topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 4:24 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Tech News Weekly: Edition 13-09  (Read 13263 times)

Ehtyar

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Tech News Weekly: Edition 13-09
« on: March 28, 2009, 07:05 PM »
The Weekly Tech News
TNWeekly01.gifHi all.
No meta-news this week. Enjoy :)
As usual, you can find last week's news here.


1. Worm Breeds Botnet from Home Routers, Modems
Spoiler
http://www.theregister.co.uk/2009/03/24/psyb0t_home_networking_worm/
http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=216300413
With the plethora of insecure router firmware, it was only a matter of time. psyb0t is the first code found in the wild exploiting consumer networking equipment, but it effects only device that run Linux Mipsel.

Security researchers have identified a sophisticated piece of malware that corrals consumer routers and DSL modems into a lethal botnet.

The "psyb0t" worm is believed to be the first piece of malware to target home networking gear, according to researchers from DroneBL, which bills itself as a real-time monitor of abusable internet addresses. It has already infiltrated an estimated 100,000 hosts. It has been used to carry out DDoS, or distributed denial of service, attacks and is also believed to use deep-packet inspection to harvest user names and passwords.


2. Aussie Classification Site Hacked in Censorship Protest & Australia Denies List Leaked
Spoiler
http://arstechnica.com/tech-policy/news/2009/03/australian-classification-board-web-site-gets-pwned.ars
http://www.theregister.co.uk/2009/03/26/aussie_hack_censor/
http://www.linuxinsider.com/story/66573.html
It appears Australia's hacking community is not a fan of their Government's proposal to censor the internet and they've made it known by defacing the website of the department responsible for maintaining the list.
In related news, the Government has, since the initial release of the list, denied it is the list intended for use in censoring the internet.

The Australian government agency charged with classifying movies and video games has reportedly been hacked in protest of the nation's controversial ISP-level Internet filtering scheme. The culprits replaced the website's introductory text with a comical message which characterizes the government's censorship program as an attempt to "control and sheepify the nation."

In the all-important war against pictures of boobies on the Internet, the government of Australia has spared no expense. In 2006, after conducting a study which determined that ISP-level filtering was not feasible, the nation spent $116 million to develop Internet filtering software that parents could install on computers. When this software was easily circumvented by children, the government decided to try again with an $89 million ISP-level filtering scheme based on a blacklist devised by the Australian Communication and Media Authority (ACMA).


3. Firefox Exploit Sends Mozilla Into 'High-Priority Fire Drill' Mode
Spoiler
http://www.theregister.co.uk/2009/03/26/new_firefox_exploit/
An arbitrary code execution exploit against all supported versions of Firefox has caused Mozilla to rush out a patch. Version 3.0.8 is available for auto-update now.

Mozilla's security team is rushing out a fix for its flagship Mozilla browser following the public release of attack code that targets a previously unknown vulnerability.

The exploit was released Wednesday online. It attacks a vulnerability present on Windows, Mac and Linux versions of the browser and could be used to surreptitiously execute malware on the machines of users who browse booby-trapped websites. The flaw is classified as a boundary condition error that targets Firefox's XML parsing features according to SecurityFocus.


4. Leaked Memo Says Conficker Pwns Parliament
Spoiler
http://www.theregister.co.uk/2009/03/27/conficker_parliament_infection/
According to an allegedly leaked memo, the British House of Commons computer system has been infected with Conficker.

The House of Commons IT systems has reportedly been infected by the infamous Conficker superworm, which has previously infected millions of Windows PCs and affected the operation of hospitals, military and large corporate systems.

Political blog Dizzy Thinks first reported that a memo sent out to parliamentary IT network users on Tuesday night warned that Conficker had disrupted the operation of parliamentary systems.

The infection has reportedly prompted a clean-up operation as well as a temporary ban on the use of mass storage devices, including MP3 players, on parliamentary systems.



5. Researchers Poke Holes in Super Duper SSL
Spoiler
http://www.theregister.co.uk/2009/03/28/ev_ssl_spoofing/
It has been revealed that EV SSL certificates are also vulnerable to man-in-the-middle attacks, as standard SSL certificates are, due to a flaw in the SSL implementations of browsers.

Websites that use an enhanced form of digital authentication remain just as vulnerable to a common form of spoofing attack as those that use less costly certificates, two researchers have found.

Previously, so-called extended validation secure sockets layer certificates (or EV SSL) were believed to be immune to man-in-the-middle attacks, in which an interloper on a hotel network or Wi-Fi hotspot sits between an end user and the site she is visiting. When researchers demonstrated one such attack in December, SSL issuers proudly proclaimed that the more expensive EV certs were impervious to the technique.


6.  Google's Tweaked Search Results May Keep Us Googling Longer
Spoiler
http://arstechnica.com/web/news/2009/03/googles-latest-changes-help-users-keep-them-longer.ars
IMO this headline is a little sensationalist, but I'm not the first on this forum to say that I'm finding Google's results to be less and less relevant as time goes on. Perhaps they've noticed too...

Google's search results pages are continually being refined to better fit people's search habits. The latest updates come in the form of longer result descriptions and an expanded list of related searches, which Google says should "help guide users more effectively to the information they need."

Those who use Google on a daily basis know that the handful of words thrown at you when you perform a query aren't always enough to help you decide whether a link is worth clicking. That's why Google has decide to expand the text descriptions offered with each result, with the keywords of the query highlighted in bold. The search giant says this works best with long, detailed queries.


7. German Cops Raid [Home of] Wikileaks [Associate] After Internet Blacklist Posted
Spoiler
http://arstechnica.com/tech-policy/news/2009/03/german-cops-target-wikileaks.ars
German police have raided the home of a man associated with Wikileaks under a warrant written for "distribution of pornographic material", believed to have been catalyzed by the release of the Australian censorship list on Wikileaks.

German police on Tuesday raided the homes of Theodor Reppe, owner of the German domain for the controversial whistleblower site Wikileaks. According to Wikileaks itself, police told Reppe he was targeted because of his links to the site, and official documents indicate the search was meant to uncover evidence of "distribution of pornographic material." Though Wikileaks itself doesn't host porn, site administrators believe the impetus for the raids may be their recent publication of a secret Australian blacklist of banned sites, which includes the URLs of numerous sites that host child pornography.

Police in both Dresden and Jena appear to have coordinated in simultaneous searches of Reppe's residence, and asked him to turn over passwords associated with the Wikileaks.de domain, which they reportedly hoped to disable. But Wikileaks says that Reppe, who also hosts a popular server for the anonymous Tor routing network, is not actively involved with its operations beyond holding the registration for the .de domain and mirroring an archive of Congressional Research Service reports released by the site earlier this year.


8. Google Searches for Holy Grail of Python Performance
Spoiler
http://arstechnica.com/open-source/news/2009/03/google-launches-project-to-boost-python-performance-by-5x.ars
Discussion thread by 40hz: https://www.donationcoder.com/forum/index.php?topic=17636
Google are porting the Python script interpreter (CPython) to the LLVM (Low Level Virtual Machine) library in the hopes that will provide a significant performance improvement.

Google's Python engineers have launched a new project called Unladen Swallow, which aims to bring a major performance boost to the Python programming language by making runtime speed five times faster. The project is being implemented as a branch of the conventional CPython runtime and will be fully source-compatible with regular Python applications and native extensions. This will make it possible to eventually merge the improvements into Python trunk.

The goal of the Unladen Swallow project is to use LLVM, the Low Level Virtual Machine compiler infrastructure, to build a just-in-time (JIT) compilation engine that can replace Python's own specialized virtual machine. This approach offers a number of significant advantages. As the developers describe in the project plan, the project will make it possible to transition Python to a register-based virtual machine and will pave the way for future optimizations.


9. The Pirate Bay to Roll Out Secure €5 Per Month VPN Service
Spoiler
http://arstechnica.com/telecom/news/2009/03/the-pirate-bay-to-roll-out-secure-vpn-service.ars
The Pirate Bay will soon go public with a service, called IPREDator, that allows users to cover their tracks when torrenting with a secure VPN for €5 (USD $6.6) a month.

The Pirate Bay is planning to launch a paid VPN service for users looking to cover their tracks when torrenting. The new service will be called IPREDator, named after the Swedish Intellectual Property Rights Enforcement Directive (IPRED) that will go into effect in April. IPREDator is currently in private beta and is expected to go public next week for €5 per month.

IPREDator is clearly a response to the introduction of IPRED in Sweden, which will allow law enforcement and copyright holders to request the personal details of suspected infringers. The copyright holders will then be able to make direct contact with the accused users and presumably threaten them with lawsuits.


10. Security Fears Spark Linux Drive in Iran
Spoiler
http://www.theage.com.au/articles/2004/09/21/1095651288238.html
The Iranian Government has switched exclusively to Linux.

Iran has become the latest country to edge towards ditching Windows in favour of Linux, even if its refusal to abide by copyright laws means that the country does not pay a penny to Bill Gates.

According to Mohammad Sephery-Rad, the man in charge of the government's computer systems, long-term political and security considerations have sparked a major initiative to make the switch.



Ehtyar.
« Last Edit: March 30, 2009, 03:51 AM by Ehtyar »

Gothi[c]

  • DC Server Admin
  • Charter Honorary Member
  • Joined in 2006
  • ***
  • Posts: 873
    • View Profile
    • linkerror
    • Donate to Member
Re: Tech News Weekly: Edition 13-09
« Reply #1 on: March 28, 2009, 07:56 PM »
IMO this headline is a little sensationalist, but I'm not the first on this forum to say that I'm finding Google's results to be less and less relevant as time goes on. Perhaps they've noticed too...

I've actually already had it happen on numerous occasions that I couldn't find ANY relevant information with google at all, but altavista did. Usually when you're looking for more unpopular/obscure stuff. I'm not a fan of google nor altavista. I find the altavista results in general worse, but for some reason every once and a while it does better with obscure searches.


mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,896
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: Tech News Weekly: Edition 13-09
« Reply #2 on: March 28, 2009, 08:12 PM »
another great edition  :up:

Ehtyar

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Re: Tech News Weekly: Edition 13-09
« Reply #3 on: March 28, 2009, 08:19 PM »
IMO this headline is a little sensationalist, but I'm not the first on this forum to say that I'm finding Google's results to be less and less relevant as time goes on. Perhaps they've noticed too...

I've actually already had it happen on numerous occasions that I couldn't find ANY relevant information with google at all, but altavista did. Usually when you're looking for more unpopular/obscure stuff. I'm not a fan of google nor altavista. I find the altavista results in general worse, but for some reason every once and a while it does better with obscure searches.


You are to whom I was referring Goth Man, but I can't find the actual quote. I didn't respond to the first instance of you saying that because I didn't want to threadjack, but you're right on the money :up:

Ehtyar.

J-Mac

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 2,918
    • View Profile
    • Donate to Member
Re: Tech News Weekly: Edition 13-09
« Reply #4 on: March 29, 2009, 11:36 PM »
IMO this headline is a little sensationalist, but I'm not the first on this forum to say that I'm finding Google's results to be less and less relevant as time goes on. Perhaps they've noticed too...

I've actually already had it happen on numerous occasions that I couldn't find ANY relevant information with google at all, but altavista did. Usually when you're looking for more unpopular/obscure stuff. I'm not a fan of google nor altavista. I find the altavista results in general worse, but for some reason every once and a while it does better with obscure searches.



Heck, even popular and non-obscure searches are bringing useless results. And I try several different mixes of search terms trying to get specific results - doesn't seem to work well anymore. I thought I was the only idiot trying out other search engines again.

Jim

Ehtyar

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Re: Tech News Weekly: Edition 13-09
« Reply #5 on: March 29, 2009, 11:43 PM »
It occurs to me that Google trying to make your results more relevant based on what you've searched for in the past would require cookies. I block cookies. Do either of you (Goth Man and J Man) block them also? If so, perhaps our bad experiences with Google are related to Google not being able to "improve" our results based on our past searches (not that those circumstances would give me even the slightest pause in eventually moving to another primary search engine).

Ehtyar.
« Last Edit: March 29, 2009, 11:45 PM by Ehtyar »

J-Mac

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 2,918
    • View Profile
    • Donate to Member
Re: Tech News Weekly: Edition 13-09
« Reply #6 on: March 30, 2009, 01:30 AM »
It occurs to me that Google trying to make your results more relevant based on what you've searched for in the past would require cookies. I block cookies. Do either of you (Goth Man and J Man) block them also? If so, perhaps our bad experiences with Google are related to Google not being able to "improve" our results based on our past searches (not that those circumstances would give me even the slightest pause in eventually moving to another primary search engine).

Ehtyar.

No, I don't block cookies - I do delete them with the rest of my private info daily, however. Also I installed that Firefox extension - Advertising Cookie Opt-Out - that Google released so that people who block or regularly delete cookies do not get penalized for it. Found out about it via an alert from EFF. The extension can be downloaded here.

Jim

ewemoa

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 2,922
    • View Profile
    • Donate to Member
Re: Tech News Weekly: Edition 13-09
« Reply #7 on: March 30, 2009, 02:15 AM »
Thanks for your ongoing efforts Ehtyar  :Thmbsup:

Re: 3  s/5.0.8/3.0.8/ ?

Re: 4  s/Conflicker/Conficker/ ?

Re: 6  FWIW, I have been an occasional user of Vivismo / Clusty for some years -- when I don't get much relevant via Google (seems more frequent these days), I tend to go to Clusty.  The fact that I am presented with non-trivial groups of results (paging is something I would call trivial) I can get at has helped sometimes but not enough to make me want to use them by default.  No, I'm not affiliated with them :)

Re: 7  Alternate headline: "Gov't organization's vulnerability exploited and their power leveraged to target..." ;)


Ehtyar

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Re: Tech News Weekly: Edition 13-09
« Reply #8 on: March 30, 2009, 03:54 AM »
Thanks for clearing up my retardedness ewe. Would you believe that up until perhaps 2 hours ago I actually thought conficker was called conflicker. I've written it so on this forum at least a half dozen times and you're the first to call me on it, thank you.

I like the look of Clusty, will definitely give it a go.

I like your alternate headline :Thmbsup:

Ehtyar.

ewemoa

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 2,922
    • View Profile
    • Donate to Member
Re: Tech News Weekly: Edition 13-09
« Reply #9 on: March 30, 2009, 04:37 AM »
Re: conficker vs conflicker -- I confess that I didn't actually know what it was until this week's edition's mentioning prompted me to investigate -- and thanks to that effort, I came across the following nifty timeline:

  https://secure.wikim...er_viruses_and_worms

Thank you for contributing to my further education ;)

Ehtyar

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Re: Tech News Weekly: Edition 13-09
« Reply #10 on: March 30, 2009, 05:31 AM »
My pleasure ewe. Perhaps I ought to start linking to explanations of some of the news stories that are being updated instead of broken.

Ehtyar.

Gothi[c]

  • DC Server Admin
  • Charter Honorary Member
  • Joined in 2006
  • ***
  • Posts: 873
    • View Profile
    • linkerror
    • Donate to Member
Re: Tech News Weekly: Edition 13-09
« Reply #11 on: March 31, 2009, 01:05 AM »
Do either of you (Goth Man and J Man) block them also?
I block google's cookies, yes.

Ehtyar

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Re: Tech News Weekly: Edition 13-09
« Reply #12 on: March 31, 2009, 06:01 AM »
Hmm. Would be interesting to know how much of a difference that makes. Anyone else *cough*kartal*cough* willing to weigh in on this one?

Ehtyar.

Ehtyar

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Re: Tech News Weekly: Edition 13-09
« Reply #13 on: April 01, 2009, 08:47 PM »
Another thing I noticed about Google long before the media apparently noticed: Google Showing Local Results On Non-Local Queries. I've always searched directly through google.com using browser keywords (visiting google.com redirects me to google.com.au) because I don't want localized results. It stopped being effective several months ago.

Ehtyar.