SkiifGeek writes: "The Australian Federal Government plan to introduce national-level Internet censorship may already be floundering in the parliament, but now Anonymous have set their sights on the government and will be taking currently-unpublicised actions today to try and get their demands met, namely the resignation of current Communications Minister, Stephen Conroy, and the abolition of the blacklist that forms the basis of the censorship plan. In a country famed for its laid back attitude towards life, are Anonymous' actions going to have a long term result?"
Despite only a very limited amount of data being publicly available, fG! complied and removed the posts, citing "One thing is certain, you can't acomplish security by obscurity ! You can't simply stop knowledge because these days information flows at a bigger rate than ever. Disclosure is the only way to improve products!".
Even though the information is too specialised and focused in attention to have been widely reproduced, it was still online long enough for at least Google to cache the complete list of now-suppressed data and for a number of individuals to privately replicate the data. fG! follows up with the following caution for those trying to reproduce the cached but missing entries "About Pace? I'm in contact with their lawyer and I have been asked to remove all information about this. If you have mirrored the three Pace posts and code (I?m pretty sure I'm not the only one who mirrors important info right away) please do not make it publicly available. Pace will wave you with DMCA and it's not worth the trouble. Keep it for yourself, please".
SkiifGeek writes: "Does anyone really care when a company deletes content from its website or blog without notice and without leaving evidence that it ever existed? What if that company was an Antivirus vendor and the blog is a valuable source of information on developments in the fight against malware, what then?
McAfee recently did just that, pulling an entry at their Avert Labs blog, but not before it appeared briefly in the site's RSS feed. Despite the very short period of time that the content was actually available, it was still captured by some sites. A Google search shows a number of sites that were able to scrape the content before it could be pulled completely, including, ironically, a McAfee site that republishes the Avert Labs blog as part of its content.
Why would McAfee pull the content — what could be controversial enough in it to lead to it being pulled?
Are claims that the reason why there is so much malware is that AV vendors and developers have been so successful at blocking attacks enough to warrant deletion? What about trying to convince developers of legitimate software that packers and protectors are not valid tools anymore (just because malware authors use them)? Or even that use of these tools is going to place legitimate software at greater risk of false positive detection or delay in releasing the software and that it will mean it is viewed with suspicion?
The full deleted posting and deconstruction of the conflicting arguments presented within it can be found here."
Microsoft's single update (MS09-017) addresses fourteen distinct vulnerabilities across all supported versions of PowerPoint, but it isn't how many vulnerabilities that are patched that is causing trouble. Instead, the decision to release the patch for Windows versions while OS X and Works versions remain vulnerable to the same remote code execution risks (including one that is currently being exploited) hasn't gone down well with some people. Microsoft have given various reasons why this is the case, but this mega-update-in-a-patch is still interesting for other reasons.
Apple have updated OS X 10.5 to 10.5.7 as part of the 2009-002 Security Update (available right here), as well as a cumulative update for Safari 3 and the Public Beta for 4. As well as addressing numerous significant security risks, the 10.5.7 update provides a number of stability and capability enhancements and incorporates the Safari 3 update patch. Probably the most surprising element of the Apple update is the overall size of it, 442MB for the point update, and 729MB for the ComboUpdate."
SkiifGeek writes: "It's only early, but a single, uncorroborated source has claimed that 3D Realms has been shut down. The problem with a single source report is that the other information at this time doesn't match up with what Shacknews is claiming. The forums where the claim is apparently corroborated are struggling under traffic at the moment and it leaves the possibility that the whole thing is a hoax, backed up by a possibly hacked forum account.
Other sources of information on the net that are also reporting on the claim all point back to Shacknews as the only source material, so we're all going to have to wait until 3D Realms, Take Two, or 2K Games make a formal announcement that one of the gamer's most favourite publishers of the 1990s is no more."
SkiifGeek writes: "The publishers of the LA Times and the Chicago Tribune, and the Chicago Sun-Times have filed for bankruptcy protection within four months of each other. In addition to the big name newspapers, each also controlled a host of smaller television networks and regional newspapers that are facing an uncertain future. Also in that timeframe, the Rocky Mountain News has completely closed down, and the Seattle Post-Intelligencer has abandoned print editions completely.
With Microsoft's recent move to close down Encarta, and purely online media outlets cutting back on staff (freelancers and contractors being the first to get cut), what do we face in terms of information collation and dissemination in the future? Each of the listed cases happened for a different reason, but the economic crisis was the catalyst that pushed them all over the edge.
Are we headed for a dystopian future, or something better?"
SkiifGeek writes: "Cloud computing may just be another hyped technology, but recent private efforts to coordinate and establish a series of frameworks and methods that would allow for efficient migration of data and resources between clouds were exposed by Microsoft after participants refused to accept Microsoft 'enhancements' into their processes.
Strangely, Microsoft is pushing for a completely open process, using the language and promising the methodology often used in Open Source, but still trying to ensure that "a lot of innovation that we're [Microsoft] dreaming up today" will be included. OOXML vs ODF and a long history of crushing or neutralising non-Microsoft technologies should be sufficient for anyone to regard Microsoft's actions with a dose of suspicion.
It is hard to say just what Microsoft might stand to gain from publicly exposing the actions of a currently shadowy group, but there is enough current confusion that might allow Microsoft the room it needs to subvert the current efforts."
SkiifGeek writes: "Though they may not have had the exposure that the Month of Apple Bugs received at the start of 2007, there have been some significant recent discoveries regarding OS X security. In February, Vincenzo Iozzo presented a new method for injecting malicious code directly into running applications, with no trace being left behind when the host application is terminated.
Dino Dai Zovi has been busy demonstrating heap overflows that can lead to full system compromise, while Charlie Miller again walked away with the MacBook at the CanSecWest conference, after using a pre-prepared Safari exploit to take over the target system in less than 10 seconds. Both Zovi and Miller have also been putting in a lot of work to get MetaSploit for OS X targets up to the same sort of capabilities and features as the versions available for Windows and Linux."
SkiifGeek writes: "With Adobe's patch for the JBIG2Decode vulnerability due in a few days time, new methods to target the vulnerability have been discovered that make it far riskier than previously thought. Didier Stevens recently showed the world how it is possible to exploit the vulnerability without the user actually opening an affected file, now he has discovered a way that allows for completely automated exploitation that results in anything up to a Local System account without any user interaction at all and only relies upon basic Windows components and Acrobat Reader elements.
There are some mitigating factors that limit the overall risk of this new discovery, but it does also highlight that merely uninstalling the Reader will not protect you from exploitation and does raise the possibility that other tools will access the vulnerable components and thus be vectors for attack."
SkiifGeek writes: "With Adobe's patch for the current PDF vulnerability still some time away, news has emerged of more techniques that are available to exploit the vulnerability, this time without needing the victim to actually open a malicious file. Instead, the methods make use of a Windows Explorer Shell Extension that is installed alongside Adobe Reader, and which will trigger the exploitable code when the file is interacted with in Windows Explorer. Methods have been demonstrated of successful exploitation with a single click, with thumbnail view, and with merely hovering the mouse cursor over the affected file.
There are many ways that exploits targeting the JBIG2 vulnerability could be hidden inside a PDF file, and it seems that the reliability of detection for these varying methods is spotty, at best."
SkiifGeek writes: "After being spat on at the DLD Conference in Germany, TechCrunch founder, Michael Arrington has announced that he is going to take the next month off, after first covering the World Economic Forum in Davos.
Arrington, it seems, has a knack for polarising people and so with an enemies list as long as his, we may never know who delivered the saliva that has done more to make him sit back and reassess the what and why of how he does things than the death threat that he had last year and all the electrons of vitriol posted across the Internet over the years.
Being spat in the face may be a form of insult that hasn't really been popular for many years, especially for web pundits, but he's lucky that this guy hasn't finished his invention yet."
SkiifGeek writes: "By now we all will have experienced the negative effects of the current credit crisis / economic downturn / guaranteed recession (depending on where you are in the world) in one way or another. Venture funds are drying up, fly-by-night web 2.0 startups are disappearing almost as fast as they once appeared, and those who might have a valid business plan and plan of action are being forced to cut back on staff. Even well established companies are facing the same problems, with some being lucky enough to be able to delay the belt tightening for the immediate future.
One company has taken the step of discounting all of their services and products until the downturn / recession / crisis is officially over, no matter how long it takes.
What are other companies doing to help their users and clients through this difficult economic period? Many will be offering discounts over the festive season, but what are other companies doing for the long term crisis? What are you doing to help those who rely upon you for technical expertise to be able to survive this crisis?"
SkiifGeek writes: "PC Tools has come out and claimed that the Monday before Thanksgiving is the peak time of year for system infection, based off figures collected from 2007.
This claim seems a little suspect, given the lack of supporting figures and material provided by the company and the almost consistent contrary information being reported by competing security firms, which show a continued growing trend of infections and available new malware, with only a couple of specific malware types showing a spike in November.
There may be some justification for the claims being put forward, but there seems to be far more information available which suggests that the opposite is true."
SkiifGeek writes: "It sounds like the fake chain email from the turn of the century, but this time it seems to be real, Microsoft is going to pay you (via rebate) for spending money online after using their online services.
Despite launching the program to minimal fanfare in May of this year, Microsoft looks to be going all out in the lead up to the peak shopping season. With all the conditions and limitations that are applied to the various rebate opportunities (max of $200, PayPal only, US only for the eBay one), it severely limits the program's usefulness to Internet-using majority outside of the US.
For a business division that is continuing to lose money hand over fist, perhaps it is time Microsoft tried to hang on to its money with respect to online services."
SkiifGeek writes: "Microsoft have released Volume 5 of their Security Intelligence Report, covering data reported from January to June 2008. Using data drawn from Microsoft security tools on end user systems, breach data from datalossdb.org, and data from a number of online service providers, Microsoft has compiled a very detailed security picture that few others can come close to matching.
While the report suffers from a self-selection bias and only covers Microsoft operating systems and software it is still a quality report and filled with valuable insight and data about how Microsoft views the threats and vulnerabilities targeting Microsoft-based systems globally. Of special interest is how Microsoft has observed the breakdown of malware on a per-country basis. For countries like South Korea and Brazil this breakdown can reflect how the online environment has evolved in those countries. Another inferred outcome is the discovery that increased software piracy (pick any number of sources for piracy rates) doesn't mean increased rates of system compromise.
If it doesn't already, Microsoft's SIR should take it's place alongside annual and semi-annual reporting from OWASP and ISC as a key bellwether of global Information Security in practice."