Search This Blog

Friday, December 21, 2007

Orkut Hit by Worm ...still getting harmless...>....Google Stops Worm Attack

Orkut, Google’ social networking web site, was hit by a relatively harmless worm. According to a report written by blogger Kee Hinckley on his web site TechnoSocial, the virus infected Orkut’s users through emails.

Some of Google’s social networking web site’s users received an email telling that they had been sent a new scrapbook entry from another Orkut user. The scrapbook entry is a type of message on Orkut. Thus, the targeted users had only to access their profiles to become infected by the virus. They were also added to an Orkut group, “Infectados pelo Virus do Orkut,” as Kee Hinckley wrote on his web site.

The name of the group is in Portuguese and it translates to “infected by the Orkut virus.” Orkut is mostly popular in Brazil and India, rather than in the United States, where it can’t catch up with its tough highly popular rivals Facebook and MySpace.

However, although the worm that attacked Google’s Orkut was relatively harmless, it seems that its creators wanted to demonstrate that this social networking web site’s users are in danger even if they do no click on malicious links. The Orkut worm was also noted by Orkut Plus, a web site that offers security tips for Google’s social networking site, and discussed in Google’s own Orkut help group.

The worm apparently did not try to steal any personal data.
Google security personnel clamped down to stop the spread of a prolific spam worm launched on its social networking site Orkut.
"Google takes the security of our users very seriously. We worked quickly to implement a fix for the issue recently reported in Orkut. We also took steps to help prevent similar problems in the future. Service to Orkut was not disrupted during this time," a Google spokesperson said in a written statement.

The worm, which was reported yesterday by McAfee Avert Labs, had gained ground by spreading quickly from friend to friend. The virus affected the profiles of almost 400,000 of its members, most of which were from Brazil. While Google initially aimed Orkut toward users in the United States, the networking site has become incredibly popular in Brazilian communities.

"(The attack) was obviously very targeted at the Brazilian community specifically," said Dave Marcus, security and information manager at McAfee Avert Labs.

The worm was transmitted when members received malicious scraps written in Portuguese. When translated to English, one scrap read, "2008 is coming. I wish that it begins quite well for you."

Upon receiving the scraps, the members' browsers then downloaded and executed the embedded virus. After adding its victims to a community called "Infectados Pelo Virus Orkut" or "Those Infected by the Orkut Virus," the worm then started to send messages to members of the affected user's friends list.

The virus spread through Orkut's new tool that allows users to write messages containing HTML code. The ability to add Flash/Javascript content to Orkut scraps was only recently introduced.

So far, there has been no evidence that the worm maliciously harmed users' PCs, security researchers say. "All it does is it adds the user to this one particular Okut group. As far as malware goes, it's rather innocuous," said Marcus. "On a scale of one to 10, it's pretty low."

McAfee security researchers said earlier today that some of the scraps had already disappeared, indicating that Orkut and Google had begun to address the problem.

The worm was symptomatic of a growing trend of malware that has flourished on social networking sites. Last month, MySpace sites for singer Alicia Keys and other musicians were targeted with an attack that installed malicious software on the PCs of members visiting the musicians' sites.

Another attack was launched last summer on the popular networking site Facebook, in which the perpetrators used small pop-up ads to force the user to purchase security software and download a computer virus.

These attacks raise the question of how to keep Web 2.0 sites secure, researchers say. While the spread of the Orkut worm appears to have abated, security analysts advise that members keep their antivirus software updated in order to remain protected against this and other viruses.

Microsoft agreed open-source license

Microsoft, whose software uses maximum percent of the world's personal computers,considering the demand of time, reached an agreement on licensing terms that will allow open-source products to connect to the Windows operating system.

Microsoft will license proprietary information on how Windows shares files and printers with the non-profit Protocol Freedom Information Foundation, which will make the data available to open-source developers working on a file and printing system called Samba.

The agreement will "allow Samba to create, use and distribute implementations of all the protocols" to allow so- called workgroup servers to connect with Windows, Redmond, Wash.-based Microsoft said in a statement Thursday.

Microsoft .The accord furthers Microsoft's bid to resolve legal disputes worldwide that have been weighing on its shares. The company in October gave in to European Union demands to license the protocol data.

In the past, Microsoft refused to license its technology to open-source software makers. Programs such as the free operating system Linux and the Samba system are distributed under terms requiring access to the source code, or underlying operating instructions.

Samba said in a statement that the agreement involves a one-time fee of 10,000 euros ($14,350). The protocol data will be held "in confidence" by Samba. The agreement allows source code to be published "without further restrictions," Samba said.

Under a 2004 EU decision, Microsoft had to disclose.
More some
In a landmark ruling against Microsoft’s anti-trust policy, the European Union forced Microsoft in October to share information concerning work group server operating systems with open-source developers. The first beneficiaries are the devs grouped under the Samba label.

According to the official Web-page, Samba is “software that can be run on a platform other than Microsoft Windows, for example, UNIX, Linux, IBM System 390, OpenVMS, and other operating systems. Samba uses the TCP/IP protocol that is installed on the host server. When correctly configured, it allows that host to interact with a Microsoft Windows client or server as if it is a Windows file and print server.”

So basically what Samba does is to provide interoperability between closed-source servers (Windows) and open-source ones. Samba debuted back in 1992 and since then it has grown into a popular, community-supported alternative to other SMB/CIFS implementations.

However, interoperability with Windows servers was often hindered by Microsoft’s protocol formats modifications operated in its proprietary code. Moreover, Samba was at risk of being sued by the Redmond behemoth for infringing the latter’s patents, because Samba translates data from different formats into Windows-compatible formats.

Initially, the company which now dominates the PC and server operating systems market (with 95% and 70% market share respectively) had refused to make any patent license compatible with the open source business model and demanded a royalty rate of 5.95 % of revenues for a combination of access to the secret interoperability information and for a patent license.

Following EU’s October 2007 decision to uphold a 2004 court ruling forcing Microsoft to become more “interoperability-friendly”, the Redmond giant agreed to three substantial changes:

1. First, ‘open source’ software developers will be able to access and use the interoperability information.
2. Second, the royalties payable for this information will be reduced to a nominal one-off payment of €10 000.
3. Third, the royalties for a worldwide license including patents will be reduced from 5.95% to 0.4% - less than 7% of the royalty originally claimed. In these agreements between third party developers and Microsoft, Microsoft will guarantee the completeness and accuracy of the information provided.

However, in the recent agreement with a group that represents Samba (the Protocol Freedom Information Foundation, located in Delaware), Microsoft will get €15,000 for the necessary documentation. The agreement was mediated by Samba’s original developer, Andrew Tridgell (now working for Google) and Eben Moglen, one of the iconic figures of the open source movement and head of the Software Freedom Law Center.

"The agreement allows us to keep Samba up to date with recent changes in Microsoft Windows, and also helps other Free Software projects that need to interoperate with Windows," said Andrew Tridgell

It is important to underline that the recent deal doesn’t exactly mean that Microsoft will “open source” its code. It merely ensures that the Samba community will get access to vital information about how Windows shares files and printers, but that information will be held “in confidence”.


Happy Eid-ul-Azha

Dear Readers,
I would like to take a moment to greet everybody Happy Eid-ul-Azha 21th
of December in BANGLADESH.

What is Eid-ul-Azha?

We have two festivals. Eid al-Fitr and Eid al-Adha. The “festival of sacrifice”, Eid al-Adha, in Arabic, which is the greater of the two main festivals. It falls on the 10th of Dhul-Hijjah and the following three days. It commemorates the time when Hazrat Ibrahim (Abraham) (peace be upon him) was willing to sacrifice his son Ismail as an act of total devotion to Allah. In the event, a sheep was sacrificed in Ismail’s stead as a symbol of Ibrahim’s devotion.

It is the reason why all the Muslim family has to have a sheep or a goat offered on this special day.
With the world’s present situation and crises, we need to take time to remember to take a moment to offer our prayers and to remember Allah and His continuous Blessings to all of us.

I believe whether it is the day of the Eid or not, and whether we are Muslims or have a different religion, we should take time to say thank you for each day, for the chance to see the sunrise every morning, a chance to breathe the air around us, a chance to have the energy to do our daily work, a chance to share a tea with a colleague and most of all to have the chance to lift our heads and see all these wondrous things He has made for us to enjoy.

Always take a chance and enjoy your day.

Find here

Home II Large Hadron Cillider News