Sony Releases New Stupid Device *NSFW* 3
The biggest waste of money in years.
Submission + - Gromozon rootkit widespread in Italy
Anonymous writes: Gromozon is a vicious piece of malware which installs on a users PC and does almost every craft trick available to avoid detection and removal, including creating its own user account, using rootkit technology, renaming its files, and a whole host of other nasty things. And its certainly popping up on the radar out there in the security community.
But now these Gromozon jerks have gone a step further making the program itself seem like its authored by someone else a legitimate security researcher.
Of all things, the authors of this malware have inserted code in Gromozon which implicates Marco Giuliani of authoring it! Marco is a perfectly upstanding security researcher who, in fact, created a Gromozon removal tool for PrevX.
The whole story is readable here http://www.pcalsicuro.com/main/2006/11/gromozon-or a-va-sul-personale/ and an analysis of this threat, widespread in Italy and in other countries but still underestimated by italian and international press, can be read here http://www.pcalsicuro.com/gromozon.pdf
Submission + - Government Clearance to be Required to Leave US
adam.dorsey writes: If the Department of Homeland Security gets its way, you will be required to pass a background check in order to leave or enter the United States via airliner or cruise ship. The actual proposal can be found here. (Warning: PDF file)
From the bill:
"Alternatively, air carriers may adopt, in conjunction with CBP, APIS Quick Query (AQQ) — a system that
allows the carriers to vet passengers individually during the check-in process. These changes will enhance the ability of CBP and other law enforcement agencies to plan and coordinate a more effective response to intercept high-risk individuals before boarding aircraft and before vessels depart." ...
"These proposed changes would further enhance the government's capability to counter terrorist threats to the United States, the carrier industry, and the
international traveling public by increasing that capability to a level necessary to meet more fully the protective purpose of the statutory requirements of section 115 of the Aviation Transportation Security Act, the Enhanced Border Security and Visa Entry Reform Act of 2002, and the Intelligence Reform and Terrorism Prevention Act of 2004. Further background on the purpose and need may be found in the preamble to this proposed rule." (emphasis mine.)
Kinda creepy, huh? At least we'll stop them damned terrorists, right? Right?
From the bill:
"Alternatively, air carriers may adopt, in conjunction with CBP, APIS Quick Query (AQQ) — a system that
allows the carriers to vet passengers individually during the check-in process. These changes will enhance the ability of CBP and other law enforcement agencies to plan and coordinate a more effective response to intercept high-risk individuals before boarding aircraft and before vessels depart."
"These proposed changes would further enhance the government's capability to counter terrorist threats to the United States, the carrier industry, and the
international traveling public by increasing that capability to a level necessary to meet more fully the protective purpose of the statutory requirements of section 115 of the Aviation Transportation Security Act, the Enhanced Border Security and Visa Entry Reform Act of 2002, and the Intelligence Reform and Terrorism Prevention Act of 2004. Further background on the purpose and need may be found in the preamble to this proposed rule." (emphasis mine.)
Kinda creepy, huh? At least we'll stop them damned terrorists, right? Right?
Submission + - Botnet Spam Getting Out of Hand
Anonymous Coward writes: "From Infoworld http://weblog.infoworld.com/gripeline/archives/200 6/11/botnet_spam_get.html
Well, at least I'm not the only one who feels like the spammers are winning. Since I wrote last week about our struggles with link spam here, the evidence has been mounting that spam in general has been increasing at an alarming rate in just the last month. And the cause of all these woes is the growing menace of botnet attacks.
E-mail security vendor Postini reports the amount of spam it intercepted in October was up 59 percent over September and that as of yesterday 91 percent of all e-mail traffic consists of unwanted messages. Last week it was reported that spam blacklist maintainer Total Quality Management Cubed has seen 450 percent more spam in the last two months.
And there's no question where all this additional spam is coming from. "We can see it's coming from the bots," says Daniel Druker, executive vice president of marketing for Postini. "The part of our system that tracks this type of attack are just off the charts over the last six weeks. It's gotten to the point now where in any 24-hour period we'll see a million different IP addresses being used in coordinated attacks, and 50,000 operating at any given instant. We're starting to get emergency calls from large organizations that are finding that they simply can't handle the spam problem on their own anymore."
Of course, if everyone had effective security software on their computers, there wouldn't even be a botnet problem because there'd be no zombies for the bots to control. Since that day isn't likely to dawn anytime soon, though, how do we keep the botnets from making e-mail worthless for us all? One reader pointed to an interesting discussion in this regard by Ed Felton. Part of the problem, he says, is there simply isn't enough discussion about botnets outside the security business. The more people are made aware of the bots are doing to us, the more likely they will defend their computers against being taken over.
So, by all means, let's discuss botnets, because seeing that I'm not alone in suffering from their attacks doesn't make me feel all that much better. What do you think can be done to rescue the Internet from this rapidly growing scourge?"
Submission + - Free Mobile Service in Europe
Al Briggs writes: "An new mobile phone service has been announced for Europe. The service will be aimed at a youth market and will allow free calls and texts to users who have advertising on their phones. More details can be found on the website blyk.com (click on ABOUT) they will launch first in the UK in July 2007. Ovum has interesting analysis on the chances of success."
Submission + - Proof patent applications aren't even read
An anonymous reader writes: In the annuals of patent absurdity we've seen patents on peanut butter and jelly sandwiches, methods for pushing swings, one click buttons, etc.. Given this history one would think that that the patent office doesn't even read the applications. Well, finally there is proof in section 9 of this patent application.
9. The method of providing user interface displays in an image forming apparatus which is really a bogus claim included amongst real claims, and which should be removed before filing; wherein the claim is included to determine if the inventor actually read the claims and the inventor should instruct the attorneys to remove the claim.
What Ways Can Sites Handle Spambot Attacks? 75
Amazing Quantum Man asks: "I'm a member of a site devoted to nitpicking TV shows and movies. It has always had an open posting policy — no registration required, and you could use any name you wanted. This policy was instituted way back in 1998, and led to some quite fun, freewheeling threads on various boards. Recently, we have come under spambot attack, with spambots posting links to gambling and porn sites on every single discussion board on the site. The admins have been trying to block IPs, but it's useless against a botnet. As a defense, it looks like the site is going to require registration, and disable anonymous posting. Many regulars, while they understand the need, are concerned that the freewheeling character of the site will be lost. Let me continue by saying that I'm not a site admin, merely a member there. Also, if it helps, the site in question is running Discus. Has anyone here been in a similar situation? How did you handle it, and what did it do to the 'culture' of your site?"
