- Update on latest IE vulnerability
- Game DRM run amok
- Exploit Sites
- Comment to my Port Knocking Article
- SANS guys making anti-spyware testing suite
- IE ActiveX update-could have a big impact
- Microsoft's Fingerprint reader device can be hacked
- Citibank having fraud problems
- Anyone up for Cisco password cracking?
- Interesting SUSE gpg bug
March 26, 2006 | Comments: (0)
Update on latest IE vulnerability
Latest news on IE vulnerability
1. Live exploit code is being posted on the Internet, but so far volume has been light. Even DShield has lowered the threat icon to green, from yellow. Report any new web sites hosting infected code to secure@microsoft.com. They will research any reported web site and get it closed down if confirmed.
2. Some advisories say that you must click on a link to be compromised. Not true. Vulnerability can be embedded in HTML email. So, if your email client renders HTML scripted-email automatically (when the email is opened or viewed in the Preview pane), you could be at risk. Outlook 2003 disables scripting in email by default, so this threat should not happen by default. I have always recommended only allowing plain-text ASCII in all emails. Doing otherwise is too risky.
3. This vulnerability does not affect the latest builds of IE 7 Beta 2 (IE7 Beta 2 Preview (Mix Build)) Some previous IE 7 Beta builds did not have the fix.
4. Microsoft is taking this exploit seriously and staying engaged "on the ground".
5. IE 6 patch will be released in next IE monthly patch.
Microsoft's security advisory http://www.microsoft.com/technet/security/advisory/912945.mspx
Microsoft security blog on issue
http://blogs.technet.com/msrc/archive/2006/03/25/423116.aspx
Posted by Roger Grimes on March 26, 2006 07:34 AM
March 22, 2006 | Comments: (0)
Yet another example of DRM abuse.
I haven't validated this story personally, but its pretty representational for what I know is out there already
--------------------------------
Starforce enforces DRM by instant reboot (without warning)
Posted by Sean Byrne on 21 March 2006 - 00:00 -
Source: Geek.com
Despite all the problems DRM has been causing lately, it seems like companies involved in copy protection just keep trying to create more dangerous copy protections. Originally, they were more of a nuisance causing compatibility issues, installing wanted software, etc. Next came Sony Rootkits which used cloaking to hide its DRM processes and files, but with the side affect of being able to cloak spyware & viruses, thus causing a serious security risk. More recently, the Settec Alpha-DVD protection has been reported to cause DVD writers to malfunction.
Now, Futuremark has uncovered a very dangerous anti-piracy system Starforce is now using. This copy protection system installs a driver that runs at the highest level of access on the system, which gives it low level access to the PCs hardware and any drivers and processes.
This driver runs regardless of whether the game runs; keeping an eye out for any suspicious activity such as attempting to copy a protected disc. If something suspicious is detected, it forces the PC to make an immediate reboot, regardless of any other applications running and whether or not the user has any unsaved work.
To make matters worse, this copy protection interferes with DPM readings from software that is designed to allow the playback of copied game discs, which means that any game backups that rely on this Data Protection Manager will no longer play with the Starforce protection driver in place.
Finally, as the Starforce protection has been found to interfere with certain device drivers, some drivers will run in legacy PIO mode instead of DMA, which not only slows down the PC by hogging CPU resources, but also slows down the data transfer to the affected hardware.
Full story, with links to lists of games that use Starforce here:
http://www.cdfreaks.com/news/13212 -- more info here:
Boycott Starforcehttp://www.glop.org/starforce/ and here: Starforced games http://www.glop.org/starforce/list.php
Posted by Roger Grimes on March 22, 2006 05:42 PM
March 22, 2006 | Comments: (0)
Here's a list of sites that you can download live exploit code from:
FRSIRT.com http://www.frsirt.com used to be one of my favorite web sites to download exploits from. Now, they've gone commercial to get ahold of their exploits. Luckily, there are dozens of sites you can download exploits from to test and harden your environment, including:
Metasploithttp://www.metasploit.com
Milw0rm http://milw0rm.com
Security.net http://securitydot.net/exploits.php
Unofficial FRSIRT cached mirrored site (containing exploits published before going commercial) http://www.elsenot.com/frsirt-google.html
Securiteam http://www.securiteam.com/exploits/
PacketStormSecurity http://www.packetstormsecurity.nl/
Send me your favorites and I'll post here.
Posted by Roger Grimes on March 22, 2006 05:29 PM
March 22, 2006 | Comments: (0)
Comment to my Port Knocking Article
Feed back to my port knocking article http://www.infoworld.com/article/06/03/17/76466_12OPsecadvise_1.html
From: Chris Schumann
Sent: Tuesday, March 21, 2006 1:55 PM
To: roger_grimes@infoworld.com; letters@infoworld.com
Subject: Port knocking? meh. Try sshdfilter.
Mr. Grimes,
I thought port knocking seemed like an OK idea, but I realized I'd have to replace or upgrade all my clients.
Then I found sshdfilter http://www.csc.liv.ac.uk/~greg/sshdfilter. If someone attempts to connect to my server via ssh without an id string, or guesses a wrong user name, that IP address is blocked from opening any ssh connection for some set time.
Also, for valid accounts, if a wrong password is entered some number of times, that IP address is then blocked for some set time.
I use three days, but even three minutes would make most brute force password guessers give up, and still let me into my machine if I should really happen to get the password wrong three times in a row.
I think it's a fantastic tool, and still lets me get to my machine from anywhere, even if that machine doesn't have port knocking tools available.
Take care,
Chris Schumann
Posted by Roger Grimes on March 22, 2006 05:25 PM
March 20, 2006 | Comments: (0)
SANS guys making anti-spyware testing suite
Two well-loved SANS moderators and teachers are developing (on behalf of their full-time company, Intelguardians, an application or test suite so that users can test their anti-spyware applications.
The test suite mimics spyware-like mechanisms. Any decent anti-spyware application should flag the test suite applications as spyware. They are doing this to root out poor anti-spyware applications.
Posted by Roger Grimes on March 20, 2006 02:11 PM
March 20, 2006 | Comments: (0)
IE ActiveX update-could have a big impact
Microsoft will release an ActiveX component update in an upcoming IE security patch.
I could have a big impact in some companies. Windows system administrators are encouraged to test and understand it thoroughly.
Here's the related link:
http://blogs.technet.com/upstate-ny-technology/archive/2006/03/20/422522.aspx
Update: Link removed by Microsoft due to some possible mis-communications in it. Here's the straight scoop:
This patch was released as an optional update for Internet Explorer on WU/MU on 2/28/06 and is also included in IE 7 Beta2. It will be released as mandatory in future security patch, the date of which has not yet been determined.
Posted by Roger Grimes on March 20, 2006 02:08 PM
March 06, 2006 | Comments: (0)
Microsoft's Fingerprint reader device can be hacked
Microsoft's Fingerprint reader should not be used, but not for the reasons in this article.
http://www.infoworld.com/article/06/03/06/76157_HNfingerhack_1.html
A year or so ago, I bought a Microsoft keyboard with the integrated fingerprint reader and installed on my wife's computer in the kitchen. I was interested in how well it did it's job.
As the article above points out, Microsoft recommends that you DO NOT use this device for security. Instead, it should only be used for convenience. This has bothered me from the start.
First, when I originally bought the keyboard, the "recommendation" was buried on page 12 of the written manual after you bought it and accepted the EULA. I believe now they publicize it more.
But it's exactly the convenience vs. security issue that bugs me.
You can't use Microsoft's fingerprint device to logon to a computer or network. The software only loads after you logon. It is mostly used so that people, when prompted at a web site for logon credentials, can simply use the fingerprint scanner instead.
During a previous logon to the web site, the user "trains" the fingerprint scanner and it then knows that when you go to that particular web site's logon screen, you can use your fingerprint instead. The fingerprint device scans your fingerprint, and then auto-types in the logon credentials that the user would normally type in manually.
This isn't convenience. This is security. Just because Microsoft says don't use the fingerprint scanner as a security device, I have a hard time believing people aren't. Matter of fact, I have an even harder time thinking of an instance of pure convenience that really isn't a security issue.
Is it a convenience issue if I don't care that much about my logon security?
On a related note, the constantly scanning red "laser beam" of the fingerprint scanner began to bother people in the house. Like a portrait painting where the woman or man's eyes follow you around the room no matter where you go, the red laser beam seemed to always catch people right in the eye. I think I almost had a seizure once. My wife took to covering it up with a yellow sticky note when not in use (maybe a little plastic cover would help), but after the whole security vs. convenience issue, we just unloaded the software that enabled the fingerprint reader part of the keyboard.
Posted by Roger Grimes on March 6, 2006 05:06 PM
March 06, 2006 | Comments: (0)
Citibank having fraud problems
Wonder if this is related to SSL trojans?
http://www.boingboing.net/2006/03/05/citibank_under_fraud.html
Posted by Roger Grimes on March 6, 2006 04:41 PM
March 06, 2006 | Comments: (0)
Anyone up for Cisco password cracking?
Can you crack a Cisco IOS MD5 password hash?
[I'm in beautiful Ottawa this week. All the locals kept telling me how beautiful it was today, since it was nearly Spring like with temps almost at 0 degrees. Last week it was -22F with the wind chill factor.]
Besides teaching and writing about computer security for a living, I also do penetration testing. Frequently my teams are able to capture plaintext Cisco configuration files, which usually include Cisco password hashes for Cisco routers, Pix firewalls, etc.
Cisco IOS telnet logon password hashes come in two flavors: Type 7 and MD5.
A Cisco config file with both password hashes might look something like this:
enable secret 5 $1$0Z4m$jsbSzU.vYSsZFISdJtbQI4.
enable password 7 062E0A1B38411F1D5C
The line beginning with enable password 7 is Type 7 password hash. The line with enable secret 5 is the newer MD5 style.
The Type 7 password hashes aren't really hashes (I think I read that they are Vigniere ciphers-polyalphabetic substitution ciphers), and can easily be cracked by many tools. That I have confirmed many times.
Cisco updated their password hash protection years ago with what they call the MD5 password hash. Per Cisco, it makes the password hash non-trivial to crack, even though there are a lot of brute force and dictionary password hash cracking tools available, such as Cain (www.oxid.it).
I come across lots of Cisco IOS MD5 password hashes, but I've yet to crack one. I've even used dictionary tools that are supposed to break Cisco MD5 password hashs, using a dictionary file that only contained the exact symbols in the password (i.e. my password dictionary contained the word frog for a Cisco password of frog), and still my crack attacks did not work.
If you're up to the challenge, try to crack your own Cisco password hash. No money, no challenge, just see if you can do it.
I'm especially interested in if anyone can demonstrate cracking their MD5 password hash. If you do, let me know how you did it? Don't send me your password or hash (unless you use a dummy one for the test).
If I'm having this problem, I'm sure there are a least a few other pen testers with the same questions as I have.
_________________
Related discussion
I was confused as to why Cisco called their new password hash method an MD5 hash (http://www.cisco.com/warp/public/701/64.html).
Even this Wiki article (http://en.wikipedia.org/wiki/Cisco_IOS), which talks about the Cisco MD5 hash uses an example cleartext password of stupidpass, but the resulting MD5 hash looks nothing like an MD5 hash.
It's certainly not a pure MD5 hash (http://en.wikipedia.org/wiki/Md5). It's not long enough for one thing and it always begins with the $1...not something you would see in an MD5 hash every time. An MD5 hash is always 128-bits (16 double-byte characters). If I include all the characters in the Cisco "MD5" hash, including the $1, it's only 15-double byte characters (or 120-bits).
With further research, I found out that the Cisco "MD5" password hash isn't a pure MD5 hash. Per Cain's creator, the Cisco MD5 password hash is a Base64 encoded MD5 password hash (http://www.oxid.it/downloads/pix_passwd.txt), after the original password has been truncated to 16 characters, and been MD5'd a 1000 times. Cisco then uses FreeBSD's _crypt_to64() libcrypt library function to Base64 encode the hash. But every Base64 encoding I do on a pure MD5 hash results in an even longer result than the original value (not shorter as in the Cisco result). Maybe he means that the resulting MD5 hash is truncated to 16 bytes??
I haven't seen Cisco's MD5 password hash code to see how the original cleartext password is treated exactly, but Cain's creator, and other Cisco password cracker authors apparently have.
I'm only a crypto hobbyist, so I'm sure I don't really know what I'm talking about as I get into the nuts and bolts. But if anyone can actually demonstrate a Cisco MD5 password hash crack, let me know.
All the Mac and iTunes users can write back and explain it too me, since they've been spending all day telling me how stupid I am.
Posted by Roger Grimes on March 6, 2006 04:31 PM
March 06, 2006 | Comments: (0)
SUSE has digital signing bug
http://www.novell.com/linux/security/advisories/2006_13_gpg.html
Novell announced today that SUSE (great enterprise-ready Linux distro) has a bug that allows specially crafted files to come up with valid digital signatures even though they should come up as unsigned or invalid. As far as been released, no one used this to exploit any computers, but it is interesting nonetheless.
Posted by Roger Grimes on March 6, 2006 01:52 PM
March 06, 2006 | Comments: (0)
Mac Hacked in less than 30 minutes
Any OS is hackable
http://www.zdnet.com.au/news/security/soa/Mac_OS_X_hacked_in_less_than_30_minutes/0,2000061744,39241748,00.htm
Yes, I know this article or contest doesn't really prove anything. This doesn't mean I'm believe that Macs are more insecure than Windows. Quite the contrary. I'm pointing out that Macs have many exploits yet to be discovered and aren't mysteriously MORE SECURE than Windows. Whatever is popular will be hacked. The more popular something is the more hacked it will be. Some OSs might be more secure than another, but we've yet to come across a popular OS (except maybe some of the high security BSD flavors) that wasn't a ripe target for hackers.
Posted by Roger Grimes on March 6, 2006 02:39 AM
March 05, 2006 | Comments: (0)
If you're stopped for DUI, pray your breathalyzer is closed sourced
When breathalyzer company refuses to reveal its source code, DUI gets a get of jail free card.
http://www.msnbc.msn.com/id/11685394
Posted by Roger Grimes on March 5, 2006 03:20 PM
March 05, 2006 | Comments: (0)
Buffer Overflow in Visual Studio and InterDev
FRSIRT announces Buffer Overflow in Visual Studio and InterDev
http://www.frsirt.com/english/advisories/2006/0825
A vulnerability has been identified in Microsoft Visual Studio and Microsoft Visual InterDev, which could be exploited by attackers to execute arbitrary commands. This flaw is due to a buffer overflow error when processing specially crafted Database Project (.dbp) or Solution (.sln) files containing an overly long "DataProject" field, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a malicious ".dbp" or ".sln" file.
No patch available. No a critical buffer overflow, but interesting nonetheless.
Posted by Roger Grimes on March 5, 2006 12:45 PM
March 05, 2006 | Comments: (0)
Apple web support doesn't like IE 7 (which leads to a rant)
Or is it that IE 7 doesn't like Apple web support?
As noted in my InfoWorld column a few weeks ago on security podcasts, I'm a big fan of the iPod.
I've been having problems with iTunes connecting to the Music Store. About three weeks ago, iTunes just stopped connecting, saying "The Music Store is temporarily unavailable. Please try again later". All computers in my house are impacted. Nothing in our configurations have changed lately, except maybe some auto-update patches from Microsoft, plus the latest iTunes players are installed (nearly a weekly update).
I went to www.apple.com/support with IE 7 Beta1 to get some help, and low and behold the connection attempt errors out and the page doesn't display. I tried it with a few other computers running the same browser and got the same result. Strangely, IE 7 Beta1 worked a few weeks ago. IE 6 and Firefox work fine.
Regarding my iTunes to Mustic Store problem, I sniffed my iTunes to Music Store connection to see if Windows Firewall or my network firewall was causing the problem. I tried to use Microsoft's Network Monitor for a change to see how it would do, but I missed Ethereal's better interface and Follow TCP Stream feature too much. Ethereal's Follow TCP Stream feature is great on HTTP problems, collecting the browser and server response activity in one screen (like you can do with Paros Proxy, but without the trap feature).
The dump revealed that my iTunes was connecting to the store alright, but the store immediately connected back and sent a re-direct request, which said, "Access denied by access control list". What? Has my IP been blacklisted?
[itunes rant on]
No problem, I'll call iTunes support, get a tech on the line, and then spend my hundreds of dollars that I want to spend (I'm the only guy I know who actually pays for his music
My wife thinks iTunes incredibly slow response and other Windows-only issues is Jobs way of getting the world to switch to iMacs. I was getting ready to buy a new iMac this upcoming week (so I can learn more about OS X...and many of my security friends are raving about it), but if this is representative of Apple's support policies (and I've heard the horror stories), forget it.
Jobs, maybe you should sell songs for $1.05 and get some real tech support.
Of course, an even worse sin is how (if you didn't back up your songs or playlist locally) if your computer crashes, you can't just re-download your purchased songs from iTunes. It's easy enough to backup your Playlist, but if I'm buying all my music from the Music Store, why doesn't the Music Store allow me to automatically re-download my purchased songs to my same PC again without a big hassle? I heard of many people who had to re-buy the same music again.
Or how about how you can't install iTunes without installing QuickTime, which always installs itself to your System tray. And iTunes always adds itself to the Quick Start tray, without asking.
[/itunes rant off]
Posted by Roger Grimes on March 5, 2006 12:10 PM
March 05, 2006 | Comments: (0)
Is Windows Vista's user security elevation better than Mac OS X's?
Will Windows Vista have an edge in user security elevation over the Mac OS X?
Both Windows Vista and Mac's OS X strive to ensure that most users and actions are done by accounts with limited permissions and rights (Microsoft has deemed this Limited User Account or LUA). Both OSs prompt the user, even if they are administrator or root, for an additional logon and confirmation when the user (or a program running with their user context) attempts to do something that requires elevated privileges (e.g. install a program, modify the system kernel, etc.).
Mac's OS X has had this since the beginning and Microsoft's upcoming Windows Vista will be released with a similar mechanism. I've tried out both OS X and Vista, and to be honest I didn't see much difference. I was delighted to see Microsoft adopt a similar LUA strategy. While it won't stop all malware and hackers, it will decrease some of the older malware and make it tougher for new malware to succeed. Most importantly, a LUA strategy will prevent most spyware and adware from being automatically installed against the user's wishes, and that's a good thing.
A friend of mine, Dana Epp, a fellow MVP in Security had this to say:
The Vista model approach is far superior than Apple's sudo model if you ask me. And here is why...
When Apple OS X prompts for elevation and it has accepted, the default configuration for the built-in sudo actually has a period of time in which you can run ANY privileged tasks repeatedly without having to provide your credentials again. It is possible to manually go in to the OS and remove this grace-period, but the very fact it allows ANYTHING to be executed with elevated privileges shows a weakness in the ability to control the per process security context that Vista provides.
Windows re-prompts for elevated credentials for each and every process. More importantly, when Vista prompts the user for elevation of privilege, it's not actually doing it on the native desktop as you would be led to believe. (Which OSX's sudo does) It's actually a neat little trick. They take a screenshot of your working desktop, then flip to a secure desktop. Moving to the secure desktop eliminates attack vectors born from malware that may use API hooking, keystroke loggers etc. to capture credentials or force a security decision that the user doesn't want to make. Vista then paints your desktop on the background and then gives you the elevation prompt over top of that. It APPEARS as if you are on your desktop, when you are not. Nice trick.
In my opinion, that is much more safer than OS X's sudo.
------------
[Note to anyone commenting back, I don't want this blog entry to dissolve into a "my OS is more secure than your OS" flame thread. I'm interested in thoughts on the user elevation schemes used by either OS.]
Posted by Roger Grimes on March 5, 2006 09:53 AM
March 04, 2006 | Comments: (0)
SSL trojans are a huge threat!
I finally got a chance to examine some SSL trojans in more detail. Basically, there are, and have been for over a year, Windows trojans capable of MitM attacking SSL connections. My latest InfoWorld column (http://www.infoworld.com/article/06/03/03/75970_10OPsecadvise_1.html)summarizes one of the trojans.
Since I found the first one, I've learned that there are at least a few different variations. They use different methods, but do the same thing-criminally target banks and other e-commerce site customers, and steal logon credentials. They do this by injecting themselves onto the host, and inteceding with the legitimate SSL transaction in such a way that the browser's SSL icon does not change (i.e. it keeps showing the legitimate digital certificate).
Researching more, I found a site that appears, to me, to be responsible for a whole slew of the trojans. If you read their technology page on their web site, it will give you chills. Not in that they are doing something we thought impossible, but because they are selling their wares openly on the Internet.
I've rec'd samples from a few banks now, and it is my belief that these types of trojans are responsible for losses in the millions of dollars (just spectulation). The banks contacting me (under NDA) are reporting that 100's of customers are impacted. Imagine how many customers aren't complaining yet.
Some of the trojans I'm examining have over a 1000 e-commerce and banking web sites hard coded in. Almost all of the trojans are self-updating, so the list of sites keeps changing with every installation. Their mothership web sites keep going up and down on a daily basis.
MessageLabs CTO, Mark Sunner, told me that they are intercepting two new specific target attack trojans a week.
If I get the time, I'm going to do a whole whitepaper on them.
What amazes me the most is how little publicity they are getting from CERT or the general press. Because the target threats don't impact 1,000,000 computers in a day, they aren't noteworthy to the general press yet...I guess. The criminals are flying under the radar and skimming potentially millions of dollars.
I'm theorizing that the world's biggest bank heist will happen this year, due to these trojans.
Roger
Posted by Roger Grimes on March 4, 2006 01:06 PM
March 02, 2006 | Comments: (0)
Commercial site dedicated to creating security-bypassing programs
This site allows you to purchase programs, which could easily be used to create malicious trojans to attack banking web sites, bypass SSL connection protections, and steal passwords:
www.ratsystems.org
(untrusted site, careful if you visit)
It even has programs that would be capable of bypassing the new protections in the Barclays online bank logon screen as discussed in my most recent column.
Here's some of its technology descriptions taken direction the web site:
IE Form Grabber
This technology allow to to collect web data form. This technology allows you to collect forms with authorization based on magicword used in United Kingdom and other EU countries. Module can collect data from browser even if connection is secured and data transmitted thru HTTPS protocol. This technology used in UK Banks authorization leak test.
Saved Passwords Grabber: Protected Storage, Outlook, Far FTP, TotalCommander FTP, The Bat!
This is a module for retreiving passwords from system. Almost all passwords, stored in system (cashed passwords, autocomplete forms, outlook, The Bat! and others) can be founded
E-Gold Grabber
Old technology which now in review and rewriting stage. It shows how it's easy to grabb passwords typed even with SRK (Secure randomized keyboard)
Posted by Roger Grimes on March 2, 2006 05:18 PM
March 02, 2006 | Comments: (0)
Man loses $3M to Nigerian scams
Don't think people actually fall prey to these things?
http://www.msnbc.msn.com/id/11636932/from/RS.5
The FBI, Secret Service, and FCC also frequently reports that thousands of people fall victim to these scams and losses range from $200 to millions of dollars. The millions of dollars lost apparently isn't rare. Some people even borrow money to participate in these scams, meaning they are out the money and then owe more debt.
http://www.ftc.gov/bcp/conline/pubs/alerts/nigeralrt.htm
Posted by Roger Grimes on March 2, 2006 12:26 PM
March 01, 2006 | Comments: (0)
Why does Microsoft allow IE to remain so unpatched?
What I'm wondering these days is why Microsoft allows IE to be so unpatched all the time?
IE is to most people is Microsoft. It is the face of Microsoft's security efforts. Forget the billions of dollars spent on security over the last few years. Forget the incredible successes of IIS 6, W2K3, XP SP2, SQL, and a hundred other products. IE gets exploited monthly. Currently 23 of the 93 vulnerabilities remain unpatched (according to www.secunia.com). That percentage hasn't changed much over the years. It is the one fact that I cannot dispute with critics. I have to shutup and just acknowledge it. No other browser has similar statistics.
True, most unpatched vulnerabilities are non-critical. But a few are somewhat concerning, even though they are ranked un-important by Microsoft.
If IE is the face of Microsoft to most people, and especially to its critics, I constantly wonder why Microsoft doesn't make better efforts to secure IE? Forget the idea of somehow making it more secure by default, I'm talking about fixing more known holes quicker. I can only assume that IE's product managers have made a cognitive decision to accept 25% outstanding vulnerabilities as a reasonable benchmark and risk-analysis cost benefit. A Microsoft effort to be more timely overall on IE vulnerabilities of all types would do much to further Microsoft's growing security reputation.
And I've somewhat given up having IE 7 being the pancea as most of the recent exploits work in IE 7 as well as they do in IE 6.
Just hoping one day.
Posted by Roger Grimes on March 1, 2006 05:03 AM
TOP STORIES
Top 10 stories of the weekA new place to hide rootkits
Sun exec on OpenSolaris, Linux
AT&T: No free iPhone Wi-Fi info
MS to appeal E.U. fine
XP SP3 causes endless reboots
Vista as insecure as Win 2000
Google grilled on human rights
Java ubiquity an edge in RIA battle
The InfoWorld news quiz
ADDITIONAL RESOURCES
- Application Security: Threats and How to Counter Them
- Why Linux Threats Mean Business
- Minding the Machines: PC Disaster Recovery for the Enterprise
- Protect Your Data with SSL
- Prevent Your Next Microsoft Exchange Outage
- 11 Myths About Microsoft Exchange Backup & Recovery
