Hotmail's new address
 Windows Live Mail gets a new look
Microsoft is trying to turn Hotmail's hundreds of millions of casual e-mail users into customers for a wide variety of Windows Live personal services. How, you may ask? By redesigning this long-neglected Web e-mail.
Check out the image gallery: Changing face of web mail. One of the key decisions for Microsoft is ad
placement. Do you think Windows Live Mail should have one big ad or two?
Which is more resource-full: Web apps or Vista?
 Blog: Truth is: Web Office takes more resources than Vista
In a recent blog, David Berlind asked if the computing world should be going back to lower powered
computers to run Web-based Applications like Google's Writely instead of ramping up their hardware to run Windows Vista. According to George Ou, "The question should be reversed since web applications actually eat up
more resources than Windows Vista."
Additional news headlines
Featured download: Bounce back from a crash with Windows XP System Restore
 10 things you should know about Windows
XP's System Restore tool
Windows XP's System Restore monitors changes to your files and folders and takes a snapshot of your system at regular intervals. If you run into problems with your system--such as a bad driver or rogue application
issues--you can restore the system to a previous point and roll back your system files and registry to a point when the OS was working. Windows expert Greg Shultz put together this list of System Restore advice and
details to help you get the most from this feature.
Patriot Act e-mail spying approved
TODAY'S TOP STORY
A federal judge recently approved a prosecutors' Patriot Act request for e-mail surveillance without any evidence of wrongdoing by the target. The Patriot Act's amendments authorize that type of easily obtainable
surveillance of e-mail. All that's required is that prosecutors claim the surveillance could conceivably be "relevant" to an investigation. Do you agree or disagree with this verdict?
Related resources
Google Attacks Microsoft, AOL and Yahoo
Google's latest beta release of its Desktop Search product,
Version 2, does a whole lot more than just search. Eschewing
the browser, the new software creates a permanent home on
your desktop and integrates e-mail, notes, latest Web sites
visited and so much more. Our story details what's new,
along with how you can download it and try it out yourself.
Google Ratchets Up the War:
http://ct.eletters.whatsnewnow.com/rd/cts?d=181-515-1-278-788070-24998-0-0-0-1
80% of Business Computers Infected with Spyware
That's what anti-spyware vendor Webroot claims, in its
recent report on second-quarter activity. The company used
the results of over 60,000 scans to paint a bleak picture of
malware penetration. Even worse, the average number of
infections per machine has risen as well, to 27 per machine.
What's behind the huge numbers? Our story has some insight,
along with details on the most common offenders.
Spyware Really on the Rise:
http://ct.eletters.whatsnewnow.com/rd/cts?d=181-515-1-278-788070-25001-0-0-0-1
Windows vs. Linux: The real pros and cons
 While the Windows vs. Linux debate often devolves into a fruitless ideological war, there has been some very insightful and pragmatic (and
fairly civil) discussions in the TechRepublic forums recently about the pros and cons of both Windows and Linux, where they are appropriate for building solutions, and how to best approach them when they are part of
your infrastructure. Read the discussions and then take a look at some other worthwhile resources on this topic.
The pros and cons of using Windows
This discussion started when TechRepublic member rthompson posted, "I am doing a report on the pros and cons of all Windows Operating Systems (95/98/ME/00/NT/XP). I would like to hear from different users
and people about their preferences." The responses he got were overwhelming, brutally honest, and full of great insights on Windows, UNIX, Linux, and the things that haunt the nightmares of IT professionals.
The pros and cons of using Linux
In response to the thread on the pros and cons of Windows, TechRepublic member Jacqui started a spin off thread on the pros and cons of Linux. Like the Windows thread, this one stirred up a frank dialog
that focused on the real world experiences of IT pros working in the field.
ISPs versus the zombies
 TODAY'S TOP STORY
According to the Federal Trade Commission, zombie-fed threats such as phishing are a serious problem, and ISPs need to assume more responsibility for cleaning up their networks. If an ISP doesn't measure up on
security, members could flee to a rival provider or, worse yet, completely lose their trust in online activity. Do you
think the health of the Internet is at risk?
Related resources
More on Google's Role: Syndicated Ads Shown Through Ill-Gotten Third-Party Toolbars
June 6, 2005
[ home | bio | publications |
media coverage | invited presentations ]
[ email ]
[ request project updates ]
I've previously written about two different ways that Google gets involved in distributing and funding spyware: Allowing Blogspot to be used to foist spyware
through tricky ActiveX popups and paying fees to AdSense sites who in turn buy pop-ups through 180solutions (such that revenue ultimately flows from
advertiser to Google to AdSense site to 180solutions).
Many of Blogspot's ActiveX popups have disappeared since my February article, and Google promises to put
a check on AdSense popups too. But Google's role goes much further: Through syndication relationships, Google provides ads to multiple web toolbar operators, including to toolbars installed on users' PCs without
notice or consent. Google pays these toolbar companies for the ads they show -- thereby supporting and funding their operations.
Google's Rules and Policies
Google repeatedly tells its advertisers that
their ads will appear only on Google's "high-quality" partner sites.
What does "high-quality" mean? Google doesn't say. But last year Google published a set of "Software Principles" for advertising programs --
calling for improved notice and consent before advertising software becomes installed. A basic notion of "high-quality" sites is that they don't solicit traffic through software violating Google's Software Principles,
and that they also don't make or distribute such software. My sense is that an advertising channel cannot be considered "high-quality" if it is predicated on installing software onto users' PCs without their consent
or without their informed consent.
Internet Attack Called Broad and Long Lasting by
Investigators
By JOHN MARKOFF and LOWELL BERGMAN
A break-in at Cisco Systems last year was only part of an extensive operation in which thousands of systems were penetrated.
Exploit code chases two Firefox flaws
 TODAY'S TOP STORY
Two vulnerabilities in the popular Firefox browser have been rated "extremely critical" because exploit code is now available to take advantage of them. One flaw involves "IFRAME" JavaScript URLs and the other exists
in the IconURL parameter in InstallTrigger.install(). If you've jumped on the Firefox bandwagon, how concerned are you about the
recent spate of vulnerabilities? If you don't use Firefox, does this news prevent you from considering it in the future?
Related resources
Spying on the spyware makers
 TODAY'S TOP STORY
Harvard student Ben Edelman hasn't made any friends in spyware and adware makers, thanks to his work publicizing how the programs work. In fact, he may be spyware's most dangerous enemy. According to Edelman, "The
biggest, richest American companies are buying advertising through spyware." Read this News.com interview, and then tell us how
you really feel about spyware.
Related resources
Resolve Windows RPC errors caused by XP SP2 and security updates
 Microsoft security updates, released in late February 2005, cause strange
errors on some machines running Windows XP SP2. The errors include Windows Update and Windows Installer failing to function, missing icons, and various "access denied" errors. Be prepared to troubleshoot these errors
before Windows XP SP2 becomes mandatory on April 12, 2005. Download this quick-reference task sheet for a list of potential
errors and a simple workaround.
Microsoft hands out antidote to poisoned URLs
 TODAY'S TOP STORY
Microsoft has revised its recommended settings for Windows Server 2003, Windows 2000 Server, and Windows NT Server 4.0, clarifying which default configurations could leave computers open to a DNS poisoning threat. DNS
cache poisoning involves hacking into domain name servers and replacing the numeric addresses of legitimate Web sites with the addresses of malicious sites.
Share your thoughts on Microsoft's response to this heightened security alert.
Related resources
News: CSS Support Could Be Internet Explorer's Weakest Link
Microsoft will be doing a lot to make developers and customers happy with its pending Internet Explorer release, if partner sources with inside information on the IE 7.0 browser are right. But there's one area where
Microsoft won't be winning a lot of applause. Find out why.
Advances in Web Browsers
5. AOL: AIM Conversations Are Safe
From eWeek (Topic: Instant Messaging), March 14:
America Online Inc. on Sunday moved to quell public
criticism of the terms of service for its AIM service,
insisting the controversial privacy clause does not pertain
to user-to-user instant messaging communication.
http://ct.enews.cioinsight.com/rd/cts?d=188-199-1-20-76705-25147-0-0-0-1
News: Phishing Is Big Business
Electronic fraud has outgrown its roots as a nuisance to become a global threat controlled by an elusive, highly organized underworld.
Take a close look at this growing problem.
Cyber-Crime
1. AOL Escalates the IM Wars
From Business Week (Topic: Messaging), March 1:
On Feb. 28, Time-Warner's AOL unveiled "AIM Sync." The new
service, which is still in testing, links an AOL Instant
Messenger's buddy list with contacts stored in Microsoft's
Outlook e-mail software. It scans an AIM user's Outlook
contact list for any matches in AOL's own giant database of
AIM customers' e-mail addresses. If any show up, it adds
their IM screen names to the user's AIM buddy list.
http://ct.enews.cioinsight.com/rd/cts?d=188-194-1-20-76705-24541-0-0-0-1
User reviews: Has Firefox made a difference?
 Featured discussion: If you have made the change to Firefox
TechRepublic member jdclyde is curious about your experience with the Firefox browser: "Has it made a difference to your system?. . . Have the end users accepted this in your organization? [Has the] number of
incidents of Virus/Trojan/Worm/Malware/Spyware, etc. gone up, gone down or stayed the same?" Grab a ringside seat for the pros and cons of Firefox by browsing this heated discussion.
>>Keep your finger on the pulse of TechRepublic's most active discussion topics by checking out our Top 20 Hot Discussions.
Why some companies are skittish about Windows XP Service Pack 2
Jonathan Yarden offers his view of the Windows XP Service Pack 2. With all the hoopla surrounding its release, was it practically irrelevant?
Check out these 10 Windows Server hacks
 Download this resource to get 10 hacks from
O'Reilly's Windows Server Hacks. They provide some great tips to help administrators wring out the best performance, solve common problems, and beef up the security of Windows servers. Some of the tips include
"Automate Creation of OU Structure," "Use netsh to Change Configuration Settings," and "Grant Administrative Access to a Domain Controller."
Get more information on Network Administration
Microsoft launches anti-spyware beta
 Microsoft has unveiled the first version of its Windows AntiSpyware application, which is based on technology from recently acquired Giant Software. It
still hasn't been announced whether the app is designed to be an integrated part of Windows, or whether it will be distributed or sold separately. Get
details about the beta in this news story. In a related discussion, TechRepublic member billbohlen is seeking advice on anti-spyware for the
enterprise.
News: No XP SP2 Security Fixes for Win2K
None of the security enhancements built into Windows XP SP2 will be back-ported to Windows 2000, which is still used by the majority of enterprises.
But what about customers who can't afford to upgrade?
Microsoft rushes out critical IE fix
 TODAY'S TOP STORY
Microsoft published a patch for Internet Explorer on Wednesday for a month-old vulnerability, which previously was called iFrame, but has been dubbed the Internet Explorer Elements flaw by Microsoft. The issue could
allow an attacker to take control of a victim's PC, if the user is logged on as an administrator. Discuss Microsoft's decision to release the update
before its next scheduled patch day, Dec. 7. (On the go? Print this story.)
Related resources
News: Emergency IE Patch Fixes Critical Bug
Microsoft's out-of-cycle patch for the Internet Explorer browser addresses the "IFRAME" bug that had already been exploited by hackers through ad servers.
Download it now!
Securing Windows
Mozilla releases Firefox 1.0
TODAY'S TOP STORY
The Mozilla Foundation has released Firefox 1.0, a browser based on the group's open source development work. Since there were more than eight million downloads of its preview release, there's speculation as to
whether this release could propel the open source browser into serious contention with Microsoft's Internet Explorer. Let us know whether you plan to
download Firefox 1.0. (On the go? Print this news story.)
Related resources
Spotlight on Windows XP Service Pack 2
If you're having trouble with Windows XP Service Pack 2 (SP2) deployment, then check out the invaluable timesaving tips on our SP2
resource page. For those who are already well-versed in SP2, offer TechRepublic member thewynn75 advice on how to control the SP2 firewall on
a Windows 2000 server domain.
News: Web-Hosting Firm Surrenders Hard Drives to Feds
A Texas Internet company said Friday it gave U.S. government officials the hard drives from a pair of its Web servers leased to online journalists and others.
Find out why the Feds wanted the hard drives hosting the Independent Media Center's Web site here.
News: Microsoft Fixes Vexing XP SP2 Incompatibility
Numerous applications, including some of Microsoft's own, have encountered compatibility problems with Windows XP SP2 (Service Pack 2). But one application in particular wreaked an inordinate amount of havoc until
Microsoft created a removal tool, and now a patch, for it.
Read more about how TV Media wreaked havoc on updated systems.
Windows XP Service Pack 2
News: New Phishing System Takes Advantage of JPEG Bug
eWEEK.com spoke with Oliver Friedrichs, senior manager of Symantec Security Response, about the recent discovery of an exploit in the wild that utilizes the recently announced JPEG vulnerability in Microsoft's GDI+
library to install a new and sophisticated phishing system.
Find out how this attack works.
Opinion: Microsoft Patch Day: The Next Generation
Welcome to the SP2 era. Will we have a bifurcated patch day? Will Microsoft be able to move any faster?
Security Topic Center Editor Larry Seltzer takes a closer look.
Windows XP Service Pack 2
Virus targets 64-bit Windows
TODAY'S TOP STORY
Antivirus firm Symantec announced Monday that it had received the first virus that infects 64-bit Windows files. Dubbed W64.Shruggle, the program seems to be mostly an experiment and would not spread in the wild;
Microsoft hasn't even released the software the virus targets. Share your reaction to W64.Shruggle. (On the go?
Print this news story.)
Related resources
News: MyDoom Variant Uses Yahoo People Search
Like the previous MyDoom variant, MyDoom.P uses Yahoo as part of its nefarious infection-spreading plan.
Learn how this baddie works so you can be prepared.
E-voting critic calls on hackers to expose flaws
 TODAY'S TOP STORY
At the Black Hat Security Briefings in Las Vegas, speaker Rebecca Mercuri, a Harvard researcher and noted e-voting detractor, challenged hackers Thursday to try to circumvent e-voting systems to reveal their
security problems. Mercuri pointed hackers to a $10,000 reward promised by an e-voting proponent. Share your thoughts about this hacker
call-to-action. (On the go? Print this news story.)
Related resources
News: Unscheduled Security Update Fixes Critical IE Flaws
As predicted, Microsoft issued on Friday an "out of sequence" security update for Internet Explorer that addresses three critical vulnerabilities.
Get the scoop on this security bulletin here.
News: AOL, Yahoo Join Microsoft in Enterprise IM Push
Weeks after AOL and Yahoo exited the enterprise instant messaging arena, they are joining Microsoft in a deal that will allow Office Live Communications Server 2005 to interoperate with their IM services.
Analysts predict this will boost the adoption of enterprise instant messaging.
Stay up to date on enterprise instant messaging with our special report.
Pop-up program reads keystrokes, steals passwords
TODAY'S TOP STORY
Security researchers warned users Tuesday of a malicious program that installs itself via a pop-up ad. The program can read keystrokes and steal passwords when victims visit any one of almost 50 targeted banking
sites. The program is part of a larger trend, as malicious hackers increasingly focus less on random acts of destruction and more on stealing money.
Share your reaction to this news story.
Researchers warn of infectious Web sites
TODAY'S TOP STORY
Security researchers announced Thursday that they had found evidence that two serious flaws are letting compromised Web servers at major companies take control of computers via Internet Explorer. The flaws affect all
IE users because Microsoft hasn't released a patch for the vulnerabilities.
Can't stop the pop-ups
TODAY'S TOP STORY
Pop-up advertising developers are finding ways around the popular blocker programs designed to stifle the intrusive ad format, much to the chagrin of many Internet consumers. Pop-up blockers from Google, Yahoo,
America Online, EarthLink, and Microsoft were successful initially, but pop-ups have found their way through these filters in recent weeks. This is leading some observers to call for a redesign of Internet Explorer to
solve the problem once and for all. Let us know whether you use a pop-up filter.
News: Spammer Sentenced to Seven Years in Prison
Up to seven years in the slammer and a $16.4 million civil judgment against him might teach spammer Howard Carmack the error of his ways. He already seems to regret sending 850 million forged e-mails. By Carolyn
Thompson, AP Writer. Spammer in the slammer!
Search engines delete adware company
TODAY'S TOP STORY
Yahoo and Google have disabled links to controversial adware maker WhenU, following accusations that the company engages in unauthorized practices aimed at boosting its search rankings. The company allegedly
uses "cloaking," a technique that dupes search engines into favorably listing decoy Web pages that direct people to other destinations. Tell us what
you think about Yahoo and Google's action.
Security Holes in Symantec's Software
Oh, dear. The security software we rely on most has a major security hole. It turns out both corporate and consumer versions of much of Symantec's software are affected. Find out which programs are at risk, and how
you can patch them, in our detailed report.
Source Code Leak a Bust?
Security concerns have formed perhaps the biggest argument against open-sourcing significant parts of Microsoft's source code. But it appears that argument holds a lot less water today. eWEEK.com Security Center
Editor Larry Seltzer argues that the big Windows source-code leak was more bust than break-in. At least so far. Read Larry's commentary
on how open-source Windows wasn't the disaster many predicted.
Microsoft unveils new antipiracy tools
TODAY'S TOP STORY
Microsoft announced the specifics of a long-delayed update to its content protection technology today. The latest digital rights management technology from the software giant aims to bring music subscriptions to MP3
players and boost home networks. Let us know what you think about these new tools.
Related resources
Google files for unusual $2.7 billion IPO
TODAY'S TOP STORY
Google filed its hotly anticipated initial public offering (IPO) on Thursday, invoking an unusual auction-style, two-tier share sale format and releasing its closely guarded financial records in the process. While the
IPO estimates the undisputed Internet search king's initial worth at $2.7 billion, the actual number and price of Google shares will not be known until the IPO is amended. Share your thoughts on the impact of Google's
IPO in this discussion.
Spyware cures may cause more harm than good
TODAY'S TOP STORY
Some so-called spyware killers install the same kind of unwanted advertising software that they promise to remove. A group of fed-up Web users has created a network of Web sites where users can report antispyware
programs that install their own files. Public-interest group The Center for Democracy & Technology plans to file complaints with the Federal Trade Commission against specific companies.
Flaws threaten Net, VoIP
 TODAY'S TOP STORY
Microsoft released patches Tuesday for three flaws, the most serious of which could give attackers a back door into the company's security server product. In addition, a technical review conducted by the British
government found several security flaws in products that use VoIP and text messaging. Get the details about these and other security issues in this News.com roundup.
Related resources
Microsoft finds flaw in server software
 TODAY'S TOP STORY
Microsoft has discovered a flaw in certain versions of its SharePoint Services package that could prevent the intranet software from installing and running properly. The problem likely affects all versions of
SharePoint installed after Nov. 24, whether the software was bundled with the Small Business Server 2003 package or downloaded directly from Microsoft.
Establish your outsource security credentials
 Consultant implements unique solution to meet customer's
business and security needs
What approach would you use if you had to secure a database for a purchasing cooperative? By the way, you have to give partners and vendors access, but you can't use Virtual Private Networking. Here's how one
consultant did it. Compare security outsource standards in our Discussion Center.
Download: Delivering outsourced capability
With more businesses turning to outsourcing as a way to improve services and cut costs, the old guidelines have given way to new rules. Here are three common problems that can short-circuit an outsourcing
relationship. Get more great tools and templates in our Downloads Center.
White paper: Ten things every outsourcing vendor must know to survive and thrive in the current marketplace
As more corporations embrace outsourcing, the growth of the outsourcing service market has exploded. This paper provides 10 of the most critical success factors that should be understood and embraced by a company if
one is really serious about winning in this new service frontier. (Free registration to ITPapers.com is required.)
Cloaking Device Made for Spammers
02:00 AM Oct. 09, 2003 PT
Call them spackers -- they're the new breed of computer crackers who earn a living in cahoots with spammers. The latest innovations developed by such mercenary hackers on behalf of the junk e-mail
profession are techniques that enable spammers -- or scam artists for that matter -- to create websites that are essentially untraceable.
One group in Poland is currently advertising "invisible bulletproof hosting" in online forums for spammers. For $1,500 per month, the group says it can protect a site from network sleuthing tools used
by spam opponents, such as traceroute and whois.
Until now, antispammers have relied on such tools to identify the numeric Internet protocol address behind a website advertised by spam. In the past, shutting down a site used to sell spammed products
-- or to rip off gullible online users via phishing schemes -- was often just a matter of notifying the hosting company
responsible for the IP address.
But the new technique makes these tools futile, according to experts familiar with the method.
The beauty of invisible hosting, according to Tubul, a representative of the Polish group who would not provide his full name, is that the untraceable site can even be located on servers operated by
major Web hosting firms with tough antispam policies.
When asked on an online chat for a demonstration of the stealth hosting service, Tubul provided the address of a website selling generic Viagra and other drugs.
"Try to find the real IP," he said. "This host is in rackshack.net, the most antispam ISP."
A traceroute to the site indicated that it was being hosted on a computer apparently using cable modem service from Comcast.
"Fake," said Tubul.
Indeed, when a traceroute to the site was performed moments later, it appeared to be hosted on a computer with a DSL connection from Verizon.
Another site, hosted by the Polish group. offers free credit consultations. Traceroutes to the site, removeform.com, also provided ever-changing results, ranging from a computer connected to a DSL line
in Israel to another provided by EarthLink. However, the title of the site's home page consistently read "Yahoo Web Hosting," suggesting it was actually located on a server run by the Internet giant.
According to Tubul, his group controls 450,000 "Trojaned" systems, most of them home computers running Windows with high-speed connections. The hacked systems contain special software developed by the
Polish group that routes traffic between Internet users and customers' websites through thousands of the hijacked computers. The numerous intermediary systems confound tools such as traceroute,
effectively laundering the true location of the website. To utilize the service, customers simply configure their sites to use any of several domain-name system servers controlled by the Polish group,
Tubul said.
While the price may be steep, such services "definitely" will frustrate antispammers and others who try to track down the true address of rogue Internet sites, according to Joe Stewart, a security
researcher with Lurhq.
"You're not going to have much success trying to follow IP addresses through hacked hosts," said Stewart. "About all you can do is try to follow the money -- sign up for whatever it is they're selling
and try to figure out who's behind the whole thing."
The use of such stealth hosting techniques has become widespread among spammers, according to Steve Linford, leader of the Spamhaus Project, which maintains a blacklist of known
junk e-mail operations. Linford blamed the development of the new methods on the recent alliances between spammers and computer crackers.
"Hackers used to detest spammers, but now that spamming has become such a big business, it's suddenly cool to be a spammer," Linford said. He said the junk e-mail business has also recently attracted "engineers who
have been laid off or fired, and people who really know what they're doing with networking and DNS."
 See also
 Today's Top 5 Stories
The lure of money has also apparently attracted virus writers to the spamming business. Linford said he believes that the
Fizzer mass-mailing Internet worm was the work of a virus writer affiliated with a spam operation. In addition, Stewart and others said they believe that the first variant of the recent Sobig computer worm is
designed to turn compromised PCs into spam proxy servers.
In a further effort to compromise new systems and add them to their arsenal, Tubul's group appears to be using its "spamvertised" sites to infect visitors with a malicious program. Recent
reports in online antispam discussion groups indicate that an invisibly hosted site called
miracleformen.com was attempting to install a suspicious executable file on visitors' computers using a vulnerability in Microsoft's Internet Explorer browser.
Bulk e-mailers and scam artists began utilizing the services of crackers who control large networks of compromised computers about a year ago, according to Stewart. This past summer, hijacked PCs were used to host
porn and credit card phishing sites, according to research by Stewart and security consultant Richard M. Smith.
One strategy for mitigating the invisible-hosting problem, said Thor Larholm, a security researcher with Pivx Solutions, would be for Internet service providers or domain registrars
to blacklist the DNS servers used by such outfits, effectively cutting them off from the Internet.
But Tubul said his group changes its DNS servers regularly to protect against such tactics.
While many ISPs do not seem to understand the severity of the invisible-hosting problem, Linford said law enforcement authorities have begun investigating.
"These people are not just violating ISPs' rules," said Linford. "These are guys who really need to do some time in jail."
| 
