Bad Week for Botnets

"The movement toward making organizations more transparent in disclosing security breaches, challenges and weaknesses will make organizations more vulnerable to attack because stating them makes them more obvious," said Steve Durbin, global vice president of the Information Security Forum. "The movement toward making organizations more transparent in disclosing security breaches, challenges and weaknesses will make organizations more vulnerable to attack."

Two zombie networks infamous for stealing banking information and spewing spam were hit with a right-left combination last week by botnet fighters.

Using the power of the federal Racketeer Influenced and Corrupt Organizations (RICO) Act, Microsoft (Nasdaq: MSFT), along with organizations representing the financial services industry, took down two command-and-control servers running botnets based on Zeus, a malware family known for stealing the logins to banking accounts.

Meanwhile, Kaspersky Lab, Dell (Nasdaq: DELL) SecureWorks and other organizations squelched an attempt to revive the Kelihos botnet, which was one of the largest spam- spewing networks in the world before it was taken down last year.

Whac-a-Mole Game

Microsoft's efforts are garnering praise, but the significance of the offensive is still questionable. That's because -- unlike some botnets with centralized command-and-control servers -- Zeus botnets are decentralized. Anyone who has the money to buy the software can set one up.

It's like a whac-a-mole game right now, in which Microsoft can keep getting court orders and seizing servers, and taking control over domain names used for these botnets, but these guys can register new domains and buy new servers very easily," observed Brett Stone-Gross, a senior security researcher at Dell SecureWorks.

"It's like trying to take down an army of cockroaches," said Avivah Litan, a security analyst with Gartner (NYSE: IT). "You can't really get them all."

The Kelihos network is also decentralized, but it uses peer-to-peer communication to operate, which bot battlers could exploit to take over the Net.

"We injected a fake peer entry list with an IP address under our control, so all bots connected to us and turned it into a centralized botnet connected to us," Stone-Gross explained.

Once in the bot fighters control, the net was neutralized.
Massive Card Breach

MasterCard (NYSE: MA) and Visa (NYSE: V) have been alerting their members for more than a week about "a potential account data compromise event" at a U.S.-based entity.

Both companies revealed last Friday that they were investigating the breach after it was reported by security ace Brian Krebs, who estimated that the breach could affect as many as 10 million credit card numbers.

MasterCard and Visa stated that the breach did not affect their systems.

Meanwhile, some 50,000 cardholders were at risk due to a breach affecting Global Payments, according to The Wall Street Journal.

A New York City taxi and parking garage company appears to be connected to the breach, according to Gartner Security Analyst Avivah Litan.

A Central American gang may be behind the breach, and they may have compromised an administrative account to do it, she added.

The credit card companies said they've turned the case over to federal law enforcement authorities for investigation.
Regulators Can Undermine Security

Government regulators are typically considered White Hats in the battle with cyber low-lifes, but a report released last week on information security threats fingered them as a source of data insecurity.

The culprit is government-ordained transparency, according to Steve Durbin, global vice president of the Information Security Forum, which produced the report, "Threat Horizon 2014: Managing Risks When Threats Collide."

"The movement toward making organizations more transparent in disclosing security breaches, challenges and weaknesses will make organizations more vulnerable to attack because stating them makes them more obvious," Durbin told TechNewsworld.

Privacy demands, while not weakening security directly, will force many businesses to reassess their markets rather than comply with regulatory demands, he added.

"Privacy will be distracting to other security efforts that are going on," said Durbin. "Privacy requirements are going to be imposing a heavy compliance burden, forcing organizations to decide whether or not they're going to invest in the necessary security to comply, or whether they're going to exit certain markets because they're not prepared to comply with some of these regulations."
Breach Diary

March 25. LulzSec posted to the Internet information from 171,000 accounts of On March 29, the site claimed it found no evidence it was hacked. However, comparisons of the data posted to the Internet and information at the site shows consistencies between the two.

March 25. Anonymous posts to Internet more than 1,400 email addresses, many from Newfoundland and Labrador.

March 25. More than 2,000 names, email and postal addresses, and phone numbers of UK wholesaler Waveney Wholesale posted to Internet by hacker called "SONLCS."

March 27. U.S. Federal Trade Commission announces settlement with RockYou for data breach in 2009 that exposed information on 32 million users to hackers. RockYou agreed to pay a US$250,000 civil fine as part of the terms of the settlement.

March 30. California Child Support Agency reports that backup cartridges containing records for 800,000 individuals were lost March 12 in transit from a facility in Colorado to California.
Calendar of Events

April 28-29. Drone Summit: Killing and Spying by Remote Control. Mount Vernon Place United Methodist Church, 900 Massachusetts Avenue NW, Washington, D.C. Sponsored by Reprieve and the Center for Constitutional Rights. $20-$100.

May 14-16. FS-ISAC & BITS Annual Summit. Turnberry Isle Resort and Club, 19999 West Country Club Drive, Miami. Sponsored by Financial Services-Information and Analysis Center. $1,250-$1,750. Registration deadline April 20.

Posted by Hadouch | op 14:55 | 3 reacties

Linux on the Desktop - Dead Again?

"Desktop Linux thrives in spite of its disadvantaged position," said Slashdot blogger yagu. "It's good enough to maintain and grow a loyal base." That's not likely to change, "but until Microsoft is rendered completely irrelevant (think browser-based computing), Desktop Linux will stay a minor player," he predicted. In the meantime, "the naysayers have been claiming the death of Desktop Linux every year, and every year they've been wrong."

Well it's been a tempestuous week here in the Linux blogosphere, thanks largely to a violent brawl that broke out unexpectedly down at the Broken Windows Lounge.

It all started with a blog post over at PCWorld last weekend on a topic that might sound familiar.

Any guesses? Yes, that's right: "Why Linux Is Dead on the Desktop" was its name, and a collective groan could be heard in blogobars across the land as soon as it appeared on the horizon.

It's baaa-aack! Linux fans everywhere were forced to put down their beers and take up arms once again.

Shots Were Exchanged

Indeed, a return salvo was fired on Monday morning, followed by yet another shot back soon afterward.

The Slashdot crowds, meanwhile, were embroiled in a related skirmish of their own.

Bottom line? Dark and stormy days in Linux land. Linux Girl hunkered down on her favorite barstool and tried to record some of what was being said.
'It's Like Grandma's Cookies'

"Of course Linux in the COMMERCIAL DESKTOP is a failure, because Linux is not commercial," opined Google+ blogger Alessandro Ebersol, for example. "It's like grandma's cookies -- they can't compete with, say, Nabisco. It's a totally wrong assumption, and he could not be wronger."

Ebersol was also intrigued by the timing of the attacks.

"Those articles proclaiming Linux dead always surface near to a winblow$ launch," he pointed out. "Funny, eh?"
'Enough With the Nonsense!'

Indeed, "enough with the '1 percent' nonsense!" exclaimed blogger Robert Pogson, pointing to Net Applications' statistics for California, for San Francisco "Designated Market Area," and for Sunnyvale, California.

"They show huge percentages in a region of 37 million people, and it's a lie because the source of that 'share' is Google (Nasdaq: GOOG), using GNU/Linux desktops as a business," he explained. "That's right, those high share numbers for that other OS result from business usage of that other OS.

"Net Applications must be sampling during office hours or from company domains," he added. "Business is locked in by M$'s office suite, and other business-centric software made only for that other OS."

In actual usage, "you will find lots of users in government, education and in the home in Brazil, Russia, India and China, where governments actually use GNU/Linux, promote usage, and are not 'partners' of Net Applications," Pogson pointed out. "You can find GNU/Linux is popular in Malaysia and Europe as well."

Linux shouldn't be pronounced dead "until the final battle for retail space is lost," Pogson concluded. "Only a few years ago it was rare to find an OEM selling GNU/Linux and even more rare to find a retailer selling GNU/Linux. That has changed. GNU/Linux is alive and well on the desktop."
'A Worldwide Phenomenon'

Google+ blogger Kevin O'Brien took a similar view.

"I think I have personally resigned from the club of people whose self-worth depends on their OS being dominant," O'Brien told Linux Girl. "Linux will be there for everyone who wants it, and that is fine for me, since I want it."

As for the market share statistics, "my impression is that they solely measure OS market share in the U.S., where no one ever got fired for buying Microsoft," he added. "Linux is a worldwide phenomenon, and I think usage is much higher outside the U.S. than it is here."
'Still Growing'

Consultant and Slashdot blogger Gerhard Mack suggested some alternate wording.

"I wouldn't say 'dead' so much as 'a growing niche,'" Mack told Linux Girl.

"Right now the apps are just not there yet for some tasks, so for many (most?) people, there are no good reasons to switch," Mack mused. "On the other hand, when all of the tools are there, Linux is a good option -- it is easy to set up, secure by design and very flexible."

In fact, "some governments have just implemented plans to switch their desktops over, such as Iceland and the Spanish state of Extremadora, so not only is it still growing, it will grow in the future as well," he added.
'Not Dead'

"Given the recent rash of stories about corporate desktop Linux, I just don't see it myself," Hyperlogos blogger Martin Espinoza opined.

"I just installed Android (-x86 4.0rc1) on my laptop," he noted. "I hope that one day enough of its kernel gets merged with the mainline that I can reasonably run it on my desktop. So far it seems fairly usable with mouse and keyboard."

As long as Windows "effectively comes with your PC for free, there's no particular reason why Linux should ever conquer Windows on the desktop at this rate, which is presumably why OEM copies of Windows are still extremely inexpensive," Espinoza added. "Clearly, Linux on the desktop is not dead, but it is primarily in business."
'Two Huge Issues'

Slashdot blogger yagu had some thoughts about that.

"There are two huge issues holding Desktop Linux back: corporate profitability and killer apps," yagu asserted.

"Companies make a fortune off of Linux in the back rooms, where servers are doing all the heavy lifting and the user demographic is highly technical," yagu explained. "Companies rely on Linux for heavy processing because, in the vernacular of Apple (Nasdaq: AAPL), 'it just works!' There are no prohibitive learning curves for this user base -- there's a line of geeks just waiting to get their hands on Linux servers."

Desktop Linux, however, "offers no such benefit," he opined. "Yes, it's free, but companies face the re-training costs and rollout issues and see no return on investment. And there's always at least one killer app that absolutely must be available but is not available for Linux.

"I can make a case that the return on investment is worthwhile, but nudging an entire company off Windows is daunting at best," he added. "Logic doesn't apply."
'Every Year They've Been Wrong'

Nevertheless, "Desktop Linux thrives in spite of its disadvantaged position," yagu pointed out. "It's good enough to maintain and grow a loyal base."

That's not likely to change, "but until Microsoft is rendered completely irrelevant (think browser-based computing), Desktop Linux will stay a minor player," he predicted.

In the meantime, "the naysayers have been claiming the death of Desktop Linux every year, and every year they've been wrong," he concluded.
'Things Don't Get Any Better'

Slashdot blogger hairyfeet wasn't so sure.

"Is Linux dead? Well, it'd have to have been alive at one point to be dead, and I'd argue that frankly it has never gotten above a niche hobbyist OS on the desktop, no different than BSD or Haiku," hairyfeet asserted.

"I'd say the bigger question, the one nobody seems to be willing to really ask, is 'Why? Why would they rather steal the competitor's product than take Linux for free?'" he suggested. "I believe I can answer that: It's because nobody listens to the users."

After all, "if Apple or Microsoft don't listen to users, their sales go down, they lose share and money, so they have an incentive to listen," hairyfeet said. "The devs in Linux answer to NOBODY but their own itch-scratching, so things simply don't get any better."
'There Is No Single Desktop Market'

That view was far from unanimous, however.

"Desktop Linux is not dead," Chris Travers, a Slashdot blogger who works on the LedgerSMB project, told Linux Girl. "I have argued repeatedly that it is wrong to talk about desktop Linux because there is no single desktop market -- instead, there is a series of desktop markets."

As Linux "becomes more capable in those markets where it is currently entrenched, it will branch out into other markets," he explained. "This process is likely to be slow, but it is happening now.

"I think the big concern right now is that the Linux desktop experience has gone from fractured to quickly changing," Travers concluded. "I think this lack of stability is a problem for users, and so this is something that distro maintainers need to be especially sensitive about."
'Just Random Noise'

Last but not least, Barbara Hudson, a blogger on Slashdot who goes by "Tom" on the site, pointed to statistics on Wikipedia.

According to those, "in July of 2011, 1.51 percent of non-mobile users were using linux," she noted. "That dropped to a low of 1.27 percent in September before climbing back to 1.52 percent in February."

So, "an increase of 0.01 percent (one part in 10,000) over 7 months, given the wide swings month-to-month, is just random noise," she asserted.
'None Too Shabby'

It also "tends to over-estimate the percentage of linux desktop users, since the tens of millions of Windows gaming rigs outnumber linux desktops, and most of those gamers are not going to spend much time on Wikipedia," she suggested. "The same is true for the hundreds of millions of Windows machines in offices around the world. Also not represented in the logs were computers in China."

Looking at the big picture, "maybe it's not time to put desktop Linux in a red shirt and have Dr. McCoy pronounce, 'He's dead, Jim,' but he's not going anywhere, either," Hudson mused.

"Tux will have to be content with being No. 1 in supercomputers, being strong in servers and embedded systems, and being the underpinnings of the No. 2 phone OS," she concluded. "Looked at that way, it's none too shabby, and anything else is just gravy."

Posted by Hadouch | op 14:54 | 0 reacties

Google's hilarious April Fools' Maps launch

So here is an April Fools' work of art from the company that, to many minds, just might deserve righteous laughter. For here, purportedly, is the launch of Google Maps 8-bit for the Nintendo Entertainment System.

According to Google's Lat Long blog, this is something that the world desperately needs.

"Our engineering team in Japan understood the importance of maps on retro game systems. With the power of Google's immense data centers, and support from Nintendo and Square Enix, we were able to overcome the technical and design hurdles of developing 8-bit maps," wrote Google Maps software engineer, Tatsuo Nomura.

He goes on to wax with some lyricism about "beautiful low-res graphics; simple and intuitive controls; and a timeless soundtrack." He also promises a mobile version for Game Boy.

Yet even more enchanting is the deadpan performance of the actors in the promotional video. Their faces straighter than a Google engineer's on a Monday morning, the Japanese family waits for this technical revolution to reveal itself.

The father even blows on the cartridge to "fix bugs."

And then we see the beautiful low resolution of the maps, as the family searches for the Pyramids or tries to plot its route from Los Angeles to New York. The sheer joy when the family tries the voice search feature and discovers Peru Nazca will fill your heart with gladness.

I am grateful to The Next Web for revealing this April Fools' amusement. Unless, of course, this is just another attempt by Google to control absolutely every possible technological scenario in the world. No, no. It couldn't be.


Posted by Hadouch | op 14:51 | 1 reacties

Top 10 best free Windows 7 themes

While you’ve been able to change the background desktop image in Windows for ages, changing the entire theme wasn’t quite as an easy task. It could be done, it just wasn’t that enticing to do.

Luckily Windows 7 changed all of that.

With the latest iteration of the operating system it is extremely easy to change the entire look and feel of your Windows, and luckily for you there are some great looking free choices out there. Here are ten of the ones we most enjoyed.

What are you waiting for? Get to downloading!

Alternative for Windows 7

AVATAR Windows 7 Special Theme

Blaque for Windows 7

COD:MW2 windows 7 theme

Halloween windows 7 theme

Mac Theme for Windows 7

Soft7.15 theme For windows 7

Windows 7 glass red theme

Windows 7 Skull Visual Style

WoodStock Windows 7 Theme

Posted by Hadouch | op 12:09 | 0 reacties

PC gamers love Windows 7

It seems that PC gamers, specifically those who use Steam, love Windows 7.

In a recent survey carried out by Steam, Windows 7 showed itself to be very popular amongst gamers, installed on a whopping 23% of the Steam gamer’s PCs. Interestingly, 64-bit Windows 7 holds a commanding lead over it’s 32-bit brother, with 15.61% and 7.45% shares respectively.

Here’s the OS breakdown:

* Windows XP 32 bit - 44.77%
* Windows Vista 32 bit - 20.71%
* Windows 7 64 bit - 15.61%
* Windows Vista 64 bit - 10.00%
* Windows 7 - 7.45%
* Windows XP 64 bit - 0.64%
* Windows 2003 64 bit - 0.64%
* Windows 2000 - 0.10%
* Other - 0.08%

Windows XP and Vista still have a lead over Windows 7, but I think that Vista will be surpassed by 7 pretty soon.

Let’s take a look at a few other interesting statistics on offer:


* GenuineIntel - 69.06%
* AuthenticAMD - 30.94%

System RAM:

* Less than 512 MB - 0.65%
* 512 MB to 999 MB - 4.07%
* 1 GB - 11.72%
* 2 GB - 30.94%
* 3 GB - 29.99%
* 4 GB - 15.04%
* 5 GB and higher - 7.59%


* 1 cpu - 18.08%
* 2 cpus - 56.93%
* 3 cpus - 0.95%
* 4 cpus - 23.99%
* 6 cpus - 0.00%
* 8 cpus - 0.05%

GPU manufacturer:

* ATI - 29.82%
* Intel - 3.61%
* NVIDIA - 65.01%
* Other - 1.58%

Posted by Hadouch | op 12:03 | 0 reacties

Apple Tablet an Ideal Business Tool

The clock is winding down to the big reveal on Wednesday at Apple's major press event. It could be an iSlate, or an iSlab, or an iTablet, or perhaps even an iPod Tablet Edition. There are almost as many potential names for the mythic device that may not exist as there are pundits speculating about what the device will or won't do--myself included...if it exists

If Apple does not announce a touchscreen tablet device of some kind it may be the single biggest failing in the history of the rumor mill. There are some rumors that seem wilder than others--like the Apple tablet will have 3D graphics, but there is also a diverse selection of very plausible speculation.

Based on the prevailing rumors, my PC World peer Bill Snyder predicts that the Apple tablet will be all flash with no substance and will not have any place in a business environment. I disagree. While I agree with some of the potential pitfalls Snyder lays out, I believe the Apple tablet PC could be uniquely suited for small business environments.

A platform like the Apple tablet--if it is based on the iPhone mobile operating system and is equipped to run the extensive library of iPhone apps--could be perfect for small business. Smartphones in general have evolved to the point that they are just very small computers, and for just about any function a business user could want to perform "there is an app for that".

There have been times, both as an iPhone owner and as a Windows Mobile smartphone owner, that I have chosen to leave behind my notebook when traveling. The smartphone can get my email, surf the Web, conduct instant messaging chats with colleagues, and view and edit documents (with the right tools depending on the platform).

The legions of iPhone users already try to use the device for everything, and there is a growing segment of apps aimed at endowing the iPhone with more enterprise-friendly capabilities, and enabling the secure integration of the iPhone with the business world.

While newer devices like the Droid and Nexus One have leapfrogged the iPhone in terms of hardware specifications, the iPhone is still relatively fast, has an intuitive interface, is equipped with a clear and bright display, and has apps available for virtually any purpose. The biggest obstacle to simply using the iPhone as a primary mobile computing device is size.

An Apple tablet that provides the brilliant display, extensive battery life, intuitive interface, and endless catalog of apps of the iPhone in a larger form factor you can actually read and interact with could be a device perfectly suited for small business users. Not only is there "an app for that", but most apps are free or very cheap--especially when compared with the investment required for full-blown computer software.

I certainly don't expect large enterprises to abandon traditional desktop and notebook computers and deploy tens of thousands of Apple tablets--especially if the tablet is running on the iPhone mobile operating system as opposed to Mac OS X. A Windows-based tablet has an automatic advantage in the enterprise, although the HP device demonstrated by Steve Ballmer at CES this year was less than compelling.

Let's face it. Until Wednesday rolls around and Apple unveils the epic new tablet PC...or it doesn't, Snyder's speculation is just as possible as mine. Assuming that Apple launches a tablet PC of some kind or another at this event, the success of that device will be determined by its overall functionality and utility balanced against its price...mixed with a healthy dose of Apple's Teflon reputation and devoted fan base.

Posted by Hadouch | op 11:46 | 0 reacties

Google's Nexus One Doesn't Like Your Potty Mouth

One of the most innovative features of Google's new Nexus One is the built-in voice recognition. But there's one major limitation that Reuters discovered while putting the smartphone through its paces: the phone is a bit of a prig.

N1Screen1Try uttering a curse word into the Nexus One, and the well-mannered device will automatically replace the offensive expression with a string of # symbols.

Thus, a jocular text message inquiring about a buddy's whereabouts is transcribed as "Hey #### where are you?" on the Nexus One; A spirited rejoinder to a dubious assertion becomes "that's bull #### and you know it."

While perhaps not as politically charged as Google's censorship of Internet search results in China (a practice Google recently said it will no longer engage in), this restriction of free speech for the foul-mouthed is puzzling, and somewhat inconvenient.

So why the no-curse policy? After all, what business is it of Google's if a person chooses to be profane in their private communications?

A Google spokeswoman provided a statement suggesting that replacing curses with # symbols aimed less at enforcing etiquette than to ensure that offensive words don't accidentally appear in transcriptions – a potential concern given the fact that voice recognition technology is still not perfect.

"We filter potentially offensive or inappropriate results because we want to avoid situations whereby we might misrecognize a spoken query and return profanity when, in fact, the user said something completely innocent," said Google.

"Ultimately our goal is to return results that show exactly what you said, and we're constantly working to improve the technology to better fit our users' needs," the statement continued.

In other words, until the technology improves, you'll have to be civil, whether you like it or not.

Posted by Hadouch | op 11:45 | 0 reacties