HD Moore has been owned. That’s hacker talk, meaning that Moore, the creator of the popular Metasploit hacking toolkit, has become the victim of a computer attack.

It happened on Tuesday morning, when Moore’s company, BreakingPoint, had some of its Internet traffic redirected to a fake Google page that was being run by a scammer. According to Moore, the hacker was able to do this by launching what’s known as a cache poisoning attack on a DNS server on AT&T’s network that was serving the Austin, Texas, area. One of BreakingPoint’s servers was forwarding DNS traffic to the AT&T server, so when it was compromised, so was HD Moore’s company. (Listen to a podcast about a recent DNS attack.)

When Moore tried to visit Google.com, he was actually redirected to a fake page that served up a Google page in one HTML frame along with three other pages designed to automatically click on advertisements.

No BreakingPoint computer was actually compromised by the incident, but it was still pretty annoying.

Amazon has introduced two new payment systems for merchants and consumers which brings it into a market dominated by PayPal.

Checkout is aimed at online merchants who want a pre-packaged payment system, including tools for managing delivery charges, VAT, promotions and special offers. It features Amazon’s One-click option for rapid payment.

Simple Pay is aimed at consumers who want to use their Amazon account to make purchases on other retailers’ websites.

A British computer expert lost his appeal on Wednesday against extradition to the United States where he is accused of “the biggest military hack of all time” and could face up to 70 years in prison.

Gary McKinnon was arrested in 2002 after U.S. prosecutors charged him with illegally accessing computers, including the Pentagon, U.S. army, navy and NASA systems, and causing $700,000 worth of damage.

McKinnon told Reuters in 2006 he was just a computer nerd who wanted to find out whether aliens really existed and became obsessed with trawling large military networks for proof.

However, Britain’s highest court, the House of Lords, ruled the gravity of the charges should not be understated and they would carry a maximum life sentence under English law. It turned down his appeal against extradition.

According to reports, there may be a back door built into Skype, which allows connections to be bugged. The company has declined to expressly deny the allegations. At a meeting with representatives of ISPs and the Austrian regulator on lawful interception of IP based services held on 25th June, high-ranking officials at the Austrian interior ministry revealed that it is not a problem for them to listen in on Skype conversations.

This has been confirmed to heise online by a number of the parties present at the meeting. Skype declined to give a detailed response to specific enquiries from heise online as to whether Skype contains a back door and whether specific clients allowing access to a system or a specific key for decrypting data streams exist. The response from the eBay subsidiary’s press spokesman was brief, “Skype does not comment on media speculation. Skype has no further comment at this time.” There have been rumours of the existence of a special listening device which Skype is reported to offer for sale to interested states.

There has long been speculation that Skype may contain a back door. Because the vendor has not revealed details of its proprietary Skype protocol or of how the client works, questions as to what else Skype is capable of and what risks are involved in deploying it in an enterprise environment remain open.

In recent months, personal computer maker Dell Inc., has been testing a digital music player that could go on sale as early as September, the Wall Street Journal newspaper said, citing several Dell officials.

Dell’s new foray would put it into an Apple-led market that has defied assaults.

Companies like Microsoft Corp and Sony Corp have tried — and failed — to make a dent in the market dominated by Apple’s iPod players and iTunes store, the Journal said.

The music player which Dell has been testing features a small navigation screen and basic button controls to scroll through music play lists, the Jornal reported.

It would connect to online music services via a Wi-Fi Internet connection, and Dell would likely price the model at less than $100, the Journal said. Dell’s first foray into the music market in 2003 was a huge disappointment. It withdrew from the music-player market after its DJ Ditty player failed to make major inroads.

China has installed Internet-spying equipment in all the major hotel chains serving the 2008 Summer Olympics, a U.S. senator charged on Tuesday.

“The Chinese government has put in place a system to spy on and gather information about every guest at hotels where Olympic visitors are staying,” said Sen. Sam Brownback.

The conservative Republican from Kansas, citing hotel documents he received, added that journalists, athletes’ families and others attending the Olympics next month “will be subjected to invasive intelligence-gathering” by China’s Public Security Bureau. He said the agency will be monitoring Internet communications at the hotels.

The U.S. senator made a similar charge a few months ago but said that since then, hotels have come forward with detailed information on the monitoring systems that have been required by Beijing.

Brownback refused to identify the hotels, but said “several international hotel chains have confirmed the existence of this order.”

A new exploit called Evilgrade can take advantage of automatic updaters to install malicious code on unsuspecting systems, and your computers could be more vulnerable than you think.

Evilgrade is designed as a modular framework that accepts plug-ins capable of mounting attacks on a variety of software packages that employ their own auto-update procedures. Currently-supported targets include the Java browser plug-in, WinZip, Winamp, OpenOffice.org, the LinkedIn Toolbar, iTunes, and Mac OS X, among others. Still more plug-ins are liable to be developed in coming months.

The exploit works by pretending to be a genuine upgrade site and sending malicious code when your software was expecting a patch. The code might be anything, from a Trojan horse to a keylogger that intercepts passwords and user accounts.

Making use of the exploit isn’t quite as easy as just pressing a button. It requires a pre-existing “man in the middle” condition, in which an attacker sets up a fake Web host that can intercept traffic traveling between a client and a genuine server. But while ordinarily that might be pretty tricky to achieve, the recently-disclosed DNS security flaw leaves many sites wide open.

Foreign reporters will not have complete access to the Internet during the Beijing Olympics, Games organisers said Wednesday, reversing a pledge to bring down the Chinese firewall of censorship.

Sites linked to the banned Falungong spiritual movement and other unspecified ones would remain blocked for the thousands of foreign reporters covering the Games, organising committee spokesman Sun Weide told AFP.

“During the Olympic Games we will provide sufficient access to the Internet for reporters,” said Sun Weide, spokesman for the organising committee.

However “sufficient” access falls short of the complete Internet freedoms for foreign reporters that China’s communist authorities had promised in the run-up to the Games, which begin on August 8.

The head of the International Olympic Committee’s press commission, Kevan Gosper, told AFP that he would take the matter up with Chinese authorities.

“I have heard that there are some limitations on access,” said Gosper.

“I will speak with the Chinese authorities to advise them of the restraints and to see what their reaction is.”

Australian Olympic team chief John Coates, who is also an IOC member, expressed frustration with the decision to continue to censor the Internet, pointing out that China had gone back on one of its “key” Olympic promises.

Internet service providers (ISPs) Comcast Corp and United Online Inc’s NetZero have agreed to block access to child pornography, the New York Attorney General’s office said on Tuesday.

The announcement comes a week after New York Attorney General Andrew Cuomo threatened to pursue legal action against Comcast Cable Communications LLC if it did not agree to reforms.

Several other ISPs, such as Verizon Communications Inc and Sprint Nextel Corp agreed in June to block Internet bulletin boards and websites nationwide that disseminate child porn.

A fifth of U.S. television viewers are putting down their remote controls and clicking on a mouse instead to watch primetime programs online — particularly professional women, according to a new survey.

It showed that 50 percent of people viewing TV on the Web are watching programs as they become available and “appear to be beginning to use the computer as a substitute for the television set,” Integrated Media Measurement Inc. (IMMI), which conducted the poll, said.

The other half are using the Internet to watch programs they have missed, or to re-watch segments or episodes they have already seen, IMMI, a company which links media exposure to consumer action, added.

“This is the first study to show there are a significant amount of people watching primetime shows online who are not watching some portion of those shows on television,” Amanda Welsh, head of research for IMMI, said in a statement.

The report showed that the largest group of online TV viewers are white, affluent, well educated, working women aged 25 to 44.

Yahoo Music is offering refunds to anyone who bought songs from the service. Is it time for MSN Music follow Yahoo’s lead?

Yahoo announced last week that it would no longer issue authorization keys for the digital rights management, or DRM, software on its songs. This meant that anyone who bought songs from the service would still be able to hear their songs through its service but would be unable to move them to other devices or computers.

This did not play well with Web users. Now Yahoo Music plans to issue refunds and is trying to go one step further. If a customer would prefer music over a refund, Yahoo is looking for a way to give the customer copies of the purchased songs in the DRM-free MP3 format, according to a Yahoo representative.

Yahoo Music is transferring customers of Yahoo Music Unlimited to RealNetworks’ Rhapsody service. These are both subscription music services, so Yahoo users who choose to make the move are unaffected. But those who purchased songs would be out of luck after September 30.

The question now is, has Yahoo Music raised the bar? Is it time for Microsoft to pony up with a refund for MSN users?

Business software giant Oracle claimed Monday that it has new proof that its German rival SAP looted its software libraries for competitive advantage.

Oracle formally amended the civil suit it filed against SAP in the US District Court in San Francisco in March of 2007, enhancing its accusations with information gleaned during the case’s evidentiary phase.

“Oracle has now obtained SAP’s internal records, which confirm that SAP spent years systematically taking unauthorized support materials from Oracle’s systems,” lawyers for the California firm said in the revised complaint.

Oracle says in court documents that SAP used a customized software tool dubbed “Titan” to plunder Oracle’s website of patches, updates, fixes and other programs crafted for Oracle’s paying customers.

Titan and other tools were used to pack SAP data vaults with more than five terabytes of proprietary Oracle software, according to the revised complaint.

Oracle says it found nearly eight million Oracle programs on just one SAP computer. Oracle says it has proof that SAP executives not only knew of the online theft but endorsed the tactic.