25 total posts
Tax prep maker warns customers of Epsilon email hack impact
"Intuit customer addresses aren't part of the hacker haul, but TurboTax maker alerts users anyway"
Intuit on Tuesday warned its customers to be on alert for identity theft scams after a breach at a major marketing firm put millions of email addresses in hackers' hands.
Although the maker of the popular TurboTax tax preparation program and the Quicken personal financial software was not among the more than 50 companies whose customer data was stolen, it cautioned users nonetheless.
"Intuit is not an Epsilon customer so the information you have entrusted with Intuit is not affected," the company said in an alert published Tuesday on its site. "However, Epsilon serves many large organizations including banks, insurance companies and retailers [and] you may have received one or more notices from companies you do business with who are clients of Epsilon."
Irving, Texas-based Epsilon Interactive acknowledged last week that attackers made off with customer email addresses and names, but the company has not shared much more information than that. Others sources, including the IDG News service, however, have confirmed that dozens of companies have notified their customers that their information may have been filched.
Continued : http://www.computerworld.com/s/article/9215533/Tax_prep_maker_warns_customers_of_Epsilon_email_hack_impact
The Chinese bootkit
From the Kaspersky Labs Weblog:
We recently discovered a new bootkit, i.e. a malicious program which infects the hard drive's boot sector. Kaspersky Lab detects it as Rookit.Win32.Fisp.a. The bootkit is distributed by Trojan-Downloader.NSIS.Agent.jd. The Trojan infects the computers of users who try to download a video clip from a fake Chinese porn site.
This downloader is remarkable in that it downloads other malicious programs using a NSIS engine and stores all links in the relevant NSIS-script. [Screenshot]
The dropper Rootkit.Win32.Fisp.a is among the files downloaded by the Trojan-downloader. This malicious program infects the hard drive's boot sector. More specifically, it saves the old MBR to the third sector and replaces it with its own. Starting with the fourth sector, it installs an encrypted driver and the remaining code. [Screenshot]
The malicious program gains control as soon as the infected computer boots. The first thing it does is to substitute the INT 13h interrupt by modifying the interrupt vector table. Then the bootkit restores the original MBR and resumes the normal boot process.
Once a specific part of the system has been booted, the bootkit intercepts the function ExVerifySuite. The installed hook replaces the system driver fips.sys with the malicious driver which was written to the start of the hard drive in an encrypted format. It should be noted that the driver fips.sys is not required for the operating system to run correctly, so the system won't crash when it is replaced.
Continued : http://www.securelist.com/en/blog/434/The_Chinese_bootkit
McAfee recovers from Sesame Street email filter mix-up
McAfee has apologised for a Sesame Street-style mix-up over the weekend that temporarily prevented any customers with addresses that start with the letter A from receiving email.
The glitch - which involved the managed email filtering service from MX Logic, acquired by McAfee back in 2009 - bounced emails sent to supported inboxes that began with an A or a non-alphanumeric special character (eg, @£$).
In a statement, McAfee blamed a rogue script for the mix-up, which has now been resolved.
During scheduled maintenance late Saturday evening and early Sunday morning, a subset of customers experienced temporary account verification issues, impacting non-alphanumeric email addresses and aliases up to the letter "a".
The engineering team monitoring the scheduled maintenance addressed the issue. The root script that caused this issue has been identified and fixed.
Reg reader Simon, who tipped us off about the glitch, said his firm was obliged to turn off the filtering service on Monday morning, as a workaround, until the glitch was resolved.
Continued : http://www.theregister.co.uk/2011/04/06/mcafee_email_filter_screw_up/
Unqualified Names in the SSL Observatory
From the Electronic Frontier Foundation (EFF):
Internet certification authorities (CAs) are charged with the task of vouching for the identities of secure web servers. When you browse to https://www.wellsfargo.com/, your browser knows it's the real wellsfargo.com because VeriSign, a CA, says it is.
However, if CAs don't validate the identities of the sites they vouch for, the whole system breaks down. In this post, I'll discuss one way in which CAs frequently fail.
Using data in EFF's SSL Observatory, we have been able to quantify the extent to which CAs engage in the insecure practice of signing certificates for unqualified names. That they do so in large numbers indicates that they do not even minimally validate the certificates they sign. This significantly undermines CAs' claim to be trustworthy authorities for internet names. It also puts internet users at increased risk of network attack.
Normally, a public CA like Verisign or Comodo should sign only public names. On the internet, only fully-qualified domain names are public and routable. For example, "www.eff.org." is a fully-qualified name. By contrast, the name "www" is unqualified or not fully-qualified. This name is not globally unique, and may refer to a different computer on my network than it does on your network. (On some networks, it may not refer to any computer at all.)
Continued : https://www.eff.org/deeplinks/2011/04/unqualified-names-ssl-observatory
PandaLabs Quarterly Report Q1 2011
These first three months have witnessed some particularly intense virus activity and there have been a number of serious incidents during this period, such as: the largest single attack against Android cell phones, intensive use of Facebook to distribute malware, and an attack by the Anonymous hacktivist group against the HBGary Federal security firm.
There has been a new surge in the number of IT threats in circulation: in the first three months of the year, there was a daily average of 73,000 new samples of malware, the majority of which were Trojans. This means that hackers have created 26 percent more new threats in the first months of 2011 than in the corresponding period of the previous year.
Once again, over this quarter Trojans have accounted for most new threats, some 70 percent of all new malware created. Yet there is a logic to this, as these types of threats are favored by organized criminals for stealing bank details with which to perpetrate fraud or steal directly from victims' accounts.
The quarterly report can be downloaded from here.
DHCP client allows shell command injection
The Internet System Consortium's (ISC) open source DHCP client (dhclient) allows DHCP servers to inject commands which could allow an attacker to obtain root privileges. The problem is caused by incorrect filtering of metadata in server response fields. By using crafted host names, and depending on the operating system and what further processing is performed by dhclient-script, it can allow commands to be passed to the shell and executed. A successful attack does, however, require there to be an unauthorised or compromised DHCP server on the local network.
Dhclient versions 3.0.x to 4.2.x are affected. The ISC has released an update. Alternatively, users can deactivate host name evaluation or add an additional line to dhclient-script. Instructions for doing so can be found in the ISC's advisory.
Continued : http://www.h-online.com/security/news/item/DHCP-client-allows-shell-command-injection-1222805.html
See Vulnerabilities & Fixes: ISC DHCP "dhclient" Response Processing Input Sanitation
Fake AV served up by phony NACHA emails
A little while ago, phishing mails claiming to be from NACHA were in circulation - it seems the phishers have had enough of that, deciding to send out malicious files instead.
The mail claims an attempted bank transfer has gone horribly wrong, and you should open up the file listed as .pdf.exe - whoops - to see what all the commotion is about. [Screenshot]
Hitting the link takes you through a couple of URLs - freenacha-s(dot)info and fasdfq(dot)co(dot)cc/forum(dot)php?tp=27f57d3dcb81f8c0, with a fake 404 error page which serves up a rogue anyway (a member of the FakeSysDef family). [Screenshot]
reportAB8839.exe will give you an unwanted vistor, in the shape of Trojan.Win32.FakeAv.awrp (v). VirusTotal report currently gives a total of 7/40 detections. At time of writing, both Freenacha and fasdfq URls actually do appear to be offline, but the download location for the executable (nacha-report-download(dot)com) is still alive and kicking. No doubt it'll appear in a few more emails before the site goes offline for good.
Israel mulls creation of elite counter-cyberterrorist unit
Israel is mulling the creation of a counter-cyberterrorism unit designed to safeguard both government agencies and core private sector firms against hacking attacks.
The proposed unit would supplement the efforts of Mossad and other agencies in fighting cyberespionage and denial of service attacks. Israel is, of course, a prime target for hackers from the Muslim world.
The country's hi-tech industries also make it an interesting target for cyberespionage from government-sponsored hackers from China and elsewhere. Spear-phishing attacks featuring targeted emails, custom malware and subsequent hacking action have been in the news over recent weeks, in the wake of cyberattacks against EU agencies and oil-prospecting multinationals, to quote just two recent threats.
Major General Isaac Ben-Israel, former head of the Defence Ministry's administration for the development of weapons and technological infrastructure, the main candidate to lead Israel's cyber-defenders, reportedly met with local and international experts for a brainstorming strategy development session late last year.
Continued : http://www.theregister.co.uk/2011/04/06/isreal_mulls_elite_counter_hacker_unit/
Fired Employee Indicted For Hacking Gucci Network
"Former network engineer accused of using stolen VPN token to delete corporate data and email boxes. "
Authorities on Monday indicted a former IT employee at Gucci for hacking into the company's computer network, deleting files and emails, and causing an estimated $200,000 in damage.
"Computer hacking is not a game. It is a serious threat to corporate security that can have a devastating effect on personal privacy, jobs, and the ability of a business to function at all," said Manhattan district attorney Cyrus R. Vance Jr., in a statement.
In a 50-count indictment, authorities charged the former Gucci network engineer -- named as Sam Chihlung Yin, 34, who had been fired in May 2010 for unrelated reasons -- with accessing the Gucci corporate network via VPN on November 12, 2010, and over a two-hour period deleting virtual servers, taking a storage area network offline, and deleting mailboxes from the corporate email server.
"As a result, Gucci staff [were] unable to access any documents, files, or other materials saved anywhere on its network," said authorities.
According to the district attorney's indictment, "Yin's destruction of data from the email server cut off the email access not only of corporate staff, but also of store managers across the country and the e-commerce sales team -- resulting in thousands of dollars in lost sales." While email access was restored by the end of the day, authorities said that a full clean-up took weeks or months of effort.
Continued : http://www.informationweek.com/news/security/NAC/229400909
Also: Fired Gucci Network Engineer Charged for Taking Revenge on Company
Rogue number crunching
Researcher Patrick Jordan put together some statistics on the various Rogues he sees on a daily basis, and I thought it made for some interesting reading.
How are the rogue AV products shaping up in terms of monthly / yearly numbers? Let's take a look at what Patrick has pulled out of a fiery lake of evil through the years: [Screenshot]
No surprises that the new finds keep coming, with the foot really hitting the gas pedal in 2008 and never really letting up. In terms of rogues from various families doing the rounds in 2011 (from the 1st of January to the 31st of March), we have a clear winner: [Screenshot]
The PrivacyCenter rogue sweeps all aside, and probably accepts some sort of award for services to scamming people out of their money (Patrick tells me that "MSE stands for Microsoft Security Essentials which is the fake alert used with the MSE extension"). While I'm not a huge fan of long lists, the following long list gives you an idea of the overwhelming nature of so many fake products hitting the net every other day:
Continued (with remainder of list) here: http://sunbeltblog.blogspot.com/2011/04/rogue-number-crunching.html
Wrap Firefox in a Cocoon of privacy
Web browsers are ground zero for Internet security threats, and the debate over responsibility for preventing those threats has resulted in a Gordian knot. The people behind the new add-on for Firefox called Cocoon (download) want to cut through debate by serving the entire Web to you via proxy. (Cocoon is also available at GetCocoon.com.) [Screenshot]
Made by Santa Barbara, Calif., start-up Virtual World Computing, Cocoon's goal is to put the Internet on a server to prevent individual users from having to touch it, Cocoon Chief Executive Officer and co-founder Jeff Bermant said in an interview today at CNET's San Francisco offices. The add-on, which has about 4,000 users since it entered into private beta 18 months ago, creates a safe state in which the user can browse the Internet by forcing all interactions between the computer in front of you and the Internet to occur over protected SSL connections to Cocoon's servers. Those servers, in turn, are guarded by Security-Enhanced Linux, which was developed by the United States' National Security Agency.
Cocoon opened its beta to the public in January of this year.
Cocoon installs as a toolbar just below the location bar in Firefox 4, although the add-on supports the browser back to Firefox 3.6. You can turn it on or off using the universal power button icon on the left of the toolbar, or "pause" Cocoon lock/unlock button that's next to it. Settings are available from a hard-to-see drop-down arrow just next to the lock button.
Continued : http://download.cnet.com/8301-2007_4-20051064-12.html
LiveJournal under attack
From Kaspersky Labs Weblog:
I don't have a LiveJournal account, but sometimes I'll have a quick read of the blogs during breaks. On 4 April, however, an official announcement by LiveJournal Russia stated that the service had been subjected to a DDoS and was unavailable.
This massive DDoS attack is the second to target LiveJournal over the last few days. Russia's online mass media is currently awash with rumors and speculation about the reasons and aims of the attacks.
We don't know exactly how many botnets took part in the latest attack but we definitely know of one botnet that was involved. It is based on the Optima/Darkness DDoS bot that is currently popular on the Russian-speaking cybercrime black market. Not only are the Trojan programs (bots) themselves on sale, but also infected computer networks that are built with the help of such programs and services offering to carry out DDoS attacks on any given Internet resource.
We have been monitoring one of these Optima botnets for some time now.
Analysis of the data acquired showed that the first DDoS attack on LiveJournal occurred on 24 March. The botnet's owners gave the command to launch an attack on the blog address of the renowned anti-corruption figure Alexey Navalny: http://navalny.livejournal.com. On 26 March, the bots received commands to attack another resource belonging to Navalny: http://rospil.info, and on 1 April, http://www.rutoplivo.ru, another site with a political slant, was targeted.
Continued : http://www.securelist.com/en/blog/442/LiveJournal_under_attack
After Epsilon: Avoiding Phishing Scams & Malware
The recent massive data leak from email services provider Epsilon means that it is likely that many consumers will be exposed to an unusually high number of email-based scams in the coming weeks and months. So this is an excellent time to point out some useful resources and tips that can help readers defend against phishing attacks and other nastygrams.
Don't take the bait: Many people are familiar with the traditional phishing attack, which arrives in an email that appears to have been sent from your bank or ISP, warning that your account will be suspended unless you take some action immediately, usually clicking a link and "verifying" your account information, user name, password, etc. at a fake site. Commercial emails that emphasize urgency should be always considered extremely suspect, and under no circumstances should you do anything suggested in the email. Phishers count on spooking people into acting rashly because they know their scam sites have a finite lifetime; they may be shuttered at any moment (most phishing scams are hosted on hacked, legitimate Web sites). If you're really concerned, pick up the phone (gasp!) and call the company to find out if there really is anything for you to be concerned about.
Links Lie: You're a sucker if you take links at face value. For example, this might look like a link to Bank of America, but I assure you it is not. To get an idea of where a link goes, hover over it with your mouse and then look in the bottom left corner of the browser window. Yet, even this information often tells only part of the story, and some links can be trickier to decipher. For instance, many banks like to send links that include ridiculously long URLs which stretch far beyond the browser's ability to show the entire thing when you hover over the link. The most important part of a link is the "root" domain. To find that, look for the first slash (/) after the "http://" part, and then work backwards through the link until you reach the second dot; the part immediately to the right is the real domain to which that link will take you. Want to learn more cool stuff about links? Check out this guy's site and you'll be a link ninja in no time.
Continued : http://krebsonsecurity.com/2011/04/after-epsilon-avoiding-phishing-scams-malware/
Sony's 'in for a hell of a wake-up call,' Anonymous says
"Hacker group digs in to avenge PlayStation3 jailbreakers with layers of attacking botnets"
Anonymous is at it again, this time attacking Sony and its playstation.com site for gamers, promising to publish personal details about Sony executives online and to unleash a triple wave of botnets against company sites.
The playstation.com site was unavailable at 11:30 a.m. Eastern as promised by Anonymous and despite Sony hiring distributed denial-of-service mitigation firm Prolexis to protect its sites. Half an hour later it was up but painfully slow.
In an IRC interview with playstationlifestyle.net blogger Sebastian Moss, an Anonymous member identified as Takai said yesterday that the group was aware of Prolexis being hired and that it would expand its attack beyond use of the Anonymous distirbuted DoS tool of choice, Low Orbit Ion Cannon (LOIC).
"We do however have ways for dealing with the 'Prolexic' factor," Takai is quoted as saying. "[T]he last thing we want, is Sony thinking we were in any way discouraged."
Continued : http://www.networkworld.com/news/2011/040611-sony-anonymous.html
Related : Anonymous hacks Sony PS3 sites
Announcing the Microsoft Security Update Guide, 2nd Edition
From the Microsoft Security Response Center (MSRC):
Hi all --
We're pleased to announce the release of the new Microsoft Security Update Guide, Second Edition. Fully revised and updated from the first edition, which was released in 2009, this edition focuses on best practices for prioritizing and testing security updates before deployment within your organization's IT environment.
Feedback from our enterprise customers tells us that more and more IT professionals are deploying Microsoft security updates quickly based on their assurance in in the quality and thoroughness of testing performed. For the latest version of the Guide, we have detailed the extensive testing processes and procedures that we follow before releasing those updates, and we've pulled together our best guidance for assisting IT professionals with all aspects of deployment.
The latest edition of the Guide includes:
• Insight into how Microsoft tests security updates (including application-compatibility testing, rootkit detection, internal testing including live pre-release deployment on over 24,000 devices inside Microsoft);
• A guide to which update approach - Microsoft Update and Automatic Updates, Windows Server Update Service (WSUS), or Microsoft System Center Configuration Manager 2007 - is right for your enterprise;
• Information on our Security Update Validation Program, which allows selected partners and customers to test update functionality before release;
• Fully revised customer pre-deployment testing guidance, including guidance for Windows 7;
• Greater insight into our Severity Rating System and Exploitability Index;
• Refreshed and revised resources appendices.
The Microsoft Security Update Guide, Second Edition can be downloaded free from www.microsoft.com/securityupdateguide.
Odd FakeAv Marketing
The .co.cc domains, littered with malicious sub domains hosting exploit pages and malicious java applets for the past several months, are now hosting FakeAv pages and "BestAntivirus2011.exe". [Screenshot]
While the FakeAv rotation through .co.cc is not a shocker to security researchers at this point, one interesting domain popped out from the tens of thousands of .co.cc sub domain fakeav hits over the past day..."antispyware-macbook(dot)co(dot)cc". This marketing quirk is odd, even for these guys. Does this domain suggest that another Apple based malware is in the works? Possibly. For now, I doubt it, because the Windows platform continues to be the dominant player, and this malware distributor seems to be very persistent at targeting the Windows platform. But it is very odd that this group is marketing "Fast Windows Antivirus 2011" from "macbook" domains.
Whatever group is using these domains, they have been very successful at conning large advertising networks into hosting their banner ads that redirect to these .co.cc sites. What they develop next is anyone's guess. Here is a non-exhaustive list of the terms used in sub domains currently peddling the "Bestantivirus2011.exe" from these free and incredibly cheap .co.cc hosting domains over the past day or so. When users visit pages at these sites, they are presented with the usual "Your computer is infected!" scareware and "Windows Security has found on your system and will perform fast scan of system files" scam:
Continued : http://www.securelist.com/en/blog/6178/Odd_FakeAv_Marketing#readmore
Sgt. Scammer's Lonely Hearts Club
From Symantec Security Response Blog:
Internet advertising has the potential to be a very worthwhile method for generating income. However, advertising on the Internet typically produces a higher return of payment if the ads themselves are clicked. Therefore, there is a high incentive for scammers to devise ways to ensure that the ads hosted on sites under their control are clicked - be it through malware, automated scripts, email spam links, or any other method. After all, potential profit drives innovation - for legitimate and illegitimate business alike.
However, advertisement networks are capable of identifying illegitimate activity on their networks, which increases the need for scammers to hide illegitimate activity for as long as possible, thereby allowing them to reap the largest possible profit. In the past, we have observed various Trojans that connect to websites and click on the ads. Recently, however, we have discovered a more elaborate scam that establishes a network of fake dating/social network/blog websites and then uses a number of Trojans to connect to these websites and click on the residing advertisements. This entire process is presumably controlled by the very same creators who initially developed the fake dating/social network/blog website.
This is how the scam is executed:
The scammers construct a set of legitimate looking dating/social network/blog websites. In the case of the dating and social network sites, they are developed with real pictures and some rudimentary profile information. The sites themselves look professional and genuine.
Continued : http://www.symantec.com/connect/blogs/sgt-scammer-s-lonely-hearts-club
75% Of SMB Banking Fraud Occurs Online
"Most scams involved online account takeover or theft, according to a study commissioned by security vendor Guardian Analytics and conducted by Ponemon Institute. "
Three out of four small and midsize businesses that encountered banking fraud during the past year were victimized online, according to a new study.
Well over half -- 56% -- of those companies experienced some form of banking-related scam during the previous 12 months, according to the report. About 75% of those cases involved online account takeover or other Web-based fraud. Some 61% of SMBs that fell prey to bank fraud were victimized more than once.
The 2011 Business Banking Trust Study, commissioned by security vendor Guardian Analytics and conducted by Ponemon Institute, included 533 businesses with fewer than 200 employees and average annual revenue of $21.6 million. All respondents were owners or senior executives with access to their company's corporate bank accounts. Guardian Analytics CEO Terry Austin noted that the current fraud numbers -- particularly in the online security arena -- showed remarkably little change from the 2010 version, the first year that Guardian sponsored the study. Last year's study found the same rate of Web-based fraud -- 75% of all cases occurred online.
Continued : http://www.informationweek.com/news/smb/security/showArticle.jhtml?articleID=229400827
Hackers hijack top Russian football club's website
Fans of FC Zenit Saint Petersburg, one of Russia's top football clubs, got a surprise this morning if they visited the team's website.
Instead of seeing stories and images of their favourite soccer players in action, they were presented with a page of insults directed at the city's political leaders.
Images of Saint Petersburg governor Valentina Matviyenko and Vadim Tyulpanov, speaker of the city parliament, were shown alongside a message that translated is part as:
"To hell with the party of thieves and pickpockets. They have already destroyed more buildings than the Nazis during the attack on Leningrad between '41 and '44"
The rant went on to criticise political leaders for poorly clearing up icicles and winter snow, leading to the tragic death of five people, including two children.
Interestingly, a message on FC Zenit's Facebook page denied that their website had been hacked, and put the blame on a problem with their DNS records. [Screenshot]
If that's right then it means that the club's own web servers weren't necessarily breached by the hackers.
DNS records work like a telephone book, converting human-readable website names like example.com into a sequence of numbers understandable by the internet. What seems to have happened is that someone changed the lookup at the DNS registrar, so when you entered FC Zenit's website address into your browser you were instead taken to a website that wasn't under the club's control.
Continued : http://nakedsecurity.sophos.com/2011/04/06/hackers-mess-with-top-russian-football-clubs-website/
Free Coins for Online FIFA Players
In the past couple of months, Symantec observed phishing sites that spoofed online FIFA games. The legitimate game is played by forming a team of footballers purchased with coins. The more games you win with your team, the more coins you gain. The popular and more skilled footballers demand a higher number of coins.
The phishing campaign was launched with fake offers of free coins to lure online FIFA players. One of the phishing sites was purportedly from a player who sympathized with end users who struggle with the game. The phishing site contained a message from this fictitious player which expressed the embarrassment one goes through for having a team of low profile footballers. The message explained that the site would help players generate free coins so that they could form a more expensive team of footballers. The phishing site prompted users to login with their email address and password to gain up to 10,000 free coins per day. The phishing pages featured popular footballers such as Wayne Rooney, Ronaldinho, Frank Lampard, and Xavi, giving the impression that one could buy these players upon generating the free coins. If end users fell victim to the phishing site, phishers would have successfully stolen their information for identity theft. [Screenshot]
Continued : http://www.symantec.com/connect/blogs/free-coins-online-fifa-players
Is Hacker TV sitcom a true reflection of computer security..
Tonight, TV network FOX will be launching an ethical hacker comedy called 'Breaking In'. From everything I see online about it, it sounds like, FINALLY, we have a show that gives you true insight into the world of cyber security and penetrative testing.
1. They are all good-looking in that 'can-you-tell-I-live-in-Hollywood' way.
2. They are armed to their perfectly straight pearly whites with witty one liners.
3. They have really high-tech swanky work digs (why have one screen when nine will do?)
4. They don't just stick to cyber hacking, but they also pick locks, steal cars, etc.
This is *exactly* what it is like in my industry. Really. In fact, if you meet all the above criteria, why not apply for a job at Sophos?
They have launched a few trailers as well as dipped their toe into the social media swamp to generate some excitement about tonight's debut.
After I checked out this little interactive nugget, one does hope that Breaking In, which stars the middle-aged Christian Slater, is a little more original than a sexed-up game of hangman.
I am probably being too harsh. Perhaps comedic fluff is exactly what we need after a great number of TV tech dramas that take themselves really seriously. They have done this for almost all professions, so why not computer security?
Continued : http://nakedsecurity.sophos.com/2011/04/06/warning-tv-show-breaking-in-debuts-tonight/
Online 'do not track' bill introduced in California Senate
"Bill could put California in the forefront of the fight for more Internet privacy. It would create a mechanism to let users tell website operators they don't want their online habits monitored."
Reporting from Sacramento and San Francisco -
California is putting itself in position to lead the fight for increased online privacy by trying to pass the country's first so-called do-not-track law to keep personal data from being grabbed off the Internet.
Legislation by state Sen. Alan Lowenthal (D-Long Beach) would create a mechanism to allow users of smartphones, tablets, computers and any other device that accesses the Internet to tell website operators they don't want their online habits monitored.
As California did with do-not-call efforts to block telemarketers, he said, the state should be out front in blocking online tracking. "We will lead and provide stimulus to the rest of the nation," Lowenthal said. "It's much more difficult to get something like this through Washington."
Momentum is growing for do-not-track legislation, either as a stand-alone protection for consumers or part of more comprehensive privacy reform, privacy experts say. California's bill signals that the final push might come from the states, not the federal government.
"The states have been quiet in this area for a couple of years," said Mike Zaneis, general counsel of the Interactive Advertising Bureau, a trade group for the $23-billion online industry. "Leave it to California to jump in."
Continued : http://www.latimes.com/business/la-fi-do-not-track-20110406,0,590866.story
Also: Do-Not-Track Bill Introduced in California
Forget June:Microsoft already pushing IE9 via Windows Update
Microsoft officials said recently that the company was not going to push Internet Explorer (IE) 9 to users who hadn't tested its latest browser until late June.
On April 6, however, I began receiving reports from users who had not installed the Release Candidate (RC) or the beta of IE9 that they were seeing IE 9 show up via Windows Update - something that wasn't supposed to be happening yet.
Some users were none too happy about this, given they had been expecting Microsoft to push the update to them - and their users (if they are administrators for larger networks) - for a couple more months. (One less disgruntled user did quip: "Better early than never. Now where's my NoDo update?")
Microsoft has marked the update as "important," said users who began seeing it today. It is being pushed to Windows 7, Vista, Windows Server 2008, and Windows Server 2008 R2 users, according to reports I'm getting. [Screenshot]
The Microsoft Knowledge Base Support site does not mention that Microsoft changed plans and decided to start pushing it two months earlier than expected.
I've asked Microsoft what gives. Why is the company pushing IE 9 now instead of late June? No word back yet, other than a spokesperson noting "as is standard, IE9 is available on DLC (Microsoft Download Center) for users to download it manually."
Continued : http://www.zdnet.com/blog/microsoft/forget-june-microsoft-already-pushing-ie9-via-windows-update/9118