January 2, 2009

When asked about what will happen in 2009, a rise in global epidemics was at the top of Kaspersky Lab‘s prediction list.  Kaspersky Lab,  a leading developer of Internet threat management solutions that protect against all forms of malicious software, has seen that prediction to be true —  2009 was dominated by sophisticated malicious programs with rootkit functionality, Conficker, Web attacks and botnets, SMS fraud and attacks on social networks.

With the start of 2010, researchers and analysts from Kaspersky Lab have come up with a list of six predictions for what will be the New Year’s greatest threats and newest attack vectors.

1.       A rise in attacks originating from file sharing networks.
This year, we will see a shift in the types of attacks on users, from attacks via Web sites and applications toward attacks originating from file sharing networks.

2.       An increase in mass malware epidemics via P2P networks.
In 2009 a series of mass malware epidemics has been “supported” by malicious files that are spread via file sharing networks. This method has been used to spread notorious threats such as TDSS and Virut as well as the first backdoor for Mac OS X. In 2010, we expect to see a significant increase in these types of incidents on P2P networks.

3.       Continuous competition for traffic from cybercriminals.
The modern cybercriminal world is making more and more of an effort to legalize itself and there are lots of ways to earn money online using the huge amount of traffic that can be generated by botnets. In the future, we foresee the emergence of more “grey” schemes in the botnet services market. These so-called “partner programs” enable botnet owners to make a profit from activities such as sending spam, performing denial of service (DoS) attacks or distributing malware without committing an explicit crime.

4.       A decline in fake anti-virus programs.
The decline in gaming Trojans witnessed in 2009 is likely to be repeated for fake anti-virus programs in 2010. Conficker installed a rogue anti-virus program on infected computers. The fake anti-virus market has now been saturated and the profits for cybercriminals have fallen. Additionally, this kind of activity is now being closely monitored by both IT security companies and law enforcement agencies, making it increasingly difficult to distribute fake anti-virus programs.

5.       An interest in attacking Google Wave.
When it comes to attacks on Web services, Google Wave looks like it will be making all the headlines in 2010. Attacks on this new Google service will no doubt follow the usual pattern: first, the sending of spam, followed by phishing attacks, then the exploiting of vulnerabilities and the spreading of malware.

6.       An increase in attacks on iPhone and Android mobile platforms.
The year 2010 promises to be a difficult time for iPhone and Android users. The first malicious programs for these mobile platforms appeared in 2009, a sure sign that they have aroused the interest of cybercriminals. The only iPhone users currently at risk are those with compromised devices; however the same is not true for Android users who are all vulnerable to attack. The increasing popularity of mobile phones running the Android OS combined with a lack of effective checks to ensure third-party software applications are secure, will lead to a number of high-profile malware outbreaks.

“Malware will continue to further its sophistication in 2010 with specific malware families requiring significant resources from anti-malware companies to adequately fight them,” said Roel Schouwenberg, senior malware researcher at Kaspersky Lab. “Third party program vulnerabilities will continue to be the target of choice by cybercriminals with Adobe continuing to be the main target. And finally I believe that with the introduction of real-time search, black hat SEO and social networks will become an even bigger focus of cybercriminals.”

By Gregg Keizer
Computerworld
December 23, 2009

Mozilla yesterday said that its planned overhaul of Firefox‘s interface will be pushed back to Firefox 4.0, the major release now slated to ship before the end of 2010.

Previously, Mozilla said it would revamp the look and feel of its open-source browser in a two-step process , with part of the redesign debuting in Firefox 3.7 — a minor refresh scheduled for late in the first quarter of next year — with the rest following in version 4.0.

Mozilla’s interface plans, particularly those intended for Firefox for Windows, have attracted attention because the company last September said it would “ribbonize” the browser by borrowing graphics concepts from Microsoft ‘s Windows 7 and Office 2007. Users blasted the idea.

Later, Mozilla clarified its intentions , saying that although it was going to eliminate the traditional top-of-the-frame menus in Firefox, it was not going to turn its browser into a graphical doppelganger of Office 2007.

Mozilla’s newest plans for Firefox 4.0 center around a so-called “App Button” that will take the place of the menus long-seen in Windows applications, said Stephen Horlander, a designer and longtime contributor to Firefox’s interface.

In a blog post outlining the single-button approach, Horlander said the App Button would replace the idea of a dual-button concept — one marked “Pages,” the other “Tools” — that Mozilla had previously considered. He acknowledged that the App Button, like the talk of “ribbonizing” Firefox, was borrowed from Microsoft. “[The] App button … is similar to the single menu approach taken by Windows 7 native applications [such as] Paint and WordPad, and by Microsoft Office,” Horlander said.

The App Button, which would appear at the top left of the Firefox window, would take up less space, consolidate all menu commands under one roof, and reduce clutter, he said.

Firefox 4.0 would also give users the option of moving the browser’s tabs to the top of the application’s display, a so-called “tab-on-top” look that other browsers, notably Google‘s Chrome, have adopted.

Mozilla’s browser will not, however, combine the search bar with the address bar — the latter is where the URL is entered or appears — as does Chrome. “With the LocationBar containing an increasing amount of functionality it may be best to retain a clear distinction between the two fields,” said Horlander, referring to Mozilla’s name for the address bar.

Horlander posted numerous screen shots of the Firefox 4.0 interface design ideas on his blog, including a head-to-head comparison between the revamp and the current look and feel in Firefox 3.5.

User reaction, as judged by the nearly 100 comments left on Horlander’s blog since yesterday, were generally positive. Most of the criticism came from users who were disturbed by what they saw as the “Chromifying” of Firefox, that Mozilla’s browser was too anxious to copy the look of Google’s Chrome.

“Firefox should be careful not to just chase Google too much, though,” said a user identified only as “Woody” in a comment added yesterday to Horlander’s post. “Chrome is Chrome, Firefox shouldn’t try to play catch-up … they should stay innovative.”

“Trying to copy ideas from Microsoft Office and Google Chrome must lead to a big fail,” warned another user.

People uncomfortable with the change will be able to restore the more familiar menu bar, Horlander promised.

According to a recently published timetable , Mozilla will ship a public review of Firefox 4.0 in June 2010, and final code in the fourth quarter.

By JR Raphael
December 22, 2009

Facebook is getting into the year-end spirit by releasing its list of the top words found in U.S. Facebook status updates during 2009. The social network calls its list “Memology: the study of how ‘memes,’ or new ideas and trends, are spreading on Facebook.” To determine the list, Facebook grabbed the most popular one-to-four word phrases found in status updates this year, and then compared each phrase to 2008 trends to determine the most popular phrases of 2009.

The result of all this data mining is the following list of 15 topics:

1. Facebook Applications (Farmville, Farm Town, Social Living)

2. FML (F*&$# My Life)

3. Swine Flu

4. Celebrity Deaths (Michael Jackson, Patrick Swayze, Billy Mays)

5. Family

6. Movies (New Moon, Transformers, Star Trek, The Hangover, Paranormal Activity and Harry Potter)

7. Sports (Steelers, Yankees)

8. Health Care

9. FB (aka Facebook)

10. Twitter

11. Years

12. Lady Gaga

13. Yard

14. Religion

15. I

The past year was the year of farms and aquariums on Facebook, but one thing the social network neglected to mention were the series of reports by TechCrunch alleging that popular applications like Farmville and others were scamming users. References to Michael Jackson and other celebrity deaths also proved popular fodder for Facebook chatters, as did the more popular movies of the year.

The term “I” might seem to be an odd one to make the list, but, as Facebook’s blog notes: “Until March of 2009, people updated their status in a box that appeared next to their name on the home page and, consequently, many updates started with the word ‘is.’ Once that box no longer was shown next to people’s name, the usage of “is” dropped off dramatically and usage of “I” doubled almost overnight.”

While the social network made its own memology list under the moniker FB, one notable exclusion from Facebook’s list is any mention of the privacy concerns that dogged the company during 2009.

First there was the flap over Facebook’s changes to its privacy policy earlier this year, which almost resulted in a formal complaint to the Federal Trade Commission by the Electronic Privacy Information Center. Then, earlier this month, Facebook finally shuttered its oft-maligned Beacon program, and shelled out $9.5 million to fund a new privacy advisory board. Finally, there were the latest changes to Facebook’s new privacy settings from just a few weeks ago.

While some of these privacy issues may have gone unnoticed by Facebook status updates, the latest changes to Facebook’s privacy settings did spark updates like this, “If you don’t know, as of today, Facebook will automatically index all your info on Google, which allows everyone to view it…Facebook kept this one quiet. Copy and paste onto your status for all your friends ASAP.” That information turned out to be wrong, but so many Facebook users promoted this misinformation using their status updates, the social network felt compelled to issue this pop-up notice to its users:

But in a nod to the problems it faced this year, Facebook did say in its memology blog post that all personally identifiable information was removed from status updates during the year-end data mining exercise. The company also said no one at Facebook ready actual status updates in compiling this list.

By Gregg Keizer
Computerworld
December 19, 2009

Hackers redirected Twitter.com’s traffic to a rogue Web site for more than an hour Friday by accessing its DNS records using an account assigned to Twitter, the company that manages Twitter’s DNS (Domain Name System) servers said.

Twitter initially blamed the early-Friday hour-long blackout of its site on changes made to the company’s DNS records, which act like a telephone directory to match the twitter.com domain name with the IP addresses used by its servers.

“Twitter’s DNS records were temporarily compromised, but have now been fixed,” the company said on its service status page at 2:30 a.m. ET. “We are looking into the underlying cause and will update with more information soon.” The status page has not been revised with more information since then.

Twitter uses a New Hampshire firm, Dyn Inc., to manage its DNS records, which match Twitter’s domain name (twitter.com, and numerous others) with the IP addresses of its servers.

Today, Dyn denied that its infrastructure had been hacked. Early Friday, Tom Daly, Dyn’s chief technology officer, told the Washington Post it appeared someone changed Twitter’s DNS records to point visitors to a different IP address using the proper account credentials assigned to Twitter.

“Someone logged in who purported to be a legitimate user of their [DNS] platform account and started making changes,” Daly told the Post ‘s Brian Krebs . “It was not a failing on our systems whatsoever.”

Kyle York, Dyn’s vice president of marketing, echoed that in an interview with Computerworld. “No unauthenticated e-mail address associated with the account accessed the [Twitter] account,” York maintained. “This was not an unauthorized breach of our system.”

When asked whether the Twitter account had been used by someone authorized to do so, or if those account credentials had been pilfered by hackers, York declined to answer directly. “You’ll have to read between the lines,” he said. However, he did point to a tweet on Dyn’s own Twitter feed as having the right explanation.

That tweet referenced a story on The Tech Herald , in which reporter Steve Ragan used the clues available, including Dyn’s public statements, to theorize that someone compromised a Twitter staffer’s e-mail account, presumably via malware that snuck onto the Twitter employee’s computer, or through a standard phishing-style identity theft attack.

Once in control of the e-mail account, the hackers then used it to request a password reset for Twitter’s account with Dyn, Ragan speculated. “The password reset process is completed, and at this point the person(s) posing as a Twitter staffer gets the reset password via e-mail,” Ragan wrote.

That approach makes the most sense, agreed Ray Dickenson, chief technology officer at security vendor Authentium. “That’s the most logical explanation,” said Dickenson. “If someone obtained administrator credentials for Twitter’s account with Dyn, or even if it was inside job, everything worked except the human element.”

Dickenson said Dyn’s claim that its servers had not been officially hacked is also likely true. “It’s very difficult to directly hack a top-tier DNS provider,” he said, noting that security at such firms is extremely tight. “You’ve got to believe that Twitter looked at the options, and made the right choice when it went with Dyn. Twitter’s a huge site, and a huge brand.”

Also in Dyn’s favor, said Dickenson, is the company’s contention that only Twitter’s DNS records were altered, a fact that York stressed. “The fact that virtually all of Twitter’s records were pointing to this defaced site, and that no other [Dyn] customers’ records had been altered, corroborates what Dyn’s saying.”

According to York, Twitter will post a more detailed explanation of the cause of the outage later Friday. “It will fully exonerate us, that’s one thing I can say,” York said.

Twitter has been on shaky security ground for some time. Last August, determined distributed denial-of-service attacks knocked it offline for several hours. Two months before that, a hack of a URL-shortening service redirected millions of Twitter users to an unintended destination.

By Sumner Lemon
IDG News Service
December 18, 2009

Microblogging site Twitter went offline for a while Friday after hackers calling themselves the Iranian Cyber Army apparently managed to change DNS records, redirecting traffic to another Web page.

Instead of the usual Twitter Web site design, visitors to the site instead saw a black screen with an image of a green flag and Arabic writing. The defaced site also included a message that said, “This site has been hacked by Iranian Cyber Army,” and an e-mail address.

Whether or not Iranian hackers are responsible for the attack wasn’t immediately clear. However, Twitter and other Internet sites have been used by Iranian opposition groups and protestors to share details of anti-government protests in that country.

Twitter blamed the outage on changes made to the company’s DNS (Domain Name System) records, which match the company’s domain name with the IP addresses of its servers.

“Twitter’s DNS records were temporarily compromised but have now been fixed. We are looking into the underlying cause and will update with more information soon,” Twitter said on its Twitter Status page.

Based on Twitter’s account of the attack, it’s possible that the company’s servers were never compromised. The actual attack may have instead targeted Dyn, the DNS service provider that manages Twitter’s DNS records, according to whois records.

While the outage left Twitter users cut off from the service for about an hour, the type of attack wasn’t serious, according to Dhillon Andrew Kannabhiran , founder and CEO of Hack In The Box, a Malaysian company that runs security conferences in Europe, the Middle East and Asia.

“Yawn, is my comment. It was a simple defacement. So what?” Kannabhiran said.

By JR Raphael
December 18, 2009

Susan Boyle may not have won the top spot in “Britain’s Got Talent,” but the big-voiced Brit has just achieved a far more impressive feat: Her video has taken the title of most watched clip on YouTube in 2009.

YouTube released a list of its most popular videos of the year, taking into account aggregated views from all over the globe. And while Boyle’s inaugural television appearance was the most harmonious of the bunch, the other hot commodities were no less theatrical.

Here’s the full list of YouTube’s most watched videos of 2009.

5. Evian Roller Babies With more than 27 million views under its belt, this creative commercial for Evian water certainly grabbed the world’s attention. No word yet how many diaper changes were involved.

4. New Moon Movie Trailer Surprise, surprise: A lot of people watched the trailer for the Twilight saga’s New Moon movie. Thirty-one million, to be exact. Granted, even more people probably gazed at the assets in Christian Serratos’s revealing PETA ad — but that’s another story altogether.

3. JK Wedding Entrance Dance YouTube helped a small wedding make a big splash this year. Jill and Kevin, a couple from Minnesota, busted a move as they walked down the aisle — in fact, the entire wedding party got pretty jiggy, nuptially speaking. The wacky dancers went viral, attracting thirty-three million eyeballs over the course of ’09.

2. David After Dentist A drugged-up little dude soared high on the YouTube charts, pulling in 37 million views worldwide. David, a seven-year-old boy, spouted off all sorts of nonsense following a trip to the dentist. Do his amusing antics warrant the massive merchandise and public speaking business that’s sprung up since the video’s success? God no. But at least they kept that Fred guy from being in this year’s top five.

1. Susan Boyle – Britain’s Got Talent As promised, the saucy Miss Boyle belted her way into YouTube’s most-watched spot for 2009. The clip of Boyle’s first appearance on “Britain’s Got Talent” garnered a whopping 120 million views across the world. Who’s the master of the house now?

By Owen Fletcher
IDG News Service
December 15, 2009

Microsoft suspended a microblog-style site for Chinese users on Tuesday after the service was accused of copying programming code from Plurk, a Twitter rival popular in Asia.

Plurk this week alleged that MSN Juku, a service where users could share 140-character messages with friends on a scrolling timeline, appeared to have stolen up to 80 percent of its codebase from Plurk. In a blog post, Plurk showed screenshots and samples of similar JavaScript and CSS code pulled from both services.

Microsoft is looking into the allegations against MSN Juku, which a Microsoft joint venture in China hired a third-party vendor to develop, the company said in a statement. The service, still in beta and launched last month, could not be accessed on Tuesday. Microsoft promised to release further information as it learned more.

Plurk did not reply to e-mails or phone calls on Tuesday.

Online social networking is increasingly popular in China and Microsoft was just one of several big companies looking to tap the market, though Twitter and some of its local-language rivals have been blocked for months in the country on political grounds.

(Dan Nystedt in Taipei contributed to this report.)

By Nancy Gohring
IDG News Service
December 15, 2009

Microsoft‘s Juku service in China did indeed steal code from Plurk, a popular Twitter rival in Asia, the software giant admitted on Tuesday.

Plurk alleged this week that about 80% of Juku’s code base was stolen from Plurk. Shortly after the accusations appeared on Plurk’s blog, Microsoft suspended the Juku service and said it was investigating the matter.

Now it says that a vendor working with Microsoft’s MSN China joint venture acknowledged that a portion of the code that it provided was indeed copied.

Microsoft was apologetic in its note. “When we hire an outside company to do development work, our practice is to include strong language in our contract that clearly states the company must provide work that does not infringe the intellectual property rights of others. We are a company that respects intellectual property and it was never our intent to have a site that was not respectful of the work that others in the industry have done,” Microsoft said in the statement.

The company has worked hard over the years to try to prevent the piracy of its own software. China, where the Juku service was developed, is one of the biggest consumers of pirated Microsoft software.

Microsoft said it is suspending the Juku service indefinitely and that it assumes responsibility for the situation. It apologized to Plurk and said it would reach out to the company directly to explain what happened.

Microsoft also said it will be working with MSN China to examine development practices and applications provided by vendors.

Plurk has not responded on its blog to Microsoft’s latest statement.

By Eric Lai

ComputerWorld

December 15, 2009

Plurk, a micro-blogging service popular in parts of Asia, claimed today that its site design and underlying code were copied by a recently debuted service from Microsoft‘s China division.

MSN Juku made its beta debut in China earlier this month as a way for users to post 140-character messages on a scrolling timeline interface.

Screenshots. The Plurk page layout and user interface compared with MSN China’s new microblogging service, as posted on Plurk’s blog.

According to Microsoft, MSN Juku is a “local innovation developed by MSN China…based on Windows Live Messenger networks.”

At the time, local Chinese media were already commenting on the similarities in the look-and-feel between MSN Juku and Plurk, with one calling it a “bandit” version (Chinese slang for a knock-off).

That accusation was brought out into the open today by Plurk. In a blog post, the company said that while “imitation may be the sincerest form of flattery, but blatant theft of code, design, and UI elements is just not cool, especially when the infringing party is the biggest software company in the world.”

Plurk showed purported screenshots of MSN China’s new service, which it called “a little overly inspired” by Plurk’s 18-month-old service. It also showed snippets of JavaScript and CSS code from both services, and claimed that 80% of the codebase “appears to be stolen directly from Plurk.”

Plurk said the two services are so similar that some bloggers speculated that Microsoft’s service might have been based on a partnership with Plurk, a rumor it quickly dismissed.

“We were never contacted by any party at M$ to collaborate on such a venture nor did we give any prior written or verbal permission to anyone on their side to take our code, take our CSS, and copy the essence and ethos of our service,” wrote Plurk. “As a young startup, we’re stunned, shocked, and unsure what to do next and need your support and suggestions.”

Microsoft did not immediately respond to a request for comment.

According to a separate interview with Plurk’s co-founder published on Monday, the nine-employee company is scattered across the world, though incorporated in Canada.

Plurk has largely failed to make a dent in the English-speaking Web, where Twitter dominates. It had 766,000 visitors last month, compared to 1.3 million for Friendfeed and 131 million for Twitter, according to statistics from Compete.com. Plurk is also banned in China, along with Twitter and some other social-networking services, by the government for political reasons.

However, Plurk reportedly tops the microblog market in Taiwan, ahead of Twitter. It is also popular in other Asian countries such as Indonesia and Singapore. One reason: Twitter, due to cost and time, only operates a fully localized service in Asia for Japanese users. Plurk, meanwhile, solicits help from volunteers in each country to help translate key commands and phrases, with the best chosen by a vote in that country. That allows Plurk to offer its service in 33 languages, including Chinese, Gaelic, Arabic and Japanese.

By Tony Bradley
December 15, 2009

The headlines recently have been dominated with news of online privacy. Facebook has implemented changes that affect the privacy of status updates, and Google made headlines for its apparent disregard for privacy.

The difference between how Facebook and Google have addressed privacy issues offers a stark contrast. While Facebook has quickly responded to criticism and backlash, and has implemented additional changes to try and accommodate concerns, Google CEO Eric Schmidt dismissed privacy concerns entirely.

Facebook has faced challenges with privacy and what sorts of controls it has in place to ensure that users can exert some control over who is able to view their status updates, photos, events, and other Facebook entries. The Canadian government pressed the issue and succeeded in pressuring Facebook into changing a handful of practices to address privacy concerns.

As Facebook implemented changes this week, which were previously announced and anticipated–a change of pace for Facebook changes, there was immediate backlash. Facebook is struggling to figure out how to capitalize on member status updates for real-time search to be more like Twitter, and it is going through some growing pains to establish the right mix of sharing and security.

Google is also faced with constant criticism and concern from privacy advocates. Google is the monolithic Big Brother of the Internet, crawling and indexing every last byte of data that exists and presenting it to the general public in a matter of milliseconds through its various search offerings.

The difference between Facebook and Google as it relates to privacy is that Facebook appears to listen to concerns and respond by implementing changes to try and address issues, while Google seems to be dismissive. The Google response is to just stress why you should trust it, or why you shouldn’t care about privacy.

In a CNBC interview, Google CEO Eric Schmidt explained his stance on online privacy “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place. If you really need that kind of privacy, the reality is that search engines –including Google –do retain this information for some time and it’s important, for example, that we are all subject in the United States to the Patriot Act and it is possible that all that information could be made available to the authorities.”

The problem with that point of view is that it assumes you can only be concerned about privacy when you are doing something illegal or unethical. It doesn’t take into consideration the myriad ways that data can be inadvertently leaked or compromised by search engines like Google.

Just because executives and managers want information to be private, it doesn’t mean that they are trying to hide anything like shady accounting a’ la Enron, or illegal pyramid schemes a’ la Madoff. It simply means that some information is sensitive or confidential for a reason.

For businesses that rely on Google Docs or Gmail, there is a level of trust there that Google will respect the privacy of that data and protect it from unauthorized access. Comments like those made by Schmidt provide a reason to think twice about using Google for any sensitive or confidential communications.

As Google plants cookies on PC’s to expand the scope of personalized search, or becomes the focal point for Internet traffic with its public DNS, it is privy to a great deal of information which could be used to reach conclusions. It is important for Google to take privacy seriously.

Facebook and Google are facing many of the same challenges. Whether you like the changes introduced by Facebook or not, its hard not to appreciate its attempts to respond to concerns rather than taking the Google approach that unless you wear a tinfoil hat or have terrorist connections you have no right to be concerned about privacy.