In the latest of a long line of data and storage-related buys, IBM said Friday it has acquired Diligent Technologies for an undisclosed sum.

Diligent, which has offices in Framingham, Massachusetts, and Tel Aviv, is known for its de-duplication technology, a technique for saving storage space by eliminating redundant data, such as multiple copies of the same e-mail attachment within an e-mail archive. The company’s ProtecTIER product employs an in-line de-duplication engine that does the work as data is brought into a system, not after the fact, which saves time, according to Diligent’s Web site.

Alternative Details brings news that PayPal is developing a plan to stop users from accessing its financial services if they aren’t using browsers with anti-phishing protection.

PayPal is recommending the use of blacklists, anti-fraud warning pages, and EV SSL certificates. Browsers without anti-phishing features will be considered “unsafe.” It seems likely Safari will be included in this category given PayPal’s warning about the Apple browser last month.

“‘At PayPal, we are in the process of reimplementing controls which will first warn our customers when logging in to PayPal of those browsers that we consider unsafe. Later, we plan on blocking customers from accessing the site from the most unsafe–usually the oldest–browsers,’ he declared. Barrett only mentioned old, out-of-support versions of Microsoft’s Internet Explorer among this group of ‘unsafe browsers,’ but it’s clear his warning extends to Apple’s Safari browser, which offers no anti-phishing protection and does not support the use of EV SSL certificates.”

In a Manhattan case, Warner v. Berry, the RIAA sued a man who lives in a homeless shelter, leaving a copy of the summons and complaint not at the homeless shelter, but at an apartment the man had occupied in better times, and had long since vacated.

The RIAA’s lawyers were threatened with sanctions by the Magistrate Judge in the case, for making misleading representations to the Court which the Magistrate felt were intentional. The District Judge, however, disagreed with imposing sanctions, giving the RIAA’s lawyers ‘as officers of the Court the benefit of the doubt,’ and instead concluded — in his 6-page opinion — that the RIAA’s lawyers were just being ’sloppy’ and had not made the misstatements for an improper purpose.

Chinese-language blogs are detailing a zero-day vulnerability in Microsoft Works, the company’s lower-end office productivity suite, according to security vendor McAfee.

The vulnerability is within an ActiveX control for the Works’ Image Server, wrote McAfee analyst Kevin Beets. A PC would need to visit a Web site engineered to exploit the flaw, Beets wrote.

A zero-day flaw is a software vulnerability that has become public knowledge but for which no patch is available. It is particularly dangerous since users are exposed from day zero until the day a vendor prepares a patch and notifies users it is ready.

Proof-of-concept code was posted on a Chinese blog showing how the problem could cause Windows to crash, Beets wrote. Then, a few hours later, a working exploit appeared, which could allow malicious code to run on a machine.

Last July, a research team from the University of Washington released an online tool to analyze whether web pages were being altered during the transit from web server to user.

On Wednesday, the team released a paper at the Usenix conference analyzing the data collected from the tool. The found, unsurprisingly, that ISPs were indeed injecting ads into web pages viewed by a small number of users. The paper is available at the Usenix site.

From PCWorld: “To get their data, the team wrote software that would test whether or not someone visiting a test page on the University of Washington’s Web site was viewing HTML that had been altered in transit. In 16 instances ads were injected into the Web page by the visitor’s Internet Service provider. The service providers named by the researchers are generally small ISPs such as RedMoon, Mesa Networks and MetroFi, but the paper also named one of the largest ISPs in the U.S., XO Communications, as an ad injector.”

As PC users clamor for Microsoft to continue to support Windows XP, company CEO Steve Ballmer called the Vista OS “a work in progress” at an annual Seattle event on Thursday.

“It’s a very important piece of work. We did a lot of things right and have a lot of things we need to learn from. You never want to let five years go between releases,” he said.

While Microsoft recently extended the date when the XP software will be available for low-cost PCs, it doesn’t plan to listen to some other complaints, including that Vista is too big. “Vista is bigger than XP, and it’s gonna stay bigger than XP,” Ballmer said. “We have to make sure it doesn’t get bigger still.”

During the lively session, peppered with flag waving by a rowdy group of Canadians, hoots, and applause, Ballmer spoke about a few other key areas that the company will focused on in the near future. “It’s virtualization time for Microsoft,” he said. “We’re gonna make sure we democratize virtualization.” Probably less than 5 percent of servers in the world are virtualized today, he said. “It’s too darn expensive and too hard to manage. We intend to take major strides around addressing both of those.”

The Motion Picture Association of America on Thursday sued Pullmylink.com, a Web site featuring links to free — and allegedly pirated — movies and TV shows, claiming the site promotes and profits from copyright infringement.

The lawsuit, filed in Los Angeles federal court, is the seventh action filed by the MPAA against content aggregators in the United States since late last year and is part of a larger anti-piracy campaign that included a criminal raid on the UK headquarters of one such site, TV Links.

The campaign against sites that link to, but do not host, illegal content has raised some eyebrows with critics asking why the association doesn’t go after the host sites or Internet search engines such as Google.com, which owns video sharing site YouTube.com.

“Is the message that it’s less criminal to host illegal content on YouTube than it is to link to it from a site such as TV Links?” Guardian technology columnist Jack Schofield wrote in the wake of the MPAA-directed raid on TV Links in October. “In future, do I risk being thrown in the slammer for linking directly to a YouTube video?”

A Texas woman has sued Blockbuster Inc. alleging the video rental company transmitted her personal information to Facebook.com through the Web site’s Beacon marketing program.

Cathryn Elaine Harris, of Dallas County, Texas, claims that Beacon, which Facebook launched in November, got the information from Blockbuster through computer tracking programs without her permission.

In her complaint, filed April 9 in U.S. District Court for the Eastern District of Texas, Harris claims that by allowing Facebook to get at information on her movie renting and buying habits Blockbuster violated the Video Privacy Protection Act.

Randy Hargrove, a spokesman for Dallas-based Blockbuster, said the company denies the allegations.