A recent press release from web security provider Finjan Inc. has exposed a security flaw with Google’s antiphishing browser extension for the Firefox web browser. Apparently, the extension accidentally gathered some users’ e-mail addresses and passwords. Finjan informed Google of the problem earlier this month, before making their findings public, and Google has since released an updated version of their plugin that fixed the problem.

How did an antiphishing plugin wind up exposing user names and passwords to the general public? Google’s software used a public blacklist, available from Google’s servers, which listed sites that were fraudulently pretending to be banking or other financial institutions. Unfortunately, some of these sites embedded usernames and passwords directly into the URL—obviously phishing sites didn’t have concerns about security—and were thus viewable by anyone.

Source: arstechnica

Admins who took the time to upgrade to the latest version of McAfee’s VirusScan Enterprise are reporting problems with client applications of Lotus Notes, in some cases requiring IT administrators to reinstall the email program.

The problem appears to occur after VirusScan has been upgraded to 8.5i. It causes Lotus Notes to display an error message informing users that they are not authorized to receive their own email.

“That’s a major issue,” an IT administrator, who asked to remain unidentified, complained. He said the problem plagues some users and not others, seemingly without rhyme or reason. In some cases, Lotus had been corrupted, requiring him to reinstall the program. For the time being he has been forced to downgrade to VirusScan 8.0.

Source: The Register

MySpace.com has sued self-proclaimed spam king Scott Richter for allegedly using compromised user accounts to send millions unsolicited ads touting ringtones, polo shirts among other things.

We were surprised - nay shocked - when we heard the identity of the defendant. We’ve heard neither hide nor hair from Mr. Richter since August, 2005, when he agreed to pay Microsoft $7m to settle an antispam lawsuit.
Click here to find out more!

Richter - regarded at the time as one of the top three purveyors of junk mail - was even able to get his marketing outfit, known as OptInRealBig.com, removed from the Register of Known Spam Operators after promising to uphold the most ethical of emailing practices.

According to MySpace, Richter and his associates gained access to user accounts, either by employing phishing techniques or by acquiring the list from phishers. MySpace is seeking unspecified monetary damages and a permanent injunction forbidding Richter and any companies associated with him from entering the MySpace site.

Source: The Register

Apple could be planning to charge $29 to run the final version of its Boot Camp software on older versions of Mac OS X once Leopard arrives, according to a report Monday.

The report, from MacScoop, said it will cost $29 to run Boot Camp on Tiger, the current version of Mac OS X, when the final version of Boot Camp ships later this year. A beta version of Boot Camp can be downloaded for free from Apple’s Web site and used to run Microsoft’s Windows operating system on an Intel-based Mac.

The report also said that with the debut of Boot Camp, Apple will support Vista when that arrives next week. Last year, Apple explicitly said it would not support Windows running on Macs via the beta version of Boot Camp.

Source: News.com

German and French consumer groups have joined a Nordic-led drive to force Apple Inc. to make its iTunes online store compatible with digital music players made by rival companies, a Norwegian official said Monday.

Currently, song purchased and downloaded through iTunes are designed to work with Apple’s market-leading iPod players but not competitors’ models, including those using Microsoft Corp.’s Windows Media system. Likewise, iPods generally can’t play copy-protected music sold through non-Apple stores.

Source: Yahoo

A Chinese thief has returned a mobile phone and thousands of yuan he stole from a woman after she sent him 21 touching text messages, Xinhua news agency said.

Pan Aiying, a teacher in the eastern province of Shandong, had her bag containing her mobile phone, bank cards and 4,900 yuan ($A800) snatched by a man riding a motorcycle as she cycled home on Friday, Xinhua said, citing the Qilu Evening News.

Pan first thought of calling the police but she decided to try to persuade the young man to return her bag.

She called her lost phone with her colleague’s mobile phone but was disconnected. Then she began sending text messages.

She gave up hope of seeing her possessions again after sending 21 text messages without a reply.

But on her way out on Sunday morning, she stumbled over a package that had been left in her courtyard only to discover it was her stolen bag. Nothing had been taken.

“Dear Pan: I’m sorry. I made a mistake. Please forgive me,” a letter inside said.

“You are so tolerant even though I stole from you. I’ll correct my ways and be an upright person.”

Source: smh.com.au

Sun Microsystems is expected to resume using Intel’s Xeon processors in its x86 servers, according to sources familiar with the situation.

Jonathan Schwartz and Paul Otellini, the chief executives of Sun and Intel, respectively, are expected to share the stage in San Francisco on Monday to announce a broad partnership between the two companies.

The first servers from the partnership will begin arriving soon–in the first half of 2007–and Sun also will sell Xeon-based workstations, sources said.

Source: News.com