The closure of a web hosting firm that is believed to have had spam gangs as clients has led to a drastic reduction in junk mail.

Two US internet service providers have pulled the plug on the firm McColo following an investigation by the Washington Post newspaper.

Anti-spam firm Ironport has seen junk mail levels drop by 70% since McColo was taken offline on 11 November.

But, it warned, it will be a temporary respite from the menace of spam.

“It is an unprecedented drop but will be a temporary outage as the networks move from North America to places where there is less scrutiny,” said Jason Steer, a spokesman for Ironport.

The Washington Post has been gathering data on McColo for the past four months and passed the information to its internet service providers, Global Crossing and Hurricane Electric.

Both decided to pull the plug on the firm on Tuesday.

It is believed that it hosted gangs running botnets - networks of computers that have been taken over by criminals to send malicious software and spam.

According to MessageLabs, botnets are responsible for over 90% of spam.

Increasingly the tech industry is fighting back.

“All the US internet peering companies are under much more scrutiny. The authorities and the internet community have woken up to the problem,” said Mr Steer.

But while it might make criminals think more carefully about what they do, it will not stop them, he thinks.

“Spam levels will come back to normal as we build up to Thanksgiving and Christmas,” he said.

A recent study by computer scientists from the University of California, Berkeley and UC, San Diego (UCSD) found that spammers manage to turn a profit despite only getting one response to every 12.5m emails they send.

Source: BBC News

Windows 3.x has come to the closing moments of its long life.

On 1 November Microsoft stopped issuing licences for the software that made its debut in May 1990 in the US.

The various versions of Windows 3.x (including 3.11) released in the early 1990s, were the first of Microsoft’s graphical user interfaces to win huge worldwide success.

They helped Microsoft establish itself and set the trend for how it makes its revenues, and what drives the company until the present day.

For many computer users 3.x was the first Windows-based operating system they used, and the software established the iconography of Microsoft’s flagship product.

As it was updated the software started to make PCs a serious rival to Apple machines, as it could take advantage of much improved graphics, had a broader colour palette, and could use multimedia extras such as sound cards and CD Rom drives.

Microsoft maintained support for Windows 3.x until the end of 2001, and it has lived on as an embedded operating system until 1 November 2008.

Windows 3.x has found a role onboard some long-haul jet aircraft.

As an embedded system, it was used to power such things as cash tills in large stores and ticketing systems.

One of its more glamorous uses as an embedded operating system is to power the in-flight entertainment systems on some Virgin and Qantas long-haul jets.

Stefan Berka, who runs the GUI Documentation Project, said the important technical innovations in the software were its extended memory that could address more than 640KB and the improvements to hardware support.

The fact that it was 100% compatible with older MSDOS applications helped too.

Windows 3.x required an 8086/8088 processor or better that had a clock speed of up to 10MHz. It needed at least 640KB of RAM, seven megabytes of hard drive space, and a graphics card that supported CGA, EGA and VGA graphics.

By comparison, the Home Basic version of Windows Vista requires a 32-bit 1GHz processor, 512MB of RAM, 20GB of hard drive space, and a graphics card with at least 32MB of memory.

“I haven’t received an e-mail about Windows 3.11 for a long time,” said Andy Rathbone, author of a Dummies guide to the software. “But I wouldn’t be surprised if some people still use it.”

Sales of the software still pop up on eBay, he said, but not at a price that would tempt him to part with his unopened copy of Windows 3.1.

Agent Quang from home IT support firm The Geek Squad, said he regularly encountered venerable operating systems in customer’s homes but it had been a long time since he saw Windows 3.x.

“The majority of machines we run see are running XP,” he said, “Vista is still a bit flaky here and there and people are not comfortable with it.”

But, he said, Windows 95 and 98 were still popular with some customers.

“We see them on laptops and people are unwilling to let them go,” he said. “It’s perhaps because in the early days laptops cost a lot more money they do now, and there’s much more perceived value there.”

Agent Quang’s personal favourite operating system was Windows 98 because, by the end of its life, the software was so solid.

He said anyone running an ageing operating system might face problems as they try to find a web browser that could run on it and display the latest online innovations.

“We had a case a while ago a customer with a Windows 98 machine trying to view her website and the pictures were just not coming up,” he said. “Eventually we had to install Netscape Navigator to get it working.”

Stefan Berka said he had recently re-installed Windows 3.11 on a computer and was surprised at the results.

“Personally, I had fun at my last Windows 3.11 test installation to make it a useful desktop operating system again,” he said.

“With patched SVGA driver for 1024×768 resolution, Internet Explorer 5, WinZIP, VfW and Video Player, it was still useful,” he said. “The desktop was ready after a few seconds loading time.”

Said Mr Rathbone: “Windows 3.11 would still work reasonably well today, provided it only ran software released around the same time.”

He cautioned against anyone considering returning to the olden days and using it as their mainstay operating system.

He said: “I wouldn’t connect it to the internet, though, as it’s not sophisticated enough to ward off attackers.”

Increasing numbers of teenagers are starting to dabble in hi-tech crime, say experts.

Computer security professionals say many net forums are populated by teenagers swapping credit card numbers, phishing kits and hacking tips.

The poor technical skills of many young hackers means they are very likely to get caught and arrested, they say.

Youth workers added that any teenager getting a criminal record would be putting their future at risk.

Many teenagers got into low level crime by looking for exploits and cracks for their favourite computer games.

Communities and forums spring up where people start to swap malicious programs, knowledge and sometimes stolen data.   For a kid, getting a criminal record is the worst possible move

Some also look for exploits and virus code that can be run against the social networking sites popular with many young people. Some then try to peddle or use the details or accounts they net in this way.

Mr Boyd said he spent a lot of time tracking down the creators of many of the nuisance programs written to exploit users of social networking sites and the culprit was often a teenager.

From such virus and nuisance programs, he said, many progress to outright criminal practices such as using phishing kits to create and run their own scams.

“Some are quite crude, some are clever and some are stupid,” he said.

The teenagers’ attempts to make money from their life of cyber crime usually came unstuck because of their poor technical skills.

“They do not even know enough to get a simple phishing or attack tool right,” said Kevin Hogan, a senior manager Symantec Security Response.

“We have seen phishing sites that have broken images because the link, rather than reference the original webpage, is referencing a file on the C: drive that is not there,” he said.

Symantec researchers have collected many examples of teenagers who have managed to cripple their own PCs by infecting them with viruses they have written.

Chris Boyd from FaceTime said many of the young criminal hackers were undermined by their desire to win recognition for their exploits.Â
Many teenage hackers publicise their exploits on YouTube

“They are obsessed with making videos of what they are doing,” he said.

Many post videos of what they have done to sites such as YouTube and sign on with the same alias used to hack a site, run a phishing attack or write a web exploit.

Many share photos or other details of their life on other sites making it easy for computer security experts to track them down and get them shut down.

Mr Boyd’s action to shut down one wannabe hacker, using the name YoGangsta50, was so comprehensive that it wrung a pledge from the teenager in question to never to get involved in petty hi-tech crime again.

Mathew Bevan, a reformed hacker who was arrested as a teenager and then acquitted for his online exploits, said it was no surprise that young people were indulging in online crime.

“It’s about the thrill and power to prove they are somebody,” he said. That also explains why they stuck with an alias or online identity even though it was compromised, he added.

“The aim of what they are doing is to get the fame within their peer group,” he said. “They spend months or years developing who they are and their status. They do not want to give that up freely.”

Graham Robb, a board member of the Youth Justice Board, said teenagers needed to appreciate the risks they took by falling into hi-tech crime.

“If they get a criminal record it stays with them,” he said. “A Criminal Record Bureau check will throw that up and it could prevent access to jobs.”

Anyone arrested and charged for the most serious crimes would carry their criminal record with them throughout their life.

Also, he added, young people needed to appreciate the impact of actions carried out via the net and a computer.

“Are they going to be able to live with the fact that they caused harm to other people?” he said. “They do not think there is someone losing their money or their savings from what they are doing.

“For a kid, getting a criminal record is the worst possible move.”

 

Source - BBC

 

 

Â

More than 75% of internet users who have stumbled across pictures of online child sex abuse had no idea of where to report it, a new survey reveals
The poll for the Internet Watch Foundation, a charity that shuts down illegal content, found 77% of people were unaware that it ran a “hotline” for reporting abusive material.

“The UK has a very proactive approach to tackling child sexual abuse content online but we could do even more with the public’s help,” says IWF chief executive Peter Robbins.

“Internet consumers should know that if they do stumble across these images then it’s vital to report them to the IWF.”

People who report illegal content through the IWF website are protected by law, he says. Users of the site can also report anonymously, or leave their contact details should they wish to be informed of what’s happening to the site they reported.

The IWF website received nearly 35,000 reports in 2007, but the organisation wants to raise awareness further and is rolling out an advertising campaign including banner adverts to educate people about the site.

 

Source - PC Pro

The Government says it has no plans to roll out e-voting for the next election, potentially signalling an end to its interest in the technology.
The Government’s stance was revealed in a written statement to parliament, in which Michael Wills, minister of state for the Ministry of Justice wrote: “The Government does not plan to introduce e-voting for the 2009 European or local elections.

“The way forward more generally on e-voting will be informed by the valuable experience gained from earlier pilots, analysis of the responses to the election day consultation, and further development work including the possible further testing of e-voting solutions in non-statutory elections.”

Trials of the technology have already drawn heavy criticism, with its use in London’s 2008 mayoral election described by the Open Rights Group as “weak in design and testing.”

The Electoral Commission has also admitted to reservations about the technology, arguing that security around e-voting needs to be beefed up before further large scale trials go ahead.

Microsoft’s profits rose 2% to hit $4.37 billion in the first quarter, bolstered by its licensing agreements with larger companies.
In the months to September, the Redmond Giant saw sales rise 9% to $15.1 billion, driven by its computer server software. According to the company, sales in its server division rose 18%, with Windows Server 2008 and SQL Server 2008 the two stars of the show.

Despite a $300m advertising campaign, however, it appears customers are still wary of Vista. The Client division, which is responsible for selling XP and Vista, saw a rise of just 1.9%, with earnings dropping 3.6% to $3.3 billion.

Microsoft’s chief financial officer Chris Liddell says the company expects the current soft demand for products to continue, as large manufacturers switch to selling netbooks.

The company also reported a slowdown in demanded from small to medium sized businesses, worried about the impact of the credit crunch.

Microsoft now plans to cut costs by $500 million in the current financial year, with hiring, travel and marketing costs all expected to come under the microscope.

Virgin Atlantic is instigating disciplinary proceedings against staff who criticised the airline’s safety record on Facebook.
The staff reportedly made derogatory comments about Virgin’s fleet of five Boeing 747s that are based at Gatwick airport. Comments were also made about Virgin customers, according to a report on the BBC.

In a statement published on Virgin’s official Facebook site, the company says it plans to deal with the dissenters.

“Virgin Atlantic has been made aware of some malicious comments that have been made on a social networking site by a small number of its staff,” the statement reads.

“The airline has started an immediate disciplinary investigation. We do not tolerate any criticism of our passengers or industry-leading safety standards and we are taking this matter very seriously.”

The company has also strenuously denied allegations of poor safety and on-board hygiene. “Safety is our top priority and we operate our fleet of aircraft in strict compliance with all manufacturers’ and safety authorities’ recommendations and regulations,” Virgin claims.

The case will once again highlight the problems of staff discussing company business on public social-networking sites, although it’s not clear whether the employees were posting in work time or in a personal capacity.

Swiss researchers have demonstrated a variety of ways to eavesdrop on the sensitive messages computer users type by monitoring their wired keyboards. At least 11 models using a wide range of connection types are vulnerable.

The researchers from the Security and Cryptography Laboratory at Ecole Polytechnique Federale de Lausanne are able to capture keystrokes by monitoring the electromagnetic radiation of PS/2, universal serial bus, or laptop keyboards. They’ve outline four separate attack methods, some that work at a distance of as much as 65 feet from the target.

In one video demonstration, researchers Martin Vuagnoux and Sylvain Pasini sniff out the the keystrokes typed into a standard keyboard using a large antenna that’s about 20 to 30 feet away in an adjacent room.

“We conclude that wired computer keyboards sold in the stores generate compromising emanations (mainly because of the cost pressures in the design),” they write here. “Hence they are not safe to transmit sensitive information.”

No doubt, electromagnetic eavesdropping dates back to the mid 1980s, if not earlier. But Vuagnoux says many of today’s keyboards have been adapted to prevent those attacks from working. The research shows that even these keyboards are vulnerable to electromagnetic sniffing.

The video demonstrations show a computer that reads input from antennas that monitor a specified frequency. In both cases, the computer was able to determine the keystrokes typed on keyboards connected to a laptop and power supply and LCD monitors were disconnected to prevent potential power transmissions or wireless communications. Vuagnous said in an email that the attacks would still work even if the power supplies and monitors were plugged in.

The demonstration has already gotten the attention of other security researchers.

“It’s definitely believable that this is possible,” Charlie Miller, principal security analyst for Independent Security Evaluators. “It is very James Bond.”

The idea would be for an attacker to sniff passwords and other sensitive data using equipment located in an adjacent hotel room, office, or home.

Even still, it’s easy to see the limitations of such attacks. Interference from other televisions, lights, or other devices seems likely, although the video demonstrations suggest that the attacks work even when there are nearby computer monitors. The other thing that makes the attack unfeasible is the amount of sophisticated equipment required. Given all the fuss and expense, why not just sneak a keylogger onto the target’s machine?

The Government is pressing ahead with plans to create a giant database of mobile phone and internet activity.
The proposed database will provide police and intelligence services with details of mobile phone calls, emails and internet sites visited. The actual content of the phone calls and messages won’t be recorded, just the dates, duration and location/IP address of messages sent.

The Home Secretary claims the database is vital to combat crimes as wide ranging as terrorism and paedophilia. “Our ability to intercept communications and obtain communications data is vital to fighting terrorism and combating serious crime, including child sex abuse, murder and drugs trafficking,” Jacqui Smith claims.

“Communications data - that is, data about calls, such as the location and identity of the caller, not the content of the calls themselves - is used as important evidence in 95% of serious crime cases and in almost all security service operations since 2004.”

She even suggested that child murderers such as Ian Huntley could escape detection without such a scheme. “We will lose this vital capability that we currently have and that, to a certain extent, we all take for granted.

“The capability that enabled us to convict Ian Huntley for the Soham murders and that enabled us to achieve the convictions of those responsible for the 21/7 terrorist plots against London.”

Opposition parties have labelled the plans oppressive. “The Government’s Orwellian plans for a vast database of our private communications are deeply worrying,” Liberal Democrat Home Affairs spokesman, Chris Huhne, told the BBC.

“I hope that this consultation is not just a sham exercise to soft-soap an unsuspecting public.”

The scope of the Government’s plans could extend beyond mobile phone networks and ISPs. A Whitehall spokesman quoted in The Guardian said the Government is increasingly concerned about webmail services and social networks, where people can communicate in relative anonymity.

“People have many accounts and sign up as Mickey Mouse and no one knows who they are,” the spokesman claims. “We have to do something.”

Microsoft is hoping to release SP2 for Vista and Server 2008 before it releases a Windows 7 beta later this year, reports claim.
The company has created a Knowledge Base article documenting the new updates, although details of expected features and release dates are currently thin on the ground.

It is thought, however, that several hardware manufacturers have already received advance copies of the software, expected to include Hyper-V and several security fixes.

“This article discusses a beta release of a Microsoft product. Currently, the product release notes and related information about Windows Server 2008 SP2 and Windows Vista SP2 are not available,” explains the article.

The company is expected to release a public beta of Windows 7 towards the end of this year, and many current Windows XP users are expected to wait for the new version, without upgrading to Vista in the interim. This leaves little time to rollout the updates to Vista and Server 2008 if they are to precede Windows 7.

Microsoft has recently launched a $300 million marketing campaign designed to improve disappointing Vista sales, featuring comedian Jerry Seinfeld.

“What the brand stands for, particularly in the case of Windows Vista, has been defined by the competitors. The time is now for us to get in and start telling our story,” claimed Brad Brooks, a corporate vice president at Microsoft, last month.

Microsoft was unavailable to comment on an expected release date at the time of writing.