan, dubbed FFsearcher by SecureWorks, was among the pieces of malware installed by sites hacked with the Nine-Ball mass compromise, which attacked some 40,000 Web sites this month. The Trojan takes advantage of Google's "AdSense for Search" API, which allows Web sites to embed Google search results alongside the usual Google AdSense ads. (SecureWorks' writeup indicates that Yahoo search is targeted too, but the researchers saw no evidence if the malware redirecting Yahoo searches.) While most search hijackers give themselves away on the victim's machine by redirecting the browser through some no-name search engine, FFsearcher "...converts every search a victim makes through Google.com, so that each query is invisibly redirected through the attackers' own Web sites, via Google's Custom Search API. Meanwhile, the Trojan manipulates the victim's PC and browser so that the victim never actually sees the attacker-controlled Web site that is hijacking the search, but instead sees the search results as though they were returned directly from Google.com (and with Google.com in the victim browser's address bar, not the address of the attacker controlled site). Adding to the stealth is the fact that search results themselves aren't altered by the attackers, who are merely going after the referral payments should victims click on any of the displayed ads. What's more, the attackers aren't diverting clicks or ad revenue away from advertisers or publishers, as in traditional click fraud: They are simply forcing Google to pay commissions that it wouldn't otherwise have to pay." If FFSearcher were the only piece of malware on the machine, it would have a better chance of staying under the radar.

theodp writes "An AP review of visa applications has found that major US banks sought permission to bring thousands of foreign workers into the country under the H-1B visa program, even as the banking system was melting down and Americans were being laid off. The dozen banks now receiving the biggest rescue packages, totaling more than $150 billion, requested visas for more than 21,800 foreign workers over the past six years. (It's not known how many of these were granted; the article notes 'The actual number is likely a fraction of the... workers the banks sought to hire because the government only grants 85,000 such visas each year among all US employers.') The American Bankers Association blamed the US talent pool for forcing the move, saying they couldn't find enough Americans capable of handling sales, lending, and bank administration. The AP has filed FOIA requests to force the US Customs and Immigration Service to disclose further details on the bailed-out banks' foreign hires."

netizen writes "CircleID is reporting a large-scale DDoS attack affecting all of Network Solutions' name servers for the past 48 hours, potentially affecting millions of websites and emails around the world hosting their domain names on the company's servers. The NANOG mailing list indicates that it is due to a very large-scale UDP/53 DDoS which Network Solutions has also confirmed: 'There is a spike in DNS query volumes that is causing latency for the delay in web sites resolving. This is a result of a DDOS attack. We are taking measures to mitigate the attack and speed up queries.""

OSCON isn't just a gathering for talks on topics like Creating Location-aware Web 2.0 Applications on an Open Source Geospatial Platform and fightin' words from the stage; it's also an excuse for some interesting social gatherings, like this year's Community Choice awards (organized and sponsored by the corporate overlords at SourceForge, as you might recall, and with Slashdot's own special category), at which, among other festive activities, attendees were offered the chance to get open-source-related tattoos. There are shots of some of these up on the SourceForge Community pages, and — with some overlap — even more in this set at Flickr. (My pasty bicep^h^h^h^h^h shoulder is the one now adorned with a circled head of a happy Tux ala IBM; I was expecting it to hurt more than it actually did.) Anyone with techie tattoos, please disclose below.

An anonymous reader writes "Despite all the media reports that your Facebook profile is giving the wrong impression, a psychological study shows people really can understand your personality from your online profile. Turns out you're not giving the wrong impression with your profile; you're giving the right impression to the wrong people. You can actually learn more about someone's Agreeableness from their online profile than from a first date."

Brooklyn Bob points out this fascinating obituary of David Caminer, the first systems analyst. "The tea company he worked for developed their own hardware and software — in 1951! Quoting New Scientist: 'In today's terms it would be like hearing that Pizza Hut had developed a new generation of microprocessor, or McDonald's had invented the Internet.'"

An anonymous reader writes "A GoDaddy Vice President has been caught bidding against customers in their own domain name auctions. The employee Adam Dicker isn't just any GoDaddy employee; he's head of the GoDaddy subsidiary that controls the auctions. Dicker won some of the domains he bid for, and pushed up the bid price on auctions he didn't win. The conflict of interest is unethical, but could this practice also be illegal? Said a representative for a competitor, 'Even if controlled, that practice has bad news written all over it.' This comes hot on the heels of news that despite earlier promises to ICANN to end their 60-Day ban on transfers, GoDaddy quietly circumvented it by forcing customers to agree to the ban anyway. ICANN doesn't appear to be investigating or asking follow-up questions about this. What can be done to force ICANN to police the registrars for which it is responsible?"

An anonymous reader submits news of Netgear's release of the "open source Wireless-G Router (model WGR614L), enabling Linux developers and enthusiasts to create firmware for specialized applications, and supported by a dedicated open source community. The router supports the most popular open source firmware; Tomato and DD-WRT are available on WGR614L, making it easier for users to develop a wide variety of applications. The router is targeted at people who want custom firmware on their router without worrying about issues, and enjoy the benefits of having an open source wireless router."

An anonymous reader writes "The MPAA must be celebrating. According to the BitTorrent news site Slyck.com, the Department of Justice is proclaiming their first P2P criminal copyright conviction, against an Elite Torrents administrator. The press release notes, 'The jury was presented with evidence that Dove was an administrator of a small group of Elite Torrents members known as "Uploaders," who were responsible for supplying pirated content to the group. At sentencing, which is scheduled for Sept. 9, 2008, Dove faces a maximum sentence of 10 years in prison.'"