12/2/2005

ICANN kills .xxx porn domain

Filed under: — Aviran Mordo

The proposed .xxx porn domain has been kicked into the long grass just days before it was due to meet final approval.

ICANN chairman Vint Cerf stunned an open meeting of the governmental advistory committee (GAC) in Vancouver late on Tuesday when he announced that the whole issue had been pulled from the Board meeting agenda - where it had been the first topic of discussion.

The reason given (this time) was that the GAC needed time to review a 350-page ICANN report on the domain’s feasibility before it could provide its approval (or disapproval).

That’s a red herring though. The report was completed on 31 August, and is mostly complimentary about the proposed domain. Not only that but all the issues surrounding the domain are already well known to everyone involved, and up until Cerf’s sudden announcement, had been effectively given the green light.

ICANN has come under pressure to release the report and so provide adequate excuse for delaying .xxx’s approval yet again. The people behind .xxx, ICM Registry, opposed its release, complaining that no other new domains had had their ICANN report released before they had been granted final approval and that they were being unfairly treated.

However, if rumours are to be believed, ICANN took a top-level decision to release the report and so provide a delay excuse, after EU commissioner Viviane Reding called the head of ICANN Paul Twomey direct and threatened to withdraw all the EU’s representatives unless the issue was pulled. Twomey this morning denied he had had any communication with Reding over the issue.

If would certainly be an unusual decision on Reding’s part, especially since the EU has been mostly supportive of .xxx. It is only Brazil and the US administration that remain opposed to the domain.

Source: The Register

Another iTunes and QuickTime flaw?

Filed under: — Aviran Mordo

A serious security vulnerability exists in Apple Computer’s iTunes and QuickTime software, bug hunter Tom Ferris reported on his Security-Protocols.com Web site Friday.

“The vulnerability allows an attacker to reliably overwrite heap memory with arbitrary data in order to execute arbitrary code on a targeted host,” Ferris wrote.

An attacker could commandeer a computer running Windows or Mac OS X by tricking a user into opening a malicious media file, Ferris said in an interview. The problem was reported to Apple on Friday, he said.

To limit risk to users of the vulnerable software, Ferris won’t disclose further details of the flaw until Apple provides a fix, he said. “Once they release the patch, I will release a full blown advisory,” he said.

Source: News.com

2008 Olympics could go open source

Filed under: — Aviran Mordo

The 2008 Beijing Olympic Games could switch to an open-source technology platform under proposals to be considered by the International Olympic Committee.

The open-source move will be recommended by the IOC’s technology partner, Atos Origin, under the guidance of subcontractors including Hewlett-Packard and IBM, according to Claude Philipps, program director at Atos Origin for the 2006 Turin Winter Olympics.

“We have a plan to propose this for Beijing. It will save money on the licenses,” he said.

After Atos presents the plans to the IOC in a formal proposal, the committee will make the final decision.

Source: News.com

Critical RealPlayer Flaw Discovered

Filed under: — Aviran Mordo

Researchers at eEye Digital Security have flagged another critical vulnerability in RealPlayer, the digital media software released by RealNetworks Inc.

The Aliso Viejo, Calif.-based eEye said in a brief advisory that the flaw can be exploited by remote malicious hackers to execute arbitrary code in the context of the logged-in user.

The bug carries a “high risk” rating because it potentially puts millions of Windows users at risk of computer takeover attacks.

The flaw was reported to RealNetworks in November. A patch is not yet available.

Source: eWeek

AOL Offers Mobile Search Services

Filed under: — Aviran Mordo

Several mobile search services that America Online made publicly available for testing back in July are now ready for prime time, the company has announced.

To access the services, users need to fire up a browser on their mobile devices and go to mobile.aolsearch.com. There they will have the option of using the AOL Search general Web search engine, its Pinpoint Shopping comparison shopping engine, or its AOL Yellow Pages listing of local businesses.

Users can submit queries using any word or phrase, as in a regular PC-based search engine, as opposed to some mobile search services that require users to use specific keywords and syntax.

Moreover, the AOL system, using technology from InfoGin, ensures that all Web pages a user clicks on from the search results are properly rendered, not just those that have been designed specifically to be displayed on mobile devices.

Source: PC World

IE Design Flaw Lets Hacker Crack Google Desktop

Filed under: — Aviran Mordo

An unpatched design flaw in Microsoft Corp.’s Internet Explorer browser could give malicious hackers an easy way to use the Google Desktop application to covertly hijack user information.

Matan Gillon, a hacker from Israel, discovered the vulnerability in the cross-domain protections in Internet Explorer and published a proof-of-concept exploit to show how Google Desktop can be cracked.

“The proof of concept works on a fully patched IE browser (default security and privacy settings) with Google Desktop v2 installed,” Gillon said in a note sent to Ziff Davis Internet News.

He also published a detailed explanation of the vulnerability and warned that an attacker simply needs to lure a target to visit a malicious Web page. “Much like classic XSS (cross site scripting) holes, this design flaw in IE allows an attacker to retrieve private user data or execute operations on the [user’s] behalf on remote domains,” Gillon explained.

A spokeswoman for Microsoft acknowledged the flaw in a statement and said the company was unaware of active attacks against IE users.

Source: eWeek

Yahoo using online behavior to target ads

Filed under: — Aviran Mordo

Yahoo aims to boost the effectiveness of its advertising–and rates–by targeting ads to users based on their surfing behavior on its site, the company’s advertising sales chief said on Thursday.

“The new, new thing at Yahoo, even though we’ve had variations of this, is getting much more into behavioral targeting,” Yahoo Executive Vice President Greg Coleman told the Reuters Media and Advertising Summit in New York.

Search functions on Yahoo and rival Google base ad placement on words searched, but the Yahoo behavioral targeting would use other factors.

The Web portal company does not give personal information to advertising clients but tracks a few types of behavior by its users, including search queries, movement through Yahoo sites and the specific ads clicked. That lets it decide on the fly what ads are most appropriate for a user.

Source: News.com

Microsoft Touts Vista’s Restart Manager Feature

Filed under: — Aviran Mordo

Microsoft Corp. is working on a significant new feature for Windows Vista, known as Restart Manager, which is designed to update parts of the operating system or applications without having to reboot the entire machine.

Microsoft officials have not talked much publicly about this new feature, but Jim Allchin, the co-president of Microsoft’s platform products and services division, recently told eWEEK that this is an example of just how important the reboot issue was to the Redmond-based software giant.

“If a part of an application, or the operating system itself, needs to updated, the Installer will call the Restart Manager, which looks to see if it can clear that part of the system so that it can be updated. If it can do that, it does, and that happens without a reboot,” he said.

“If you have to reboot, then what happens is that the system, together with the applications, takes a snapshot of the state: the way things are on the screen at that very moment, and then it just updates and restarts the application, or in the case of an operating system update, it will bring the operating system back exactly where it was,” Allchin said.

If a user has Office 12 running on Windows Vista and the system has to do an update of either of them, and the user goes home leaving open files, the system would update and the screens would come back right to where they were before, Allchin said.

Source: eWeek

SNARFing Your Way Through E-Mail

Filed under: — Aviran Mordo

With the world’s in-boxes overflowing with unread messages, researchers at Microsoft are offering up a tool they hope will help people sort through the morass.

The software maker this week released a free utility that aims to sort e-mail in a new way: It can organize messages not just by how recent they are, but also by whether the recipient knows the sender well.

The program, known as SNARF, bases its approach on the fact that people tend to interact more with messages from those they care about.

Microsoft Research’s SNARF tool can sort e-mails in several ways. It distinguishes, among other things, whether mail was sent directly to someone, or if they were part of a distribution list.

Source: News.com

RIM gets good news in patent case

Filed under: — Aviran Mordo

Battered by two recent setbacks in court, Research In Motion won a round in its long-running patent fight against NTP on Thursday when the U.S. Patent and Trademark Office rejected one of the claims by RIM’s adversary.

Patent-holding firm NTP contends that it owns the patents for the technology that powers RIM’s BlackBerry handheld devices, but the Patent Office recently received information that a Norwegian firm may have filed patents prior to NTP, according to various media sources. The ruling by the Patent Office is not final and NTP will have an opportunity to file a response.

The ruling came a day after a federal judge rejected Waterloo, Ontario-based RIM’s request to approve a $450 million settlement with NTP. The judge also balked when RIM requested that the case be halted until the Patent Office had re-examined the validity of NTP’s patents.

Source: News.com

Zone Labs sued over spyware classification

Filed under: — Aviran Mordo

Marketing company 180solutions filed a lawsuit against desktop-security firm Zone Labs taking issue with a warning generated by the security firm’s personal firewall software, which labels 180solutions advertising client as spyware.

The lawsuit–filed last month but only recently came to light–cites warnings generated by Zone Labs’ ZoneAlarm personal firewall product that warns of “dangerous behavior,” recommending that users remove 180solutions software from the computer system. The marketing firm is a controversial company that was sued in September for installing what many have called “spyware” on consumers’ computers. Over the past year, 180solutions has attempted to clean up its image and now enforces rigorous rules on its affiliates and has added safeguards into its software.

Despite the steps, Zone Labs classifies its software–known as Zango and 180search Assistant–as spyware, the company claimed in its complaint.

“ZoneAlarm assigns a high risk status and states as follows about Zango and 180sA: ‘It is recommended that you delete this application immediately because it constitutes a privacy risk, and has no know usefulness,” 180solutions said in the complaint.

Source: securityfocus

Powered by WordPress