Spyware Researcher Ben Edelman published an article today regarding ComScore’s recent multiple RelevantKnowledge installations that occur without user consent.
From the monthly archives:
June 2007
Microsoft MVP and friend Corrine Chorney, was the first guest in a series of interviews to come at Windows Vista for beginners, “Getting to know the Microsoft enthusiasts.”
I rather like this sentiment:
Beyond the number of views and blog analytics, this belief that I have always held was illustrated by Sean O’Driscoll, Microsoft General Manager, Customer Service and Support Community and MVP, in his blog post where he wrote: “3 people helped each day, “paid forward” by each person helps 4.7M people in two weeks.”
We’ve been pleased with the response to the program, which has enabled thousands of multi-computer families to upgrade more than one PC in their home to Windows Vista.
You can still take advantage of this offer until 11:59 PM Pacific Time on 30 June 2007.
Bring Home More “Wow”
TechNet: http://www.microsoft.com/technet/community/chats/default.mspx
Exchange Server Q&A with the MVP Experts
Exchange MVPs will be on hand to answer your questions about Exchange Server, Outlook and Exchange for Small Business Server.
Chat 1
When: Tuesday June 19th
Time: 5pm PST or 8pm EST
Where: TechNet Chat Room www.microsoft.com/technet/community/chats/chatroom.aspx
No password requiredChat 2
When: Thursday June 21st
Time: 10am PST or 1pm EST
Where: TechNet Chat Room www.microsoft.com/technet/community/chats/chatroom.aspx
No password required
Q&A with the Security MVP Experts
In this chat the MVP experts will answer your questions regarding online safety issues such as phishing, spyware, rootkits as well as server related topics. If you have questions on how to protect your PC, please bring them to this informative chat.
When: Thursday June 21st
Time: 4pm PST and 7pm EST
Where: TechNet Chat Room www.microsoft.com/technet/community/chats/chatroom.aspx
No password required
Vista Team Blog
An astute Windows user was intrigued by the holographic image on the face of the Windows Vista Business DVD and decided to take a much closer look, discovering in the margin a microscopic photograph of three men. Just who they could be? The user posted a blog entry mentioning the discovery, which was noticed by a few others in the community and has prompted a number of people to contact us in Windows to find out just exactly what is going on.
The real story is interesting, but conspiracy theorists will be disappointed to learn that it is not the result of a deliberate attempt to deceive. The photo displays members of the team who worked on the Windows Vista DVD hologram design.
We knew that. 
FBI Press Release. http://www.fbi.gov/pressrel/pressrel07/botnet061307.htm
Over 1 Million Potential Victims of Botnet Cyber Crime
Today the Department of Justice and FBI announced the results of an ongoing cyber crime initiative to disrupt and dismantle “botherders” and elevate the public’s cyber security awareness of botnets. OPERATION BOT ROAST is a national initiative and ongoing investigations have identified over 1 million victim computer IP addresses. The FBI is working with our industry partners, including the CERT Coordination Center at Carnegie Mellon University, to notify the victim owners of the computers. Through this process the FBI may uncover additional incidents in which botnets have been used to facilitate other criminal activity.
A botnet is a collection of compromised computers under the remote command and control of a criminal “botherder.” Most owners of the compromised computers are unknowing and unwitting victims. They have unintentionally allowed unauthorized access and use of their computers as a vehicle to facilitate other crimes, such as identity theft, denial of service attacks, phishing, click fraud, and the mass distribution of spam and spyware. Because of their widely distributed capabilities, botnets are a growing threat to national security, the national information infrastructure, and the economy.
“The majority of victims are not even aware that their computer has been compromised or their personal information exploited,” said FBI Assistant Director for the Cyber Division James Finch. “An attacker gains control by infecting the computer with a virus or other malicious code and the computer continues to operate normally. Citizens can protect themselves from botnets and the associated schemes by practicing strong computer security habits to reduce the risk that your computer will be compromised.”
The FBI also wants to thank our industry partners, such as the Microsoft Corporation and the Botnet Task Force, in referring criminal botnet activity to law enforcement.
Cyber security tips include updating anti‑virus software, installing a firewall, using strong passwords, practicing good email and web security practices. Although this will not necessarily identify or remove a botnet currently on the system, this can help to prevent future botnet attacks. More information on botnets and tips for cyber crime prevention can be found online at www.fbi.gov.
The FBI will not contact you online and request your personal information so be wary of fraud schemes that request this type of information, especially via unsolicited emails. To report fraudulent activity or financial scams, contact the nearest FBI office or police department, and file a complaint online with the Internet Crime Complaint Center, www.ic3.gov.
To date, the following subjects have been charged or arrested in this operation with computer fraud and abuse in violation of Title 18 USC 1030, including:
- James C. Brewer of Arlington, Texas, is alleged to have operated a botnet that infected Chicago area hospitals. This botnet infected tens of thousands of computers worldwide. (FBI Chicago);
- Jason Michael Downey of Covington, Kentucky, is charged with an Information with using botnets to send a high volume of traffic to intended recipients to cause damage by impairing the availability of such systems. (FBI Detroit); and
- Robert Alan Soloway of Seattle, Washington, is alleged to have used a large botnet network and spammed tens of millions of unsolicited email messages to advertise his website from which he offered services and products. (FBI Seattle)
The FBI will continue to aggressively investigate individuals that conduct cyber criminal acts.
ABC News reports the FBI has identified 1 million computer addresses that have been hacked by criminals who hijack other people’s computers, turn them into servers and use them to send out massive amounts of spam and spyware.
Story abcNews
The home of Spybot-Search and Destroy.
News Link 11. June 2007
Also, after struggling for months with Microsoft about Spybot - Search & Destroy 1.5 and the more advanced Certified for Vista logo, we have decided not to get our next release certified. While we found the “Certified for Vista” logo requirements to be very useful to enforce a high software quality in general, it has a huge drawback, which essentially makes every certified security software prone to getting disabled by malware. Under these circumstances, version 1.5 will only receive the “Works with Windows Vista” logo, but at least there’s nothing left blocking the release, which will take place as a beta version this week.
For those interested in the technical background of the decision:
Microsoft requires software that applies for this logo program to immediately crash when confronted with a situation described by Microsoft in detail. The background of this still is useful in a standard situation - software that has bugs should actually crash instead of just trying to hide them, so that Windows Error Reporting can log the problem and forward it to the developer. This way Microsoft can assure that applications that are part of the “Certified for Vista” program are of high quality.
However, In the context of a security application, this is hazardous: if malware writers can use a perfectly documented way to crash a security application, the overall security is greatly harmed. To avoid this, we suggested some alternatives to Microsoft that would not compromise the goal of submitting bug reports on errors that are the fault of the developer of the software. In the end though, some people at Microsoft seem to be too certain that Vista is absolutely safe, upon which we do not intend to comment, since key Microsofts employees have already done so, for example Jim Allchin or Mark Russinovich.
http://www.spybot.info/en/news/2007-06-11.html
Article:Vista Team Blog
The Microsoft Office Outlook Connector is designed to let you access your Windows Live Hotmail account through Outlook 2003 or Outlook 2007. You will be able to download and install the Connector to sync up your email and contacts in Windows Live Hotmail for free. However, if you are a paid subscriber of MSN Premium, Office Live Essentials, or Office Live Premium you will get the added functionality of being able to sync up your calendar, tasks and notes from Outlook to Windows Live Hotmail.
Monday, Apple released Safari 3 Beta for Windows. http://www.apple.com/safari/download/
Just hours later researchers were blogging about bugs, crashes and potential exploits.
Researcher Aviv Raff: Aviv Raff On .NET
Security researcher David Maynor: Errata
Ryan Naraine at Zdnet: Safari on Windows could be big target for malware
Leander Kahney, Cult of Macintosh: Who in Their Right Mind Would Run Safari on Windows?
On the Safari download page:
Security
Apple engineers designed Safari to be secure from day one.
