CNET también está disponible en español.

Ir a español

Don't show this again

Christmas Gift Guide
Tech Industry

Week in review: The wild, wild Web

Just when you thought it was safe to wade back in, new threats mingled with old flaws to make surfing no day at the beach.

Just when you thought it was safe to wade back in the Web's waters, new threats mingled with old flaws to make surfing no day at the beach.

A malicious program that is making the rounds on the Net can read keystrokes and steal passwords when victims visit any of nearly 50 banking sites. Even though all financial sites use encryption built into the browser to protect login data, the Trojan horse program can capture the information before it gets encrypted by the browser software.

"If (the program) recognizes that you are on one of those sites, it does keystroke logging," said Marcus Sachs, director of the Internet Storm Center, a site that monitors network threats. "The browser does not encrypt data between your keyboard and computer. It's encrypting it (when it goes) out onto the Web."

Microsoft's Internet Explorer has been in the security spotlight often lately, a trend that continued with the revelation that a security flaw that had been fixed in older versions of the browser has reappeared in the latest version.

The vulnerability apparently affects people who have multiple IE browsers open. Through one of the open browsers, hackers can change the content of another Web site without the user ever knowing that it has been altered. Using this attack method, hackers could insert links into legitimate Web pages and direct people to malicious sites, where they could solicit personal information such as bank account or credit card information.

The recent IE flaws have become a golden marketing opportunity for alternative browsers such as Mozilla and Opera, which are unaffected by the flaw. To avoid falling prey to a concerted attack aiming to steal logon information and passwords, some security experts advised Web surfers to either turn off some IE features or switch to another browser as the best immediate fix.

Non-Microsoft browsers, such as the Opera browser and the Mozilla and Firefox browsers, both made by the Mozilla Foundation, don't have many of the vulnerable technologies and tend to focus more on just providing Internet browsing features.

Searching for an advantage
Microsoft took its first baby steps on the road to Web search independence with the launch of a homegrown Internet search tool and changes to its Internet search engine. The revamped MSN Search remains a front end for technology provided by Yahoo, offering mainly a face-lift aimed to make it look more like Google.

MSN will host a dedicated "light" search page that the company boasts will out-Google Google in its minimalism. MSN will also introduce a homegrown Web crawler and algorithmic search engine in test form, giving Webmasters the chance to vet the system before it is set to launch later this year.

However, the relatively minor changes signal that--after a year in development and a $100 million investment--Microsoft's ballyhooed search push still has a long way to go.

Apple Computer threw its hat into the search arena with a demonstration of Tiger, a new version of Mac OS X due out next year that promises improved search capabilities. The new OS, which will ship more than a year before Microsoft's next major release of Windows is expected to arrive, will feature a new systemwide search engine designed to allow Mac users to quickly search and find any file--whether it's an e-mail, an application file or a contact entry.

The technology borrows from the search engine used in iTunes but is able to pore through the contents and hidden data of many types of files. Tiger will also add about 150 new features, including a new "Dashboard" to manage small applications, a revamped scripting language called "Automator" and improvements to the iChat AV video conferencing and instant-messaging program.

Apple predicts that rivals will mimic its new OS, but one developer says Mac OS X Tiger is little more than a copycat. Arlo Rose is outraged at the similarity of Apple's Dashboard to his Konfabulator, a $25 Macintosh program. Both programs allow easy access to small programs called widgets, which can perform a number of useful little tasks.

"It's insulting, is what it is," Rose said. "They could have at least offered to work with us or to buy it."

Apple, for its part, maintains that Dashboard is the company's own creation, noting that widgets have long been a part of Mac OS X and the NextStep OS.

Apple harvest
Apple is also working on an all-new iMac, but the machine won't be ready until September, well after the Mac maker runs out of stock on the old model. Apple said it has stopped taking orders for the current iMac models and had hoped to have the new iMac available by the time the supply of current iMacs dries up. The delay means that Apple stores and resellers will be without an iMac model to sell for all of July and August and some portion of September.

Apple may be feeling the heat from competitors in the music player arena. Sony Electronics will begin selling two hard-drive music players this fall which, combined with Sony's new music download service, will create an iPod-like parallel universe.

The consumer electronics giant announced a $400 20GB Network Walkman NW-HD1 and a $500 40GB Vaio Pocket VGF-AP1L. Both players will be available in fall for use with the Sony Connect music download service, which was launched in May.

Also gunning for the iPod is Dell, which has put a bounty on the music player. Dell is offering music player customers a $100 rebate on a 15GB Digital Jukebox when they send in an Apple iPod to be recycled.

The rebate, available only on the 15GB Dell Digital Jukebox, is designed to woo would-be repeat iPod buyers and also to raise the profile of the Digital Jukebox versus the iPod.

Washington watch
A closely divided U.S. Supreme Court suggested that a federal law designed to restrict Internet pornography violated Americans' rights to freedom of speech, but the court stopped short of a definitive ruling striking down the law as unconstitutional.

The 5-4 ruling upheld an injunction barring prosecutors from filing criminal cases under the Child Online Protection Act, or COPA, until a full trial takes place. COPA restricts the use of sexually explicit material deemed "harmful to minors" on commercial Web sites. Violation of the law can result in civil fines and prison terms.

In a move that has re-energized the debate over export controls on high-performance computers, the latest version of a defense-spending bill would require companies to seek licenses to export even underpowered desktop computers. The dramatic tightening of export regulations is included in the National Defense Authorization Act, an annual military funding bill that has already passed the U.S. House of Representatives.

Though the proposed rules are only a tiny portion of the 630-page bill, they could have a devastating effect on the computer industry. Today, computer sellers are required to get a license to export any computer with performance equal to or greater than a system with 32 Intel Itanium processors.

The current version of the defense authorization act would lower that limit to systems deemed "militarily critical" by the Department of Defense. That level is currently set to the equivalent of a computer using a Pentium 3 processor running at 650MHz, state of the art in 1999 but considered feeble today.

Also of note
After calling a professor of economics as its final witness, Oracle rested its case, ending testimony in its antitrust battle with the U.S. Justice Department...Microsoft is reaching out to nonprofessional programmers with a revamped line of developer tools, including a free version of its forthcoming SQL Server database...Anti-Michael Moore Web site MooreWatch.com posted a link to a pirated version of "Fahrenheit 9/11" on a file-sharing network, noting that the director himself has publicly backed downloading the movie online.