|
|
|
|
the console view 
|
|
News from the world of business, technology, education and design that you might have missed otherwise. Culled from authoritative sources only.
RSS/XML Feeds
|
Friday, September 28, 2007
Microsoft confirms stealth WU update mucks up XP restore
"Microsoft Corp. today confirmed that Windows XP users who repair the operating system cannot update their PCs with the latest patches because of a file included with the stealth update pushed out to machines this summer. 'When an XP repair CD is used, it replaces all system files (including Windows Update) on your machine with older versions of those files and restores the registry,' said Nate Clinton, program manager for Windows Update (WU), in a post to the Microsoft company blog dedicated to the update service. 'However, the latest version of Windows Update includes 'wups2.dll' that was not originally present in Windows XP. Therefore, after the repair install of the OS, wups2.dll remains on the system, but its registry entries are missing. This mismatch causes updates to fail installation.' The Windows Secrets newsletter reported the patch installation failures after tests on Windows XP machines that had been restored by an in-place reinstall. The root of the problem, said the publication, is that seven DLLs from the latest revision to WU -- not just one -- failed to register themselves with XP. Microsoft could not provide an explanation for the discrepancy between the claims. "
|
 |
 |
 |
 |
 |
![[XML|Atom Feed]](http://www.westofeast.com/images/xml.jpg)
![[RSS 2.0 Feed]](http://www.westofeast.com/images/rss.jpg)
![[Powered by Blogger]](http://buttons.blogger.com/bloggerbutton1.gif){kind=small}
A great article on "Web 2.5" technologies...
"In an audit of IRS security rules by the Treasury Inspector General for Tax Administration, it appears that they were able to successfully social engineer IRS employees into improperly disclosing their user names and passwords — a staggering 61% of the time.
According to the report, a caller posed as a technical support person and contacted 102 employees. On the pretext of solving a computer problem, he attempted to persuade them to temporarily change his or her password to one based on his suggestion.
The especially disturbing part here is the revelation that IRS actually took many measures to improve their security awareness after two similar test telephone calls in 2001 and 2004. The report sums the efforts: “… the corrective actions have not been effective.”
It is needless to say that the employees were putting the IRS at risk of providing unauthorized people access to taxpayer data. Still, is this case simply a sign of the impossibility of educating end-users, especially in a large corporation or organization spanning multiple locations, or is it due to the lack of a proper system?"
The use of social networking sites worldwide has grown substantially in the past year, with some sites seeing total visits increase as much as sevenfold, according to a study released Tuesday by Internet measurement company comScore Inc.
MySpace, for example, drew more than 114 million global visitors in June 2007, a 72% increase over the past year, comScore noted. Facebook, which in September stopped limiting access to only college or university students or workers, experienced a 270% increase in worldwide visitors over the past year, according to the study.
Bebo, a popular social networking site in the U.K., experienced 172% growth, with 18 million visitors in June. Tagged, a social networking site aimed at teenagers, grew 774% over the past year, attracting 13 million visitors in June.
"Literally hundreds of millions of people around the world are visiting social networking sites each month, and many are doing so on a daily basis," said Bob Ivins, comScore executive vice president of international markets, in a statement. "It would appear that social networking is not a fad but rather an activity that is being woven into the very fabric of the global Internet."
The study also showed that some resonate more strongly in particular regions. MySpace.com and Facebook, for example, both pull in about two-thirds of their audiences from North America, while 63% of Bebo users hail from Europe.
Orkut, Google Inc.'s social networking site, draws 49% of its audience from Latin America, while 89% of Friendster visitors come from the Asia-Pacific region.
"There's a new breed of ransomware in town, and it raises the stakes compared to previous viruses of this sort. Both Sinowal.FY and Gpcode.ai have been identified by security companies PandaLabs and Kaspersky Lab as malicious strains of older Trojans that encrypt users' files so that they can no longer be accessed. The Trojan then plants a readme.txt where users will find it, and inside, demands $300 in order to decrypt the files.
The ransom note tells the user in broken English that the files have been encrypted using RSA-4096 and that unless cold, hard cash is forked over within a period of time, the content of the files will be shared with the world and then deleted. However, PandaLabs says that these are empty threats—the files merely remain encrypted on the user's computer. Not only that, but Kaspersky Lab analyst Aleks Gostev claims that the Trojan actually has a limited shelf life of between July 10 to July 15 (for reasons only the Trojan-writers understand). He also points out on his personal blog that the Trojan-writers' claim of having used an RSA-based algorithm is false: '[T]here's no sign of RSA-4096,' Gostev writes. "
In short - don't panic and DON'T PAY ANYTHING! Agencies are working on finding a way to decrypt the files and the decryption solution will be available soon.
Sometimes the goal is to steal your domain, sometimes just to steal money from you. But be very careful when you get a domain renewal notice; if it's not from your registrar, it's not to be trusted. Thanks to the folks at Domain Name Wire for blogging about a serious scam designed to steal money from domain name owners. You could say it's a new sort of phish.
Domain renewal scams are not a new thing. Because whois information is public, unscrupulous registrars have, for years, harvested the information in it and sent renewal notices to unwitting customers of other domains. If you "renew" you actually end up transferring the domain name and perhaps incurring additional charges.
Within weeks of its October 2006 launch, IE7 accounted for nearly 10% of all browsers used on the Web, reported Aliso Viejo, Calif.-based Net Applications in its latest look at browser use. Over the next three months, IE7 posted month-to-month gains that ranged from 4% to almost 10%, so that by the end of February, it owned 29.1% of the market. Since then, however, it's taken two months to grow another point and a half.
The plateauing of IE7 is both striking and no surprise, said Geoff Johnston, an analyst at rival metrics firm WebSideStory. "In the last three months, IE7's growth has slowed to a trickle," said Johnston. "IE7 has a decent enough number -- 31% as of last week -- but IE6 is still higher, at 46%-47%."
Net Applications' numbers match those of WebSideStory.
Microsoft began feeding IE6 users automatic update offers to IE7 in early December 2006. Users, however, were allowed to decline the upgrade to IE7, and enterprises were given tools to block the move to the new browser. Microsoft also committed to supporting the older browser until 2014.
"Consumer apathy, or laziness, is extremely difficult to overcome," said Johnston. "Lots of people are obviously quite happy with IE6 and don't see any reason to upgrade as long as it's working for them."
Even the introduction of Windows Vista, which runs only IE7, hasn't made a difference of late. After a 4% jump in IE7 use from the end of January to the end of February -- Vista was released to consumers on Jan. 30 -- adoption slowed to 0.9% the next month and just 0.6% in March.
The stalled uptake of IE7 contrasts with a steadier migration of Firefox users from the older Version 1.5 to Version 2.0. In the seven months since Mozilla Corp.'s Firefox 2.0 debuted, it has essentially swapped places with 1.5; by the end of April, said Net Applications, Version 2.0 accounted for 10.2% of all browsers, close to the 10.5% that Firefox 1.5 controlled last November. It has only been in the past month that Firefox 2.0's uptake slowed to less than half the earlier month-to-month average.
According to Net Applications, Firefox now holds 15.4% of the browser market, while Internet Explorer has 78%. Apple Inc.'s Safari also posted an increase in April and now stands at 4.6%; Opera Software ASA's Opera browser slipped slightly and remains under 1%.
A little more about the controversy over GPL3 and why you should care...and you SHOULD care, especially if, like myself and many of my clients, you use open source and/or free software.