Good articles on attacks and Phone service skype not good...
Speakers at the debate noted that by embracing market principles,
Laura Tyson, dean of the
Continued
Improvements in content and software systems of the main and wedding sites of Macy's and Bloomingdale's, as well as the Bloomingdale's catalog, will be in place beginning in 2007, the Cincinnati-based retailer said. The company said it would build a nearly 600,000 square-foot distribution center to handle orders in
Oxford University
Harvard and
StopBadware.org will single out individuals, vendors or businesses for propagating and promoting so-called "badware". Who gets the treatment will fall to a new "The Stop Badware Coalition".
NetBeans may be a hedge for ISVS against messy client choices
Posted by Dana Gardner @ 1:40 pm
I just had an intriguing analyst briefing with some NetBeans folks at Sun Microsystems, and I'm beginning to think the public discussion on the Eclipse-NetBeans thing (or is it mostly the SWT-Swing thing?) is missing the larger strategic perspective. From the vantage of an architect or CIO โ and not necessarily strictly from the view of developers โ there could be a lot more to NetBeans and its tools progeny, Creator and Studio, than meets the eye.
My new-found interest in NetBeans 5.0 comes as a result of the different fundamental directions that software development is now faced with. These are just the sorts of things that Oracle is thinking over as it decides what to so about NetBeans. Indeed, there are multiple imperatives that factor into how to best plan for future software development, and they are not well aligned. They are actually increasingly at odds. Smart ISVs will seek a way to mitigate risk, and avoid being led down a garden path to less than optimal addressable markets.
One imperative (let's call it the legacy client support one) suggests that planners should designate tools, frameworks, and platform targeting based on applications that must for a considerable period of time target and span multiple and divergent native client targets โ from PDAs to cell phones to the usual gang of PC platforms, Windows, Mac, Unix, and Linux. The largest camp here is Windows-based clients, and there are a lot of them and they are not going away any time soon.
Another imperative (let's call it the client-agnostic one) suggests that planners should move beyond legacy clients and make their strategic development choices based on the primary concerns of server-side logic and frameworks as targets, of moving as quickly as possible to applications that reach the end users via server-managed clients, browsers/portals, and the rich mix from AJAX, REST, and the Web 2.0 stuff. There's a lot of momentum here, and enough client-side Java and browsers across the legacy clients to make this a compelling philosophy.
Anticipating these imperatives are the Eclipse ecology constituencies, which certainly seems to favor the move away from native client targets and the messy plug-ins process that entails toward applications of, by, and for the server. This direction was given a boost this week when IBM at Lotusphere announced that the latest multi-purpose clients, WorkPlace 2.6 and the forthcoming Hannover version of Notes, will not only both be server-managed clients but that the WorkPlace 2.6 client plus IBM's portal server will become the preferred GUI-tier for SOA and composite applications for all of IBM development. Java on the client is, of course, supported, but multi-purpose is the key. This is significant.
One can surmise that new levels of extended enterprise productivity and business process automation will become the strong breeze in the sails of the Eclipse community toward the tightening embrace of the client-agnostic imperative. The strategic development tools choices, then, should focus on how to organize, attach, and manage the services among and between the servers, not the clients.
Also anticipating these imperatives are Windows ecology constituencies, which certainly seem to favor the "connected computing" approach enabled by the Microsoft Visual Studio 2005/.NET/Vista/Indigo/Avalon assortment. Their direction seems to re-encourage a tightly coupled client (especially Office 11/12), and to a lesser extent support browsers and AJAX-like GUIs. The convulsion in terms of how to balance the fat client with the rich client for Microsoft was evident at last October's PDC, and the subsequent memos and reorganization announcements. It has not been settled yet, and the market will ultimately decide (this time).
And then there is NetBeans, which seems to have quite a bit to support both of the imperatives, and also has the lynchpinadvantage that it deeply supports Java at every twist and turn. And it turns out that Java has a strong and encompassing role to play for the legacy client support imperative. And Java has a strong and encompassing role to play in the client agnostic/server-supreme imperative. I'd say that Java has quite a bit more to offer the server development productivity side of the equation, but using Java as the means to target clients from Mars rovers to the latest JVMs on cellphones, PDAs, Windows, Mac, Unix, and Linux is a strong plus too.
I have not changed my take that Java is heading toward legacy status, and that the future is all about SOA. And that the Java community is putting their resources elsewhere. But Java has not yet played out its transformative role for software development and deployment, and that means its influence is still highly sign
Alarm growing over bot software
By Robert Lemos
Staff Writer, CNET News.com
Published: April 30, 2004, 9:16 AM PDT
While many network administrators worry about the next worm, security experts are warning that a quieter but equally damaging threat is slowly gaining control of large networks of computers.
Known as bot software, the remote attack tools can seek out and place themselves on vulnerable computers, then run silently in the background, letting an attacker send commands to the system while its owner works away, oblivious. The latest versions of the software created by the security underground let attackers control compromised computers through chat servers and peer-to-peer networks, command the software to attack other computers and steal information from infected systems.
News.context
What's new:
Internet security watchers warn that the most common kind of bot software has been upgraded. A new variant incorporates publicly available code for breaching security through a vulnerability on almost every Windows system sold in the past five years.
Bottom line:
Bot software has spread widely--just how quickly is difficult even for security experts to evaluate. Symantec puts the number of computers compromised in the hundreds of thousands. Other security experts have put the number in the millions. Moreover, with source code commonly available, bot software gets quickly updated to take advantage of the latest flaws.
For more info:
Track the players
"It has been one of the big underreported problems in security," said Johannes Ullrich, chief technology officer for the Internet Storm Center, a unit of the SANS Institute that tracks network threats.
On Thursday, Ullrich and other Internet security watchers warned that the most common kind of bot software, Agobot, had been upgraded. A new variant incorporates publicly available code for breaching a computer's security through a vulnerability in a security component installed on almost every Microsoft Windows system sold in the past five years. That component is called the Local Security Authority Subsystem Service, or LSASS.
The LSASS version of the Agobot software uses a particular application data channel, or port, to attack vulnerable systems. On Thursday, Ullrich said traffic on that port had jumped in the previous 24 hours.
Security company Symantec, which, like the Internet Storm Center, monitors sensors around the Internet, also warned Thursday that the LSASS version of Agobot--or Gaobot, in Symantec's parlance--is spreading.
"The worry here is: How many hosts are out there infected with these things?" said Alfred Huger, senior director of Symantec security response.
Bot stealthiness
Anxiety is understandable, given that Symantec and the Cooperative Association for Internet Data Analysis, or CAIDA--two groups thought to have some of the best data on Internet attacks--both undercounted the extent of the MSBlast infection by an order of magnitude.
The groups' researchers had estimated that the MSBlast worm and its variants compromised half a million systems at most. Yet last month, Microsoft revealed that its Windows Update system had patched and then cleaned 8 million systems infected with the virus. On Wednesday, the software giant changed that number to 9.5 million.
Symantec puts the number of computers compromised with bot software in the hundreds of thousands. Other security experts have put the number in the millions.
|
| ||||
|
|
|
| ||
|
|
|
| ||
|
| ||||
|
| ||||
Bot software is much harder to detect than worm programs because it tends to be more stealthy. Worms, which spread automatically and randomly, create a lot of data traffic as they attempt to infect new hosts; such "noisy" activity puts the software in the spotlight for network monitoring devices. But bots are generally commanded to search smaller networks for new systems to infect, reducing the amount of bandwidth that compromised servers produce and making the programs less obvious.
Another concern, Huger said, is how versatile bot software has become.
It can, for instance, be teamed with worms and viruses to create especially daunting hybrids. Symantec's security response team believes that the Witty worm, which attacked computers running security software from Internet Security Systems, was launched by 4,200 "bots"--systems infected with bot software--connected together in a "bot net." Symantec found that the worm spread from those computers even though they weren't running the vulnerable ISS software. So bot software was likely the culprit, Huger said.
"The chances of (Witty) not being launched from a bot net are very thin," he said.
CAIDA also believes the Witty worm had been "pre-seeded," or given a set of known vulnerable systems to attack first in order to speed up the spread of the worm. According to CAIDA's analysis, however, the worm's initial spread involved about 110 to 160 systems--a small fraction of Symantec's estimate.
Spammers have also started using bot nets to send bulk e-mail solicitations to Net users while hiding the spammers' location. Several viruses, including Sobig and MyDoom, have infected computers with simple bots that aim to ease the spammer's job.
Threat seen as broadening
The versatility of bot software also lets online miscreants use bot nets to attack Web sites with massive data floods, or denial-of-service attacks. Some attackers have even used the computation power of the combined computers in a bot net to create their own distributed supercomputer for breaking encryption, especially on passwords, said David Dittrich, an information security researcher with the
"It seems like a logical progression that people have added programmable mechanisms to the bots to add functionality," he said.
It's possible to add new features to the bot software because the creator of Agobot released the source code to the Internet. Agobot uses Internet relay chat as the communications channel to control infected machines. The program has spawned hundreds of variants, including Phatbot, which creates an encrypted peer-to-peer network to relay commands to the compromised systems.
The U.S. Computer Emergency Response Team warned of the Phatbot variant earlier this month, telling companies to watch out for the new attack software. The creation of the LSASS variant of Agobot may itself be a warning, because it likely indicates that a worm is around the corner, said the Internet Storm Center's Ullrich.
Code that takes advantage of software flaws tends to evolve from a simple program, or script, into a fully automated virus. Inclusion of such code in bot software is generally the last step before the code evolves into a virus or worm.
"The worm is the end of the life cycle, as far as exploits go," Ullrich said.
Such was the case with MSBlast; several variants of Agobot incorporated code to take advantage of a Windows vulnerability in the weeks before the MSBlast worm arrived and used the same flaw to spread.
This time around, however, the emergence of a worm may initially be hard to detect, because the LSASS variant of Agobot has spread so widely and is already creating a lot of noise, he said.
"It will be a bit hard to tell when it first arrives," Ullrich said, "because there is so much traffic out there."
Hacking for dollars
By Joris Evers
Staff Writer, CNET News.com
Published: July 6, 2005, 4:00 AM PDT
Last modified: July 6, 2005, 11:58 AM PDT
update Hackers have traded fame for financial gain, experts say.
In the past, lone hackers defaced Web sites or launched global worm attacks, mainly to gain notoriety among their peers.
Today, they use their skills for profit. They hunt for security flaws and find ways to exploit them, hijack computers and rent those out for use as spam relays, or participate in targeted attacks that steal sensitive information from individuals or spy on businesses.
News.context
What's new:
In the past, hackers wanted to gain notoriety by writing the biggest worm they could. These days, they're more likely to be motivated by money.
Bottom line:Though the shift could lead to a drop-off in global worms, it still spells trouble. The targeted attacks crafted by businesslike hackers are likely to hit harder.
"In the last year, we have seen a dramatic shift to hacking for financial gain," said Oliver Friedrichs, a senior manager at Symantec Security Response. "The benefit of creating a widespread worm on the Internet has really been superseded by the potential of monetary gain."
Though the shift could mean the end of big worms like last year's Sasser, it still spells trouble. The targeted attacks crafted by businesslike hackers can hit individuals and organizations harder--and in the pocket, rather than just in the PC.
There is an underground market. A hacker who finds a way to exploit a security hole in Windows could earn up to $1,000, or much more if the hole is not yet known to Microsoft or anyone else, said Dmitri Alperovitch, a research engineer at security vendor CipherTrust.
That flaw could then be used to hijack PCs. These compromised systems, called zombies, can then be used to relay spam, to host malicious Web sites or to launch denial-of-service attacks--at a price. Spammers, phishers and others who want to rent out a network of about 5,500 zombies typically pay about $350 a week, according to security company Symantec.
These zombie networks, known as "botnets," are sometimes used to extort companies, who are threatened with a denial-of-service onslaught aimed at hurting their business. British online payment processing company Protx went offline after an attack and was warned that problems would continue unless a $10,000 payment was made, according to a recent report in The New York Times.
The FBI has also seen an increase in hacking for money. "We have seen a rise in the cases where the motivation appears not just to be for purposes of bragging in chat rooms, but to actually profit financially," said FBI spokesman Paul Bresson.
Underground markets for selling credit card numbers, software vulnerabilities or renting out botnets are also on the rise, he said. "We're seeing a lot more of that today then we ever have," Bresson said.
New breed
As the motive of those involved has changed, so has their profile, Symantec's Friedrichs said. "In the past, they were teenagers or others who did it to gain notoriety. Today's hackers are white-collar criminals and criminals in foreign countries," he said.
Among that group, though, are coders who realized that they could take the hobby they had for years and turn it into a profitable business, CipherTrust's Alperovitch said. "Unless they are really good at it, they probably won't become millionaires. But it is a good side business," he said.
v:shapes="_x0000_i1049">The change has been accompanied by an increasing ingenuity in crafting attacks. Phishing scams, for example, are becoming aimed at smaller groups of victims. Also, companies are being targeted with Trojan horses meant to get access to corporate networks or to enable industrial espionage.
"The deception techniques are getting better, and the payload is also getting more sophisticated," said Dan Hubbard, a senior director at Websense, a San Diego, Calif.-based security vendor. "As more money gets made, the attacks get more sophisticated."
All this means that stakes are higher for individuals and for businesses whose systems suffer an attack. With a worm, they might have had to apply a patch or reinstall a PC. With financially motivated threats, victims could have sensitive corporate information or their identity stolen.
One fraud area seeing a rise in activity--and therefore, a likely lift in scam revenue--is phishing. These scams typically combine spam and fake Web pages that look like trusted sites to try to trick the victim into divulging sensitive information such as passwords or credit card numbers. The number of phishing e-mails tracked by IBM's Global Business Security Index reached an all-time high in May, the company said. It saw 9.14 million messages sent to its customers, up from a previous high of 7.7 million in January.
Credit card data sells for up to $100 per account, according to a report on the economy of phishing, released in June by
Hacking for dollars
Published: July 6, 2005, 4:00 AM PDT
Last modified: July 6, 2005, 11:58 AM PDT
(continued from previous page)
is and how much supporting information is supplied, though--an account with little supporting information will go for much less. American Express cards fetch more, as those come without a preset spending limit, experts said.
Symantec has seen a clear change in the malicious code, such as Trojan horses, used in attacks. In the final six months of last year, 54 percent of the attack code was targeted at obtaining personal data. That is up from 36 percent in the same period in 2003.
"The motivation behind today's new e-mail-borne threats is far more sinister than traditional large-scale attacks."
--Mark Sunner, chief technology officer, MessageLabs
But as victims lose more money, consumers' defenses in general go up, Websense's Hubbard said. Many people now realize the importance of installing security software and patches, and technology to fight phishing, such as browser toolbars, is becoming increasingly popular. Also, Microsoft has said it will include phishing protection in Internet Explorer 7, a test version of which is due out this year.
MessageLabs, an e-mail security company, has also spotted the trend of targeted attacks--but this time, aimed at businesses. Last week, the company said it had stopped e-mail messages containing a malicious attachment that was sent to only 17 addresses at a global company. It appeared to be an attempt to gain access to the company's network.
"The motivation behind today's new e-mail-borne threats is far more sinister than traditional large-scale attacks," Mark Sunner, chief technology officer at MessageLabs, said.
Hackers are getting paid to create the malicious programs, which could then be used in industrial espionage or to collect sensitive company data.
In late May, Israeli police made 18 arrests in a case of industrial espionage using Trojan horses. The programs were designed to spy on computer systems and had been planted on the computers of some of the country's top companies.
Sneaky worms
The underground market means that programs that exploit security holes in software are worth too much these days to waste on an attention-grabbing worm. Such major outbreaks get detected soon, triggering mass patching by users and investigations by law enforcement agencies.
Instead, hackers are more likely to create a slow, stealthy attack that will get malicious software installed on many machines, said Steven Hofmeyr, the chief scientist at Sana Security.
In other news:
- Special report: Pixar goes to Hollywood
Steve Jobs rides high in Disney buyout - NSA gives tips on editing documents
- Newsmaker: The man behind Sun's x86 effort
- Got a question on Windows Vista? Submit your questions for Microsoft's Jim Allchin
"There is no real incentive to write those kinds of mass worms other than the graffiti incentive," Hofmeyr said.
The lure of money likely is not solely responsible for the lull in large worm outbreaks, experts said. After a string of worms in 2003 and Sasser last year, many people realized the importance of security software and patching their systems.
Also, Microsoft, whose software is often the target of worms, has been working to improve its act. Windows XP Service Pack 2, a large security-focused update for the desktop operating system, was released last year. On the server, Windows Server 2003 is deemed more secure than its predecessors.
"The world has become much more aware of malicious activity," Debby Fry Wilson, a director at Microsoft's
In the future, intrusion prevention products could play a part in protecting systems against targeted security threats. Some tools look at the behavior of software and block suspect activity. Other products look more closely at the data leaving a corporate network and can block the transmission of credit card data, for example.
Attacks have changed, not vanished. Security companies and Internet users face increasing challenges to fight the sophisticated threats that often fly under the radar. With money as a spur, hackers are motivated to keep creating new attacks--and to keep one step ahead of the competition.
"I call it the chess game, where the bad guys have the white pieces and always get to go first," Gartner analyst John Pescatore said.
Skype could provide botnet controls
By Joris Evers
Staff Writer, CNET News.com
Published: January 25, 2006, 5:41 PM PST
Internet phone services such as Skype and Vonage could provide a means for cybercriminals to send spam and launch attacks that cripple Web sites, experts have warned.
Moreover, because many voice over Internet protocol applications use proprietary technology and encrypted data traffic that can't easily be monitored, the attackers will be able to go undetected.
"VoIP applications could provide excellent cover for launching denial-of-service attacks," the Communications Research Network said Wednesday. The Communications Research Network is a group of industry experts, academics and policy makers funded by the
The group urges VoIP providers to publish their routing specifications or switch to open standards. "These measures would...allow legitimate agencies to track criminal misuse of VoIP," Jon Crowcroft, a professor at
Essentially, some of the features to protect VoIP applications can now be used maliciously, Crowcroft said. "While these security measures are in many ways positive, they would add up to a serious headache if someone were to use a VoIP overlay as a control tool for attacks," he said.
In a denial-of-service attack, a flood of information requests is sent to a Web server, bringing the system to its knees and making it difficult or impossible to reach. Today, such attacks often involve many hacked computers, so-called "zombies," that have been networked in a so-called "botnet."
Cybercriminals rent out use of their botnets on the black market. About 60 percent of the world's spam is sent through such compromised computers, and the zombies are also used in extortion schemes where a Web site owner is told to pay or face a denial-of-service attack.
Botnets are typically controlled by an attacker via Internet Relay Chat. Zombies listen for instructions from their masters on IRC channels. Investigators monitor those channels to help catch cybercriminals, and Internet service providers can block traffic to the IRC servers used by zombies in order to thwart attacks, experts have said.
In other news:
- Special report: Pixar goes to Hollywood
Steve Jobs rides high in Disney buyout - NSA gives tips on editing documents
- Newsmaker: The man behind Sun's x86 effort
- Got a question on Windows Vista? Submit your questions for Microsoft's Jim Allchin
VoIP applications such as eBay's Skype and Vonage could give cybercriminals a better way of controlling their zombies and covering their tracks, the Communications Research Network said. "If the control traffic were to be obfuscated, then catching those responsible for DoS attacks would become much more difficult, perhaps even impossible," the group said in a statement.
There has yet to be an instance of an online attack launched through a VoIP application, but the Communications Research Network believes it is only a matter of time. "If left unresolved, this loophole in VoIP security won't just decrease the likelihood of (attack) detection and prosecution, it could also undermine consumer confidence in VoIP," the group said.
Communications Research Network contacted VoIP providers with its concerns, it said. Skype and Vonage did not immediately respond to a request for comment.
News
[Internet]
| Tuesday 24th January 2006 |
UPDATED: IBM does IM with Yahoo!, AOL and Google 10:24AM
IBM has announced a series of deals with some of the world's major instant messaging suppliers to connect to its Lotus Sametime IM product. Big Blue has announced deals with Yahoo!, AOL to communicate with each other
IBM's deals with Yahoo! and AOL means that users of Lotus Sametime 7.5 can interact with Yahoo! Messenger, AOL's AIM and ICQ and the Apple iChat services. In addition to exchanging text instant messages, users will be able to see whether their friends and colleagues are online and manage their contact list.
The advantage for all these services is that IBM still controls the lion's share of corporate infrastructure with some 15 million Sametime users around the world. Although the perception of IM has changed over the years it is still regarded by many as a tool for casual chatting rather than a serious business tool. The deals with IBM give IM further credibility.
The interoperability
|
| |
|
|
|
| ADVERTISEMENT | |
| | |
will be based on the SIP / SIMPLE industry standard protocol, and will establish a server-to-server connection, requiring only one login ID. IBM says it is building a new SIP-based Real-Time Collaboration Gateway that is currently planned for release later this year.
In addition, IBM and Google say they intend to develop interoperability between the IBM Lotus Sametime enterprise IM and the Google Talk public IM network. Recently, Google announced that it planned to include SIP in a future release of Google Talk opening the possibility of another round of interoperability announcements in the future. The search engine IM client is already able to communicate with a number of smaller messaging products through the Jabber/XMPP interface
UPDATED:
It seems as though we might be at last coming to a time when all IM clients talk to each other. Although not involved in this latest round of love-ins, Microsoft announced an interoperability deal with Yahoo! last October. Perhaps it is not surprising that MSN Messenger is left out of the SameTime interoperability as Bill Gates was recently quoted as saying, 'IBM has always been our biggest competitor'.
IBM says Sametime 7.5 should be available sometime in the middle of this year.
Steve Malone
Related News
- The year in search 2005 [part 2]
- Microsoft goes for Instant Messaging interoperability
- AOL abandons instant messaging for business
- Google opens up Google Talk
Sponsored Links
Buy IBM - ShopGenie
Can't find the best IBM laptop deals? ShopGenie can help you find the best price & spec for your needs. Read performance reviews before you buy. All top name brands: Apple, Sony, Toshiba & more.
Buy IBM I at Shopping.com
Find, compare and buy products in categories ranging from PC laptops to digital cameras. Read product reviews and compare prices on over a million products.
IBM I At Dealtime.co.uk
Find, compare and buy products in categories ranging from PC laptops to digital cameras. Read product reviews and compare prices on over a million products.
IBM Global Services
IBM global services offer solutions for your business to help it compete in today's marketplace. From web hosting to consulting, we provide a fantastic service.
Find IBM Items on eBay.co.uk
Buy and sell computers and accessories on eBay.co.uk, the
0 Comments:
Post a Comment
<< Home