General discussion

NEWS - February 18. 2005

Firefox reaches 25 million desktops
By Alorie Gilbert, CNET
Published on ZDNet News: February 17, 2005, 5:17 PM PT

Look out, Microsoft.

That's the message this week from the Mozilla Foundation, whose Web browser Firefox has surpassed 25 million downloads in 100 days.

Mozilla, which released the free 1.0 program in November, says an average of 25,000 people download Firefox every day and more than half a million Web sites feature Firefox promotions. The group promotes the program as an alternative to Microsoft's Internet Explorer, which has become a target for computer virus writers and other security exploits.

"What was just a small flame 100 days ago has since exploded into a phenomenal demonstration of the power of open source," lead Firefox architect Blake Ross wrote on a blog. "Tens of thousands of devoted users and fans are a powerful and capable force of change."

more here

Discussion is locked

Reply to: NEWS - February 18. 2005
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: NEWS - February 18. 2005
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
- Collapse -
Microsoft's antipiracy plan heads south

Published on ZDNet News: February 17, 2005, 8:40 AM PT

Microsoft has launched its biggest initiative yet to combat rampant software piracy in Brazil, allowing only registered customers access to "non-critical" updates of its Windows operating system.

The program, launched Wednesday, will give Microsoft's Brazilian users access to certain software updates, such as the latest version of its Windows Media Player, only if they have registered their operating system on a special Web site. Legal users will also have access to special offers, such as discounts for some products offered by Microsoft and its partners.

Other updates related to security and defined as "critical" by the company will still be available to everyone.

Unveiled last fall in the United States, Canada, China and the Czech Republic, "Windows Genuine Advantage" aims to ween consumers away from cheap versions of Microsoft's OS sold on the black market.

Industry groups say more than 60 percent of the software running on computers in Brazil was purchased or copied illegally.

more here

- Collapse -
Feds urged to tighten cybersecurity

By Robert Lemos, CNET
Published on ZDNet News: February 17, 2005, 4:49 PM PT

SAN FRANCISCO--As experts warned that major cyberattacks could be brewing, a government report gave U.S. federal systems a "D+" for computer security.

While the overall mark is an improvement on last year's "D" average, seven of the 24 agencies surveyed did not provide enough protection on their networks to get a passing grade on the computer security report card, which was released on Wednesday in Washington by the House Committee on Government Reform and here at the RSA Conference 2005.

"Several agencies continue to receive failing grades, and that's unacceptable," Rep. Tom Davis, the Virginia Republican who chairs the committee, said in a statement. The committee oversees the annual audit, which is required by the Federal Information Security Management Act.

more here

- Collapse -
System Monitor and Trojan Horse Infection Rates Rise in the


Corporate SpyAudit Continues to Expose Spyware Vulnerabilities of Enterprise Networks

Two of the most dangerous forms of spyware, system monitors and Trojan horses, are appearing on enterprise networks at an alarming rate, according the most recent Webroot Corporate SpyAudit, demonstrating the continued vulnerability of corporate systems to the escalating spyware threat.

For every 100 scans, an average of 14.5 PCs showed the presence of system monitors, while 9.1 carried Trojan horses, according to the audit of companies. To date, the Webroot Corporate SpyAudit has scanned more than 27,865 systems, representing more than 11,375 companies and discovered an average of 17.8 pieces of spyware per corporate desktop computer.

More in

- Collapse -
InterMute Announces Broad Anti-Spyware Solution Set

InterMute Announces Broad 'Anti-Spyware Solution Set'; CWShredder Now Defeats Polymorphic and Other Variants of CoolWebSearch

InterMute Inc. announced an updated release of CWShredder that defeats new variants of CoolWebSearch spyware. CWShredder v.2.13 now includes the ability to detect and remove Look2Me, a variant of CoolWebSearch spyware that defies attempts to manually remove it from an infected PC. This tenacious browser hijacker wreaks havoc with IT administrators that attempt manual removal because Look2Me removes the required account privileges. See the press release here

They also announced the InterMute "Anti-Spyware Solution Set". The InterMute Anti-Spyware Solution Set includes:
* SpySubtract(R) Enterprise Edition: Centrally managed offering with a Web-based console, featuring a true enterprise architecture, automatic and transparent deployment to desktops, with IT-controlled scanning, cleaning and reporting of spyware.
* SpySubtract(R) SDK: Toolkit for ISVs, network appliance manufacturers and OEMs that need to integrate robust anti-spyware capability into their products and accelerate time-to-market cycles.
* SpySubtract(R) Rx: ASP/"no-install" solution for academic, wireless and Internet cafe environments; it features spyware scanning, detection and cleaning via a Web page UI and ActiveX(R).
* SpySubtract(R) MD: Web-based spyware scanner to assist tech-support help desks in diagnosing malware problems.
* SpySubtract(R) PRO: For consumers and SOHO users.

View the press release here

- Collapse -
Shavlik announced NetChk Security: Providing a Defense

Against Threats That Patching Won't Fix

Shavlik Technologies, announced Shavlik NetChk Security, a security information and configuration management tool that identifies security configuration errors on Microsoft-based workstations and enables system administrators to correct the errors.

"The two most common vulnerabilities exploited by hackers are configuration errors and software defects. Patch management tools such as Shavlik HFNetChkPro 5 can prevent attacks on software defects," said Mark Shavlik, president and CEO of Shavlik Technologies. "Unfortunately, configuration errors are the responsibility of the security managers, information technology personnel, and even the individual user. Shavlik NetChk Security eliminates these errors by providing both security
best practices from Shavlik's security consulting team and scanning engines to
implement recommended settings."

More in

- Collapse -
ChoicePoint data theft widens to 145,000 people

ChoicePoint has confirmed that scammers culled the personal information of tens of thousands of Americans in a recent attack on its consumer database, resulting in 750 individual cases of identity theft.

The Atlanta-based company said that it plans to inform approximately 110,000 consumers outside the state of California whose information may have been accessed in the criminal scheme, originally reported on Tuesday. The company has already told some 35,000 Californians that their personal data, including their names, addresses, Social Security numbers and credit reports, was stolen by scammers. California is the only U.S. state with legislation in place that requires companies to notify its residents when their personal data has been compromised.

ChoicePoint also said that law enforcement officials informed the company of 750 cases of identity theft tied directly to the incident. One California man has already pleaded no contest to felony charges related to the ChoicePoint attack, while federal and state law enforcement agencies continue to look for others involved in the operation.

By Matt Hines, CNET
Published on ZDNet News: February 18, 2005, 9:18 AM PT

- Collapse -
Gartner: Microsoft Still Lacks a Security Vision
- Collapse -
New MyDoom virus targets search engines

A new variant of the MyDoom virus, uses popular web searchers, such as Google, AltaVista, Yahoo and Lycos to search for email addresses, is spreading rapidly according to a number of anti-virus companies.

The technique has been used before by the original version of the MyDoom-O worm which flooded Google with queries that the search engine was extremely slow or unavailable.

The latest version, MyDoom.AO, uses so-called 'social engineering' to try to trick users, as the e-mail messages it spreads in appear to be mail delivery error messages.

More info on this worm in:

Free removal tool:

- Collapse -
Cabir mobile virus found in U.S.

Published: February 18, 2005, 9:24 AM PST
By Ben Charny
Staff Writer, CNET

A version of the Cabir virus has turned up in two Nokia 6600s on display in a California cell phone store, in what is believed to be the first "on-the-ground" sighting of the virus in the United States.

Just how the phones were infected isn't known, but it would have been very easy, given that both were on public display in the Santa Monica, Calif., shop's window. Anyone walking past the store could have dosed the handsets via their built-in Bluetooth antennas. In announcing the infection, antivirus company F-Secure did not specify exactly when the infections were discovered.

Two sources familiar with the sighting said the phones in the window could have been spreading Cabir to passers-by; although additional instances haven't been reported. A Nokia representative had no immediate comment.

more here

- Collapse -
Gmail moves to next stage
This is not really security related but I thought it may be of interest to some people, it would also explain why I finally got my invite today after putting in for it many months ago LOL

Published: February 18, 2005, 12:04 PM PST
By Matt Loney
Special to CNET

Social networking is out and straight invitations are in at Google's free e-mail service, but the official line is that the shift does not signal an end to Gmail's beta status.

Google is giving more people the chance to sign up for Gmail, but the search giant insists the move does not signify an impending full-scale launch of the free e-mail service, which has been in beta since it launched on April 1 last year.

To date, Google has been relying on social networking to roll out Gmail, initially inviting some 2,000 people, who were then able to invite a limited number of others themselves. This week though, Google started sending invitations directly to those who have signed up to be kept abreast of updates to the service.

more here

CNET Forums

Forum Info