Low Rights IE 7 Designed For Longhorn Only

The additional security provided by a "low-rights" mode in Internet Explorer 7 will be for Longhorn only, a Microsoft executive said Thursday.
"While most IE7 security features will be available in IE7 for Windows XP SP2, 'Low-rights IE' will only be available in Longhorn because it's based on new Longhorn security features," wrote IE lead program manager Rob Franco on Microsoft's official IE blog.

Longhorn will include a "least privilege" feature that allows users to run Windows and its applications without Administrator privileges. Users logged in as Administrators run greater risk from malicious code, because if a worm or virus does penetrate defenses, it can then give the attacker full access to the PC.

Franco's comments were made to clear up confusion over statements made earlier this week by a Microsoft executive at the Tech Ed conference in Orlando. There, Gordon Mangione, corporate vice president of Microsoft's security group, said that IE 7 had been revamped to defend against browser-based exploits and that it would ship with least privilege mode enabled by default. IE 7 for Windows XP SP2 is set to ship in beta form this summer.

"We are using the same Longhorn security infrastructure to limit IE to just enough privileges to browse the web, but not enough to modify user files or settings by default," said Franco in the blog. "As a result, even if a malicious site attacks a vulnerability in IE, the site's code won't have enough privileges to install software, copy files to the Startup folder, or hijack the settings for the browser's homepage or search."

Franco also rebutted Mangione's statement that IE 7 would somehow "fix" vulnerabilities in Internet Explorer. "Low-rights IE doesn't fix' vulnerabilities, but it can limit the damage a vulnerability can do," Franco said. That makes it similar to the Local Machine Zone Lockdown feature in XP SP2.

"The primary goal of Low Rights IE is to restrict the impact of a security vulnerability while maintaining compatibility," Franco said

VeriSign Gets Go-Ahead on .net

In a process that took more than a year to accomplish, the Internet Corporation for Assigned Names and Numbers (ICANN) board of directors gave its blessing to VeriSign (Quote, Chart) as managers of the .net top-level domain (TLD).
The Mountain View, Calif., Internet services company beat out four other bidders, Afilias, Denic, Sentan Registry Services Co. and CORE++, for the six-year contract to manage the third-largest Internet property. The bidding process began in March 2004. "We're gratified our track record operating .net has been recognized, however, we don't intend to rest on our laurels," according to VeriSign. "We intend to work with the entire Internet community to continue to strengthen the .net infrastructure by raising the bar on its reliability, stability and global reach."
Telcordia, a controversial choice for independent evaluator, produced its final report on the four bids in May, after hearing comments on its initial findings.
Heather Carle, a spokeswoman at Afilias, said the company was disappointed with the results of the findings and the evaluator's inability to recognize their technical capability to run the .net registry.
"We believe our registry services offering is one of the best in the market -- as our customers will testify," she said. "Neither the original nor final reports reflects that reality."
VeriSign will pay ICANN $132,000 the first year of the contract, an amount that increases 15 percent annually.
VeriSign officials were pleased by the announcement that gives them registry control over two of the three biggest names on the Internet, .com and .net. The second-largest TLD is operated by Germany-based Denic, registry for .de.
Tom Galvin, a VeriSign spokesman, said the terms of its new contract will go into effect when the existing contract expires June 30. Beginning July 1, the company will lower the price it charges to registrars for a domain name, from $6 per name to $4.25. That includes the addition of the so-called "Internet tax," a 75 cent surcharge imposed by ICANN for every new or renewed domain names in the .net space.
According to the company, it will also improve the performance requirements for registrations, adding more requirements to its service-level agreements (SLA). New facilities are also in the works thanks to one of the terms in VeriSign's bid to add more reliability to its services globally. A building in South Korea is already running with one in China under construction, while officials plan to start work on a facility in South America and Africa.
"We would like to thank all five qualified applicants, the entire Internet community, ICANNs generic supporting organization, and Telcordia for the work in making this a successful process," said Paul Twomey, ICANN president and CEO, in a statement.

Intel, Nokia team up for mobile WiMax

The will work together to see the wireless technology standardized
Intel Corp. and Nokia Corp. have teamed up to back the development of mobile WiMax technology and will work together to see that the technology is standardized soon, the companies said today.
WiMax, part of the the Institute of Electrical and Electronics Engineers Inc.'s 802.16 standard, is a wide-area wireless networking technology that promises to deliver wireless broadband access over a range significantly greater than that of IEEE 802.11 wireless LAN technology, commonly known as Wi-Fi.

Cooperation between Nokia and Intel will focus on IEEE 802.16e, a mobile version of the technology that will offer broadband Internet access to users on the move. This standard is currently under development, although Intel and Nokia said they expect it to be finalized next year.

A fixed-wireless version of WiMax, called 802.16a, was finalized in January 2003.

Under terms of the agreement unveiled today, Nokia and Intel will work together on issues related to the development of mobile WiMax clients and network infrastructure and promote the technology among operators and service providers. The companies said they plan to jointly demonstrate mobile WiMax technology to service providers as a data service that complements existing third-generation networks.

Both Nokia and Intel are members of the WiMax Forum, an industry group created to promote the adoption of the technology and to certify the interoperability of WiMax-based devices.

Bad Actors Safe Under Spyware Legislation?

Congress' good intentions may also be good business for the $2.8 billion shady world of the spyware industry. Pending anti-spyware legislation may, in fact, end up legitimizing bad actors.

That's the take of Richard Stiennon, vice president of threat research at anti-spyware firm Webroot. Stiennon, who spoke at the Gartner IT Security Summit here today, thinks Congress should do less, rather than more, when it comes to federal anti-spyware bills.

Last month, the U.S. House of Representatives passed two anti-spyware measures. One bill (I-SPY Act) imposes tougher criminal penalties for spyware-related activities.

The other bill (SPY Act) also increases penalties but includes an opt-in, notice and consent regime for legal software -- adware -- that collects personally identifiable information from consumers.

Both bills contain a long list of exemptions, including pre-purchase installations, cookies and software and network security upgrades.

"I'm leaning toward preferring the increase in penalties for bad acting," Stiennon told internetnews.com. "By setting a lot of definitions, you're going to have some of the perpetrators just modifying their behavior to comply with this new law and then start legal activities to get index spyware vendors to stop listing them."

In particular, Stiennon said, adware companies might be able to say, "Hey, we comply with this new law, the Federal Trade Commission doesn't have a problem with what we're doing and you shouldn't identify us this way."

Prominent adware firms such as Claria have in recent months mounted public relations campaigns to distinguish themselves from spyware companies. The purpose of adware is to drive visitors to advertisers' Web sites. Adware writers and distributors redirect browsers and generate pop-up adds.

Adware vendors contend they obtain consent before installing their software. Spyware, on the other hand, distributes pop-up advertising without consent and often in malicious ways.

With or without a new law, Stiennon vowed to continue to list adware vendors in Webroot's quarterly rankings of top threats to network security.

"I certainly agree they are adware companies, that's how we identify them," Stiennon said. "The one thing we won't stop doing is to identify them as adware companies as long as they serve ads and support free software with ads."

He also scoffed at adware firms' claims of notice and consent, saying, "If they truly gave end users full disclosure, they wouldn't have any customers."

Adware consent, he said, should read: "This product is going to pop up a million ads in your face and it's going to significantly reduce the performance of your computer and increase boot times by 30 seconds."

Stiennon also shrugged off the idea of adware lawsuits against Webroot seeking to be de-listed as a threat.

"Sadly, in this country anybody can sue anyone for anything," he said. "I don't think anybody could win one of those cases because you will not find 12 U.S. citizens who feel sorry for adware vendors."

Ultimately, Stiennon said, federal anti-spyware legislation will be as effective as the CAN-SPAM Act, Congress' effort to curb unwanted and unsolicited e-mail.

"Legislation isn't going to make it go away. Maybe it will push it offshore," he said. "The CAN-SPAM Act has done some good, but there's more spam now than when CAN-SPAM passed. It's made it more expensive for legitimate companies to engage in spam, and this will be the exact same with spyware

Full Plate of Microsoft Patches Expected

Microsoft (Quote, Chart) will soon release 10 security bulletins to shore up security weaknesses in its product line, officials announced on their security site Thursday.

The patches cover several products in the Redmond, Wash., software company's offerings, including critical updates to the Windows operating systems. More details about the vulnerabilities will be addressed in Microsoft's monthly patch update Tuesday.

Officials will not be releasing any high-priority updates that do not cover security issues through its Microsoft Update, Windows Update, Windows Server Update Services or Software Update Services.

Seven security bulletins address the Windows operating system alone, five of which will be detectable using the Microsoft Baseline Security Analyzer (MBSA) and two using the company's Enterprise Scanning Tool (EST). The three remaining security bulletins can be detected using either the MBSA or EST.

One of the bulletins addresses a security vulnerability found in both the Windows OS and Windows Services for Unix, with a moderate impact, officials said. An important-rated bulletin will fix a vulnerability found in Microsoft Exchange, while the last bulletin deals with vulnerabilities found in the company's Internet Security and Acceleration (ISA) server and Small Business Server (SBS). The highest threat level for patches to the ISA and SBS is moderate.

A webcast detailing the security vulnerabilities and their fixes will air Wednesday.

Microsoft also plans to update its Malicious Software Removal Tool to a new version Tuesday, available for download using Windows Update, Microsoft Update, Windows Server Update Services and at the Microsoft download center.

Microsoft issues security patches to the community on the second Tuesday of the month to make it easier for systems administrators to update company systems.

The number of patches addressed in its security bulletins varies month to month. In May, the company only released one security bulletin while the month before it released eight.

Michael Jackson Suicide E-mail is a Front for a Virus

A British computer security firm is warning computer users about a Trojan horse virus that's hiding in a spam e-mail. The message in the e-mail claims that the "King of Pop" attemped suicide today.
The e-mail message - which is written in poor English - can be identified by its subject line, "Re: Suicidal aattempt." The e-mail attempts to get users to click on a link to a Web site with more information about Michael Jackson's supposed suicide attempt. In reality, the link will download a virus onto the computer.

The rest of the message reads: "Last night, while in his Neverland Ranch, Michael Jackson has made a suicidal attempt. They suggest this attempt follows the last claim was made against the king of pop. 46 years old Michael has left pre-suicid note which describes and interpretes some of his sins. Read more..."

Earlier today, the computer security company Sophos posted a warning on their Web site after encountering hundreds of the spam messages. The Trojan program has been identified as Troj/Borobt-Gen - which quickly installs malware onto the infected computer through a flaw in Internet Explorer. Security patches are available to protect against this IE vunerability.

"If you click on the link, the website displays a message saying it is too busy, which may not surprise people who think it might contain genuine breaking news about Michael Jackson," reads the warning.

"However, this is a diversionary tactic -- because behind the scenes the website is downloading malware onto the user's computer without their knowledge."

The use of breaking news and celebrity names is becoming a common way to fool people into opening virus-infected e-mails.

"The sick minds behind viruses and other malware often exploit celebrity names and news stories in an attempt to infect as many people as possible," security consultant at Sophos Carole Theriault said.

"All computer users should be very careful about clicking on weblinks in unsolicited email or launching unknown attachments."

Microsoft Sets Value Of Pirated Windows: $1

"The BBC is reporting that Microsoft has reached a deal with the Indonesian government on pirated software - which is believed to affect around 50,000 government PCs. Under the deal, Indonesia will pay $1 per copy and agree to buy legally in the future. Indonesia's information minister, Sofyan Djalil, said, "Microsoft is being realistic. They can't force developing countries like us to solely use legal software since we can't afford it. They want us to gradually reduce our use of it." Somehow it seems unlikely the same rules will be applied to developing companies and poorer individuals in the United States."

US spacecraft to blow up comet for solar system study

A spacecraft of the US National Aeronautics and Space Administration (NASA) steered from the Pasadena-based Jet Propulsion Laboratory (JPL) will attempt to blow up a comet next month to find out more about the origins of the solar system.

The spacecraft, named Deep Impact, will have traveled 173 days and 268 million miles (about 470 million km) when it has close encounter with comet Tempel 1 on July 3.
Deep Impact will release a copper-fortified probe whose job is to make a crater in the orbiting iceberg that could range in size from a large house up to a football stadium from two to 14 storiesdeep.
The idea is to reveal the interior of the comet, which is thought to contain material that has not changed since the solar system was formed.
The potentially spectacular collision will be observed by the Deep Impact spacecraft and ground and space-based observatories.
Rick Grammier, Deep Impact project manager at the Jet Propulsion Laboratory, said the mission is like "a bullet trying to hit a second bullet with a third bullet."
"We are really threading the needle with this one," he said. "In our quest of a great scientific payoff, we are attempting something never done before at speeds and distances that are trulyout of this world."
Tempel 1 is hurtling through space at about 11 km per second --fast enough to travel from New York to Los Angeles in less than 6.5 minutes.
Hours before hitting the comet, Deep Impact will send the 99-cmcubic shaped impactor into the path of the comet, which is about one-half the size of Manhattan Island.
Over the next 22 hours, Deep Impact navigators and mission members, more than 132.8 million km away at the JPL, will steer the impactor and the probe toward the comet.
The impactor will steer into the comet and the flyby craft willpass about 310 miles (about 540 km) below.
Ice and dust debris is expected to be ejected from the crater, revealing the material beneath. The flyby spacecraft has about 13 minutes to take images and scientific measurements of the collision before it encounters a potential blizzard of particles from the nucleus of the comet.
"The last 24 hours of the impactor's life should provide the most spectacular data in the history of cometary science," said Deep Impact's principal investigator, Michael A'Hearn of the University of Maryland.
"With the information we receive after the impact, it will be awhole new ball game," he said. "We know so little about the structure of cometary nuclei that almost every moment we expect tolearn something new."
The Deep Impact spacecraft has four data collectors to observe the effects of the collision.
Also, "the impact simply will not appreciably modify the comet's orbital path," Don Yeomans, a Deep Impact mission scientist at the JPL, said, "Comet Tempel 1 poses no threat to Earth now or in the foreseeable future.''
Mission scientists expect the project will answer basic questions about the formation of the solar system by offering a better look at the nature and composition of the frozen celestial travelers called comets