Fujiology Archive

home *** CD-ROM | disk | FTP | other *** search

/ Fujiology Archive / fujiology_archive_v1_0.iso / !MAGS / A_ONE / AONE1114.ZIP / aone1114.txt next >

Wrap

Text File | 2009-04-03 | 51.0 KB | 1,176 lines

Volume 11, Issue 14 Atari Online News, Etc. April 3, 2009 Published and Copyright (c) 1999 - 2008 All Rights Reserved Atari Online News, Etc. A-ONE Online Magazine Dana P. Jacobson, Publisher/Managing Editor Joseph Mirando, Managing Editor Rob Mahlert, Associate Editor Atari Online News, Etc. Staff Dana P. Jacobson -- Editor Joe Mirando -- "People Are Talking" Michael Burkley -- "Unabashed Atariophile" Albert Dayes -- "CC: Classic Chips" Rob Mahlert -- Web site Thomas J. Andrews -- "Keeper of the Flame" With Contributions by: Fred Horvat To subscribe to A-ONE, change e-mail addresses, or unsubscribe, log on to our website at: www.atarinews.org and click on "Subscriptions". OR subscribe to A-ONE by sending a message to: dpj@atarinews.org and your address will be added to the distribution list. To unsubscribe from A-ONE, send the following: Unsubscribe A-ONE Please make sure that you include the same address that you used to subscribe from. To download A-ONE, set your browser bookmarks to one of the following sites: http://people.delphiforums.com/dpj/a-one.htm Now available: http://www.atarinews.org Visit the Atari Advantage Forum on Delphi! http://forums.delphiforums.com/atari/ =~=~=~= A-ONE #1114 04/03/09 ~ Conficker Peters Out! ~ People Are Talking! ~ CCAG 2009 in May! ~ IBM Taking Over Sun! ~ eBay Tests eBay Bucks! ~ Chinese Cyber Spies! ~ China Goes into Denial ~ Unpaid Bills & Laptops ~ Spammers Sentenced! ~ Spam Recovers from KO! ~ DSI To Arrive Sunday! ~ FBI Raids Core IP! -* Bullying Bill Includes Posts *- -* Online Crime Surging in Recession! *- -* Court Won't Revive Virginia Anti-Spam Law! *- =~=~=~= ->From the Editor's Keyboard "Saying it like it is!" """""""""""""""""""""""""" It's been another one of those long and tiring weeks. I don't even have the energy to rant about politics and the economy - probably thankfully! So, rather than put you through another week of lousy New England weather and the slow evolution of Spring, let's get right to this week's issue! Until next time... =~=~=~= ->A-ONE User Group Notes! - Meetings, Shows, and Info! """"""""""""""""""""""" The CCAG 2009 Show Is Coming Soon! Buy, sell, trade, play, and see classic video games, computers, peripherals, memorabilia, and more at the Classic Computing and Gaming Show (CCAG) on May 23, 2009 at the American Legion Hall--Clifton Post, 22001 Brookpark Rd, Fairview Park, OH from 12:00 PM - 8:00 PM. Vendors, clubs, and collectors will be displaying and selling their retrogaming and retrocomputing goods, from Pong and Atari to Nintendo, Apple and IBM to Commodore and everything in between with many set up for you to play with and explore. The cost for admission is $2.00 for adults and 1.00 for kids 12 and under. All paid admissions come with a FREE Special CCAG Edition Video Game Trader Guide, 3 FREE Chinese Auction Coupons to win some cool and valuable prizes, FREE Arcade and Tournament Play and so much more. We have 4000+ square feet of space. Help us fill it all up! For more information please go to http://www.ccagshow.com/ =~=~=~= PEOPLE ARE TALKING compiled by Joe Mirando joe@atarinews.org Hidi ho friends and neighbors. Well, the meager handful of messages in the NewsGroup this week just isn't enough to put in a column, even when teamed up with the handful from last week. I guess about all I can do is hang on to them and hope for better luck next week. I don't really want to talk about politics this week, but I think the economy might be a good topic. Yeah, the economy sucks. End of conversation. I know, that's not much in the way of insight, but it IS true. Right now it might seem that the "how" and "why" of it is less important than getting us out of it, but that only leads to it happening again because we didn't learn from it to begin with. The economy is an interesting 'creature'. It evolves. It goes through stages and modifies itself (okay, not itself... WE... or SOME of we.. modify it). After the Great depression, we modified it so that banks couldn't collapse in the normal course of... well, banking. Well, it took about 50 years, but the industry itself found a way around the safeguards like a child defeating a safety gate. Through several iterations and re-inventions of itself, the banking industry evolved into something where the depositors' money wasn't their product, the interest and profit earned from the wise investment of capital was their product. The service provided to the institution itself, the depositors or the system itself was no longer their product. Their product became their stock shares. The lending and borrowing of money just became an inconvenient intermediate step along the way. That's the same thing that happened to General Motors, in my opinion. They became more concerned at the top levels with making their stock offering look good and forgot about that pesky intermediate step... the American automobile. So yes, we will fix the 'holes' in the system. And in time the system will find ways around it. Gone are the days when a savings account was a good idea. Banks don't pay enough interest to even keep up with inflation, and because of that, less people are saving with them. So the banks have even less incentive to give people incentive to save with them which, of course gives the banks less incentive to... well, you get the idea. Pretty soon, they may be charging US interest to have money in a savings account. So most banks spend their time making their balance sheets look good so that they can attract a larger bank to buy them. Failing that, bundling mortgages and loans for sale as securities/derivatives is what they seem to feel is a good way to make a profit. Unfortunately, in order to make it work, you have to bundle a LOT of loans and mortgages. Some of them are going to be 'bad' loans. You can get 'insurance' to protect yourself and your blessed investors. Enter AIG. So, if you don't have to worry about taking a loss, you can include anything you want in these "bundles". Most of 'em will probably work out and, if they don't, well, that's what insurance is for, right? But all that goes out the window as more and more of the stuff you bundled turns bad... mortgages that shouldn't have been made on properties that people couldn't afford at interest rates that would change for the worse. But that's okay, but there's always the insurance... until the 'insurance company' can't cover ITS bets. And that's what insurance is... a bet. When you buy a life insurance policy, you're basically betting that you're going to die before the policy, and the insurance company is betting that you won't. So that, dear friends, in a nutshell, is my take on why we need to fix things... and why the industry will again find ways to be corporations instead of institutions. We will, of course, come out of this. But it will not be easy and it will not be cheap. And if we sit back and figure that we've fixed the problem for good, it will happen again in a slightly different fashion. Wish I has something more hopeful and uplifting for you, but that's the way I see it. Hopefully, there will be enough traffic in the NewsGroup next week to have something cool to talk about. Until then keep your ears open so that you'll hear what they are saying when... PEOPLE ARE TALKING =~=~=~= ->In This Week's Gaming Section - DSI To Arrive on Sunday! """"""""""""""""""""""""""""" Sony Cuts PS2 Price! New Xbox in the Works? And much more! =~=~=~= ->A-ONE's Game Console Industry News - The Latest Gaming News! """""""""""""""""""""""""""""""""" Sony Cuts Price of PlayStation 2, Not PS3 Sony Corp said it cut the price of its older video game console, the PlayStation 2, by 23 percent to $99.99, in an attempt to woo budget-minded families. The price cut, effective April 1, could sustain the life of the PS2, which has sold more than 136 million units since its debut in 2000, making it the world's popular gaming system, Sony said on Tuesday. The news follows - and momentarily puts to rest - rumors on video gaming websites and blogs that Sony might cut the price of the PlayStation 3, its more powerful console. The PS3's least expensive model sells for about $400. Sony said that the sub-$100 price will draw in a new wave of customers ranging from lower-income families to gamers who may have passed on pricier new systems. In addition, it may give incentive to retailers to keep PS2 on store shelves. Sony dominated the global video game industry for a decade starting in the mid-1990s, but sales of the PS3 have lagged behind those of Nintendo Co Ltd's Wii console and Microsoft Corp's Xbox 360. Microsoft's sales got a boost in September after it cut prices on some Xbox 360 models by about $50. The company said it sold 28 million units worldwide in 2008, outpacing the PS3 by over 8 million units. While still considered pricey, video game consoles continue to post robust sales even as consumers think twice about discretionary spending amid the recession. Most generations of new console are retired after about a decade, when developers move on to focus on more advance machines. Not true for the PS2, which sold some 2.5 million units in the U.S. alone last year, and remains profitable for Sony even at the new price level, according to John Koller Hardware marketing director at Sony Computer Entertainment. He said that developers are making plans for the system as much as 3 years out, with up to 80 new games are in the works for the system this year and another 70-80 due in 2010. "There is no reason to slow down any of the momentum on the console now," he said. "There is no retirement tour or clock on the wall. As long as it continues to sell at the viable levels that it is, we are going to sell and market the platform." Asked to comment on any plans that Sony has for cutting the price of the PS3, Koller said: "We feel good about where PlayStation 3 is. We continue to monitor the business." Despite the resilience of the PS2, so-called "next generation" consoles are still the industry's first priority. The PS3, Xbox 360 and Wii are often a centerpiece in the home that can deliver many hours of disc-based, online and collaborative gaming. All but the Wii play DVDs and can stream Internet movies. Citing that reason, Microsoft said Sony's price cut does not address the future of the video game industry. "We believe, however, that the future lies in the growth of current generation consoles and Xbox 360, as the fastest growing games console last year...will continue to drive the market," said Microsoft's Chris Lewis, who is Regional Vice President of Interactive Entertainment Business in Europe. Nintendo Rolls Out DSi to U.S. on Sunday Nintendo is rolling out the next generation of its popular handheld gaming console in the United States on Sunday, pitching the product as more of an all-purpose social and entertainment device. Aside from game-playing functions, the dual-screen DSi features two cameras, a microphone and a host of tools that will allow users to create content and share with others. The DSi will retail for $170 apiece and began selling in Europe on Friday. The third generation in the DS franchise, the DSi was launched in Japan last November and has so far sold 2 million units. "This thing is to the digital camera what the iPod was to the MP3 player," said Wedbush Morgan analyst Michael Pachter. "You take the same form factor and you just add something to it and suddenly you're going to have a lot of people carrying it." Nintendo's second-generation DS handheld, the DS Lite, will continue to sell for $130. Nintendo has shipped more than 100 million DS units overall since the franchise launched in late 2004. Cammie Dunaway, executive vice president of sales and marketing for Nintendo America, said the DSi seeks to make the traditional gaming experience more personalized. "How do you get a Nintendo game device in every briefcase and backpack and pocketbook? We realized that what you need to make that happen is a device that is highly customizable... Natural tools for customization are things like photos," she said. Pachter said he expects the device to appeal to teens and tweens. "They're going to turn a one DS household into a two DS household. You will hand it down to your little brother when you get your DSi." Nintendo's DS line competes directly with Sony's PSP handheld device and increasingly faces competition from Apple's iPhone, which is emerging as a serious video game platform, and iPod touch devices. The PSP has sold more than 50 million units, while the iPhone and iPod Touch have combined to sell more than 30 million. Nintendo is also launching a new online store where DSi users can download new games and applications via the device's WiFi connection. The store will also offer a DSi Internet browser for download, based on the Opera browser. Nintendo has been credited with helping expand the traditional demographic profile of the gaming industry. The company's Wii console has been a hit with consumers, attracting adults and females who are more interested in casual and social games. The Wii, Nintendo's console platform, has sold more than 50 million units worldwide since its release in 2006. Yes, Microsoft's Working on an Xbox Next. Surprised? Sometimes it's what a company say it's *not* doing that grabs your head and twists it around. Case in point, Blizzard veep of game design Rob Pardo is flatly denying rumors the company's been rapping with Microsoft about a hypothetical Xbox 360 successor (unimaginatively dubbed 'Xbox 720' by the mathematically literalist media). Pardo reportedly told folks at GDC that Blizzard was talking with Microsoft about its next-gen games console. And then he told GameSpot he wasn't. It's no secret high level execs yak about this stuff behind hermetically sealed walls and chambers, probably carrying around microscopic explosives that could blow open their carotid arteries if they squeal. Occasionally something leaks anyway (or appears to) then bangs around the blogosphere with exaggerated gravitas. With the Xbox 360 over three years old, it's as likely as not that Microsoft's already broached the subject of its Xbox 360 followup act (in one form or another) with whoever it's dubbed worthy. But that's about as prescient on my part as suggesting Toyota's presently rendering concept sketches of its 2012-2013 midsize lineup, i.e. "it's the common sense, stupid." And besides... Who cares? =~=~=~= A-ONE's Headline News The Latest in Computer Technology News Compiled by: Dana P. Jacobson Online Crime Surging in Recession Fraud on the Internet reported to U.S. authorities increased by 33 percent last year, rising for the first time in three years, and is surging this year as the recession deepens, federal authorities said on Monday. Internet fraud losses reported in the United States reached a record high $264.6 million in 2008, according to a report released on Monday from the Internet Fraud Complaint Center, run by the FBI and the National White Collar Crime Center. Online scams originating from across the globe - mostly from the United States, Canada, Britain, Nigeria and China - are gathering steam this year with a nearly 50 percent increase in complaints reported to U.S. authorities in March alone. "2009 is shaping up to be a very busy year in terms of cyber-crime," the report's author, John Kane, told reporters in a telephone briefing. Last year's losses compared with $239.1 million in 2007 and dwarfs the $18 million of losses of 2001. The most common complaint of 2008 was non-delivery of promised merchandise, followed by auction fraud, credit card fraud and investment scams, according to the report. Of 275,284 complaints received by the center in 2008, some 72,940 were referred to U.S. law enforcement agencies for prosecution. Those referrals spiked this year with 40,000 in the first quarter alone, said Kane. "It is our belief that these numbers, both the complaints filed and the dollars, represent just a small tip of the iceberg," said Kane, managing director of the National White Collar Crime Center in Richmond, Virginia. "Our own research suggests that as few as 15 percent of cases of cyber-fraud are being reported to crime control agencies," he said. Scammers in the United States comprised 66 percent of complaints referred to authorities, followed by Britain at 11 percent, Nigeria 7.5 percent, Canada 3 percent and China 1.6 percent. Within the United States, the bulk originated in California (16 percent), followed by New York and Florida. Fraudulent sales on online auction sites like eBay Inc and classified sites like craigslist.com contributed to a 32 percent rise in the hottest area of online fraud - non-delivery of promised merchandise, the report said. That area alone made up about 33 percent of all complaints serious enough to be referred to law enforcement. Other important areas included investment scams such as mini-versions of the $65 billion Ponzi scheme committed by New York financier Bernard Madoff in which money from new investors is used to pay existing investors. About 74 percent of the scams were through e-mail messages last year, especially spam, while about 29 percent used websites. But criminals were increasingly tapping new technologies such as social networking sites and instant messenger services, said Kane. The report highlights one new "significant' identity-theft scam involving e-mail messages that give the appearance of originating from the FBI but seek bank account information to help in investigations of money being transferred to Nigeria. Recipients of the e-mails are told they could be richly rewarded by cooperating. The report said almost 80 percent of known perpetrators of online scams are male. Of those bringing complaints, nearly half are between the ages of 30 and 50. The median dollar loss was $931 per complaint, although the median losses for check fraud reached $3,000 and that for investment scams was $2,000. Cyber Spies Break into Government Computers A cyber spy network based mainly in China hacked into classified documents from government and private organizations in 103 countries, including the computers of the Dalai Lama and Tibetan exiles, Canadian researchers said Saturday. The work of the Information Warfare Monitor initially focused on allegations of Chinese cyber espionage against the Tibetan community in exile, and eventually led to a much wider network of compromised machines, the Internet-based research group said. "We uncovered real-time evidence of malware that had penetrated Tibetan computer systems, extracting sensitive documents from the private office of the Dalai Lama," investigator Greg Walton said. The research group said that while it's analysis points to China as the main source of the network, it has not conclusively been able to detect the identity or motivation of the hackers. Calls to China's Foreign Ministry and Industry and Information Ministry rang unanswered Sunday. The Chinese Embassy in Toronto did not immediately return calls for comment Saturday. Students For a Free Tibet activist Bhutila Karpoche said her organization's computers have been hacked into numerous times over the past four or five years, and particularly in the past year. She said she often gets e-mails that contain viruses that crash the group's computers. The IWM is composed of researchers from Ottawa-based think tank SecDev Group and the University of Toronto's Munk Centre for International Studies. The group's initial findings led to a 10-month investigation summarized in the report to be released online Sunday. The researchers detected a cyber espionage network involving over 1,295 compromised computers from the ministries of foreign affairs of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan. They also discovered hacked systems in the embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan. Once the hackers infiltrated the systems, they gained control using malware - software they install on the compromised computers - and sent and received data from them, the researchers said. Two researchers at Cambridge University in Britain who worked on the part of the investigation related to the Tibetans are also releasing their own report Sunday. In an online abstract for "The Snooping Dragon: Social Malware Surveillance of the Tibetan Movement," Shishir Nagaraja and Ross Anderson write that while malware attacks are not new, these attacks should be noted for their ability to collect "actionable intelligence for use by the police and security services of a repressive state, with potentially fatal consequences for those exposed." They say prevention against such attacks will be difficult since traditional defense against social malware in government agencies involves expensive and intrusive measures that range from mandatory access controls to tedious operational security procedures. The Dalai Lama fled over the Himalaya mountains into exile 50 years ago when China quashed an uprising in Tibet, placing it under its direct rule for the first time. The spiritual leader and the Tibetan government in exile are based in Dharmsala, India. Court Won't Revive Virginia Anti-Spam Law The Supreme Court will not consider reinstating Virginia's anti-spam law, among the nation's toughest in banning unsolicited e-mails. The court on Monday said it will leave in place a ruling by the Virginia Supreme Court that the law was unconstitutional because it prohibited political, religious and other messages in addition to commercial solicitations. Virginia was the only state to ban noncommerical spam e-mail. The decision also cements the reversal of the conviction of Jeremy Jaynes, who once was considered one of the world's most prolific spammers. Jaynes bombarded Internet users with millions of pieces of spam, all of it commercial. In 2004, Jaynes became the first person in the U.S. to be convicted of a felony for sending unsolicited bulk e-mail. He was sentenced to nine years but is currently serving time in federal prison on an unrelated conviction for securities fraud. The case is Virginia v. Jaynes, 08-765. Three Spammers Sentenced in US for Advance Fee Fraud Two Nigerians and a Frenchman were sentenced to prison Thursday for swindling people out of more than US$1.2 million in a massive e-mail scam, the U.S. Department of Justice said. Nnamdi Chizuba Anisiobi, 31, of Nigeria was sentenced to 87 months in prison, while Anthony Friday Ehis, 34, of France and Kesandu Egwuonwu, 35, of Nigeria were sentenced to 57 months. They were sentenced in U.S. District Court for the Eastern District of New York. After being arrested in Amsterdam in February 2006, all three were extradited to the U.S. The DOJ said all three pleaded guilty to one count of conspiracy, eight counts of wire fraud and one count of mail fraud. Mail and wire fraud carry maximum possible sentences of 20 years in prison, while conspiracy has a maximum penalty of five years. The three men executed so-called advance fee frauds. Victims were told their help was needed distributing money for charity. In exchange, victims were promised they would get a commission that would go to the charity of their choice, the DOJ said. The victims were told they first needed to wire-transfer money for various fees. In some cases, victims were sent counterfeit checks in order to the cover the fees, which bounced even though victims already sent money, DOJ said. In one variation of the scam, people were sent an e-mail that purported to be from someone suffering from terminal throat cancer who needed help distributing $55 million in charity money. The victims were told they would get a 20 percent commission that would go to a charity of their choice for their trouble. To make the ruse seem more legitimate, the scammers sent photos of the supposed throat cancer victim, along with other fraudulent documents that ostensibly confirmed the $55 million, the DOJ said. Advance fee frauds have become so prevalent that law enforcement and private companies have undertaken new steps to stop the scams. In October 2008, the Advance Fee Fraud Coalition was created to educate the public about the frauds as well as foster closer cooperation between police and industry. Members of the coalition include Microsoft, Yahoo, the money-transfer agency Western Union and the African Development Bank. Microsoft and Yahoo are particularly concerned about advance fee frauds since the criminals often use their free e-mail accounts to send bogus pitches. The fraudsters have also hijacked those brands, sending e-mails that purport to be a lottery sponsored by Microsoft or Yahoo. Ultrascan Advanced Global Investigations in the Netherlands, which has a special department dedicated to investigating advance fee frauds, estimates that $4.3 billion was lost to that type of scam in 2007. The Eight Things You Need to Know About 'Conficker' On Wednesday, April 1, the latest variant of the Conficker (also known as Downadup and Kido) work will download new instructions. The sophistication of this worm and its botnet have many concerned, although the amount of legitimate concern is a matter of debate. If you're concerned, then here are the eight most important things to know about Conficker, updated on Monday morning: 1. Researchers have discovered what they're calling a signature for Conficker, and developed a scanner based upon the technology. 2. The overwhelming majority of systems infected with Conficker were infected through a vulnerability in the Windows RPC facilities. This vulnerability was patched in October. If you installed that patch before Conficker came out (late December '08) then you were protected and still are. If you haven't installed the update then it's essential that you do so. Windows Vista is technically vulnerable in this way, but the exploit is almost impossible to execute on it. Conficker is basically an XP problem. 3. Conficker can also spread through network shares, including those that have weak passwords; the worm executes a "dictionary attack" in which a list of common passwords (think "password", "asdf", etc) are used to gain access to the share. So if you find new executables on such drives they may be infected. Treat them as you would a program that got e-mailed to you unsolicited, and we hope that means you'll avoid it and report it to a network admin if you have one. A good anti-malware program will detect it at this stage. 4. It follows from this advice that you are also better off by using complex and unobvious passwords, especially those that use both numerals and letters and especially if they include punctuation. 5. Conficker can also spread by putting itself on removable drives like USB drives. When it does so it sets the Autorun on those drives to run itself. So if you insert such a drive you could, at the least, get a standard Windows Autoplay menu offering Conficker among its options. Sometimes it will disguise itself as the Windows option for opening Windows Explorer for the inserted drive. Once again, a good anti-malware program will detect it at this stage. 6. Anti-malware software isn't perfect but it has a very high rate of success. Conficker is about as high-profile as malware gets; all the companies have it and understand it well, and so if you have anti-virus software and keep it up to date it's hard for you to get attacked. 7. Conficker can interfere with the ability of Windows and anti-malware programs to update themselves. Ensure that they are doing so by checking the last update date/time of your anti-malware software and by checking Windows Update manually. Leave no critical updates uninstalled. 8. Free Conficker/Downadup Cleaning Tools: * McAfee Stinger <http://us.rd.yahoo.com/dailynews/zd/tc_zd/storytext/238653/31485681/ SIG=11vjjjuh2/*http://vil.nai.com/vil/conficker_stinger/ Stinger_Coficker.exe> * ESet EConfickerRemover <http://us.rd.yahoo.com/dailynews/zd/tc_zd/storytext/238653/31485681/ SIG=11olhobs1/*http://download.eset.com/special/EConfickerRemover.exe> * Symantec W32.Downadup Removal Tool <http://us.rd.yahoo.com/dailynews/zd/tc_zd/storytext/238653/31485681/ SIG=12q8n58a3/*http://www.symantec.com/business/security_response/ writeup.jsp?docid=2009-011316-0247-99> * F-Secure F-Downadup, FSMRT, more tools <http://us.rd.yahoo.com/dailynews/zd/tc_zd/storytext/238653/31485681/ SIG=11s7cep7b/*http://www.f-secure.com/v-descs/ worm_w32_downadup_al.shtml> * BitDefender single PC and network removal tools <http://us.rd.yahoo.com/dailynews/zd/tc_zd/storytext/238653/31485681/ SIG=10pfi2jpf/*http://www.bdtools.net/> * Kaspersky KKiller <http://us.rd.yahoo.com/dailynews/zd/tc_zd/storytext/238653/31485681/ SIG=121il3tcd/*http://data2.kaspersky-labs.com:8080/special/ KKiller_v3.4.1.zip> * Trend Micro <http://us.rd.yahoo.com/dailynews/zd/tc_zd/storytext/238653/31485681/ SIG=12pj6npch/*http://www.trendmicro.com/ftp/products/pattern/spyware/ fixtool/SysClean-WORM_DOWNAD.zip> If you use one of these tools to remove Conficker immediately install the MS08-067 patch afterwards. * BitDefender <http://us.rd.yahoo.com/dailynews/zd/tc_zd/storytext/238653/ 31485681/SIG=12bqhb4qj/*http://www.bitdefender.com/ VIRUS-1000462-en--Win32.Worm.Downadup.Gen.html> * Symantec <http://us.rd.yahoo.com/dailynews/zd/tc_zd/storytext/238653/ 31485681/SIG=12q8n58a3/*http://www.symantec.com/business/ security_response/writeup.jsp?docid=2009-011316-0247-99> Don't Fret About Conficker: Here's What To Do The Conficker worm, a nasty computer infection that has poisoned millions of PCs, will start ramping up its efforts Wednesday to use those machines for cybercrimes. It's unclear whether everyday PC users will even notice, but this is as good an excuse as any to make sure your computer is clean. There are some easy ways to figure out whether a computer has the Conficker worm, and free tools available for getting rid of it. One scary thing about Conficker is that it spreads without human involvement, moving from PC to PC by exploiting a security hole in Microsoft Corp.'s Windows operating system. The hole was fixed in October, but if your computer doesn't get automatic updates from Microsoft, you could be vulnerable. Lots of computer worms disable antivirus software outright, which can be a tip-off that something is wrong. But Conficker doesn't do that. Instead, Conficker blocks infected PCs from accessing the antivirus vendors' and Microsoft's Web sites, so victims won't get automatic updates and can't download the Conficker removal tools that those companies have developed. So see what Web sites you can visit. If you can navigate the Internet freely except for sites owned by Microsoft or antivirus vendors such as Symantec Corp., McAfee Inc. or F-Secure Corp., your PC might have Conficker or a similar bug. Fixing the problem gets a little trickier. The best remedy is to have a friend, whose computer is not infected, download a removal tool from Microsoft or one of the antivirus vendors. Then that person should e-mail the tool to you. A list of the free Conficker removal programs is available on the Web site of the Conficker Working Group, an alliance of companies fighting the worm. The removal programs will take care of themselves, for the most part, scanning your system and purging the worm. One thing to note: Conficker blocks infected machines from running removal tools with "Conficker" in the name. So users might have to change the name of the file (one you've saved the tool to your desktop, right-click on it and select "rename") before running it. The program's instructions will let you know if you need to do this. Many antivirus vendors have already changed the names in their removal tools, in some cases calling the file a misspelled variant of "Conficker", to trick the worm into letting the program run. Businesses have a bigger challenge, because Conficker has yet another method for evading detection. Once the worm is inside a machine, it applies its own version of the Microsoft patch that fixes the vulnerability Conficker exploited in the first place. So a business running a standard network scan, looking for unpatched machines, might come up empty-handed, even though some computers on the network are infected. The scans need to take a deeper dive into the machines on the network, something an antivirus vendor's service should enable. For government agencies, contractors and operators of critical infrastructure, the Department of Homeland Security also has released a network-detection tool for Conficker. Conficker Worm Reaches Go Time, to No Effect The Conficker Internet worm's feared April Fools' Day throwdown for control of millions of infected PCs stirred lots of panic but came and went with a whimper. Security experts say some Conficker-infected computers - those poisoned with the latest version of the worm - started "phoning home" for instructions more aggressively Wednesday, trying 50,000 Internet addresses instead of 250. However, security companies monitoring the worm remained successful at blocking the communications. "We didn't see anything that wasn't expected," said Paul Ferguson, a security researcher at antivirus software maker Trend Micro Inc. "I'm glad April 1 happened to be a nonevent. People got a little too caught up in the hype on that. (The infected computers) didn't go into attack mode, planes didn't fall out of the sky or anything like that." The worm can take control of unsuspecting PCs running Microsoft's Windows operating system. Tied together into a "botnet," these PCs can be directed to send spam, carry out identity-theft scams and bring down Web sites by flooding them with traffic. That's why the April 1 change in Conficker's programming was a small twist - and not the end of the story. The network of Conficker-infected machines could still spring to life and be used for nefarious deeds. One scary element is that Conficker's authors have given the infected PCs peer-to-peer abilities, which allows them to update each other and share malicious commands through encrypted channels. That ability means the computers don't have to contact a Web site at all, and the communications are protected. And the criminals behind Conficker are likely taking their time. "The people who are pulling the strings on this are very slow and determined and measured in making modifications to this botnet," Ferguson said. "Basically, they're building a layer of survivability." Conficker spreads without human involvement, moving from PC to PC by exploiting a security hole in Microsoft Corp.'s Windows operating system. In October, Microsoft issued a software update, called a "patch," to protect PCs from the vulnerability, but not everyone applied the patch. In one telltale sign of an infected machine, Conficker blocks Microsoft's site as well as those of most antivirus companies. Computer owners can work around that obstacle by having someone else e-mail them a Conficker removal tool. Security researchers don't have a firm estimate of the number of Conficker-infected machines. There appear to be at least 3 million infected PCs, and possibly as many as 12 million, but tallies vary because some machines may have been counted multiple times, and the number fluctuates as PCs are scrubbed clean of the infection while other machines are compromised. IBM in Final Stages of Deal Talks with Sun IBM Corp. and rival Sun Microsystems Inc. are in the final stages of negotiations over IBM's takeover of Sun. A deal could be announced within days. Haggling over price is one reason the acquisition hasn't happened yet. People briefed on the negotiations told The Associated Press that the last specifics of the deal are being worked out. These people spoke on condition of anonymity because they were not authorized to discuss the situation. The New York Times and The Wall Street Journal reported on their Web sites Thursday that IBM will likely pay between $9 and $10 per share for Sun. Earlier discussions involved a price of about $10 to $11 per share. A deal would shake up the corporate computing landscape and likely draw antitrust scrutiny. Unpaid Bills? Good Luck Starting Future Laptops As wireless carriers begin to subsidize computers that come with wireless Internet access, they're faced with a quandary: What do they do if the buyer stops paying his bills? The company can cut off the computer's wireless access, but the carrier would still be out a couple of hundred dollars. The buyer would be left with a computer that's fully usable except for cellular broadband. LM Ericsson AB, the Swedish company that makes many of the modems that go into laptops, announced Tuesday that its new modem will deal with this issue by including a feature that's virtually a wireless repo man. If the carrier has the stomach to do so, it can send a signal that completely disables the computer, making it impossible to turn on. "We call it a `kill pill,'" said Mats Norin, Ericsson's vice president of mobile broadband modules. The module will work on AT&T Inc.'s U.S. third-generation network, and on many other 3G networks overseas. AT&T late last year started subsidizing small laptops known as "netbooks," which normally cost about $400, so that RadioShack Corp. can sell them for $100. The buyer commits to paying $60 per month for two years for AT&T's wireless broadband access. Such offers have become very common in Europe. It's unlikely that carriers would resort to wielding the "kill pill." But the technology, developed with Intel Corp., has other uses. For instance, a company could secure its data by locking down stolen laptops wirelessly. Lenovo Group Ltd. has said it will build this sort of feature into its laptops. The new Ericsson modem can also stay active while a computer is off, listening for wireless messages. That means it could wake up and alert the user when it receives an important e-mail, or if someone is calling with a conferencing application like Skype. Laptop makers that use Ericsson modules include LG Electronics Inc., Dell Inc., Toshiba Corp. and Lenovo. W. Virginia Bullying Bill To Include Online Posts An attempt to extend a West Virginia anti-harassment law to the Internet may have some long-reaching consequences. Sen. Mike Green of Raleigh County sponsored the bill last week. The measure would make it a crime to send harassing or abusive e-mails or other computer-based communications. But the Senate Judiciary Committee amended the bill to include statements posted on Web pages or online forums. Such statements must be untrue and designed to encourage others to spread the falsehood, or ridicule the person they target. Civil liberties advocates question whether that goes too far. The bill would make such statements a misdemeanor, punishable by a fine of up to $500, up to six months in jail, or both. Repeat offenders would see those penalties double. FBI Raids Dallas Internet Service Provider Core IP U.S. Federal Bureau of Investigation agents have raided a Dallas ISP, knocking the company and almost 50 of its clients offline. The early morning Thursday raid closed down the operations of Core IP Networks, which operated out of two floors of a Telx collocation facility at 2323 Bryan Street in Dallas. The raid had to do with the activities of a former customer, according to Matthew Simpson, Core IP's CEO. "The FBI is investigating a company that has purchased services from Core IP in the past," he wrote in a note posted to a Google Sites page. "This company does not even collocate with us anywhere, much less 2323 Bryan Street Datacenter." He did not name the company that is allegedly at the center of the FBI investigation. FBI spokesman Mark White confirmed that agents had executed a search warrant at the 2323 Bryan Street address on Thursday, but declined to comment further on the matter. "Currently nearly 50 businesses are completely without access to their email and data," Simpson wrote. "Citizen access to Emergency 911 services are being affected, as Core IP's primary client base consists of telephone companies. " Simpson said that his company was not involved in any kind of illegal activity. He could not be reached immediately for comment. It is unusual for the FBI to shut down an entire hosting provider because of the activity of a single customer. Spam Recovers From a Knockout Blow The Internet is now officially as bad as ever, at least as far as spam goes. Google reported Tuesday that in the second half of March, spam returned to the levels last seen just prior to the November 2008 takedown of McColo. McColo was a hosting service based in San Jose, California, that was notorious for providing so-called "bulletproof" services to cybercriminals, who wanted to keep their servers running no matter what. When McColo was knocked offline, it had a serious effect on the world's junk e-mail. Spam levels dropped by half the instant the company's upstream Internet service providers - Global Crossing and Hurricane Electric - refused to service the ISP, effectively unplugging McColo from the Internet. "Spammers have clearly rallied following the McColo takedown and overall spam volume growth during Q1 2009 was the strongest it's been since early 2008, increasing an average of 1.2 percent per day," wrote Google spokeswoman Amanda Kleha in a blog posting. In the first quarter of last year, spam grew at 1 percent per day, which was a record at the time. Data on another spam measurement site, Spamcop, also shows that spam has bounced back. Spammers may be getting smarter, too, Kleha said. They seem to be building more robust botnets to send out their unwanted mail and also appear to be taking steps to avoid making their ISPs the kind of obvious target that McColo was. "They have been building new botnets, like Conficker - which is undoubtedly designed to be difficult to take down," said Richard Cox, CIO of antispam organization Spamhaus, in an e-mail interview. He agreed with Google's conclusion that spam had now returned to pre-McColo levels. "Spammers continue to prove their resilience," Kleha said. "They're clearly here to stay." China Denies Cyber Spy Network Charges China on Tuesday denied suggestions it could be involved in a cyberespionage ring that attacked computers worldwide from servers mostly based in the country. GhostNet, a network that affected 1,295 computers in more than 100 countries through malware and social engineering, was described in a study last weekend by the SecDev Group's Information Warfare Monitor and the Munk Center for International Studies at the University of Toronto. "Some people in foreign countries are keen to make up rumors about so-called Chinese Internet spies," foreign ministry spokesman Qin Gang said at a briefing Tuesday. "Their statements are entirely fabricated." China opposes hacking and other attacks on computer networks, Qin said. Attackers used GhostNet to steal documents from targets including international institutions and foreign ministries of other countries, according to the report. The attackers gained full access to affected computers, including control of attached microphones and Web cams that could have been used to monitor nearby activity. The report drew attention to cybercrime in China at a time when observers say it is growing. GhostNet's highly targeted attacks against foreign government networks are unique, but its scale is tiny and its malware code outdated compared to other recent attacks, analysts say. A simple online search can reveal the source code for GhostNet's unsophisticated malicious software, said Zhao Wei, CEO of Knownsec, a Beijing security firm. Much more advanced - and more common in China - are mass attacks with "zero days," or previously unknown software bugs, Zhao said. Sophisticated attacks can hit millions of computers. Researchers at Zhao's firm found 4 million computers infected in a single day during one recent attack. China had 298 million Internet users at the end of last year, the most in any country, according to the country's domain registry center. Bank accounts and online game passwords are popular targets for attackers in China. Items like armor and weapons stolen from game accounts are often sold back to other players for real-world cash. The attackers can make themselves hard to catch by stealing small amounts from many different people, Zhao said. An attacker might, for example, break into a huge number of bank accounts but steal just 10 yuan (US$1.47) from each, an amount victims are unlikely to report. That makes collecting evidence difficult for police, as does the need for cooperation across districts if the attacker and victims are in different places, Zhao said. China passed its first regulations protecting the public from cyber data theft last month. The revisions to the country's criminal law ban digital theft of information from any computer, lowering the bar from old rules that banned intrusions into government-supported networks. The new law also prohibits designing programs to help attackers invade or gain control over other computers. The law's protection from data theft extends to overseas computers like those attacked by GhostNet, said Pi Yong, a law professor at Wuhan University. But implementing the law could be difficult even in purely domestic cases. Chinese courts in remote areas may be unsure how to handle electronic evidence, Pi said. China also remains a convenient routing point for attackers from other countries, who can hide their location by using a Chinese IP (Internet Protocol) address. Registering a Chinese domain is cheap and hassle-free, giving attackers an easy way to spread malware, said Konstantin Sapronov, head of the Kaspersky virus lab in China. Blocked domains are easily replaced, he said. "If it will be blocked, it doesn't matter. You can use another, and you can buy a lot of these," he said. EBay To Test eBay Bucks Shopping Rewards Program Shopping on eBay just got a bit more rewarding, at least for some users of the online auction site. On Wednesday, eBay Inc. launched a "beta" test version of eBay Bucks, a program that lets participants earn a 2 percent reward on certain items they buy through the site and pay for using eBay's online payment service, PayPal. Rewards come quarterly as gift certificates, which can be used to buy other items through eBay within 30 days. Unlike many other "beta" tests, this one is open by invitation only; eBay is randomly selecting buyers to enroll. Kurt Apen, head of eBay's loyalty marketing team, said the company will likely expand the program to everyone over the next several months. The arrival of eBay Bucks marks the company's latest customer-retention move; something the company is focusing on as works to improve its online marketplace, at a time when consumers also have cut back on spending because of the dismal economy. Other efforts eBay has undertaken include distributing coupons to users and offering discounts on referrals from Microsoft Corp.'s Live Search site. Program participants will be able to earn up to $200 in eBay Bucks per item purchased on eBay and up to $500 per quarter. Because the reward rate is 2 percent, a $100 cell phone would earn $2 eBay Bucks, translating to $2 in gift certificates at the end of the quarter. Apen said eBay Bucks users will be able to collect rewards on most types of items sold on the site, but real estate and many items sold through eBay Motors will be ineligible. EBay, based in San Jose, Calif., initially tested eBay Bucks as a smaller pilot program last year. Changes since then include making it easier for users to redeem their rewards and allowing them to spread them out over various transactions. =~=~=~= Atari Online News, Etc. is a weekly publication covering the entire Atari community. Reprint permission is granted, unless otherwise noted at the beginning of any article, to Atari user groups and not for profit publications only under the following terms: articles must remain unedited and include the issue number and author at the top of each article reprinted. Other reprints granted upon approval of request. Send requests to: dpj@atarinews.org No issue of Atari Online News, Etc. may be included on any commercial media, nor uploaded or transmitted to any commercial online service or internet site, in whole or in part, by any agent or means, without the expressed consent or permission from the Publisher or Editor of Atari Online News, Etc. Opinions presented herein are those of the individual authors and do not necessarily reflect those of the staff, or of the publishers. All material herein is believed to be accurate at the time of publishing.