NEWS - February 15, 2005

By Robert Lemos CNET News.com February 14, 2005, 5:05 PM PT

SAN FRANCISCO--When you hit the Send button on an instant message, do you really know who is on the other end?


Two researchers at the University of California at Berkeley have created an add-on to instant messaging that they claim will enable the participants to identify each other and have a secure conversation without leaving any proof that the chat occurred.

The result, dubbed off-the-record (OTR) messaging by security researchers Ian Goldberg and Nikita Borisov, is a plug-in for the Gaim instant-messaging client that enables encrypted messages sans leaving a key--a sequence of characters--that could be used to verify that the conversation happened. That attribute, known in cryptography as perfect forward security, also prevents snoopers from reading any copies of the conversation.

"If tomorrow, my computer is broken into and the encryption key is stolen, the attacker can't read future messages," said Goldberg, a graduate of Berkeley.

more here
http://news.zdnet.com/2100-1009_22-5576246.html?tag=zdnn.alert

Published: February 14, 2005, 9:00 PM PST
By Stefanie Olsen
Staff Writer, CNET News.com

Claria, aka Gator, an adware maker that online publishers once called a "parasite," is now seeking their favor to build a massive Web advertising network to display ads based on Web surfers' behaviors.

The privately held company, which postponed its public offering last year, is launching a new marketing division and advertising service to migrate from hawking its signature pop-up advertisements to selling behaviorally targeted display ads that appear on publisher pages across the Web, reaching as many as 200 million people if it has its way.

To address the privacy implications of such an ambitious service, Claria has also hired a team of experts to ensure it meets industry and consumer clearances. Claria plans to announce partners and introduce the service, called Behaviorlink, in April.

more here
http://news.com.com/Firm+formerly+known+as+Gator+looks+for+credibility/2100-1024-5576389.html?part=dht&tag=ntop&tag=nl.e703

Published: February 14, 2005, 1:18 PM PST
By Robert Lemos
Staff Writer, CNET News.com

Government contractor Science Applications International Corp. warned stockholders on Monday that their personal information may be at risk, after desktop computers holding the information were stolen from the company's offices.

The theft happened Jan. 25, according to the company, and affects current and former stockholders. SAIC stressed in its statement that the information may not have been the target.

"We have no evidence that the thieves have accessed any personal information on these computers or that the purpose of the crime was identity theft," the company said.

Worries about what happens to private data housed in stolen personal computers have been highlighted before. In December, thieves stole a laptop from a California blood bank, putting in jeopardy as many as 100,000 individuals' personal records. Intruders broke into computers at the University of California, Berkeley, last year and filched 1.4 million database records containing identity information.

more here
http://news.com.com/ID-theft+alert+follows+break-in+at+federal+contractor/2100-1029_3-5575861.html?tag=fd_nbs_ent&tag=nl.e703

By Ina Fried and Paul Festa CNET News.com
Published on ZDNet News: February 15, 2005, 12:46 PM PT

update SAN FRANCISCO--Reversing a longstanding Microsoft policy, Bill Gates said Tuesday that the company will ship an update to its browser separately from the next version of Windows.

A beta, or test, version of Internet Explorer 7 will debut this summer, Microsoft's chairman and chief software architect said in a keynote address at the RSA Conference 2005 here. The company had said that it would not ship a new IE version before the next major update to Windows, code-named Longhorn, arrives next year.

In announcing the plan, Gates acknowledged something that many outside the company had been arguing for some time--that the browser itself has become a security risk.

"Browsing is definitely a point of vulnerability," Gates said.

The new browser version will work on machines running on Windows XP Service Pack 2, a security-focused update to the operating system that the company launched last summer, Gates said.

more here
http://news.zdnet.com/2100-9588_22-5577263.html?tag=nl.e589

Published: February 15, 2005, 10:49 AM PST
By Robert Lemos and Dawn Kawamoto
Staff Writer, CNET News.com

UpdateSAN FRANCISCO--Ending speculation about whether it was shifting to a paid model, Microsoft said on Tuesday that it will provide customers with its new anti-spyware software for free.

The pledge, made by Microsoft Chairman Bill Gates during his keynote speech kicking off the RSA Conference 2005 here, comes after the company had been testing its AntiSpyware application--technology it acquired with its purchase of security software maker Giant Software.

"Just as spyware is something that we have to nip down today, we have decided that all licensed Windows users should have that protection at no charge," Gates said.

more here
http://news.com.com/Windows+anti-spyware+to+come+free+of+charge/2100-7355_3-5577202.html?tag=fd_nbs_ent&tag=nl.e433

As a result of recent rumours and speculation by members of the privacy community and the public at large, Lavasoft wants to make clear that it has not and would not collaborate with any companies that have produced content detected by Ad-Aware. Ad-Aware products are designed purely for scanning and removing of suspicious content (at the user’s discretion) and Lavasoft would not ally with adversaries under any circumstances.

More in http://www.lavasoft.de/news/press/

for Continued Innovation

Bill Gates, chairman and chief software architect at Microsoft Corp., announced continued innovation and technology investments including future enhancements for safer Web browsing, such as plans for a new version of Microsoft