Microhoo at last and lots of security news
- — 01 August, 2009 05:24
Well, we can all sleep a little easier now that Microsoft and Yahoo have finally announced details of the search deal they have worked on for months (and that has kept some of us on the edge, as tidbits of the story had an unsavory habit of breaking on weekends). All of the details, and then some, can be found by following the links in this week's top entry. Otherwise, with the Black Hat conference under way, there was a load of security news, with DefCon to follow this weekend (no rest for the weary).
1. Microsoft and Yahoo sign search deal, take on Google, CEOs: Devil was in details of Yahoo, Microsoft search tie-up and Microsoft-Yahoo deal: Why you stand to lose: After tracking this would-be news for about a year, all we feel is relief that it was finally announced. Now we can shift attention to whether Microsoft and Yahoo's big search deal, once approved by regulators, will work out for them and for users.
2. Clampi Trojan revealed as financial-plundering botnet monster: The news of a massive botnet associated with more than 45,000 Web sites and capable of stealing financial data is one of those instances that makes us wish that superheroes were real and that we could sic Batman on the bad guys and just end this nonsense once and for all.
3. Sensitive data compromised by SSL encryption flaws: Flaws in the software that uses SSL (Secure Sockets Layer) encryption could compromise sensitive personal data, security researchers said. The problem apparently is in the way SSL has been implemented into many browsers and also in the X.509 public key infrastructure system. (And there is more unsettling security news ahead in numbers five and eight.)
4. Apple: Jailbreaking could knock out transmission towers and EFF: Apple's claim that jailbroken iPhones can crash cell towers a 'hill of beans': There's nothing quite like a public spate to spice up the headlines. Apple told the U.S. Copyright Office as part of a review of the Digital Millennium Copyright Act that unauthorized modification of the iPhone OS -- so-called "jailbreaking" -- could cause major network disruptions, including the possibility of crashing transmission towers. The claim was made in response to a request by the Electronic Frontier Foundation that such modifications do not violate the DMCA and should be permitted. So, the EFF responded to Apple by saying, more or less, "get real!"
5. Extra '&' in Microsoft development code gave hackers IE exploit: "The bug is simply a typo," said Michael Howard, a principal security program manager at Microsoft, to explain how an extra "&" in development code has enabled hackers to exploit Internet Explorer for weeks.