Defcon 14 - Las Vegas, Nevada, USA: Call For papers

Hey Uber network samurais, it is that time of the year again! The DEFCON CFP is now open!

What: DEFCON 14 CFP
When: The Call for Papers will close on June 15, 2006
How: Complete the Call for Papers Form and send to talks at defcon dot org DEFCON 14

Don't know what DEFCON is? Go to www.defcon.org and clue up!

Papers and presentations are now being accepted for DEFCON 14, the conference your mother warned you about. DEFCON will take place at the Riviera in Las Vegas, NV, USA, August 4-6, 2006. Yes, you read that right! We are at a new location! The first time in many years we are back in Uncharted territory! Help us break in the new hotel with some unforgettable talks and demos. Now is the time to prepare and submit your DEFCON presentation.

Source - Defcon, call for papers

HITBSecConf 2006 - Malaysia: Call For Papers Now Open

The Call for Papers for HITBSecConf2006 - Malaysia is now open! Set to take place from the 18th till the 21st of September 2006 at The Westin Kuala Lumpur, this years event promises to once again deliver a look at the latest attack and defense techniques as well as the latest research in network security. We have some exceptional keynote speakers this year including Bruce Schneier, Mark Curphey and John Veiga! If you are thinking of submitting a paper, submissions are due no later than 1st of May 2006. For more details on the submission process, do take a look at the Call for Papers page. See you guys in September!

Source - HITBSecConf2006 - Malaysia

Report: IRS Slips On Keeping Workers' Computers Secure

System administrators are being blamed for weak security settings.

The Internal Revenue Service must do a better job of maintaining the security settings it developed and deployed on employees’ workstations under a common operating environment (COE), according to report by the Treasury inspector general for tax administration (download PDF). Currently, high-risk vulnerabilities could allow the computers to be compromised, Michael Phillips, deputy inspector general for audit, said in the report. Although the IRS developed the COE with secure configurations and installed those configurations on employees’ computers, security settings have not been consistently maintained, Phillips said. “In our sample of 102 computers with the COE installed [out of approximately 100,000], only 42 were sufficiently secure based on the IRS standards,” Phillips said. “The remaining 60 computers complied with less than [90%] of the computer settings prescribed by the IRS or contained at least one high-risk vulnerability that could be exploited to either take control of the computer or render it unusable.”

Source - Computer World

MS Developer Responds To Backdoor Speculation

In a MSDN blog posting yesterday, a Microsoft developer responds to speculation about BitLocker providing government back-doors with a resounding "Over my dead body." The speculation was centered around a BBC News posting several weeks ago where UK officials were said to be in talks with Microsoft regarding back-door functionality for its upcoming Windows Vista operating system. The blog author, Neils Ferguson mentions that Microsoft is indeed talking to governments but in the context of helping them use BitLocker for their own needs. Neils also mentions the developer backlash that would ensue should a back-door be legislated upon them, offering suggestions that such requirements would be publicly disclosed or the project cancelled altogether.

Source - Security Focus

Internet Harassment Roils Korea

Kim Hyo-bi doesn't want her picture taken any more. Not after the 22-year-old student's portrait wound up on a photo-sharing Web site last summer with her face coloured and distorted to make her look silly, titled alongside the original as "Before and After." She tried to simply forget about it, but she couldn't. She was barraged with calls from friends who saw the page, and the humiliation and feeling of being violated caused her several sleepless nights. "I always thought that it is something [that] only could happen to other people," Kim said.

Source - Globe and Mail

Ten Things To Know About VoIP

WHEN Tesco announced that it was launching its own voice over internet protocol (VoIP) service, which allows people to make cheap telephone calls with each other over a broadband internet connection, it raised a few eyebrows. The decision by the UK’s biggest retailer to take on BT and the internet big guns such as Google and Microsoft will inevitably result in an increase in the number of people using VoIP. Ofcom, the telecoms regulator, estimates that there are already 500,000 active VoIP users in the UK and recently launched a consultation into the growth of the market.

Source - Times Online

U-Boat's Enigma Cracked With PC's

Sixty years after the end of World War II, a network of several thousand PCs has cracked a message enciphered with the famous Enigma machine. The M4 Message Breaking Project, started by Stefan Krah, a German amateur cryptographer, in January, took on three messages intercepted by British code-breakers during WWII, but never cracked by the famous cryptology facility at Bletchley Park. The code breakers at Bletchley included computing pioneer Alan Turing and used a combination of human intelligence, guesswork, and elementary computing, called "bombs" to decipher messages." At various times, Bletchley Park could read virtually all Enigma-ciphered messages to and from U-boats at sea, which was instrumental in locating and sinking the submarines, or steering convoys away from U-boat wolfpacks.

Source - Internet Week

Symantec Takes Heat For Changing Adware Advice

Symantec's out-of-court settlement with an adware maker is a loss for users, an anti-spyware researcher said this week. Friday, Feb. 24, the Cupertino, Calif. security company announced that it had dismissed its lawsuit against browser and e-mail toolbar maker Hotbar.com, Inc. Last June, Symantec filed a zero-dollar suit against the New York company, saying then that it was seeking a legal ruling that would affirm the position that Hotbar's programs "are indeed adware and can be treated as computer security risks." Under the new arrangement struck with Hotbar, Symantec has agreed to dismiss the lawsuit but will still classify the company's software as "adware." Symantec called it a victory.

Source - Internet Week

Stolen Laptop Has 93,000 Student ID's

A laptop computer containing names and Social Security numbers of 93,000 people who attended Metropolitan State College of Denver from 1996 to 2005 was stolen from a campus employee's home, leaving students vulnerable to identity theft. The laptop was taken from the home of an admissions office employee Saturday. He was authorized to have the data for a grant he was working on for the school, said Metro State president Stephen Jordan. The Social Security numbers were used to identify and track students and access historical information about them. The employee is also a graduate student in the department of public affairs at the University of Colorado at Denver and was using the data to complete his master's thesis. Campus officials are investigating whether the employee should have been allowed to use the data for his thesis and if disciplinary action should be taken. The school is also probing procedures to determine if policies on releasing and storing certain data should be revamped.

Source - Denver Post

New Scanner Thwarts Finger Hackers

A fingerprint recognition device which confirms that the finger is still attached to its owner will be demonstrated at a US government technology conference next week. Nitgen Co of Korea will show the new product at the FOSE 2006 government technology exposition in Washington, show organisers said in a press release. In a literal case of fingerprint hacking last year, a Malaysian businessman had his finger chopped off by thieves who drove off with the digit still in the fingerprint scanner of his Mercedes. While several movies have featured similar scenarios, this appears to be the only real life case of a severed finger being used to bypass a fingerprint recognition security system.

Source - Vnunet

Senate Overwhelmingly Approves Patriot Act

The U.S. Senate on Thursday voted overwhelmingly to renew the Patriot Act, capping months of debate over whether the measure adequately protects Americans' privacy rights or whether it goes too far in the name of thwarting terrorists. By a 89 to 10 vote, senators approved a bill to modify and amend the controversial law, sending it to the House of Representatives for an expected vote next week and practically guaranteeing that President Bush will sign it. Some of the law's sections were set to expire on March 10. But if the measure is sent to the president in time, 14 of 16 of those sections will become permanent. The handful of senators who dissented warned it had not addressed their concerns about privacy. "We had a real chance to pass a bill that would both reauthorize the tools to prevent terrorism and fix the provisions that threaten the rights and freedoms of innocent Americans," said Russ Feingold, a Wisconsin Democrat. "This conference report... falls well short of that goal. I will vote no."

Source - CNET News

Feds Probe Online Music Price Fixing

The U.S. Justice Department says it has launched an inquiry into possible price fixing in the burgeoning online music industry. Two record industry officials characterized the inquiry as essentially identical to one launched in December by New York Attorney General Eliot Spitzer, who subpoenaed several record companies searching for information on wholesale prices that music labels charge for downloadable digital music files. The Justice Department would not name the companies it has targeted. "The antitrust division is looking at the possibility of anticompetitive practices in the music download industry," spokeswoman Gina Talamona said Thursday.

Source - CNN

How To Punch Through Spam Filters

It was a typical first-thing activity. I'd turned my computer on, run the spam filter, and was checking through it for e-mails that shouldn't be there. As sometimes happens, there were a couple, and a couple of clicks later, McAfee SpamKiller sent them on their way to my e-mail. This is a habit that I've formed over the years because I've learned that despite the technology, false positives do exist and sometimes the e-mail that's on the kill list is important. This is made more complex because I have multiple levels of spam filters with the McAfee product somewhere in the middle. By the time my e-mail reaches me, nearly all the Spam has gone. Normally, that is a good thing. But when it contains my airline itinerary for a trip to CeBIT, it's less than optimal.

Source - Information Week

U.S Objects To Snort Purchase By Israel-based Check Point

The same Bush administration review panel that approved a ports deal involving the United Arab Emirates has notified a leading Israeli software company that it faces a rare, full-blown investigation over its plans to buy a smaller rival. The objections by the FBI and Pentagon were partly over specialized intrusion detection software known as "Snort," which guards some classified U.S. military and intelligence computers. Snort's author is a senior executive at Sourcefire Inc., which would be sold to publicly traded Check Point Software Technologies Ltd. in Ramat Gan, Israel. Sourcefire is based in Columbia, Md. Check Point was told U.S. officials feared the transaction could endanger some of government's most sensitive computer systems. The company announced it had agreed to acquire Sourcefire in October. The contrast between the administration's handling of the $6.8 billion Dubai ports deal and the Israeli company's $225 million technology purchase offers an uncommon glimpse into the U.S. government's choices to permit some deals but raise deep security concerns over others.

Source - Redmondmad.com

Intel To Build Assembly Facility In Vietnam

The world's largest microchip maker Intel Corporation has announced a US$300 million (Bt11.7 billion) investment to build a semiconductor assembly and test facility in Vietnam's Ho Chi Minh City, as part of a plan to spend $1 billion to improve production in Asia. It is also a part of the company's worldwide production-capacity expansion that will involve spending $6 billion to increase manufacturing capacity around the world. Craig Barrett, Intel's chairman, said the initial negotiations between Intel and the Vietnamese government began in 2001, and under the plan, production will be underway in the second half of next year. The company will invest an additional $305 million in the second phase. The plant is to be built at Saigon High Tech Park in Ho Chi Minh City, Vietnam's commercial centre, and output will be for supply to the worldwide market.

Source - The Nation

Open Source Needs Big Vendors To Thrive, Ellison Says

The success of Linux and other open source projects has depended heavily on the support and investment of major IT companies, Oracle Chief Executive Officer Larry Ellison said on Thursday. "Open source becomes successful when major industrial corporations invest heavily in that open source project," Ellison said at a Tokyo news conference. "Every open source product that has become tremendously successful became successful because of huge dollar investments from commercial IT operations like IBM and Intel and Oracle and others," he said. He highlighted his own company's work in developing and promoting Linux, and said the operating system would not have enjoyed the success that it has without vendor backing. "There's a lot of romantic notions about open source," Ellison said. "That just from the air these developers contribute and don't charge. Let me tell you the names of the companies that developed Linux: IBM, Intel, Oracle -- not a community of people who think everything should be free. Open source is not a communist movement."


Source - Info World

NCsoft Sued For $23 Million

Last month we reported that Chinese hackers were launching massive attacks against Korean gaming sites to gain account information. It now appears that these attacks were successful and a class action lawsuit has been filed in South Korea against NCsoft, the maker of many popular online games like Lineage, City of Heroes and Guild Wars. The suit alleges that around 224,000 people had their account information stolen in the past six month. The information was later used to create hundreds of thousands of new Lineage account. Thousands of illegally created accounts were used to create gold from killing online monsters and selling magical items, a process which in gamer speak is called, "gold farming". Gold farming has become a multi-million dollar business as people will pay $30 to $80 for a thousand in virtual gold that can be used to buy better equipment or abilities.

Source - TG Daily

Sofware Helps The Illiterate Find Work

Microsoft Corp.'s Office software and Windows operating system is typically associated with slick "information workers" on the go, using the latest technology to solve complex business problems. At a company research and development lab in India, however, workers are grappling with a much different problem: How to use technology to help people who cannot read or write, let alone use a computer. Working with a local advocacy group, Microsoft has developed a prototype of a system that would help connect illiterate domestic workers in India with families seeking their services. The goal is to help the women see how technology can make finding work more efficient, as the first step toward creating broader tools to allow illiterate people to benefit from technological advances.

Source - CNN

Student Suspended For Viewing MySpace Posting

A middle school student faces expulsion for allegedly posting graphic threats against a classmate on the popular MySpace.com Web site, and 20 of his classmates were suspended for viewing the posting, school officials said. Police are investigating the boy's comments about his classmate at TeWinkle Middle School as a possible hate crime, and the district is trying to expel him. According to three parents of the suspended students, the invitation to join the boy's MySpace group gave no indication of the alleged threat. They said the MySpace social group name's was "I hate (girl's name)" and included an expletive and an anti-Semitic reference.

Source - CNN

eBay Gets UK Rival

Time for a little unabashed patriotic chest beating here, because new UK service ‘Hunt for it’ is hoping to take on the mighty eBay. Like most ingenious IT ideas it was thought up by a teenager and like most ingenious battle plans it tackles its enemy from the side (think Greeks verses Trojans and Google verses Microsoft). The theory behind it is simple too: make an auction site where users don’t need to be trapped in front of their computers. The way Hunt for it has implemented this is via text messaging. True, eBay offers a similar service through O2 using WAP, but Hunt for it is open to any network and SMS is faster and most cost efficient. Furthermore, all listings are free and a seller will receive 5p for every bid he receives on his item. A profile can also be set up on the hunt for it website enabling users to receive texts whenever specific items become available. The company uses the example phrase: ‘Ordinary Boys concert tickets’ but hopefully there will be more tasteful requests made instead for the likes of Hard-Fi or Arcade Fire…


Source - Trusted Reviews

Change Of Tactics In War On Viruses

Could quarantining e-mails be a better way of dealing with viruses than the traditional approach used by most antivirus companies? With increasingly diversified threats and a splintered antivirus industry, some security providers are arguing that mainstream antivirus companies are simply not nimble enough to cope with new waves of malware. Traditional approaches to providing updates -- which require the malicious code to be in the possession of the security companies -- are fundamentally flawed, the argument goes. IronPort, a US purveyor of Web monitoring services, is one of the companies championing a different approach to dealing with viruses, worms and other nasties. The technology that IronPort uses to filter spam and quarantine e-mails is different from most other vendors -- it uses "Web reputation" as a basis for quarantining suspect e-mail traffic.

Source - ZDNet Australia

Apple OS X Update Responds To Security And Worm Concerns

Apple has released a security update that patches twenty security holes in its OS X operating system and bundled applications. Virus writers in the past weeks have released several high profile viruses and security experts last week disclosed that they had found a critical security hole in the operating system. "The update fixes both the recently reported Leap-A and Safari security vulnerabilities," an Apple spokesperson told vnunet.com. The Safari vulnerability was unveiled last week by German researcher Michael Lehn. The flaw could allow an attacker to launch arbitrary code on a Mac computer running the Safari browser through the use of a specially crafted website.

Source - Vnunet

Need For Speed - NZ's Broadband Challenge

Auckland City has responded to the broadband challenge issued by central government and today endorsed further investigation of options to achieve full-speed broadband at significantly lower costs for Auckland city. "Broadband is vital to our economy. It is a critical enabler of productivity, growth and economic transformation," said Cr Richard Northey, chairperson of Economic Development and Sustainable Business committee. "To encourage business growth and retention it is essential we do what we can from a local government angle to bring down cost, and encourage infrastructure deployment that takes us forward from copper wires to fibre optic and wireless technology. Auckland city needs the speed to be internationally competitive," said Mr Northey. "Auckland is at risk of being left behind the rest of the developed world if we don't address why Aucklanders have been slow to take up this technology," said Mr Northey.

Source - Scoop NZ

English Wikipedia Publishes Millionth Article

The Wikimedia Foundation announced today the creation of the 1,000,000th article in the English language edition of Wikipedia. The article is about the Jordanhill railway station in Scotland, and it was started by Wikipedia contributor Ewan Macdonald. Wikipedia is a free, multilingual, online encyclopedia with 3.3 million articles under development in more than 125 languages. The full text of the English Wikipedia is located at en.wikipedia.org. In addition to articles, the English Wikipedia offers dozens of graphical timelines and subject-specific portals. Its media repository includes four hundred thousand images and hundreds of full-length songs, videos, and animations, many of which are available for free distribution.

Although its method of editing is new and controversial, Wikipedia has already won acclaim and awards for its detailed coverage of current events, popular culture, and scientific topics; its usability; and its international community of contributors. BBC News has called Wikipedia "One of the most reliably useful sources of information around, on or off-line." Daniel Pink, author and WIRED Magazine columnist, has described Wikipedia as "the self-organizing, self-repairing, hyperaddictive library of the future," and Tim Berners-Lee, father of the Web, has called it "The Font of All Knowledge."

Source - Wiki Media Foundation

How Government Web Sites Stack Up

Government Web sites are not reaching the public as effectively as they might. This phenomenon is common around the world and while some sites have functional value to the public, research shows that people are confused, ignorant or unable to find what they need from many government sites. To improve their usability, governments should examine practical steps to reach citizens, firstly by marketing the sites in conjunction with improved navigation and, if required, re-designing sites for users to know what they can find on them. Secondly, refine the execution of the sites, with special reference to improving the quality of sophisticated interaction that is possible between citizens and the administration. This process should be conducted in the context of the strategic objectives of e-government policy if they are to achieve that particular policy target.

Source - ZDNet Australia

Apple Releases iTunes Update

Apple today posted a new version of its digital music software, iTunes 6.0.4, which "addresses stability and performance issues related to Front Row," the company said. Apple has made several tweaks to iTunes 6 since it was first released in October. Its most recent version, iTunes 6.0.3, was launched in mid-February to fix bugs and make performance improvements.

Source - CNet News

Former US Government IT Worker Guilty of Hacking

A former IT system auditor for a US government agency faces a five-year prison sentence on a computer hacking charge after secretly monitoring his supervisor's e-mail and computer use, the U.S. Department of Justice (DOJ) said. Kenneth Kwak, 34, of Chantilly, Virginia, pleaded guilty Wednesday in U.S. District Court for the District of Columbia to unauthorized access to a protected computer in furtherance of a criminal or tortious act, the DOJ said. Kwak was a system auditor working on federal information security management audits as a member of the U.S. Department of Education's Office of Inspector General. Kwak placed software on his supervisor's computer enabling him to access the computer's storage at will, the DOJ said. Kwak later used that software on numerous occasions to view his supervisor's e-mail and Internet activity as well as other communications, and he shared those communications with others in his office, the DOJ said. Kwak, who faces a maximum sentence of five years in prison and a US$250,000 fine, monitored the communications for personal entertainment, and there is no indication he profited financially from his actions, the DOJ said.

Source - Linux World

Technology Facilitates Caller ID Spoofing

Last fall, U.S. Rep. Tim Murphy's office started getting phone calls from constituents who complained about receiving recorded phone messages that bad-mouthed Murphy. The constituents were especially upset that the messages appeared to come from the congressman's own office. At least, that's what Caller ID said. "People thought we were making the calls," Murphy said. The calls, which the Pennsylvania Republican estimated in the thousands, were apparently placed with fake Caller ID. That has been possible for a long time, but it generally required special hardware and technical savvy. In the last few years, Caller ID spoofing has become much easier. Millions of people have Internet telephone equipment that can be set to make any number appear on a Caller ID system. And several Web sites have sprung up to provide Caller ID spoofing services, eliminating the need for any special hardware.

Source - AP Wire

FedEx Pay System Could Be Grounded

A smart card used for the FedEx Kinko’s ExpressPay system is vulnerable to malicious attacks that could lead to a handsome payday for hackers, a malware-monitoring group said Tuesday. The memory chip card contains data that can be rewritten once a three-byte security code is applied, scientist Lance James of Mal-Aware.org said. Because neither the data nor the code is encrypted, all it takes is a smart-card reader to rewrite the memory card and a logic analyzer to determine the code, said James, the lead scientist with Dachb0den Laboratories, a Southern California-based hacker think-tank. "Once the three-byte code is known to the attacker, the card's stored value and serial number can be changed to any value," James said. "The ExpressPay system appears to implicitly trust the value stored on the card, regardless of what the value actually is." The exploited cards can be used to make copies or rent computers, he said. Worse yet, they could be used to steal cash from FedEx Kinko's locations.

Source - SC Magazine

Hosing Down Firewall Hype

Network administrators who place all their trust in firewalls copped stern words this week from a high-ranking engineer at one of the world's largest networking equipment vendors. "The idea behind firewalls doesn't work anymore," 3Com's global vice-president Pat Rudolph, said in an interview with your writer. "The idea behind firewalls is that people inside the network are trusted and that people outside the network are potentially malicious," he continued. "The problem is, if I take my laptop home and get infected on my home network because my kid's doing something he shouldn't be, I can then walk my laptop right past my firewall, and plug it into the corporate network. I can then infect the network." Rudolph also pointed out firewalls worked by leaving network ports open.

Source - ZDNet Australia

What Has Google Been Up To Lately

Busy launching products, as usual. Last week it unveiled a beta version of Google Page Creator (http://pages.google.com), which enables anyone to create good old-fashioned web pages. However, you must have a Gmail address that you are willing to expose to the world, and to get in you had to sign up at the launch. Within hours, Google was unable to handle the demand and stopped accepting users. How odd that Google didn't figure out that people might want to try it. Before that, Google launched beta versions of Google Desktop 3 (http://desktop.google.com), with an enhanced Sidebar, and Toolbar 4 (www.google.com/tools/toolbar/T4). Desktop 3 created a small furore because of its "Search Across Computers" feature. This provides an option to search one of your computers from another of your computers, even if it's turned off. (The data is actually stored on Google's servers.) This is nice only if you don't mind Google storing your data. SAC could be particularly attractive to any hackers who can get hold of your Gmail account details. (A security flaw was found in Gmail in October 2004, though none has since surfaced.)

Source - Guardian Unlimited

Mystery Surrounds PC-to-mobile Virus

A mystery is deepening around a report about the emergence of a virus that can pass from a PC to a mobile device, with some antivirus vendors saying they have not seen the code to confirm it. The Mobile Antivirus Researchers Association (MARA) said Monday it anonymously received the code, named "Crossover." Microsoft, whose software the virus reportedly affects, said Wednesday it is investigating the reports but has not heard of any customer complaints. Antivirus vendors said they will update their software to detect and remove the virus if they are allowed to analyze it. While vendors typically send virus samples to each other to update their products, MARA has not been forthcoming with a sample, said Graham Cluley, senior technology consultant for Sophos. At the moment, the antivirus community only has MARA's word that the virus exists, Cluley said. "We would still love to see a sample of this and determine if this is a potential threat to our customers," Cluley said. "It's a little bit disappointing that they are not sharing the sample."

Source - ARNnet

Members of Apocalypse Crew Plead Guilty

Three members of an online music piracy operation pleaded guilty in federal court Tuesday in response to a government crackdown, the Justice Department said. Members of the group Apocalypse Crew pleaded guilty to one count of conspiracy to commit copyright infringement in U.S. District Court for the Eastern District of Virginia, the department said, and each faces up to five years in prison and a fine of $250,000. Derek Borchardt, 21, of Charlotte, North Carolina; Matthew Howard, 24, of Longmont, Colorado; and Aaron Jones, 31, of Hillsboro, Oregon, each obtained digital "pre-release" copies of songs and albums before their U.S. commercial release, the government said. The music was then distributed globally through file-sharing networks. The supply of pre-release music was often provided by music industry insiders, employees of music magazine publishers, or workers at compact disc manufacturing plants and retailers, the Justice Department said.

Source - CNN

First Java (J2ME) Cell Phone Trojan On The Loose

Alerts went out Tuesday from several security companies warning users of an in-the-wild Trojan horse able to infect nearly any cell phone. The Trojan, named Redbrowser.a by McAfee, F-Secure, and the discovering vendor, Moscow-based Kaspersky Labs, can attack any device -- smart phone, PDA, or cell phone -- that runs Java 2 Micro Edition (J2ME), Sun Microsystem's version for consumer electronics devices. "The important thing about this Trojan is that it can get to any device that runs J2ME," said Shane Coursen, a Kaspersky senior technical analyst. "A good portion of cell phones use Java for games, and some of their other programs." Redbrowser.a appears on a device as a text message with an accompanying file attachment. The file claims it's a program that lets users visit WAP sites without a connection. In reality, the Trojan installs code that sends out text messages to premium-rate phone numbers in Russia. The user's charged $5 to $6 for each message.

Source - Internet Week

Microsoft Unveils "Non-Security" Update For IE

Microsoft Tuesday updated Internet Explorer 6 for Windows XP SP2 and Windows Server 2003 SP1, but denied that the changes were security related. "The update is labeled as 'non-security' given that it does not include any new updates that affect the security of IE," said a company spokesman Tuesday afternoon. With the update in place, IE 6 won't run some ActiveX controls until they've been explicitly enabled by the user. Last December, Microsoft posted a note to Web site and ActiveX developers warning them that the change was coming. In that note, the Redmond, Wash.-based developer said that controls loaded by the APPLET, EMBED, or OBJECT elements would be disabled unless the user turned them on.

Source - Internet Week

Hacker Defender Author (Holy Father) Kills Stealth Project

The creator of Hacker Defender, the well-known rootkit, has pulled the plug on his antidetection service. Holy_father's reason: He doesn't feel he has anything new to offer. Hacker Defender has long been a weapon of choice for those seeking to attack remote Windows NT/XP/2000/2003 systems without permission. Rootkits covertly patch the operating system, changing it forever... or at least, till you reformat your hard drive. While Hacker Defender was famous among security professionals, another rootkit got more attention among end-users: The rootkit Sony-BMG embedded in unsuspecting customers' music CDs. Untold damage resulted... to both users' computer systems and Sony-BMG's reputation. As the designer of one of the first user-mode rootkits, holy_father sought to constantly remind the world that the Windows operating system is woefully unprotected.

Source - E-mail Battles

Alleged Perth Spammer Sent 56 Million E-mails, Court Told

A Perth company accused of sending millions of spam emails around the world is continuing to send bulk unsolicited electronic mail, the federal court has heard. A federal court judge today began hearing landmark legal action by Australian Communications and Media Authority (ACMA) against Clarity1 Pty Ltd and its sole director Wayne Robert Mansfield. Clarity1, which also trades as Business Seminars Australia and Maverick Partnership, is accused of sending at least 56 million unsolicited commercial emails in the 12 months after the Spam Act 2003 came into force in April 2004. Justice Robert Nicholson issued an interim injunction last August ordering Clarity1 not to send out unsolicited email in breach of the act pending resolution of the case.

Source - SMH.COM.AU

US Chipmaking Giant Intel Breaks Into Intel

US chipmaking giant Intel broke new ground today with the announcement of a planned new US$4 billion ($6.1 billion) plant in the southern Israeli city of Kiryat Gat, according to an Associated Press (AP) report. The Israeli government contributed US$525 million to the plant, which is to produce 45-nanometer semiconductor chips. Intel's investment is the largest by an industrial corporation has ever made in Israel. At the groundbreaking ceremony, acting Israeli Prime Minister Ehud Olmert said there were political aspects to the event, following the election victory by the violent Islamic Hamas, which is setting up a new Palestinian government.

Source - NZ Herald

Google CFO Warns of Slow Growth

Google's Chief Financial Officer George Reyes sparked more than a 10 per cent sell-off in the Web search leader's volatile stock after he cautioned that online advertising revenue growth could slow. Speaking at a Merrill Lynch internet advertising conference here, Reyes said the company's Web search advertising business, which generates 99 per cent of its revenue, would depend on overall market growth rather than specific improvements Google makes that can result in greater sales. "Growth is slowing and now largely organic," the Google CFO was quoted by CNBC financial television as saying. "The search monetisation gains have now been largely realised."

Source - NZ Herald

College Student Brute Forces Password In Attempt To Change Grades

You Li, age 21, a Chinese national living in Utah while pursuing an undergraduate degree in computer science at the University of Utah, has been indicted by a federal grand jury for hacking into a University of Utah computer in an attempt to change a grade in a math class. The indictment also alleges he accessed other personal information. The indictment was announced last week by Acting U.S. Attorney Stephen Sorenson and FBI Special Agent in Charge Timothy J. Fuhrman of the Salt Lake City Office. A federal grand jury returned a sealed two-count indictment last Wednesday afternoon charging Li with accessing a protected computer in attempted furtherance of fraud and obtaining information from a protected computer. Each count carries a potential maximum penalty of up to five years in prison and a $250,000 fine. According to SAC Fuhrman and Chief Scott Folsom of the University of Utah Public Safety Department, Li was arrested Friday morning by FBI special agents and officers of the University of Utah Public Safety Department. Li had an initial appearance in federal court Friday morning and was released on conditions, including surrendering his passport. The indictment was unsealed at the hearing. Defendants charged in indictments are presumed innocent unless or until proven guilty in court.

Source - Linux Electrons

Viruses Cause Most Security Breaches

Viruses remain the biggest cyberthreat to businesses, according to a government report to be released soon which will also warn that the threat of spyware is growing, . The Department of Trade and Industry (DTI) report into information security breaches found that approximately half of businesses said their worst security incidents over the past two years has been caused by virus infections, rather than other threats such as hacking or phishing. The survey, which will be launched at Infosecurity Europe 2006 in London in April, showed that virus infections were also more likely to have caused serious service interruption than other incidents. "Usually the disruption was minor, but roughly a quarter of companies questioned who reported a virus as their worst incident had major disruption, with important services such as email down for more than a day," the authors of the survey said in a statement.

Source - ZDNet UK

BP Oils The Wheels Of Heated Security Debate

BP has provoked heated debate in the UK technology industry with plans to move thousands of laptops off its LAN claiming it will make the business more secure. BP said hiding behind a firewall simply creates a false sense of security and so 18,000 of its 85,000 laptops now connect straight to the internet, even when they are in an office. Ken Douglas, technology director of BP, said "the LAN has to go" and his work now is to protect the laptops against the threats which lurk online. And it's a decision which has divided the industry. Many silicon.com readers have hit out at the move – questioning both sanity and practicality – but a great many others have been vocal in their praise of Douglas and his vision. "Why not?" asked one reader of the decision. "Most hackers concentrate on LANs and how to break through the LAN securities in place. Individual computers seem to just be regular computers to the outside world and hackers and they may be bypassed."

Source - Silicon.Com

Butterfield Bank Issues Phishing Warning

Butterfield Bank is warning people to beware of emails that try to steal personal or credit card information. Called "phishing" emails, these messages often claim to be from a legitimate source, such as MasterCard or VISA. They will usually try to direct people to a web site where personal and/or credit card information is requested. Two emails are currently circulating, claiming to be from MasterCard or VISA. One tries to scare people into responding by claiming hackers have accessed "processings", the other claims it is introducing a "new security system" and asks customers to reactivate their card due to a "technical update". Both direct people to phoney web sites. Susan Mylchreest, vice president, Electronic Banking said: "Customers should never respond to any unsolicited email requests for information, even if they claim to be from a known organisation. "The good news is that as long as you do not respond, you are safe. Just delete them from your mailbox."

Source - The Royal Gazette

Politically Motivated Cyber Attacks On The Rise

Politically motivated cyber attacks were on the rise in 2005 according to statistics released by Zone-H. The numbers of attacks from Jyhadi cyber hackers as well as the attacks of Chinese hackers on U.S. military sites figure into the study as well. The information shows the problem is only getting worse. The organization reported an increase in politically motivated attacks and a growing hacking trend based in the Muslim community. The study noted an increase of 26.1% in defacements during the year of 2005 and there were more than 1.3 million digital attacks for 2005. Zone-H noted in its report: In the year 2005, Zone-H accounted for 494,9888 attacks, a raise of 26.1% from the previously accounted 392,529 attacks in year 2004. Out of the 494,988 attacks, 123,644 has been on single hosts while the rest was accounted in mass-defacements. They mentioned several other facts of note. One was the fact that in 2004, attacks mostly originated from Brazil. In 2005, many were Muslim defacers and most were based in Turkey. The most active was known as Iskorpitx, who single-handedly compromised 90,383 sites over a two year period.

Source - Security Pro News

Groups Unite To Fight Bulk E-Mail Fee

A variety of interest groups have joined forces to fight a proposed bulk e-mailing fee they claim strikes at the heart of online communication -- a level playing field for rich and poor. America Online plans to introduce a service that would charge businesses and other bulk e-mailers a fee to route their e-mail directly to a user's mailbox without first passing through junk mail filters. Another major provider, Sunnyvale, California-based Yahoo Inc., in the coming months will test an optional certified e-mail program based on "transactional" messages only, such as bank statements and purchase receipts, Yahoo spokeswoman Karen Mahon said. "Yahoo is not planning to require payments for businesses or organizations to send e-mail to Yahoo users," she said. "Companies can continue to send e-mail to Yahoo e-mail users at no cost in exactly the same way they always have."

Source - CNN

Are Games Like Drugs

Chicago's WGN news is warning parents that video games are like drugs, an audacious claim that has gamers across the country wondering what those crazy journalists are smoking. According to the WGN health segment on the impact of gaming, the adrenaline rush that occurs during gameplay makes the experience itself an addictive stimulant:

"It's a stimulant. It's highly addictive. It's causing kids to forget about their friends, ignore their schoolwork and become impulsive and hot tempered."

To support this dubious assumption, they call in a social worker to give his expert medical opinion. How does social worker Robert Kauffman know that games are destroying the fabric of society? Because, he says, youngsters aren't as obedient as they used to be:

"We get kids who act out more. They don't think about what they are doing. they don't see the consequences in it. They tend to act less respectfully to their parents, and it just keeps going on."

How many countless times before him have the same words been uttered in admonishment? Transformative social catalysts are always feared by those that lack familiarity with new cultural and technological developments. Stale contempt for progress resonates throughout history. No doubt Kauffman's concerns were voiced by a previous generation when Rock 'n Roll and television began to transform the fabric of American social identity, or when jazz and beat poetry invented a new kind of self expression before that. Could it simply be that no matter the era, children invoke self-affirming defiance as they grapple with the challenges of individuality and learning what it means to be an autonomous adult? Old people have been accusing young people of being impulsive and direspectful for the entire length of recorded history, so I'm inclined to believe that it has very little to do with gaming.

Source - Arstechnica

One In Three IT Workers Looking For A New Job

OVER A THIRD of IT workers say that they are looking for a new job this year. The survey conducted for CareerBuilder.com, found that IT workers are fed up with unmanageable workloads, low pay and a lack of effective leadership from those on high. More than 60 per cent said that they had seen their workload increase over the last six months and nearly half said this jump was unmanageable. Over 30 per cent claimed that their home life was suffering. Some couldn’t remember if they ever had a partner, and others couldn’t remember if they had a home or a life.

Source - The Inquirer

MCMC Launches Compendium on Information Network Security

The Malaysian Communications and Multimedia Commission (MCMC) today launched the Information Network Security Compendium. The Information and Network Security (INS) Compendium is a concise but comprehensive summary of work pertaining to everyday issues on e-security. It is done in collaboration with the private sector with the objective to contribute to the learning and educational experience of consumers on the need to secure themselves. The INS Compendium is part of a series of publication produced by MCMC as part of its awareness program in the area of information and network security. This is in line with the rampant occurrences of defacement of websites, DOS attacks, spamming, phishing, viruses, fraud and hacking. According to Adelina Iskandar, head of corporate communications for MCMC, “The main aim of the Compendium is to contribute to the learning and educational experience of ICT users and consumers and is intended to complement other sources of information on the subject of information and network security”.

Source - Malaysian Communications and Multimedia Commission (MCMC)

Why Your Network Needs VoIP Over Wireless

Voice over wireless local area networks (VoWLAN) might just be one of those technologies whose time has come. Combining voice over IP (VoIP) and wireless networking -- the two headline network technologies of the last couple of years, VoWLAN is, quite simply a natural. "There's a lot of pent-up demand for VoWLAN, and particularly for dual-mode cellular and wireless VoIP phones," Forrester Research principal analyst Ellen Daley says. "There's a pent-up demand because of a fear and concern of wireless phone costs. Companies are saying that 'we see people using their cell phones on office hallways,' and they're interested in reducing those costs."

Source - CommWeb

Oracle Publishes Out-Of-Cycle Security Fix

Oracle has released a critical security patch to the company's E-Business Suite software. The patch, which was released nearly two months ahead of Oracle's next regularly scheduled security updates, fixes a number of vulnerabilities in the Oracle Diagnostics troubleshooting component of the company's E-Business Suite 11i. Oracle executives could not immediately be reached for comment on the update, but the company is advising customers to apply the patch "due to the number of security fixes included," according to enterprise software consulting firm Integrigy. The problems relate to the Oracle Diagnostics Web pages and to the Java classes included with the software, which could be inappropriately used by an attacker. "The most significant issue with the Oracle diagnostics is that some of the diagnostics can be executed without any authentication," Integrigy said in an analysis of the patch (PDF).

Source - Info World

N.H. Breach May Have Exposed Credit Card Data

The FBI, the U.S. Department of Justice and New Hampshire officials are investigating a potential security breach after a malicious application was found on a state server during a routine check earlier this month. State officials said last week that there is no evidence yet that any credit card information was stored on the server. The New Hampshire Division of Motor Vehicles and the state Veterans Home use the server to transmit financial information. The state's Liquor Commission uses it as a backup for sales transactions. The server held only credit card numbers; no other personal information was stored on it, officials said. New Hampshire CIO Richard C. Bailey Jr. said that an unnamed state Office of Information Technology employee was placed on paid leave as part of the investigation. He declined to comment further on that action.

Source - Computer World

Is MAC OS As Safe As Ever?

Apple Computer fans have long loved to point out the safety of using Mac OS X, which has mostly been left alone by hackers. But the recent arrival of three threats has some asking: Is the software's charmed security life over? In the past two weeks, a pair of worms that target Mac OS X have been discovered, along with an easily exploitable, severe security flaw. The vulnerability exposes Mac users to risks that are more familiar to Windows owners: the installation of malicious code through a bad Web site or e-mail. While these threats represent a sea change, there is no need for Mac owners to worry, experts said, as the published attacks are still mainly theoretical and not widespread. But they caution that Apple fans should not be smug: Now that it's been done, other malicious code writers are likely to turn their attention to the operating system. It's a "small step in malicious code development for OS X," said Kevin Long, an analyst at security specialist Cybertrust and a Mac user for 11 years. "The message we need to get out there is that Mac users should not be complacent."

Source - ZDNet Australia

Cross-infecting Virus Discovered

The first malware to cross-infect a PC and a Windows wireless pocket device has been discovered, the Mobile Antivirus Researchers Association (MARA) said today. The proof-of-concept, file-destroying trojan, sent to the association anonymously, automatically spreads from a Win32 desktop to a Windows Mobile Pocket PC, the association said. "With the growing use of hand-held devices, this type of virus may become very prevalent in the future," the association said in an advisory. "For viruses to be more effective, they need to spread across a wider range of devices, including wireless devices. This virus closes the gap between handhelds and desktops." Jonathan Read of MARA said in an email interview today that previous "crossover" viruses could be found on Symbian operating systems – "and required either Bluetooth on the device and the PC, or the user had to physically transfer the virus on a memory card."

Source - SC Magazine

Safenet Secures Oz Firm For $34M

FAST-RISING US security provider SafeNet has paid $US25 million ($33.8 million) in a cash deal to buy Australian cryptographic pioneer Eracom Technologies. With a heritage dating back more than 25 years, Eracom's Protect range of encryption security systems is sold throughout the Asia-Pacific region and in Europe. Eracom products are mainly used to secure credit card, electronic funds transfer and autoteller transactions against hackers and data thieves. The acquisition will give SafeNet entry to the growing online payments processing sector, and access to new regional markets for its secure application, identity and communications products. "Eracom is a good fit for us in a number of ways," SafeNet global business vice-president Tim Russell says.

Source - Australian IT

Fiber Optics May Beat Hackers

Fiber-optic communication is coming closer to becoming the next boom in worldwide communication, as researchers are using quantum physics to make it both secure and fast. This means good news for consumers and businesses that are using the Internet for transmitting sensitive data such as banking records, personal information and even military communications. Thanks to the laws of quantum mechanics, quantum cryptography sends information using laser light particles (photons)with encryption keys through fiber optics in order to secure communication. So, hackers should take note that researchers -- like those at the University of Toronto -- have successfully completed a new technique that could nab eavesdroppers in the future.

Source - Monsters and Critics

Phishing, ID Theft Cause For Huge Concern

If you ever wondered where spammers got your e-mail details from, eBay may have the answer. According to Stieler van Eeden, assistant manager, Ernst & Young Information Systems Assurance and Advisory Services (and ex-hacker), spammers and hackers have ready access to millions of e-mail addresses through eBay's online auction site. While this is enough of a privacy concern, security experts are warning that potential malicious attackers also have access to those addresses, and that they could very easily use them to conduct highly coordinated phishing scams on unsuspecting people. Phishing and Identity theft are essentially similar, in that they both attempt to gain a user's personal details, including bank card numbers, pins, passwords and identity numbers, which could be used to fraudulently open accounts or purchase goods.

Source - Computer World(Australia)

Crimeware Code Sells Trojans To Hackers

Security experts have detected a new crimeware creation system that sells made-to-measure trojans to hackers for $990. The code, dubbed Trj/Briz.A by PandaLabs, stands out because its author customizes the code for hackers. The malware specializes in stealing bank details and data from web forms. According to PandaLabs, this trojan is "the most complex example of the business network based on malware." Apart from the code, cyber-crooks that buy this crimeware also get a complex system for controlling the infection caused by the custom-built trojan. This allows the client to get a list containing a large quantity of data about the infected computers: IP addresses, passwords and even the physical location of the computers.

Source - SC Magazine

Deloitte & Touche Auditor Loses Data On Thousands Of McAfee Employees

McAfee's auditor, Deloitte & Touche USA, may be thinking of buying some security software itself, after a Deloitte employee left an unencrypted CD containing sensitive information on thousands of McAfee employees in the back of an airline seat last December. The backup CD contained names, social security numbers and information on stock holdings held by over 9,000 of McAfee's current and former employees, confirmed company spokeswoman Siobhan MacDermott Friday. The information concerned McAfee's U.S. and Canadian employees hired prior to 2005, amounting to about 6,000 former employes and 3,290 current staffers, MacDermott said. The CD was left on the airplane on Dec. 15, she said. McAfee was informed of the incident on Jan. 11, nearly a month after the disk was lost. After a Deloitte investigation determined who had been affected, McAfee began notifying employees of the situation via postal mail. The last of these notification letters was sent out last week, MacDermott said.

Source - Computer World(Australia)

Internet Explorer 7 Adds New Security

A new preview version of Microsoft's Internet Explorer, with tabbed browsing, an integrated search box, and RSS support -- all features long taken for granted by Firefox users -- is now available. The Beta 2 preview of version 7 also sports a much more compact and streamlined interface than that of the current IE, with a strong emphasis on dedicating as much of the window as possible to the displayed Web site. If you use Windows XP with Service Pack 2, you can download the new beta at http://www.microsoft.com/windows/ie/ie7/default.mspx. Like any still-in-development program, this preview release has bugs and rough edges: You will encounter some display problems and program crashes. In this edition of IE, only two slim toolbars sit up top, with the navigation buttons back, forward, refresh, and home split up between them. Tabs, new to version 7, appear on the second toolbar. Although you can't move the tabs around, you do get a nice feature called "Quick Tabs": Clicking a gridlike icon next to the tabs brings up a convenient thumbnail display of all your currently open pages.

Source - PC World Australia

Japan E-mail Scandal Continues

JAPAN'S ruling Liberal Democratic Party went on the offensive against opposition allegations that a son of the LDP chief had received secret campaign cash from the founder of scandal-hit internet firm Livedoor. Earlier this month Democractic Party of Japan lawmaker, Hisayasu Nagata, told Japan's parliament that Livedoor's founder, Takafumi Horie, sent an email instructing a 30 million yen (256,000-dollar) payment to a son of LDP secretary general Tsutomu Takebe. Arguing the email was "almost certainly fake," LDP deputy secretary general Ichiro Aisawa told public broadcaster NHK that the opposition now "has quite heavy political responsibility". The junior Takebe was suffering "tremendous mental, physical and economic damage" over Mr Nagata's remark, Mr Aisawa said, demanding the Democratic Party clarify how Nagata went public with the allegation. If the Democratic Party fails to come up with a clear explanation, "we must take a tough stance," he said.

Source - Australian IT

OPINION

I'm A programmer, Not A Computer Guy

A gentle warning to young or up-and-coming IT professionals: keep your professional identity a secret! Guard your privacy like a superhero, because before you can say "what do you mean reboot?", you'll be the neighborhood troubleshooter, constantly on call to save the day.

I'll be the first to admit that I mistakenly admitted, years ago, that I'm a professional programmer. That doesn't mean that I can turn a PC into a toaster or that I build anti-virus-spam-bio-domes in my garage. It just means that every week, I trade a bunch of clackety-clack-click-thunks for a slightly-higher-than-median income paycheck that gets filtered through my checking account (or temporary economic holding facility) and delivered directly to Countrywide Home Loans and the Sire Bar & Grill. But don't take this wrong - it's an altogether fabulous life -- after all, we're walking distance from the Sire.

Every Monday through Thursday, I get up at the same time as every employee on the West Coast and go to work. The difference is that I travel just one mile, whereas most other West Coast employees are a long helicopter flight away. My four to six minute commute, occasionally complicated by a passing train carting those who have neither the means nor opportunity to procure a whirly-bird, is littered with deep, incisive thoughts of software designs, network uptimes, operating system paradigms and all manner of tech-talk thoughts.

OK, not really. I used to think a bit about these sorts of things, but not any more; I'm too distracted by the miracles of existence, like the peanut butter, asparagus and rat fur pizzas they serve at local "gourmet" joints. Maybe it's because much of Southern California's water comes from Canada that the pizza doesn't measure up to New York or New Haven. Then again, it's probably just the rat fur.

By the time I actually get to work and immediately walk over to the local coffee shop, I reconsider the miracle that "PlanetBucks" coffee is the sludgiest, bitter, rotten goo to ever pass through a filter, yet four have just sprung up in the past few months -- where was I?

Programming. I stare at a screen. I drink coffee. I type things. I observe obsolescence take over last year's work, and quickly encroach upon current projects. That's it -- a sort-of-logic through a buzzing box and a cathode ray tube. Sometimes I remind myself that the intensity of the radiation emitted by the tube is inversely proportional to the square of the distance between it and my face, and I thank my lucky stars that I have long arms.

That's programming in a nutshell: long arms, good coffee, and a natural aversion to rat fur. See how the necessity of interaction with the computer, as a programmer, is surprisingly low? The thing is that most programmers are also complete geeks whose hobbies include messing around with these machines. I'm not one of those, but apparently, I'm easily confused with them. Consequently, I'm what they would call, though I'd never lay claim to the name, an "expert."

Indeed, I have had people ask me Socratic "computer questions", to which I respond quite honestly that I don't know. They often have the audacity to retort, "But I thought you were an expert?" Nope. I'm a programmer, not a computer guy.

If I'm anyone, I'm a Linux (or perhaps *NIX) guy. This distances me even further from those who think that I'm some kind of "expert", because for most folks, "expert" is equivalent to "Windows expert". They like to ask me lots of questions about their "Microsoft", as I've heard it called. I have an expert-shaking response prepared for any such inquiry: "I don't know."

"What does it mean when the computer says that------"

"I don't know."

See. Now, it's not my intention to fire back with all the sensitivity of a postal worker who moonlights at the DMV. But that's how it has to go. Because, frankly, I really just plain old don't know. I don't do Windows.

It astounds me how few consumers seem to realize that Microsoft is not the only game in town. Moreover, it astounds me that it is, for all practical purposes, impossible to tell most consumers that there is another game. As a sports discussion, it would go something like this:

"Did you watch the Raiders game?"

"No, I don't follow football ------"

"What do you think of the new quarterback?"

"Really, football's not my thing. I don't know."

"I thought that you said that you're a sports fan?"

"No, I said that I watched tennis."

"Right, so what did you think of the penalty called in the Raiders game?"

"I watch tennis."

"Why would they call a penalty like that?"

Um.

What is a poor programmer to do? I'd consider taking the time to learn more about the machines if I didn't distrust them so deeply.

The personal computer, in my estimation, is a sneaky device. I don't mean sneaky like it's at home messing with the thermostat or ordering mismatched socks from the Home Shopping Channel -- I mean that it finds new and innovative ways to take over your life at every turn.

The PC used to be sold as a replacement to the typewriter. But I always preferred Courier font, so I was never able to get on board the Arial replacement train.

Then it became a communication device, with the advent of email and the Internet. In principle, I still think that these are fantabulous inventions and handy as hell. But now the machine is a DVD player. A jukebox. A dictionary. A teacher. Telephone. Scrapbook. Film developer. Food processor, toaster oven, daquiri blender, etc.

To be anthropomorphic about it: the bloody machine seems to think that it can be all things to all people. That's the source of my deep worry. I really don't think that it's a good idea to allow the PC to take a central role in how one interacts with the people, places, and things that accidentally collide to create a life. If anything, I think that we should be relegating gadgets to as submissive a role as possible in modern life, with an eye toward one day re-declaring our independence from the Industrial Revolution, v. 2.0.

Crazy stuff, I know. It makes my role as a programmer all the more odd, but I'm okay with it.

The fact of the matter is that I'm particularly bad at using the PC for little other than the Internet-based programming that I do. This is why I sternly maintain, in the face of enormous pressures from the Windows users of the universe, that I'm not a computer guy -- I'm just a programmer.

Got a Windows question? Call Bill.

Brian Sorrell