by Ina Fried

Hackers have managed to find a way around one of the key antipiracy protections built into Windows 7.

Ordinarily, the operating system requires users to activate their copy of Windows 7 within 30 days. However, a recently outlined method allows the normal notifications to be turned off.

The software doesn’t actually get confirmed as legitimate, but users are able to keep using the product indefinitely.

Microsoft confirmed on Friday it is aware of the technique, but said that it is working to shore up the activation procedure.

“We’re aware of this workaround and are already working to address it,” a Microsoft representative said in a statement, which also urged customers to only use genuine software, noting the fake stuff can contain malware and other bad things.

It’s the latest in a long history of cat-and-mouse moves between the makers of Windows and those who would rather not have to pay for the privilege.

During her years at CNET News, Ina Fried has changed beats several times, changed genders once, and covered both of the Pirates of Silicon Valley. These days, most of her attention is focused on Microsoft. E-mail Ina.

By Kelly Jackson Higgins
DarkReading

First there were hijacked search results, now there are hijacked links: a newly discovered Trojan redirects victims to search engine sites in order to cash in on the clicks.

The so-called Opachki Trojan doesn’t do the usual search-result hijacking typically deployed by the bad guys to make money, but instead attempts to hijack all links on a page the infected user is viewing. When the user clicks on a link, the Trojan redirects him to an affiliate-based search engine site that lists multiple links.

“This is the first one I’ve seen that tries to replace with arbitrary links rather than hijacking search results,” says Joe Stewart, a researcher with SecureWorks’ Counter Threat Unit. “This one goes to the page and takes all the links and makes them look like searches so the [victim] sees a search result rather than the page they thought they were going to.”

Opachki basically provides the bad guys another way to make money from affiliate search engines that pay people to drive traffic to them, he says. Each time the victim clicks on one of the links at the redirected search engine site, the Opachki author gets paid a small sum of money, he says. “So to make it look somewhat legit, they have real people clicking on things so that it makes it look like that person is searching.”

And interestingly, the Trojan does one good deed: if the victim’s machine is also infected by the nasty Zeus banking malware, it kills it. “Why is it deleting Zeus? [Opachki] is hooking into the browser similarly to what Zeus does. Maybe there’s some sort of conflict where they both don’t work on the same machine,” Stewart says. “I’m not sure what they’re thinking” by knocking out Zeus, he says. Opachki infections come via drive-by browser exploits, and the Trojan can do its dirty work even if the user doesn’t have administrative privileges on the machine, according to Stewart’s report on the Trojan.

So far, Stewart hasn’t seen widespread Opachki infections, and he says it appears to be fairly new. Although it may basically be a benign infection, it may have other risks, he says. The victim’s machine could be exposed to more malicious Trojans via ads on the affiliate search engine sites, for example. The best way to eradicate the Trojan is reformat and reinstall the operating system.

—

Credit Due: http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=221400320

The ZeuS or Zbot trojan, a type of sophisticated malicious computer programme, has been used to collect millions of lines of data from machines allowing those responsible to obtain a mass of personal information.

The Metropolitan Police said the trojan was configured so that once installed in an affected computer, it recorded users’ bank details and passwords, credit card numbers and other information such as passwords for social networking sites.

The financial gains for the criminals and the potential losses to individuals and institutions affected were very substantial, detectives said.

Police said a man and a woman, both aged 20, had been arrested on November 3 in Manchester. They have been released on police bail pending further inquiries.

“The ZeuS trojan is a piece of malware used increasingly by criminals to obtain huge quantities of sensitive information from thousands of compromised computers around the world,” said Detective Inspector Colin Wetherill of the Met Police’s Central e-Crime Unit.

“The arrests represent a considerable breakthrough in our increasing efforts to combat online criminality.”

Detectives said the arrests were some of the first in the world and the first in Europe to combat the distribution and control of ZeuS.

(Reporting by Michael Holden; Editing by Steve Addison and Sonya Hepinstall)

—

Credit Due: http://www.reuters.com/article/internetNews/idUSTRE5AH43Y20091118

Microsoft launched its new Forefront Protection 2010 antimalware for Exchange on Monday.

The company also announced at the TechEd Europe conference in Berlin the availability of Forefront Online Protection for Exchange designed for enterprise customers who want Microsoft to host the security solution.

Forefront Protection 2010 for Exchange incorporates malware engines from Microsoft and various partners, providing 38 times faster malware detection and decreasing spam to the point where only one out of 250,000 spam messages gets through, said Joel Sider, senior project manager for Microsoft’s Infrastructure division.

Integration with Exchange provides the ability to scan messages and documents simultaneously, while built-in information protection with Active Directory rights management services give users and IT administrators more control over what e-mail and documents can do and who can receive them, he said.

The announcements were made in conjunction with the scheduled launch this week of Exchange 2010, the new version of Microsoft’s e-mail and communications server.

Meanwhile, Microsoft said last month it was delaying the release of its Forefront Endpoint Protection 2010 for Windows desktops until the second half of next year.

The company will be rolling out over the next year all the pieces of its Forefront Protection Suite, formerly code-named “Stirling.”

Update at 10:09 a.m. PST with comments from Microsoft.

Microsoft’s Windows 7 Starter Edition, primarily meant for low-power PCs and ultra-portable netbooks, could disappoint some users who want features such as desktop personalization and DVD playback, suggests a new survey by online electronics marketplace Retrevo. Microsoft CEO Steve Ballmer has suggested in the past that Microsoft will try and steer consumers away from netbooks and toward higher-priced “ultra-thins” that presumably run higher-margin versions of Windows 7.

Microsoft’s version of Windows 7 for netbooks may disappoint some users, according to a new survey released by online electronics marketplace Retrevo.

Retrevo’s survey found that 79 percent of the 1100 respondents surveyed were not planning on purchasing a netbook this year. Of the remaining 21 percent, 54 percent knew that Windows 7 came in different versions—such as Starter and Ultimate—but only 39 percent knew that the Windows 7 Starter edition lacked some Windows XP features such as desktop personalization and DVD Playback.

“Retrevo was not surprised to discover that 61 [percent] of consumers intending to buy a netbook computer were not aware of limitations in Windows 7 Starter Edition,” explained a Nov. 5 posting on the Retrevo Blog. “When Retevo pointed out the differences, 56 percent of those respondents said they would not be satisfied if their net netbook came with Windows 7 Starter Edition.”

Specifically, Retrevo’s blog post suggests, consumers may not be aware that Windows 7 Starter Edition will not allow a netbook to play DVDs even if an external DVD drive is connected to the device. Windows 7 Starter Edition’s lack of multi-monitor support, Windows XP Mode, Windows Media Center, and shiny Aero interface features may also have a negative impact on users.

Netbook sales have represented a bright spot for an otherwise moribund PC industry in 2009, with consumers gravitating toward the devices as an ultra-cheap and super-portable way to fulfill most of their tech needs.

Aware of their popularity, Microsoft introduced a method by which netbook users could download an install Windows 7 on their machines, a number of which lack DVD drives. From Microsoft’s revamped online store, a stripped-down Windows 7 for Netbooks can be downloaded onto a bootable USB or burned to a DVD.

“For netbook users without DVD drivers, the Windows 7 USB/DVD Download Tool [WUDT] will take an ISO image and create a bootable UDB device that can be used to install Windows 7,” Microsoft spokesperson Brandon LeBlanc wrote in an Oct. 22 entry on The Windows Blog. “The WUDT can also create a Windows 7 installation DVD from the ISO file as well.”

However, those wishing to boot off a USB device or external DVD player will need to configure their BIOS in order to make that happen, a fact that may lead some netbook owners to seek assistance from someone more tech-minded.

(Update: As of Nov. 10, Microsoft seems to have removed the ability to purchase Windows 7 for Netbooks from its online store, possibly in a dispute over the tool’s coding. More on this story as it develops.)

Despite the concession to netbooks for Windows 7, Microsoft has publically expressed an urge to pull consumers toward higher-priced devices.

During Microsoft’s annual Financial Analyst Meeting on July 30, Microsoft CEO Steve Ballmer told gathered analysts that his company’s manufacturing partners would begin introducing ultra-thin PCs onto the market by the end of 2009. Those devices, which would feature larger screens and more processing power while maintaining portability, would presumably sell at a higher price point and run versions of Windows that offer Microsoft higher margins.

“We want people to be able to get the advantages of lightweight performance and be able to spend more money with us,” Ballmer told the assembled analysts.

Editor’s Note: This story has been updated with a mention that Windows 7 for Netbooks is no longer available for sale on Microsoft’s online store as of Nov. 10.

WHILE MANY HAVE WELCOMED the unfettered reign of the Internet service providers (ISPs) coming to an end in the US in favour of network neutrality, a team of learned legal minds has warned that all might not be as it seems.

The US Federal Communications Commission (FCC) has decided that it will police the Internet to make sure that the large ISPs – telecom and cable companies, mostly – do not force a two-tiered Internet on the American public.

However a group of prominent law professors has warned the FCC that buried in the fine print of its proposed Net Neutrality rules are potential loopholes that if left open could be exploited by the ISPs in connivance with the entertainment cartels to undermine the future of Internet freedom.

Columbia University Law School professor and Free Press board chair Tim Wu told the Washington Post about the letter (PDF) after submitting it to the FCC.

Wu’s co-authors included Stanford Law professor Barbara van Shewick, Harvard Law professor Larry Lessig, Yale Law School’s Jack Balkin, South Texas College of Law professor John Blevins and University of Louisville School of Law’s Jim Chen.

They said that the FCC’s proposed rules don’t sufficiently define what the commission means by its use of the terms “non-discrimination” and “reasonable network management”.

The law professors agree that the FCC should police the ISPs, but it wants them to have a set of rules that the telecoms and cable firms can’t slip out of like the slippery eels that they are.

Using these loopholes the ISPs could block subscribers in the same way that occurred in 2007 when Comcast secretly blocked and stifled its customers’ Internet access, effectively preventing or hindering subscribers’ use of filesharing applications such as Bit Torrent, the letter warns.

If ISPs have too much leeway that will effectively eliminate Net Neutrality, so it is important that the FCC should be clear as to what it believes the standards should be, they wrote.

Indeed, the devil is in the details, we reckon, so it will be crucial that the FCC get this right.

A Microsoft (NSDQ:MSFT) executive whose pointed comments on Windows 7 upgrades have irked Microsoft bloggers has apologized. Well, in a roundabout sort of way, that is.

In a Monday blog post, Eric Ligman, global partner experience lead in Microsoft’s Worldwide Partner Group, said his now-infamous blog post titled “Regardless of what any hack says, a Windows 7 upgrade is an upgrade” wasn’t aimed at Microsoft bloggers, but at technical workarounds that make it possible to clean install Windows 7 using upgrade media.

“So for anyone out there thinking my post was trying to ‘make an example’ of someone as a ‘hack’ or that I was calling someone specifically a ‘hack,’ sorry to disappoint you,” Ligman wrote in the blog post.

For the past several months, Windows 7 testers have been asking Microsoft for technical details on Windows 7 upgrades but the company hasn’t responded. So some Microsoft bloggers have developed workarounds for clean installing Windows 7 using upgrade media, something Microsoft says is illegal if a machine doesn’t have an existing version of Windows installed.

Ligman, as the public face of Microsoft’s Byzantine software licensing program, has been particularly vocal about the consequences of using improperly licensed software, often invoking the specter of Business Software Alliance audits and other legal troubles.

Some media reports have assumed Ligman’s “hack” reference was to Paul Thurrott of the Supersite For Windows blog, who published details on the Windows 7 upgrade workaround last week. Ed Bott, another noted Microsoft blogger, has also called out Microsoft over the issue. So have dozens of posters who’ve left comments on Ligman’s Microsoft SMB Community blog.

But Ligman insists he wasn’t using the term “hack” in a pejorative sense. “There appears to be a lot of reading through ‘pre-determined conclusion’ lenses,” Ligman wrote in the blog post.

Although Ligman is downplaying the issue, Thurrott sees it as an example of Microsoft’s heavy-handed approach to software licensing and its tendency to punish its body of customers for the actions of a few software pirates.

“This is very much about how Microsoft communicates with his customers, and while Ligman tries to make the case that Microsoft cares very much about its customers, this little episode is telling them otherwise,” Thurrott wrote in a Monday blog post .

The good news is that the Windows 7 upgrade kerfluffle has led to a great deal of feedback that Ligman says he has shared with higher-ups.

“I have submitted your various comments on this topic to the appropriate people for that topic and will be happy (believe me) to post the exact link to where you should go for this information as soon as I hear back,” Ligman wrote.

By InformationWeek October 29, 2009 01:07 PM

The National Security Agency, whose job it is to protect national security systems, will soon break ground on a data center in Utah that’s budgeted to cost $1.5 billion. Juniper CEO Kevin Johnson talks about how traffic is increasing at a faster rate than the number of users and how the model will not scale. He notes the need for new business models and an increase in innovation. The NSA is building the facility to provide intelligence and warnings related to cybersecurity threats, cybersecurity support to defense and civilian agency networks, and technical assistance to the Department of Homeland Security, according to a transcript of remarks by Glenn Gaffney, deputy director of national intelligence for collection, who is responsible for oversight of cyber intelligence activities in the Office of the Director of National Intelligence.

“Our country must continue to advance its national security efforts and that includes improvements in cybersecurity,” Sen. Robert Bennett, R-Utah, said in a statement. “As we rely more and more on our communications networks for business, government and everyday use, we must be vigilant and provide agencies with the necessary resources to protect our country from a cyber attack.”

The data center will be built at Camp Williams, a National Guard training center 26 miles south of Salt Lake City, which was chosen for its access to cheap power, communications infrastructure, and availability of space, Gaffney said. The complex will comprise up to 1.5 million square feet of building space on 120 to 200 acres, according to the NBC affiliate in Salt Lake City.

According to a budget document for the project, the 30-megawatt data center will be cooled by chilled water and capable of Tier 3, or near carrier-grade, reliability. The design calls for the highest LEED (Leadership in Energy and Environmental Design) standard within available resources.

The U.S. Army Corps of engineers will host a conference in Salt Lake City to provide further detail the data center building and acquisition plans. The project will require between 5,000 and 10,000 workers during construction, and the data center will eventually employ between 100 and 200 workers.

As part of its mission, NSA monitors communications “signals” for intelligence related to national security and defense. Gaffney gave assurances that the work going on at the data center will protect civil liberties. “We will accomplish this in full compliance with the U.S. Constitution and federal law and while observing strict guidelines that protect the privacy and civil liberties of the American people,” Gaffney said.

On Nov. 30, the Department of Homeland Security will formally open a new cybersecurity operations center, the National Cybersecurity and Communications Integration Center, in Arlington, Va. The facility will house the National Cyber Security Center, which coordinates cybersecurity operations across government, the National Coordinating Center for Telecommunications, which operates the government’s telecommunications network, and the United States Computer Emergency Readiness Team, which works with industry and government to protect networks and alert them of malicious activity.

InformationWeek Analytics has published a report on the 10 steps to effective data classification. Download the report here (registration required).

Oct 26, 2009 1:42 pm