June 2008

Stopbadware.org released its May, 2008 report which ranked Google as 5th in hosting badware or infected sites, and China with an infection rate over three times that of the world average.

Stopbadware.org drew its data from Google’s “Safe Browsing” initiative,

note: Google, a sponsor of StopBadware.org, tells StopBadware.org that when a Blogger site is identified as badware by their Safe Browsing initiative, the site is immediately reported to Google’s Blogger group and the site is disabled. However, the URL for the site remains listed as badware until the Safe Browsing systems rescan the site, which means that there is a lag from the time the site is rendered harmless to the time at which it no longer appears in the data used by StopBadware.org for analysis.

{ 0 comments }

Based on a Google blacklist, Firefox 3 blocks sites known to spread malware.

Firefox in action.

{ 0 comments }

The Register reports: NebuAd looks to ’spyware’ firm for recruits.

According to public profiles posted to the social networking sites LinkedIn and LinkSV, NebuAd shares at least five high-ranking employees with Gator Corporation, the company that famously changed its name to Claria in October 2003 in an apparent attempt to shake-off its reputation as a spyware distributor.

These employees are: Scott Tavenner, Vice President of Business Development; Chuck Gilbert, Senior Product Manager; Mike Miller, Vice President of Ad Sales; Amy Auranicky, Director of Advertising Sales; and Jeanne Houwelingis, Vice President of Advertising Services.

Like Claria, NebuAd is based in Redwood City, California, and the company registered its domain in June 2006, just as Claria was leaving the adware business.

But NebuAd says that any ties to Claria are tenuous. “NebuAd and Claria are separate companies with different investors and management and have never been associated with each other,” reads a statement from NebuAd.

http://www.nebuad.com/

Through our unique technology and ISP partnerships, NebuAd combines web-wide consumer visibility with micro-targeted ads delivered at the right time in the buying cycle. This network-level approach enables behavioral targeting to finally attain its true promise of a greater scale of impressions, and greater relevance to drive increased revenue per impression.

Gigaom: Internet Watchdogs Attack NebuAd
ClickZ: Questions for Bob Dykes, NebuAd CEO
Ars Technica: NebuAd ads inserted via “man-in-the-middle attack”
MediaPost: NebuAd Accused Of Ignoring Online Privacy Basic Rules
Wired Blog Network: NebuAd Forges Packets, Violates Net Standards
Techdirt: Research Into NebuAd Finds Controversial And Potentially Illegal Tactics
Wired Blog Network: NebuAd Defends Murky System to ‘Opt-Out’ From Charter Snooping
Etc…

Edit:

Heise Online UK:
Report slams US advert server for “wiretapping, forgery and browser hijacking”

US personalised advert server NebuAd has been accused by lobbying group Free Press of tampering with web traffic and third party page content and illicit redirection of users’ requests.

The matter has already been put before the US Congress.

Charter Watcher:
Some background on NebuAD

For those of you keeping score at home, that’s 5 confirmed Gator/Claria connections, 2 connections to other spyware companies, a security guy, and a deep packet inspection guru thus far.

Are these the people we really want running a network which has unfettered access to the most intimate aspects of our lives? Even if what they were doing was legal, which is (sic) isn’t, do these seem like the best people with whom to team up?

{ 2 comments }

Previous Certifiedbug: Zango now

John Cook, Seattle PI

Sources say that two executives have also departed, including Executive Vice President of Corporate Development York Baur and Chief Technology Officer Ken Smith. Smith, who co-founded the company in 1999, is the brother of Chief Executive Keith Smith. A Zango spokesman declined to comment on the departures.

Ken Smith about his departure, Moving On

But nine years is a long time, and I’ve made the difficult decision that it’s time to move on. Yesterday, as part of its transition over to its Platrium platform, Zango had to lay off 68 employees, roughly one third of its work force, and I took the opportunity to tender my resignation as well.

Introduction to the Platrium Playbar:

Platrium is your access key to premium content. It is FREE, paid for by advertising. While online & using keywords sent to Platrium from your Internet browsing, Platrium software (with Weather forecast) will show targeted ads in a temporary Slider; relevant search suggestions in the Playbar; & comparison shopping offers in a Sidebar browser pane. The Playbar provides easy access to 1000s of emoticons, avatars, games & more, when online. Platrium runs continuously & updates automatically, ensuring access to the freshest content. Uninstallation is easy via Add/Remove Programs.

“Make Platrium your default home page” is pre-checked by default.

The Platrium search function directs searches to sponsored results on “Shopbrite”.

{ 4 comments }

Apple had previously said that the vunerability, found by security consultant Nitesh Dhanjani and dubbed the”carpet bombing” bug, would not be treated as a security issue, but rather filed as an enhancement request.
Certifiedbug: Apple’s Safari Carpet Bomb

A second researcher, Aviv Raff, found a way to execute files on the desktop without notifying the user.
Safari pwns Internet Explorer

Microsoft released a Security Advisory (953818) May 30th:
Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform

Apple:

To help mitigate this issue, the Safari browser has been updated to prompt the user prior to saving a download file. Also, the default download location is changed to the user’s Downloads folder on Windows Vista, and to the user’s Documents folder on Windows XP. This issue does not exist on systems running Mac OS X.

About the security content of Safari 3.1.2 for Windows

{ 0 comments }

According to Tipping Point’s Zero Day Initiative, the vulnerability was reported within the first five hours of Firefox 3’s release.

While Mozilla is working on a fix, we wont be divulging anything else until a patch is available, adhering to our vulnerability disclosure policy.  Once the issue is patched, we’ll be publishing an advisory here. Working with Mozilla on past security issues, we’ve found them to have a good track record and expect a reasonable turnaround on this issue as well.

{ 0 comments }

3.0 does not show on Mozilla as of writing, and my browser’s internal updater did not find a new version.
http://www.mozilla.com/en-US/firefox/all.html

I downloaded Firefox 3.0 from File Hippo:
http://www.filehippo.com/download_firefox/

Most of my add-ons worked after installation, a couple were updated shortly thereafter.

If you like to use duplicate tabs and the add-on is not yet compatible with the latest upgrade, Firefox 3.0 allows Ctrl+Drag Tab for placement.

{ 0 comments }

http://www.opera.com/products/desktop/security/

In Opera 9.5, Fraud Protection is enabled by default, automatically detecting and warning you about fraudulent Web sites. Fraud Protection is powered with phishing information from Netcraft and PhishTank, and Malware protection from Haute Secure.


Opera now supports EV Certificates. Issued under stricter criteria, they provide added assurance for EV enabled web sites, that they are who they claim to be.

http://www.opera.com/download/

{ 0 comments }

Now researchers at Intel believe that they can double a laptop’s battery life without changing the battery itself. Instead, they would optimize power management–system wide–of the operating system, screen, mouse, chips inside the motherboard, and devices attached to USB ports.

http://www.technologyreview.com/Infotech/20901/?a=f

{ 0 comments }