Aidryane's blog

At a wide-ranging oversight hearing convened here by the Senate Judiciary Committee, FBI Director Robert Mueller faced a number of questions from Democrats voicing concern over the scope of the controversial investigative tactic, known as a National Security Letter, or NSL. Federal law requires communication service providers to provide records about individuals in response to such letters, which do not require the use of a court warrant. Legal challenges to that measure's constitutionality are still pending. Until recently, recipients of such letters were also not allowed to disclose the FBI's request to anyone. The final
approved earlier this year loosened those requirements somewhat, allowing recipients to appeal the requests to a court and to seek legal advice. On Friday, the Justice Department reported to Congress that it had made 9,254 such requests pertaining to 3,501 "U.S. persons" in 2005, according to a copy of the agency's letter posted at the Federation of American Scientists Web site. A Washington Post report last fall, often cited by politicians dissatisfied with the Patriot Act, pegged the number of letters at 30,000 per year.

What's more, a spammer is attempting to intimidate the Blue Security customers by sending them threatening messages, according to the Israeli company, which launched its spam-fighting service in July last year. "It had to happen. We're amazed it's taken so long," said Richi Jennings, an analyst at Ferris Research. The Do Not Intrude Registry is a list of e-mail addresses that should not be spammed. It's encrypted, so spammers can't extract the actual addresses. Blue Security fights spammers by crippling their Web sites, in the name of its users, with a flood of complaints. About 500,000 people have signed up for the service, Blue Security said. But it was simple for spammers to get hold of at least some of the e-mail addresses in Blue Security's registry, Jennings said. "A spammer has taken his list and 'cleaned' it against the Blue Security list. He then compared the original list with the cleaned list to figure out which addresses were removed."

The open-source database company released its MySQL version 5.0.21 update earlier this week. The update is designed to address security flaws in database server software versions 5.1.9; 5.0.20; 4.1.18; 4.0.26 and prior versions. Security researcher FrSIRT rates the flaws as "moderate" risk. MySQL version 5.0, which was released late last year, is in widespread use. FrSIRT noted that one of the three flaws involves a buffer overflow flaw, which could be exploited by attackers to execute arbitrary commands from a user's system. The two other flaws can be exploited when a validation error occurs when inputting information. The vulnerabilities could allow attackers to disclose portions of the system's memory in the error messages.  Read More »

Internet security company Netcraft said on Thursday that Blue Security temporarily dealt with the distributed denial-of-service (DDoS) siege by redirecting traffic to its journal at blog host Six Apart, knocking out that company's TypePad and LiveJournal services. "The DDoS traffic appears to have followed www.bluesecurity.com to its new home, overwhelming Six Apart's network and knocking its TypePad and LiveJournal services offline for nearly eight hours," Netcraft analyst Rich Miller said in a blog posting. In a DDoS attack, networks of compromised computers called botnets are typically used to repeatedly request information from a server or data center. Such a barrage of requests can cause servers to fail and can prevent legitimate users from accessing the site. The Blue Security redirection was first reported on the North American Network Operators Group mailing list on Tuesday. On Wednesday, Six Apart told CNET News.com that if it faces an attack, the problem is often related to the content posted on one of the blogs it hosts. However, the San Francisco company declined to comment on Thursday on the origin of the DDoS siege. "Blue Security is a customer of ours, they do have a blog with us," Six Apart Vice President Anil Dash said. "Beyond that, I don't want to confirm anything. Any kind of an attack like this is really the fault of the attackers."

The Exchange e-mail server and at least one of the Windows alerts is deemed "critical," Microsoft's highest risk rating, the software maker said in a notice posted on its Web site on Thursday. Such flaws typically allow a full compromise of a vulnerable system without any, or minimal, user interaction. Microsoft did not specify how many flaws the updates will tackle, or say which components of Windows and Exchange are being repaired. Security researchers over the past weeks have reported several unpatched flaws in Internet Explorer, the Web browser component of Windows. Last month, Microsoft released five security bulletins. People have reported trouble with three of them, forcing Microsoft to reissue one amended patch in the middle of its monthly cycle. On Tuesday, Microsoft also plans to release an updated version of the Windows Malicious Software Removal Tool. The software detects and removes common malicious code placed on computers. The company gave no further information on the upcoming bulletins, other than stating that the fixes may require restarting the computer or server.

Symantec CEO John Thompson mentioned those fields as areas the company is interested in as it tries to become a single-source supplier for management of data centers and protection of data and of online transactions. "In a world that is more compliance-oriented, (identity management) is a critical part of the stack," Thompson said during the opening keynote address at the company's annual Vision conference here. "Today we embrace the technologies that other companies bring to the market. We are not at this moment in the identity management business, but it is an area of great interest to our company." Right now, Symantec is not a player in the identity management market, which is led by companies including CA, IBM, Hewlett-Packard and Oracle and which research firm IDC predicts will grow to almost $4 billion in the next three years. Typically, the software identifies the users of a system and controls their access to resources within that system by associating rights and restrictions with a particular identity. An advance into that market is a logical step for Symantec, said Andy Buss, an analyst at Canalys in Reading, England. "If you're going to do enterprise security, you need to be able to secure access to your networks and applications," he said.

The XF97/Yagnuul-A virus can infect users' .xls spreadsheets once the attachment is opened. The virus deploys an infected fantasy league file on the computer's hard drive and may also modify a user's data, according to an alert Monday from security company Sophos. "Fantasy football-like leagues have been set up in offices across the (U.K.), and fans often keep track of how well they are doing by using Excel spreadsheets," Graham Cluley, Sophos senior technology consultant, said in a statement. "Every computer user needs to take great care not to fall foul of malware like the Yagnuul virus."The virus relies on social engineering to entice people to open the attachment, said Ron O'Brien, a Sophos senior security analyst. He added that fantasy league players often do not know each other and, as a result, are prone to opening attachments from strangers who claim to be a league member. Yagnuula, however, is currently a low-risk virus because a number of security companies have put out antivirus software to contain it, O'Brien noted.

The initiative has been spearheaded by the National Association of Software and Service Companies, or Nasscom, to assuage fears about Indian data security in the wake of incidents of call center data theft. The technology trade association also aims to promote the region as the safest place for IT and BPO amid rising competition from other offshoring locations. "The key objective of creating the SRO (self-regulatory organization) is to raise the floor in security and safety standards in Indian outsourcing across the IT industry," Sunil Mehta, a vice president of Nasscom, told Silicon.com. He said data security and privacy concerns have been identified as "the largest barriers to free trade." The body will set standards for privacy and security, and monitor its members to ensure that they adhere to them. If it discovers breaches, it will consider a "range of punishments" that could include expelling members or involving law enforcement, Mehta said. Training will also be offered to companies that need support in order to be compliant with the security standards.