Category: Uncategorized

Nice work, Wayne… this is quite interesting.

Now there are articles hitting mainstream press covering the proposed deal, and we can point readers to a rough translation of an article that Google News snagged out of Israel: Hotbar in talks for sale to 180Solutions at Globes.co.il

The article says :

Israeli dot.com company Hotbar Inc. is negotiating its sale at a company value of $52 million. The probably buyer is Internet company 180Solutions Inc.. Sources inform ”Globes” that Hotbar is also negotiating with other companies, including ICQ. Hotbar develops software that sits on the browser, enabling users to change their toolbar to include links to services the company offers. Founded in 1999 by CEO Oren Dobronsky and president Gabriella Karni, the company has raised $15 million to date. Its last financing round was held in 2001. Investors include Eurofund, Tamar technology Ventures, Technorov Holdings, CE Unterberg Towbin, and Deutsche Bank subsidiary ABS Ventures. According to IVC Online, the company had $35 million in sales in 2004.

180Solutions develops software solutions for on-line advertising. The company develops adware, otherwise known as spyware, activities hated by surfers and users of computers. Coincidently or not, this activity is connected to a lawsuit anti-virus developer Symantec Corp. (Nasdaq:SYMC) filed a year ago against Hotbar, in which Symantec demanded that some of Hotbar’s activities be classified as adware. the case was settled out of court a few months ago.

Some of this article seems completely off base and some of the connections are a pretty far stretch. For example, it is hard to discern how the Symantec suit had anything to do with a deal like this being brokered- although the article does reference it as a possible “coincidence”.

Link here.

Alex Eckelberry

New scam site up:

nvidcodec.com  4/25/2006
IP: 69.50.161.123   
nvidcodec.com  
Zuska Karel      
zuska @ needupdate.com         
Praha   

Patrick Jordan
Sunbelt Spyware Research

Vista and Office 2007 are losing PDF and XPS.  Vista is losing PC-to-PC sync.

XPS, the XML-based printer specification format, competes with Adobe, possibly the reason why Adobe is so grumpy at Microsoft (hence, PDF is toast).  XPS will still be in Vista, just “under the hood”.   

PC-to-PC sync is also toast.

More from Paul Thurrott.

Alex Eckelberry

A pretty interesting move, eBay’s CEO has emailed about a million eBay users, arguing for net neutrality.  The email starts like this:

As you know, I almost never reach out to you personally with a request to get involved in a debate in the U.S. Congress. However, today I feel I must.

Right now, the telephone and cable companies in control of Internet access are trying to use their enormous political muscle to dramatically change the Internet. It might be hard to believe, but lawmakers in Washington are seriously debating whether consumers should be free to use the Internet as they want in the future.

You can read the email here, plus a CNET article here.

Confused or curious about net neutrality?  We’ve written an analysis here which I recommend reading. 

Alex Eckelberry

180Solutions was reportedly in negotiations to purchase Hotbar back in March.  The deal, which was said to be primarily the assumption of Hotbar’s debt, was perhaps an opportunity to give 180Solutions a hedge against its changing business model, with rapidly declining install rates as a result of no longer distributing through IST and the company’s decision to drop third party affiliate networks (by late Q1, 180’s daily revenue had reportedly dropped to approximately $75k a day, whereas a year ago that number was closer to $200k per day). 

180 was also reportedly interested in purchasing the assets of Claria’s adware business, and I wouldn’t be surprised if a deal occurred there, as in my opinion, 180 is still the most logical buyer for that business. 

However, cash has been a problem for 180solutions: Despite having raised a $40 million from Spectrum Equity Investors two years ago, a fair amount of that money went to the company’s founders, Daniel Todd and (reportedly) Keith Smith. With the company’s precipitous decline in install rates, cash has been at a premium (recently, however, one source with the company was said to have claimed that install rates are up and things are doing well).  What with Segways, stunning offices, plasma screens and a bevy of beautiful people and big salaries, one is not surprised.

Today, we learned from an anonymous source that this deal is imminent and could happen in the next several weeks.  Possibility?  Who knows.  At this point, this is rumour and conjecture, but it is all rather interesting.

Alex Eckelberry

Today, DoubleTake Software announced the acquisition of our sister company, Sunbelt System Software (SSS).  

To put the acquisition into context, it helps to understand our corporate framework:  French-based Sunbelt International Group owns two companies: Sunbelt Software (which I run) and Sunbelt System Software (run by Jo Murciano). 

Unlike Sunbelt Software, SSS is a pure distributor of other company’s products.  They develop nothing.  They are basically a sales, technical support and marketing organization.  They distribute our products into Europe, but their primary focus is distributing DoubleTake Software’s products.

Here’s a picture:

So for us, this is a logical acquisition, given that Sunbelt System Software was a close partner of DoubleTake Software and was heavily focused on selling that company’s product line. 

This acquisition means that we now will be setting up our own European distribution channels. 
  
For now, nothing changes.  SSS will still continue to support and sell our products.  We will start a methodical transition over the coming months so that our European activities are fully managed by us, right here in Clearwater.
 
The bottom line is that this is good news for us, and I’m excited by what the future holds for us in Europe.
 
 
Alex

This pubescent Japanese voyeur scammed young girls to get naked pictures of them.  He’s in big trouble now.

Japanese police said they had arrested a 14-year-old boy on suspicion of fraud after he allegedly used the Internet to steal personal details in Japan’s first case of phishing involving a minor.

The boy allegedly threatened people, mainly young girls, so they would send him naked photos of themselves after he had already obtained their identification details and other personal information, local media said.

Link here via Ferg.

In case you didn’t catch the news: All was doom and gloom until Symantec developers shined the light.

Of course, not everyone is on the same page.  ZDNet UK posted a story only hours ago that it’s still not patched.  They are incorrect in this case.  It is patched (at least the non-localized versions), and I have confirmed this directly with Symantec.

Symantec page here.

Alex Eckelberry

How can I get rid of ActiveSync?
If you can’t seem to remove ActiveSync using the the Add/Remove Programs tool, for older versions of ActiveSync (3.6 and prior), you may need to manually remove the software by following these steps:

1. Delete the ActiveSync icon from the desktop (right click and click Delete or drag the icon to the Recycle Bin).
2. Delete the Microsoft ActiveSync folder in Windows Explorer (by default, it’s located in c:Program Files).
3. Edit the registry to uninstall the program: navigate to the following keys and delete them: HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrent VersionUninstallWindows CE Services HKEY_LOCAL_MACHINESoftwareMicrosoftWindows CE Services HKEY_USERSDefaultSoftwareMicrosoftWindows CE Services
4. Restart the computer.

Battery drains too quickly on SP2 laptops
If you’ve installed Windows XP Service Pack 2 on your portable computer, you may find that the battery goes down more quickly than you expected after you unplug the AC power. This can happen because the computer isn’t able to go into the ACPI processor idle state because of a component of the USB 2.0 driver. There’s an update that you can download and apply to fix the problem. To find out more and get the update, see KB article 918005.

How to configure a VPN connection in XP
If you need to connect to your office network from home or when you’re on the road, one of the most secure ways to do so is via a virtual private network (VPN) connection. There must be a VPN server on the company network and you’ll need the proper credentials to log on, but once you have that, XP makes it easy to set up your VPN connection from your laptop or home desktop system. For instructions on how to do it and tips for troubleshooting common VPN problems, see KB article 314076.

Troubleshoot Internet connection problems
If you’re having problems getting your Windows XP computer to connect to the Internet or browse the Web, there are numerous possible causes. The best way to determine what your problem is (and fix it) is to take a methodical approach. KB article 314095 walks you through the steps to help diagnose what’s interfering with your connection, whether it’s a configuration on your computer or a problem with the server.  Link here.

Deb Shinder

It’s been a while since I discussed digital rights management (DRM) here, but technologies to restrict the use of digital content are still out there, and increase in both sophistication and popularity – among content providers, that is. DRM is anything but popular among the consumers of that content, and this isn’t because all consumers have a raging desire to illegally distribute their copyrighted music and movies. The problem is that DRM doesn’t just keep you from making illegal copies, in many cases it keeps you from making legitimate copies for your own use after you’ve paid for the content. That’s one of the primary complaints that has consumers up in arms.

And some of them are fighting mad about it. At last week’s WinHEC conference in Seattle, Bill Gates’ keynote speech was interrupted by protestors from a group called the Free Software Foundation, currently engaged in a campaign called “Defective by Design” that’s aimed at the way DRM technologies limit the usability of digital media (including not just software but songs, movies, electronic books, etc.).

Of course, a few months back Sony saw the wrath of consumers when it was revealed that some of their music CDs contained “rootkit” software that installed itself on users’ computers without permission as part of their copy protection technology. The company found itself the subject of several class action lawsuits that ended up in a settlement that required them to reimburse consumers and remove the rootkits. That hasn’t stopped content providers from developing new copy protection technologies, but perhaps it’s made them a bit more cautious as to how they go about it.

People have always shared their music, books, recorded movies, computer programs and such with friends. Ever since the advent of recordable media, they’ve made copies and swapped them with others. This dates all the way back to reel-to-reel tape recorders, but that technology was expensive and not many people had it, so record producers didn’t consider it much of an issue. When cassette recorders came along and making recordings got much cheaper and more widespread, there was some worry that people would record songs off the radio, for instance, instead of buying record albums. But the quality of the tapes was lower than the originals, so once again it never became a big problem.

Video recording equipment added a whole new layer to the issue. Movie studios were selling VHS and Betamax movie tapes for around $50 each (in 1970s money, at that) and saw a potential goldmine going down the drain if people were able to record their own copies. A court fight ensued, in which the big companies tried to have the video recorders banned completely, but consumer rights prevailed when justices ruled that the legitimate uses of the technology outweighed the risk of their being used to violate copyright. It was, after all, a little like trying to ban the selling of cars because they could be used by criminals for fast getaways from crime scenes.

Another saving grace was that, as with the cassette recordings of music, “home grown” video tapes that were second or third generation copies just weren’t as good as the originals, so folks still had an incentive to shell out for the commercial product.

Then digital recording came along. As home computers grew ubiquitous, any and everyone could make copies of digital music and other content with no discernible difference in quality from the original. They could burn them to CD or DVD easily and cheaply, and give them away to all their friends – but this still would have presented only a limited threat to the content providers except for one thing: the Internet.

With most computers in the world connected to a common network, computer users could not only share copies of their songs and movies with the limited number of people around them, they could also share them with hundreds or thousands of strangers all over the world. At first, uploading and downloading the large files involved was time consuming and required a certain amount of technical savvy since dialup Internet connections were slow and the content was often divided into many separate files that had to be decompressed and reassembled. But technology, as technology often does, got better.

High speed broadband and new file formats combined with file sharing software made it a “no brainer” for even pre-teens to quickly grab a large number of digital songs, movies, TV shows, etc. Now it seems that those who make and market digital media and the consumers of that media are caught in a vicious cycle. When they see a lot of people getting their content for free, content companies believe (rightly or wrongly) that they’re losing money. That causes them to develop the technologies to try to keep it from happening. Those technologies, though, anger the consumers who DO pay for the content because it keeps them from making copies for themselves. That leads more of those to feel justified in downloading content illegally. Which leads to more panic and reaction on the parts of the content companies, who also raise prices for those consumers who do pay, alienating them even more, and so forth.

The question is: how do we stop the cycle and come up with a solution that’s fair to everyone? Certainly software makers, artists and production companies deserve to be compensated for their products. But many consumers who want to do the right thing feel that they’re being taken advantage of when they pay higher and higher prices for more and more dysfunctional products.

Tell us what you think. Do protests like the one at WinHEC do any good? If consumers stop buying the products, will that send a message to the providers or will they just conclude the low sales mean more people are making illegal copies and cause them to raise prices higher and step up the copy protection technology? Do more laws help or hurt?

Deb Shinder

And gets religion? 

…Ballmer spent the better part of the next two days trying to rid this PC of worms, viruses, spyware, malware, severe fragmentation, and well, you name it. Picture it: the world’s 24th wealthiest person, a man worth $13.6 billion according to Forbes magazine, sitting at a table for two days, playing tech support. It was, Allchin says, a humbling experience.

Allchin says Ballmer eventually gave up and instead lugged the machine back to Microsoft’s Redmond, Wash. campus. There, several engineers spent several days, burrowing deep into the system to figure out the problem. Imagine, CSI: Redmond.

It turns out there were more than a hundred pieces of malware of various types. Things that these engineers using Microsoft’s own private tools could not ferret out and fix. Some of these threats hooked themselves deeply into the core operating system and essentially lied about their existence. Other malware scoured the hard drive for anything containing the string “virus,” and, in Allchin’s words, would “shoot them dead.” The result was disabling any installed antivirus software.

It took a team of engineers to restore this system to health. And it was a real wake-up call.

Link here.

Alex Eckelberry
(Thanks Stu)

Sunbelt developer Peter LePage (he works on Kerio here) went to WinHec2006 last week and offered this brief roundup of the conference:

Technology Summary
Although WinHEC is billed as a hardware and technical conference, Microsoft’s emphasis was largely marketing hype, pushing their new Vista and Longhorn offerings. Microsoft’s marketing research into industry trends does provide valuable insight into the next year’s computing marketplace.

• The majority of computer sales have been laptops rather than desktops and they see this trend continuing and increasing into next year.
• Processor vendors Intel and AMD are investing heavily into 64 bit, multi-core processor offerings tailored toward consumer laptops.
• Microsoft is rapidly embracing 64-bit processing, and rapidly deprecating 32 bit support.

Vista & Longhorn
Vista and Longhorn, the code names for Microsoft’s next consumer and server operating systems are rapidly approaching. All WinHEC2006 attendees were sent home with Beta 2 of both operating systems.
Microsoft is now indicating that Vista (32 and 64 bit versions) consumer operating system will be released to manufacturing in early 2007. Windows Longhorn server will be ready for manufacturing in early 2008.

64 Bit Processing Is Here
Microsoft, AMD and Intel made it clear that 64 bit, multi-core compute power will be available to consumers at years end. AMD has already released their Mobile Turion dual core 64-bit processor and Intel is not far behind.

Microsoft has stated that there will be no further 32 bit server offerings, only 64 bit. Additionally, they stated that Vista and Longhorn are built using the multi-processor kernel, with the Uni-processor kernel being retired. Microsoft also claimed that Exchange 2007 would be a 64 bit only offering.
 
Server Virtualization
Microsoft and Intel are investing heavily in this space with Intel providing hardware assistance with the processor for virtualization and Microsoft capitalizing on that hardware advancement.

As the name implies, Server Virtualization provides the ability for multiple versions of a 32-bit or 64-bit OS to run in parallel on a single physical server machine. Additionally each virtual OS can be a multi-core virtualization. Microsoft’s virtualization allows for dynamic addition of virtual partitions to a physical server or migration of physical servers to virtual partitions dynamically. The virtualization environment provides for fail over or dynamic load balancing of server work loads, increasing physical server utilization while reducing cost. All WinHEC2006 attendees were sent home with Windows Virtualization Server.

Hardware Advances
As alluded to above, there are many hardware advances hitting the streets near term that will dramatically change the way software is developed. There are 64-bit dual core offerings available today. (Dual or multi core refers to two or more separate processor elements within a single piece of silicon.) Vista 64-bit available by years end, will revolutionize the desktop and laptop marketplace, as major hardware manufacturers (HP/Compaq, IBM, Dell, Gateway to name a few) provide 64 bit offerings bundled with Windows Vista 64-bit.

Intel’s vPro architecture adds the ability to run a “Service” OS in parallel with the “User” OS in order to provide increased security and asset management is forecast to be invaluable to corporate desktops. Symantec is one company already working with Intel to enter the “Service” OS space.

10 Gigabit Ethernet cards are available today. The sheer data rates of these cards cripple a standard 2000 or XP OS due to the number of I/O operations (interrupts) the OS needs to handle. So, vendors are implementing “Chimney Offload” ability into these cards to offload the processors required activity. Chimney Offload refers the cards ability to directly DMA data into memory without needing the processor to intervene.

Microsoft is looking forward (with probable input from Intel, AMD) to multi-core (more than two) processors per silicon die. Some of Microsoft’s presentations indicated four, eight and sixteen way cores.

Software Advances
64-Bit Multi-core support
As noted above, both Vista (64-bit) and Longhorn support 64 bit processors and multi-core support. The Uni-processor kernel has been deprecated. All 64-bit drivers for Longhorn (and perhaps Vista 64) MUST be signed, or the OS will not load them. Driver developers will need to pay much more attention to synchronization as multi-core becomes the norm rather than the exception.

New, Rewritten Network Stack
The network stack (NDIS 6.0) has been completely rewritten for Vista and Longhorn making what is standard practice today (hooking) obsolete in these OS offerings.  Microsoft representatives stated that the new stack would not be back ported to XP or 2000 environments.

Native Support for Wireless Devices
The new network stack provides native support for wireless devices rather being an after thought as with current 2000 or XP offerings.

Windows Filter Platform (WFP)
Microsoft has presented a new API set for monitoring, filtering and modifying network traffic. WFP is available on Vista and Longhorn to provide enhanced network security. The majority of a firewall’s functionality has been built-in to WFP, making it easer than ever for third parties (such as Sunbelt) to provide enhanced solutions. The down side of this is that Panda and Symantec are among the many already working with this technology. Microsoft representatives stated that WFP would not be back ported to XP or 2000 environments.

PatchGuard
PatchGuard represents kernel thread that watches kernel structures (the ones that most 3rd parties “hook” today) and bug check (BSOD) the machine if a modification has been detected. Such modifications are deemed unsafe and will not be tolerated by the new OS offerings. I’m sure that PatchGuard is present in Longhorn; however, its unclear if it’s present in Vista.

Windows Sockets Kernel (WSK)
Windows Sockets Kernel, as the name implies provides Winsock Like support in kernel space that REPLACES TDI drivers. Basically all of Winsock’s capabilities are now available in kernel mode, which includes Connection, Connectionless, raw sockets, SetSockOpt and asynchronous support. Additionally, WSK is capable of handling both Ipv4 and Ipv6 traffic over a single socket.
Microsoft representatives stated that WSK would not be back ported to XP or 2000 environments.

iSCSI support
Vista and Longhorn support iSCSI  (SCSI protocol over IP) devices, which are network attached storage devices. Given that Gigabit is available at low cost and 10 Gigabit is available, we should see a proliferation of Network attached storage (NAS) within the next year or so. The network stack will “see” all of this iSCSI traffic, intermixed with other network traffic, effecting how one monitors and filters overall network traffic.

Microsoft Windows Hardware Development Central link here.

Alex Eckelberry 

The UK is bent on getting knives out of the hands of potentially dangerous citizens.   There’s a big knife amnesty in the works.

Well, pity the fellow who dares to have a Klingon Batleth.  One was found in some poor Trekkie’s house, resulting in a massive PR announcement by the UK police. 

(My apologies to those in fear of dangerous Trekkies and machete wielding gardeners.)

Alex Eckelberry

Take me up on my free attachment filtering.   This is the best attachment filter in the business:  It checks inbound, outbound and internal attachments; and looks beyond many types of file extensions, delving into the actual file headers so it’s much harder to fool (in other words, you can’t rename a .exe file to a .txt file to bypass the attachment filter).

Ok, I’ll go back to normal stuff now.

Alex Eckelberry

Barclay’s Bank is buying all of its online banking customers F-Secure AV.

Nice deal for F-Secure!

Now, I really think all the banks in the world should buy a copy of CounterSpy for their customers… let’s see, at just a few dollars a copy… oh dear… I’m getting faint.

Back to reality.

Alex
(And thanks Ferg)

PG found Zango being installed by a botnet:

It’s official – we’ve all gone Botnet crazy. Unfortunately, so have 180 Solutions because today I had an interesting set of links appear – and wouldn’t you know it if those links took me to files designed for mass Botnet money-making pimpage

Link here.

Alex Eckelberry

Winning the award for one of the odder names I’ve heard in while, Okopipi promises to carry the BlueSecurity flag onward (Cnet article here).

Security expert Gadi Evron has serious doubts. From an IRC session with one Okopipi person (it’s worth noting that this person Gadi was talking to does not represent the core organizers of Okopipi)):

“what you do, in simple terms..and without trying to hurt you, as you guys are trying to also fight the good fight…is stupid and proven wrong”

And he continues in a blog posting:

Thing is, a P2P network is just as easy to DDoS. It has centralized points.

It is, indeed, a botnet.

Gadi also discusses what I consider the major glaring problem with this system:  It will use an opt-out registry (a “Do Not Email”) registry.  I asked someone with the Okopipi project about this and got this answer:

The the answer is yes, we currently believe the best solution would be to have a way for Spammers to cleanse their list with an Opt-out registry. Yes it will be possible for spammers to compare a cleaned and non-cleaned list to find out which E-mails were on the list but remember this will only give the spammer a list of addresses he already had. The encryption of the list would prevent them from using it to add previously unknown addresses to their list. 

 

Remember the idea is to get spammers to remove those people from their lists who do not wish to receive spam. We have no intention of stopping anyone who sends Bulk E-mail from sending to people who wish to receive it or putting them out of business.

Look, I really respect this group for the effort, time and attention required to launch such a project.  I think their heart is in the right place.  But I think it’s an awful idea to have this registry. 

The logic that a spammer can compare a list he has against Okopipi as “this will only give the spammer a list of addresses he already had” is flawed.  This assumes that that spammers only have certain lists.  Well, it’s not hard for a spammer to get a massive list that they could then compare against the Okopipi database and then start the war…again.  

One thing I can guarantee:  I won’t be giving them my email address. 

However, to their credit, they are open to new ideas and changes and have invited others in the security community to join the discussion. If you feel strongly about the issue, go to their website and start yacking on their forums.

Alex Eckelberry

Kinda nifty.  Link here.

Alex Eckelberry

We will have RFID implants!  Life will be good!

Trust me.

Professor Colin Blakemore
Chief exec, Medical Research Council; Waynflete professor of physiology, Oxford University said:

“In 20 or 30 years, people will have an implanted chip that will monitor a wide range of indicators of their state of health, coupled remotely to an internet-based personal prevention diagnostic system.”