Eye on Security: IE8 Fails, Windows Botnets, Security Products Don't Work

Dr. Roy Schestowitz

2009-11-21 00:16:50 UTC
Modified: 2009-11-21 00:16:50 UTC

Summary: A variety of new links about security

● IE8 bug makes 'safe' sites unsafe

The latest version of Microsoft's Internet Explorer browser contains a bug that can enable serious security attacks against websites that are otherwise safe.

● Two arrested for Zbot Trojan

Officers from the Metropolitan Police's Central e-Crime Unit (PCeU) have made Europe's first arrests in the battle against the ZeuS or Zbot Trojan which threatened to compromise thousands of computers.

Officers from the PCeU, assisted by Greater Manchester Police, arrested a man and woman, both aged 20 years, in Manchester for offenses under the 1990 Computer Misuse Act and the 2006 Fraud Act.

● RIM security chief sees smartphone attacks on horizon

Hackers could one day turn ordinary smartphones into "rogue" devices to attack major wireless networks, Research In Motion's security chief warned.

Scott Totzke, RIM's vice-president of BlackBerry security, said hackers could use smartphones to target wireless carriers using a technique similar to one used in assaults that slowed Internet traffic in the United States and South Korea in July.

In what's known as a distributed denial of service, or a DDOS attack, criminals use phone signals to order tens of thousands computers to contact a targeted site repeatedly, slowing it or eventually crashing it.

● Senate Panel: 80 Percent of Cyber Attacks Preventable

If network administrators simply instituted proper configuration policies and conducted good network monitoring, about 80 percent of commonly known cyber attacks could be prevented, a Senate committee heard Tuesday.

● Web security company warns of 'cyber arms race'

Warning of a "cyber arms race," a leading Web security firm said that China, France, Israel, Russia and the United States were among countries that have developed "cyber weapons."

● Most security products not up to scratch

For example, anti-virus products often failed to prevent malware infection at the first attempt, while firewalls or IPS (intrusion prevention) products failed to make the grade in blocking attack traffic.

● Hackers target world's leading climate research unit

E-mails reportedly from the University of East Anglia's Climatic Research Unit (CRU), including personal exchanges, appeared on the internet on Thursday.

A university spokesman confirmed the email system had been hacked and that information was taken and published without permission.

BASIC Predates Microsoft by Over a Decade, Microsoft-Controlled Sites Like The Register MS Don't Want You to Know This: The state of the media is really bad when it relies a lot on oligarchs' money and is appointing editors who are working for oligarchs
Brian Kernighan, "Only Third to Dennis Richie and Ken Thompson" (UNIX), Agreed With Someone Who Said Rust Was Just Hype, Should Not Replace C: 17 hours ago
Reminder: Microsoft's "Secure Boot" Certificate for "Linux" Will be Expired in One Week: Many PCs won't manage to 'rotate' to another certificate
Genini Links 05/09/2025: Community, ROOPHLOCH, and PITkit: Links for the day
Links 05/09/2025: Vaccine Sceptics Poison the Well, Two Exploited Vulnerabilities Patched in Android: Links for the day
Gemini Links 05/09/2025: Logitech Lift and DIY Gemini Servers: Links for the day
Links 05/09/2025: Sainsbury's Caught Spying on In-Store Shoppers and Microsoft "OpenAI is Using Legal Threats to Harass its Critics": Links for the day
Analogies for "Memory Safety" in Rust: Don't worry, it's Rust! It can do anything!
"Many of the Red Hat Employees Are Still Looking for Work": Shame on IBM's CEO
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, September 04, 2025: IRC logs for Thursday, September 04, 2025
Microsoft Started With Code Literally From The Trash, Nothing Has Improved Since: The reality is, there are systems and code that are reliable. But they're not Microsoft's.
Hypothesis That New McKinsey/Microsoft Executive Inside Red Hat Will Outsource Research and Development Operations to India (Like They Do in IBM): IBM is floundering
Slopwatch: Scams, Fake Articles About "Linux", Plagiarism, and Worse: Perhaps some time soon the LLMs or the "Big LLMs" will run out of money (to borrow) and go offline, leaving those slopfarms in a tough place
Gemini Links 04/09/2025: Means of Production and Rusting Out: Links for the day
Links 04/09/2025: Science, Hardware, and Eyes on China: Links for the day
Gemini Links 04/09/2025: Digital Minimalism and Social Control Media: Links for the day
IBM's GNU/Linux Divestment, Based on Hard But Anecdotal Evidence (IBM Fails to Recognise How Much Money It Made and Can Still Make From "Linux"): Love us or hate us, a lot of what we've been saying about Red Hat under IBM turns out to be rather accurate
Links 04/09/2025: Massive Microsoft Staff Cuts (Barely Reported), "Strange Conspiracy Theory Is Reportedly Spreading Inside OpenAI": Links for the day
Activists Can Win, But Keep an Eye on the Ball and on the Trophy: GitHub is dying, it was a loss-making trap, not free hosting
Gemini Links 04/09/2025: Katrina Remembered, Distracted Driving, and Virtual Economics: Links for the day
At This Point It's No Longer Matthew Garrett But People Who Fund Matthew Garrett (or Companies That Fund His SLAPPs Against My Wife and I): The only thing worse than misogynists are misogynists who fail to respect other people's right to go on holiday
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, September 03, 2025: IRC logs for Wednesday, September 03, 2025
The UEFI 9/11 - Part VI - This Serious Harm Was Planned for Over a Decade, Not an Accident or Merely Some Misfortune: The term "Serious Harm" is legally meaningful here
GNOME Unfit for Diversity and Inclusion: GNOME's leadership is using "bad words"
Brodie Robertson Addressing the Recently-Discovered Comments: Most people probably knew nothing about this until he wrote a response
Red Hat QA Team "Had Shrunk by Half Over the Past Year." (After IBM Divestment): If Red Hat's workforce is being moved to the East, then RHEL can become a national security problem
Slopwatch: "Open Source" and "Linux" News Faked, Made by Bots and Entered Into Google News: Spam combined with slop about "Linux" has entered Google News
Links 03/09/2025: Microsoft Causes Mass Layoffs Outside Microsoft Also, "Google Can Keep Paying for Firefox Search Deal": Links for the day
Gemini Links 03/09/2025: calendar.txt, Alhena 5.3.1, and ROOPHLOCH: Links for the day
The Theory That the Man From McKinsey, Whom Red Hat Took From Microsoft a Month Ago as Executive, Wants 'Efficiency' (Lower Salaries): So far... no "official" word
When Your Site's Articles Are Being 'Cheapened' by Slop as Feature Images: Dr. Farnell should become an advisor to The Register MS
Certificate Authority Let's Encrypt Drops to Only Half a Dozen Capsules and 0.2% of the Whole in Geminispace, Self-Signed is the Way to Go: It used to have hundreds, according to Lupa
Doing to Red Hat What They Already Did (and Still Do) to IBM: there seems to be a drive to hire cheaper staff, and it may be led by somebody Red Hat hired from Microsoft
Links 03/09/2025: Salesforce's Latest Mass Layoffs, 93% in Large Poll at The Register MS Say UK Government Should Dump Microsoft: Links for the day
Preparations for Our 19th Anniversary Have Already Begun: When we get back we'll probably sort out some balloons and venue for the next party
Pleased After 2 Years With team.blue: Moving from a Content Management System (CMS, dynamic) to a Static Site Generator (SSG) was a wise decision that made life so much easier
The Free Software Foundation (FSF) is Being Attacked by Organisations Jealous of Its Principled Stance and Longevity: Nobody is perfect, but imperfection does not instantaneously imply sinister intent
If You Reject the Google Verdict in the US, Then You Should Also Reject the "Modern" Web (Do Something About It): Gemini Protocol is still open; it cannot be hijacked or subverted because it's frozen by design and by intention
Open Source Initiative IRS Filing: Almost All the Money is Corporate, Stefano Maffuli (Executive Director) Takes About a Quarter of That Money for Openwashing of "AI" Ponzi Scheme: OSI is currently little but a PR/marketing agency of Microsoft
Many People Are "Leaving" Red Hat, Even High-Level Managers: Something is definitely going on at Red Hat
Techrights Has Been Subjected to Calls of Violence (and Death Threats), It Never Condoned Violence: I have no sympathy for people who call violence "free speech" and then get in trouble
Condoning Violent Behaviour and "Free Speech": perhaps Microsoft Lunduke lost touch with what constitutes violence
Takeaway From the Google Verdict: GAFAM Has Too Much Control (Even Over the US Government and Courts With Government Appointees): Many people feel disappointed but hardly surprised by the verdict
The Free Software Foundation (FSF) Turns 40 in One Month: As noted a few days ago, several times in fact, many people now recognise the importance of the FSF's mission, even if most people don't know what the FSF is
Many Microsoft "Assets" Are Fabricated Baloney (to Game the Numbers): At times it seems like what we deal with are many weak patents (on algorithms), valuations or speculations based on hype ("hey hi"), and stocks held by Microsoft and its own staff
"Voluntary" Layoffs at Microsoft (to Game the Numbers, Sugar-Coating a Crisis): "Employees interested have until the end of October to volunteer."
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, September 02, 2025: IRC logs for Tuesday, September 02, 2025

Eye on Security: IE8 Fails, Windows Botnets, Security Products Don't Work

Recent Techrights' Posts