http://www.dotgeek.net/rss/ Brought To You By The dotGeek News NETwork en-us Dot Geek Network Robert Peake - robert at peakepro dot com All content retains the copyright of its respective copyright holder http://www.w3.org/News/2006#item202 2006-10-26: The World Wide Web Consortium marks the ten year anniversary of its Asian presence with a public celebration on 28 November in Tokyo, Japan. The program includes "Role of W3C at Keio ? From Foundations to the Future," "How Japanese Industry Works with Web Standards," "How Asia Will Influence the Future Web," discussion, and an exhibition, press briefing and reception. Advance registration is required. Read the media advisory and more about W3C10 Asia. (News archive) World Wide Web Consortium http://www.w3.org/2000/08/w3c-synd/home.rss 2006-10-25 Thu 26 October 2006 00:00:00 PDT http://www.w3.org/News/2006#item201 2006-10-25: W3C plans a third Workshop on Internationalizing the Speech Synthesis Markup Language (SSML) on 13-14 January 2007, hosted by Bhrigus Software in Hyderabad, India. Attendees will discuss improvements for using SSML to render under-represented languages including Arabic, Hebrew and Hindi. A Call for Participation is expected in November. Read about W3C Workshops and visit the Voice Browser home page. (News archive) World Wide Web Consortium http://www.w3.org/2000/08/w3c-synd/home.rss 2006-10-25 Wed 25 October 2006 00:00:00 PDT http://www.w3.org/News/2006#item198 2006-10-23: W3C has updated its W3C Markup Validation Service and Link Checker with bug fixes, documentation and usability improvements, and a new Validator API for developers. Along with W3C's other Web Quality Tools, the Markup Validator and Link Checker are developed as open source software with the participation of volunteers and support of a large community, and are among W3C's most popular and useful resources. (News archive) World Wide Web Consortium http://www.w3.org/2000/08/w3c-synd/home.rss 2006-10-25 Mon 23 October 2006 00:00:00 PDT http://www.w3.org/News/2006#item197 2006-10-20: Position papers are due 15 December for the Workshop on Web of Services for Enterprise Computing to be held 27-28 February 2007 in Bedford, MA, USA, hosted by MITRE. Participants will discuss how to facilitate the processing of business transactions and interactions with systems that pre-date the Web, and to address the need to interconnect intranet and/or extranet services using Web technologies. Read about Workshops and W3C Activities. (News archive) World Wide Web Consortium http://www.w3.org/2000/08/w3c-synd/home.rss 2006-10-24 Fri 20 October 2006 00:00:00 PDT http://www.w3.org/News/2006#item196 2006-10-19: W3C is pleased to announce the advancement of Delivery Context: Interfaces (DCI) Accessing Static and Dynamic Properties to Candidate Recommendation. DCI provides access to device properties including capabilities, configuration, user preferences and environmental conditions such as remaining battery life, signal strength, ambient brightness, location, and display orientation. Comments are welcome through 31 March 2007. Read about the Device Independence Activity. (News archive) World Wide Web Consortium http://www.w3.org/2000/08/w3c-synd/home.rss 2006-10-25 Thu 19 October 2006 00:00:00 PDT http://www.w3.org/News/2006#item191 2006-10-17: W3C is pleased to announce the launch of the Web Security Context Working Group whose mission is to enable a secure and usable interface so Web users can make safe trust decisions on the Web. "There is much deployed and proven security technology, but we now need to connect it all the way through to the Web user," said Tim Berners-Lee (W3C). Mary Ellen Zurko (IBM) chairs the group which is chartered to establish requirements and deliver standards for presenting essential security information to users and for ensuring the integrity of that information. Read the press release and more about the Security Activity. (News archive) World Wide Web Consortium http://www.w3.org/2000/08/w3c-synd/home.rss 2006-10-25 Tue 17 October 2006 00:00:00 PDT http://news.com.com/2100-1002_3-6129626.html?part=rss&tag=6129626&subj=news Security experts find a weakness in Internet Explorer 7 that could help crooks mask the type of attack the browser was designed to thwart.Image: IE 7 spoofing bug CNET News.com (20 stories) http://rss.com.com/2547-1_3-0-20.xml 2006-10-25 Wed 25 October 2006 16:45:00 PDT http://news.com.com/2300-1002_3-6129615-1.html?part=rss&tag=6129615&subj=news Security experts have found a weakness in Internet Explorer 7 that could help crooks mask phishing scams. CNET News.com (20 stories) http://rss.com.com/2547-1_3-0-20.xml 2006-10-25 Wed 25 October 2006 16:35:00 PDT http://news.com.com/2100-1002_3-6129284.html?part=rss&tag=6129284&subj=news Counterpane security guru Bruce Schneier joins BT Group as it tries to increase network security for business customers. CNET News.com (20 stories) http://rss.com.com/2547-1_3-0-20.xml 2006-10-25 Wed 25 October 2006 04:07:00 PDT http://news.com.com/News.com+Extra/2001-9373_3-0.html?tag=rsspr.6129047 Video: See what's new in Mozilla's latest browser. CNET's Robert Vamosi shows off Mozilla Firefox 2. It's a true winner, he says, beating Microsoft's Internet Explorer 7 on security, features and overall cool factor, and deserving of CNET's Editors' Choice award. CNET News.com (20 stories) http://rss.com.com/2547-1_3-0-20.xml 2006-10-24 Tue 24 October 2006 11:20:00 PDT http://news.com.com/1606-2_3-6128738.html?part=rss&tag=6128738&subj=news Video: See what's new in Mozilla's latest browser. CNET's Robert Vamosi shows off Mozilla Firefox 2. It's a true winner, he says, beating Microsoft's Internet Explorer 7 on security, features and overall cool factor, and deserving of CNET's Editors' Choice award. CNET News.com (20 stories) http://rss.com.com/2547-1_3-0-20.xml 2006-10-24 Tue 24 October 2006 11:00:00 PDT http://news.bbc.co.uk/go/rss/-/1/hi/technology/6085412.stm The number of people who feel the internet has little or no relevance to their lives is growing, says a report. BBC News | TECHNOLOGY http://www.bbc.co.uk/syndication/feeds/news/ukfs_news/technology/rss091.xml 2006-10-26 Thu 26 October 2006 00:27:49 PDT http://www.wired.com/news/technology/0,72003-0.html?tw=rss.index A couple of the year's most-anticipated releases -- new versions of Internet Explorer and Firefox -- arrive within a week of one another. So which one is best? By Michael Calore. Wired News http://www.wired.com/news_drop/netcenter/netcenter.rdf 2006-10-26 Wed 25 October 2006 23:00:00 PDT http://www.archive.org/details/KalamazooVoice10-16-06.mpg A weekly Public Access interview show hosted by Keith Roe. This Week's guest is the Publisher and Director of the Kalamazoo Voice; A local print and internet opinion publication. Kalamazoo Voice home page Phil Bassett and Tom Pawee discuss the ups and downs of their multimedia publication..This item belongs to: movies/opensource_movies.This item has files of the following types: Metadata, MPEG2 Internet Archive http://archive.org/services/collection-rss.php 2006-10-26 Wed 25 October 2006 22:54:14 PDT http://www.infoworld.com/cgi-bin/redirect?source=rss&url=http://www.infoworld.com/article/06/10/25/HNie7flaw2_1.html (InfoWorld) - Just one week after claiming that users of Microsoft's Internet Explorer 7 could be at risk to an online attack, Danish security vendor Secunia ApS is reporting a new bug in the browser. The bug allows hackers to place a fake Web address in one of the browser's pop-up Windows, and could be used to trick a victim into inadvertently downloading something from what appeared to be a trusted Web site. Secunia has described the flaw in an advisory. Based on its initial investigation, Microsoft believes that there is "an issue," a spokesman with the company's public relations agency said in an e-mail. While the full URL (Uniform Resource Locator) of the Web page being displayed is present in the pop-up Window's address bar, the left part of this URL is not initially displayed, the spokesman said. That problem could allow an attacker to spoof a legitimate Web site, Secunia said. Microsoft's confirmation may come as a relief to Secunia which reported another problem in IE 7, just hours after the browser was released. Microsoft said Secunia's report was "technically inaccurate," however, because the flaw lay in a component of Microsoft's Outlook Express e-mail client, which could be triggered by the browser. Microsoft commented on this issue in a blog entry. Neither of the bugs is considered to be particularly critical. But coming so soon after IE 7's launch, they are somewhat of an embarrassment to Microsoft, which has made much of its focus on delivering secure software. Secunia was surprised that Microsoft called their first report erroneous, given that the flaw can only be triggered through the browser, said Thomas Kristensen, Secunia's chief technology officer. "From a technical point of view, Microsoft might be right, but from a user's point of view, or an administrator's point of view, it doesn't really matter. IE is the vector," he said. "It was probably unnecessary to go out and try to blame Outlook in that way." InfoWorld http://www.infoworld.com/rss/news.rdf 2006-10-25 Wed 25 October 2006 17:34:30 PDT http://www.infoworld.com/cgi-bin/redirect?source=rss&url=http://www.infoworld.com/article/06/10/25/HNbtbuyscounterpane_1.html (InfoWorld) - BT Group PLC has acquired managed security services vendor Counterpane Internet Security Inc. Counterpane, in Mountain View, California, will operate as an independent division of the communication giant's Global Services group. Terms of the deal, which closed Tuesday, were not disclosed, but BT spokeswoman Eileen Connolly said that the price was in the "tens of millions of dollars." With a staff of just 75, Counterpane monitors and manages the security of about 550 corporate networks worldwide. Over the past year, there has been a raft of consolidation in this market, as larger companies have picked up smaller companies such as Counterpane to boost the technical expertise within their own services practices. Last Friday, IBM Corp. completed its US$1.3 billion acquisition of one of the best-known managed services companies, Atlanta's Internet Security Systems Inc. Counterpane's founder and Chief Technology Officer (CTO) Bruce Schneier said he was "thrilled" with the acquisition. "This is something I've been working on for about a year," he said in a blog posting. Schneier, a widely read commentator on security practices, will stay on as CTO for the Counterpane unit. He does not expect to tone down his commentary or stop blogging now that he is part of a large multinational company. "They know I am an independent security commentator," he wrote. "They're not looking for me to become a corporate shill." Counterpane's Paul Stich will remain the unit's chief executive officer. InfoWorld http://www.infoworld.com/rss/news.rdf 2006-10-25 Wed 25 October 2006 12:42:31 PDT http://www.betanews.com/article/3_Million_IE7_Downloads_in_4_Days/1161804781 Microsoft is heralding the launch of Internet Explorer 7 as a success, announcing that the new browser has been downloaded three million times in the first four days. Early next month, customers will begin receiving IE7 automatically, at which time adoption numbers will likely skyrocket. BetaNews.Com http://www.betanews.com/mnn.php3 2006-10-25 Wed 25 October 2006 12:32:58 PDT http://www.scripting.com/2006/10/25.html#demspam Meanwhile, the Democrats have discovered the power of spam. Somehow they got my "real" email address into their database (I probably corresponded with someone who works for Democrat causes) and now I'm getting a few spam emails every day that get through the spam filters from idiots like John Kerry and Barak Obama. I call them idiots to emphasize that, with me, spam does not endear me to you, it makes it impossible for me to give you money or support. I've tried five times to unsub, but they seem to ignore the request, like any good spammer. Would someone give the Internet guys down at Democratic Party HQ a kick in the butt for me. Thanks. Scripting News http://www.scripting.com/rss.xml 2006-10-25 Wed 25 October 2006 09:26:04 PDT http://www.infoworld.com/cgi-bin/redirect?source=rss&url=http://www.infoworld.com/article/06/10/25/HNweb2.0classroom_1.html (InfoWorld) - University of Arizona students are learning how to build online business communities using technologies often grouped under the controversial and problematic Web 2.0 concept. As the latest buzzword, the term Web 2.0 has become obligatory in the marketing initiatives and advertising campaigns of many Internet companies in recent years. Along the way, it has turned into an overused, cliched, and vague term. This didn't deter the University of Arizona's Eller College of Management from naming a new course being offered this semester "Web 2.0: Maintaining and Developing Online Communities." The undergraduate course attempts to teach students how new online services like wikis, blogs, and social networks, along with related practices like content tagging, syndication, and categorization, can help companies create communities of clients, employees, and partners. Developed in conjunction with IBM, the course doesn't focus on the technology behind these new services, but rather on their business applications to foster online collaboration. As such, the course is aimed at students of marketing and management of information systems, and not so much at aspiring computer scientists. "We're focused on the user/consumer-driven Web economy," said Andrea Winkle, the professor teaching the course. "We're helping the students remember that wikis and blogs are tools and that tools will change, so they need to think about [using them] to build communities." Building Web 2.0-based online communities can help businesses create new business opportunities and improve customer relations, said Rawn Shah, a community program manager at IBM who helped Winkle develop the course and acts as a regular lecturer. The University of Arizona students are learning how to effectively plan, create, maintain, and promote online communities that yield tangible business benefits, Shah said. Successful completion of the course requires students to use Web 2.0 technologies and build online communities that engage students from a local high school. The class has been split up into groups, which have in turn met with the 60 or 70 participating high school students. The university students will be evaluated according to the level of traffic and use their online communities generate among the high schoolers. The course ends in December but will be offered again next semester. InfoWorld http://www.infoworld.com/rss/news.rdf 2006-10-25 Wed 25 October 2006 07:03:45 PDT http://www.infoworld.com/cgi-bin/redirect?source=rss&url=http://www.infoworld.com/article/06/10/25/HNacervows_1.html (InfoWorld) - At its 30th anniversary party, Acer moved up the time it expects to take over the No. 3 slot in global PC market share to 2007, shaving a year off its previous forecast. Its strategy is to partner with more PC parts suppliers and distributors, who in turn will help to expand its market. Expressing confidence in that business model, Acer executives said the company could keep up its breakneck growth and topple Lenovo Holdings by the end of next year. "We can become No. 3 through organic growth, not through merger and acquisition," said Gianfranco Lanci, president of Acer, during the celebration Tuesday at an upscale hotel in downtown Taipei. China's Lenovo is currently third in global PC shipments, with 7.8 percent of the market, according to IDC. Although Acer trails at 6 percent, the company is growing at a much faster pace than Lenovo: 34.3 percent in the third quarter, compared to around 10 percent for Lenovo. In fact, Acer's growth rate vastly outpaced the first- and second-place PC makers as well, with Hewlett-Packard at 15 percent and Dell at 3.6 percent. The Taiwanese PC maker expects to continue its momentum in PC sales by selling more laptops and small form-factor desktops. By focusing on smaller desktops, Acer can run the business similarly to its laptop business, said J.T. Wang, chairman of the company. It will also continue to hone its strategy of partnering with more suppliers and distributors. Acer believes the key to winning over new partners is to offer good products that generate stable demand, and giving up some profit margin to ensure its channel partners make reasonable profits as well. "They grow with us," said Wang. And the partnership makes it difficult for partners to do anything that hurts Acer, since their profits become tied together. "If they hurt Acer, they hurt themselves," Wang added. The direct sales method championed by Dell has matured somewhat, Wang and Lanci said, as electronics retailers learned to market PC hardware on the Internet as well. Acer believes the U.S. and China will continue to grow in importance for the company, despite the fact it only entered the two markets a short time ago. The U.S. already accounts for as much as 20 percent of Acer's revenue, up from almost nothing two years ago, while China accounts for about 6 percent, Lanci said. Acer's revenue rose 17 percent year-on-year in the first nine months of the year to NT$250.99 billion (US$7.5 billion), and securities houses such as Goldman Sachs expect it to forecast brisk fourth quarter growth when it holds an investors' conference later this week.   InfoWorld http://www.infoworld.com/rss/news.rdf 2006-10-25 Wed 25 October 2006 05:12:36 PDT http://www.infoworld.com/cgi-bin/redirect?source=rss&url=http://www.infoworld.com/article/06/10/25/HNt-mobilemerge_1.html (InfoWorld) - T-Mobile USA is tapping into home broadband to give cellular customers a better deal. Subscribers to a new service from the Seattle-based mobile operator will be able to make unlimited U.S. calls via Wi-Fi at home and on Wi-Fi networks that don't require a password. Using the same phone, they can leave the range of the Wi-Fi network and keep talking without an interruption as the call shifts over to the T-Mobile cellular network. The service, called HotSpot @Home, is on the cutting edge of what some observers believe is the future of telephony. It lets users have just one phone and in many cases get better coverage indoors than they do with a pure cellular service. When it comes to high-bandwidth services such as video, Wi-Fi can give a performance boost where it's available. For the operators, it makes more efficient use of expensive cellular capacity and can be part of a "quad-play" service that includes voice, data, video and mobile service. T-Mobile has launched a site to promote the service, which so far is available only at 24 stores in the Seattle area. The service costs $19.99 per month on top of a voice plan priced at $39.99 or higher. The carrier so far offers a choice of just two dual-mode cellular/Wi-Fi phones for the service: the Samsung Electronics T709 and the Nokia 6136. Both cost $49.99 after rebate with a two-year contract and $99.99 with a one-year contract. T-Mobile also provides a home Wi-Fi router free of charge after rebate for users who sign up for a one-year or two-year contract. Those routers, made by either Cisco Systems' Linksys division or D-Link Systems, are optimized for VOIP (voice over Internet Protocol), said spokesman Tom Harlin. When a subscriber making a call comes home or enters a T-Mobile Wi-Fi hotspot such as a coffee shop, the call will be automatically shifted on to the Wi-Fi network, Harlin said. The service will work with any standard Wi-Fi router connected to a home broadband connection, he said. T-Mobile, which has lagged bigger carriers in 3G (third-generation) mobile data and was an early deployer of Wi-Fi hotspots, had been expected to pioneer dual-mode mobile service in the U.S. But some observers believe the other big operators will be forced to follow. "They can't afford not to," said Ellen Kirk, a telecommunications consultant at Logistix, in New Orleans. Consumers will demand the savings, and carriers will deliver the technology to prevent losing customers, she said. But technology challenges remain, she said, especially handset battery life and smooth handoffs between networks. Verizon Wireless has no plans for a dual-mode service because it doesn't see a need for it today, spokesman Jeffrey Nelson said. It is studying the technology but doesn't think it's ready, Nelson said. In the meantime, it is using other tools to improve indoor coverage where needed, he said. InfoWorld http://www.infoworld.com/rss/news.rdf 2006-10-25 Wed 25 October 2006 04:03:01 PDT http://www.securityfocus.com/bid/20728 Microsoft Internet Explorer 7 Popup Window Address Bar Spoofing Weakness SecurityFocus: Vulnerabilities http://www.securityfocus.com/rss/vulnerabilities.xml 2006-10-25 Wed 25 October 2006 00:00:00 PDT http://www.infoworld.com/cgi-bin/redirect?source=rss&url=http://www.infoworld.com/article/06/10/24/HNfirefox2.0_1.html (InfoWorld) - The browser wars are back. Just two weeks after Microsoft delivered its highly anticipated Internet Explorer 7, Mozilla has shipped a major update to its Firefox browser. Firefox 2.0 was officially released just after 2 p.m. Pacific Time on Tuesday, a day after an early version of the software was leaked onto Mozilla's FTP (File Transfer Protocol) site. Firefox 2.0 can be downloaded at http://getfirefox.com or http://www.mozilla.com. [ Slideshow: Firefox 2.0 in action ] But that early version was not integrated with Mozilla's Web and add-on sites, making Tuesday's version the first release that offered the complete Firefox 2.0 user experience, said Mike Beltzner, a user interface expert with the open-source project. New features in this latest version of the open-source browser include a spell checker for Web forms, antiphishing warnings, and improved search and tabbed browsing capabilities. Most Firefox 1.5 extensions will work with the 2.0 browser, but add-on maintainers will need to make some slight changes to let the Firefox 2.0 browser now that their software is compatible. "If you've got an add-on that somebody wrote three years ago that they're no longer maintaining, then that's maybe a bit more problematic," Beltzner said in an interview Tuesday afternoon. The 2.0 browser has been criticized for its lack of major new features, but it does include a very large number of smaller bells and whistles, as well as many bug fixes, Beltzner said. "This is a very different product from Firefox 1 or 1.5," he said. Downloads of the software had been "incredibly smooth," Beltzner said. He expects "a large bulk of our existing user base to move themselves to version 2 in the next couple of weeks." Firefox users expecting their browser to automatically install version 2.0 may have to wait a little longer. Firefox's automatic update feature does not presently give users the option of declining an update. And because some users may not want to move to version 2.0, Firefox will first ship a 1.5.0.8 upgrade to the browser that will give them the ability to decline the major upgrade. After that it will push out the 2.0 version via automatic update. This 1.5.0.8 release will also include some bug fixes, Beltzner said. It is expected to be delivered by the end of next month, he added. November is also when the Mozilla developers plan to begin thinking of the next major upgrade of their browser. But after pulling long hours to get the 2.0 release out the door, some of the developers have more pressing plans, according to Beltzner. "We get to take a nap," he said. InfoWorld http://www.infoworld.com/rss/news.rdf 2006-10-24 Tue 24 October 2006 17:12:33 PDT http://www.infoworld.com/cgi-bin/redirect?source=rss&url=http://www.infoworld.com/article/06/10/24/HNnetneutralityatt_1.html (InfoWorld) - Supporters of a net neutrality law, led by the It's Our Net coalition, have asked the U.S. Federal Communications Commission (FCC) to prohibit AT&T Inc. and BellSouth Corp. from discriminating against some Internet traffic in exchange for the agency's blessing on the two telecommunication giants' proposed merger. Earlier this month, AT&T said it would agree to several conditions, including locking rates on some high-speed lines and abiding by an FCC policy statement on net neutrality, for 30 months in exchange for regulatory approval of its acquisition of BellSouth. But representatives of the It's Our Net Coalition, consumer advocacy groups Public Knowledge, Media Access Project and others said Tuesday the FCC policy statement isn't strong enough to protect Internet users from the large broadband carrier if it decided to block or slow Internet content created by its competitors. The group, in a request filed Tuesday, called on the FCC to prohibit the merged company from discriminating in the "carriage and treatment of Internet traffic based on the source, destination or ownership of such traffic," repeating the language of a proposal in the U.S. Senate earlier this year. Financial support for It's Our Net comes from Internet companies and net neutrality supporters including Amazon.com Inc., Google Inc. and Yahoo Inc. Four net neutrality policy goals advanced by the FCC in August 2005 -- saying consumers are entitled to access the legal Internet content of their choice and to run Internet applications of their choice -- won't guarantee that Internet users are protected against the largest U.S. telecom carrier playing favorites with some Internet content, representatives of the groups said at a press conference. Rick Whitt, president of NetsEdge Consulting LLC and co-author of the It's Our Net FCC filing, pointed to past statements by AT&T and BellSouth executives saying they want to charge some Web sites more money for preferential speeds to their customers. "AT&T now has the obvious ability and stated intention to discriminate against Web companies," he said. AT&T, in a statement, said the It's Our Net proposal "smacks of public relations-driven opportunism as opposed to a thoughtful approach to policymaking." It is "not appropriate or justified" to apply the conditions to one company based on a merger application, Jim Cicconi, AT&T's senior executive vice president for external and legislative affairs, said in the statement. "The proper place to be debating the pros and cons of net neutrality is in the U.S. Congress or in an industry-wide proceeding at the FCC," Cicconi added in the statement. "Perhaps the efforts of the It's Our Net Coalition will be better served by encouraging all infrastructure providers to accept the same FCC net neutrality principles that AT&T has already agreed to voluntarily." But the new AT&T, with the old SBC Communications Inc. swallowing up both the old AT&T and now BellSouth, will have huge power in a broadband market where nearly all U.S. residents have two choices or fewer for providers, said Gigi Sohn, president of Public Knowledge. True competition in broadband is years away, she said. "We would like any conditions to stay in perpetuity, until it's demonstrated that there's increased competition in the broadband services market, and we don't see that happening for a very, very long time," she said. InfoWorld http://www.infoworld.com/rss/news.rdf 2006-10-24 Tue 24 October 2006 13:39:12 PDT http://www.infoworld.com/cgi-bin/redirect?source=rss&url=http://www.infoworld.com/article/06/10/24/HNukdatatheft_1.html (InfoWorld) - British electronic-crime detectives are investigating a massive data theft operation that stole sensitive information from 8,500 people in the U.K. and others in some 60 countries, officials said Tuesday. In total, cybercriminals targeted 600 financial companies and banks, according to U.K. authorities, who have worked over the past week to identify and notify victims. Through intelligence sources, U.K. police were given several gigabytes of data -- around 130,00 files -- that came from a server in the U.S., said Charlie McMurdie, detective chief inspector for the Specialist Crime Directorate e-Crime Unit of the London Metropolitan Police. Most of the data related to financial information, she said. The data was collected by a malicious software program nicknamed Haxdoor that infected victims' computers. Some 2,300 machines were located in the U.K. McMurdie said. Haxdoor is a powerful program that can collect passwords and send them to another e-mail address plus disable a computer's firewall, among other functions, according to a description posted on security vendor F-Secure Corp.'s Web site. Symantec Corp., another security company, wrote it first detected Haxdoor in November 2003. Computers can get infected with Haxdoor if they don't have security patches or up-to-date antivirus software. London police said it's believed many victims were infected through instant message programs. Programs such as Haxdoor are often sent in spam messages as attachments, and if opened, infect the computers without the user's knowledge. The programs can also be distributed through unsolicited instant message links. Metropolitan police experts built a special program to search through the data and identify victims, she said. The data contained information such as logins and passwords for major Web sites such as eBay Inc., Amazon.com, BT Group PLC and Pipex Internet Ltd., a U.K. Internet service provider. In some instances, Haxdoor employed a screen-capture function to obtain information, McMurdie said. Over the last week, the unit has contacted U.K. banks and other financial institutions to notify them what account numbers were compromised so those institutions could contact their customers, she said. But the data also showed information collected from computers in Germany, France, the U.S., Italy and Spain, but the number of victims is not known, she said. The unit is working with Interpol, the international police organization, to find trace those who were collecting the data. "This is a significant theft of data from the U.K. and globally," McMurdie said. InfoWorld http://www.infoworld.com/rss/news.rdf 2006-10-24 Tue 24 October 2006 10:10:29 PDT http://news.bbc.co.uk/go/rss/-/1/hi/uk/6079706.stm More than 30,000 websites of child pornography have been removed in the Internet Watch Foundation's first 10 years. BBC News | TECHNOLOGY http://www.bbc.co.uk/syndication/feeds/news/ukfs_news/technology/rss091.xml 2006-10-24 Tue 24 October 2006 06:57:37 PDT http://news.bbc.co.uk/go/rss/-/1/hi/uk/6079706.stm More than 30,000 websites of child pornography have been removed in 10 years by an internet watchdog. BBC News | TECHNOLOGY http://www.bbc.co.uk/syndication/feeds/news/ukfs_news/technology/rss091.xml 2006-10-25 Tue 24 October 2006 06:57:37 PDT http://news.bbc.co.uk/go/rss/-/1/hi/technology/6078016.stm A new version of the popular Firefox web browser makes its debut, going head to head with Internet Explorer 7. BBC News | TECHNOLOGY http://www.bbc.co.uk/syndication/feeds/news/ukfs_news/technology/rss091.xml 2006-10-26 Tue 24 October 2006 06:34:54 PDT http://blog.wired.com/sex/2006/10/results_of_fema.html An online survey finds that women in the internet generation are comfortable about sex toys, masturbation and sexual fantasy. In Sex Drive Daily. Wired News http://www.wired.com/news_drop/netcenter/netcenter.rdf 2006-10-24 Tue 24 October 2006 05:30:00 PDT http://www.infoworld.com/cgi-bin/redirect?source=rss&url=http://www.infoworld.com/article/06/10/24/HNgatewayreplacebattery_1.html (InfoWorld) - Gateway is taking advantage of Sony's battery replacement program and will exchange approximately 35,000 of its consumers' batteries, it said Tuesday. The exchange program covers batteries that began shipping in September 2005 with laptop PC models CX200, CX210, E100M, M250, M255, M280, M285, M465, M685, MP8708, NX260, NX510, NX560, NX860, NX100, MX1025, MX6918b, and MX1020j, the company said in a statement. Most were sold through Gateway's Internet shop. Full details can be found here. The battery cells are thought to contain metallic particles, which under certain circumstances could cause a short circuit resulting in the battery catching fire. About 9.6 million battery packs are thought to contain the cells and about 8 million have already been recalled or offered for voluntary replacement by laptop makers. Sony plans on Tuesday offered more details of the problems that have hit its battery business. The recalls and replacements will cost the the company around Ą51 billion ($427 million). InfoWorld http://www.infoworld.com/rss/news.rdf 2006-10-24 Tue 24 October 2006 04:57:36 PDT http://feeds.computerworld.com/~r/Computerworld/News/~3/41832659/article.do Secunia has reported a second flaw in Microsoft's recently launched Internet Explorer 7 browser. Computerworld News http://www.computerworld.com/news/xml/10/0,5009,,00.xml 2006-10-26 Thu 26 October 2006 06:00:00 PDT http://go.theregister.com/feed/http://www.theregister.co.uk/2006/10/26/ie7_spoofing_bug/ Phisherman's friend Security researchers have identified a pop-up address bar spoofing weakness in Microsoft's newly released Internet Explorer 7 browser. The flaw, first reported by security notification firm Secunia, might lend itself to phishing attacks and remains currently unpatched.… The Register http://www.theregister.co.uk/tonys/slashdot.rdf 2006-10-26 Thu 26 October 2006 03:57:09 PDT http://go.theregister.com/feed/http://www.theregister.co.uk/2006/10/25/canada_privacy_chief_hails_microsoft_identity_rules/ On surviving the identity Big Bang The Canadian Information Commissioner has published a plan for automated internet privacy that is backed by Microsoft. Dr Ann Cavoukian has called for programmers to embed privacy capabilities in software.… The Register http://www.theregister.co.uk/tonys/slashdot.rdf 2006-10-25 Wed 25 October 2006 13:29:21 PDT http://feeds.macosxhints.com/~r/macosxhints/recent/~3/41394739/article.php Here's how to set up your Mac to use a Nokia e62 as a Bluetooth modem with Cingular. I'll bet this works on lots of other Bluetooth phones as well. Although there's an existing hint covering a similar topic, some of the newer phones use slightly (but critically) different configurations. This blog entry ended up being the most useful for me. Here's what I did... Grab a modem script that works. I used the script from the above-linked blog entry. Unzip it and put it in /Library/Modem Scripts. Set up the connection between the phone and Mac with the Bluetooth System Preferences Panel. In the "Bluetooth Mobile Phone Set Up" wizard, check "Access the Internet with your phone's data connection," and select the GPRS radio option. Set up the modem connection in the Network System Preference Panel. Se... Mac OS X Hints http://www.macosxhints.com/backend/geeklog.rdf 2006-10-25 Wed 25 October 2006 07:30:00 PDT http://feeds.computerworld.com/~r/Computerworld/News/~3/41361246/article.do The new browser is so different that how you handle its deployment may spell the difference between exciting your users or stopping them dead in their tracks. Computerworld News http://www.computerworld.com/news/xml/10/0,5009,,00.xml 2006-10-25 Wed 25 October 2006 06:00:00 PDT http://go.theregister.com/feed/http://www.theregister.co.uk/2006/10/25/bt_snags_counterpane/ Anti-hacking market attack BT is to acquire managed security services firm Counterpane Internet Security for an undisclosed sum as part of plans to beef up the security expertise of its global professional services capabilities.… The Register http://www.theregister.co.uk/tonys/slashdot.rdf 2006-10-25 Wed 25 October 2006 04:36:01 PDT http://www.pheedo.com/click.phdo?i=9019e6e29b44b2ec3d4c33a2ef12dcf9 internet popup blocker & privacy protector VersionTracker: Windows http://www.versiontracker.com/windows/recent.rss 2006-10-25 Wed 25 October 2006 04:07:28 PDT http://feeds.ziffdavis.com/~r/ziffdavis/eweek/tech/~3/41427046/0,1759,2036994,00.asp With Counterpane Internet Security in the fold, Britain's BT Group boosts its capability to advise its corporate customers in their battle against computer hackers. Technology News from eWEEK and Ziff Davis http://rssnewsapps.ziffdavis.com/tech.xml 2006-10-25 Wed 25 October 2006 00:00:00 PDT http://go.theregister.com/feed/http://www.theregister.co.uk/2006/10/24/akamai_ddos_attack_man_charged/ Internet bombardment A Florida man was in federal court today, accused of launching a DDOS attack on Akamai which brought much of the internet to its knees - for a few hours.… The Register http://www.theregister.co.uk/tonys/slashdot.rdf 2006-10-24 Tue 24 October 2006 16:52:34 PDT http://go.theregister.com/feed/http://www.theregister.co.uk/2006/10/24/bodog_calvin_interview/ Calvin Ayre goes Down Under Interview What the hell does internet gambling have to do with port security?… The Register http://www.theregister.co.uk/tonys/slashdot.rdf 2006-10-24 Tue 24 October 2006 16:26:55 PDT http://feeds.feedburner.com/~r/Computerworld/News/~3/41077899/article.do A group of Net neutrality supporters have asked the FCC to require AT&T and BellSouth to refrain from discriminating against third-party Internet traffic in exchange for agency approval of the firms' proposed merger. Computerworld News http://www.computerworld.com/news/xml/10/0,5009,,00.xml 2006-10-25 Tue 24 October 2006 06:00:00 PDT http://www.pheedo.com/click.phdo?i=c3e6cf1b8487e8b94709bb9dc5a91ac2 monitor internet & network connections VersionTracker: Windows http://www.versiontracker.com/windows/recent.rss 2006-10-24 Tue 24 October 2006 05:37:27 PDT http://feeds.ziffdavis.com/~r/ziffdavis/eweek/tech/~3/41074985/0,1759,2036554,00.asp BellSouth posts a better-than-expected rise in quarterly earnings as growth in wireless and high-speed Internet services help offset a fall in traditional landline subscriptions. Technology News from eWEEK and Ziff Davis http://rssnewsapps.ziffdavis.com/tech.xml 2006-10-24 Tue 24 October 2006 00:00:00 PDT Http://www.PrivacyDigest.com/2006/10/25.html#a7499 Swiss banks broke privacy laws over SWIFT transfers: data chief. 'Serious error of judgement' Swiss banks broke the law by passing customer bank details to US authorities, Switzerland's top data protection official has said. The banks should have told customers that international transaction company SWIFT was passing details to the US, he said. [The Register - Internet and Law: Digital Rights/Digital Wrongs] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-25 Wed 25 October 2006 20:01:24 PDT Http://www.PrivacyDigest.com/2006/10/25.html#a7498 EU mulls RFID privacy laws. Brussels ready to roll on chips Concern about the privacy implications of using RFID tags need to be overcome if the technology is to gain public acceptance, according to a new EU study. [The Register - Internet and Law: Digital Rights/Digital Wrongs] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-25 Wed 25 October 2006 19:13:56 PDT Http://www.PrivacyDigest.com/2006/10/25.html#a7497 Database state could go pear-shaped, says police chief. Power corrupts The boss of UK police technology has warned that government attempts to use surveillance and databases to impose law and order could backfire unless those with access to the system are prevented from abusing the power it gives them. [The Register - Internet and Law: Digital Rights/Digital Wrongs] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-25 Wed 25 October 2006 19:10:56 PDT Http://www.PrivacyDigest.com/2006/10/25.html#a7496 Welcome to the Fourth Reich. Congress, Bush defile Constitution with security bill Comment "It is a rare occasion when a President can sign a bill that he knows will save American lives; I have that privilege this morning," US President George W Bush trilled as he consigned 200 years of judicial oversight to the scrap heap of history. [The Register - Internet and Law: Digital Rights/Digital Wrongs] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-25 Wed 25 October 2006 19:08:47 PDT Http://www.PrivacyDigest.com/2006/10/25.html#a7495 UK police share data to foil child abuse. Track and trace UK police have begun trials of a system that makes it easier for investigators to share information on online child abuse cases. [The Register - Internet and Law: Digital Rights/Digital Wrongs] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-25 Wed 25 October 2006 14:26:56 PDT Http://www.PrivacyDigest.com/2006/10/25.html#a7494 Ryan's ID express still waiting for a platform. Chuffing away The British government is still trying to work out how it will implement the ID scheme, six months after it was approved by Parliament. [The Register - Internet and Law: Digital Rights/Digital Wrongs] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-25 Wed 25 October 2006 14:25:41 PDT Http://www.PrivacyDigest.com/2006/10/25.html#a7493 Steal my ID, steal my fingers - the public gets nervous. So how many fingers do you need anyway? The public fears losing their fingers to ruthless biometric ID thieves in the fingerprint-controlled future, apparently. Or at least, so says Frost & Sullivan analyst Sapna Capoor, who argued unconvincingly that "A dead finger is no good to a thief." [The Register - Internet and Law: Digital Rights/Digital Wrongs] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-25 Wed 25 October 2006 14:22:30 PDT Http://www.PrivacyDigest.com/2006/10/25.html#a7492 EFF to probe FBI's new monster database. That'll teach them The Electronic Frontier Foundation (EFF) is suing the US Department of Justice to learn more about the FBI's new monster database, called the Investigative Data Warehouse, or IDW. [The Register - Internet and Law: Digital Rights/Digital Wrongs] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-25 Wed 25 October 2006 14:20:07 PDT Http://www.PrivacyDigest.com/2006/10/25.html#a7491 US court denies request to suspend Spamhaus domain. Spam roadblock remains in place A US judge has denied a request to order internet registrars to suspend Spamhaus's domain, easing concerns that the spam blocking service might be interrupted. [The Register - Internet and Law: Digital Rights/Digital Wrongs] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-25 Wed 25 October 2006 14:14:40 PDT Http://www.PrivacyDigest.com/2006/10/25.html#a7490 Beer fingerprints to go UK-wide. Yeovil, an example for us all The government is funding the roll out of fingerprint security at the doors of pubs and clubs in major English cities. [The Register - Internet and Law: Digital Rights/Digital Wrongs] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-25 Wed 25 October 2006 14:10:58 PDT Http://www.PrivacyDigest.com/2006/10/25.html#a7489 Florida 'botmaster' charged with Akamai DDOS attack. Internet bombardment A Florida man was in federal court today, accused of launching a DDOS attack on Akamai which brought much of the internet to its knees - for a few hours. [The Register - Internet and Law: Digital Rights/Digital Wrongs] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-25 Wed 25 October 2006 14:09:17 PDT Http://www.PrivacyDigest.com/2006/10/25.html#a7488 US publishers say Child Online Protection Act should be struck down. COPA non grata A group of US online publishers and a lobby group is taking the Government to court to challenge an eight-year-old law which it says amounts to censorship of the internet. The challenge is to the Child Online Protection Act (COPA), which became law in 1998. [The Register - Internet and Law: Digital Rights/Digital Wrongs] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-25 Wed 25 October 2006 14:06:07 PDT Http://www.PrivacyDigest.com/2006/10/25.html#a7487 Irish passports go RFID, and naked. Mug me, my house is currently worth a fortune Analysis The Irish government has begun issuing RFID passports with biometric data that can be read at a distance to comply with US regulations for its visa waiver programme. [The Register - Internet and Law: Digital Rights/Digital Wrongs] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-25 Wed 25 October 2006 14:03:53 PDT http://ask.slashdot.org/askslashdot/06/10/24/1758201.shtml An anonymous reader asks: "My SO just inherited a computer lab from a departed teacher who was no security guru. These are Windows XP systems, and security basically consists of a password on the admin account, a subscription to McAfee Security Center, and a free Internet filter. The students have access through a non-passworded 'limited' user account that doesn't seem to limit much. They have been going in and changing settings, downloading games and music, and generally screwing the computers up during class time, in many cases leaving them unusable. As the geek in our house, she has asked me to give her a hand, but while I have dealt with some security issues in the past, it was to protect against remote intruders, not against someone who has to have access to the keyboard. Any suggestions on the best way to lock these systems down?" Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-25 Wed 25 October 2006 12:51:40 PDT http://feeds.feedburner.com/~r/arstechnica/BAaf/~3/41376980/20061025-8069.html When COPA was signed into law in 1998, the controversial legislation initiated a legal conflict that has spanned across eight years. Ars examines this critical case, and interviews the plaintiff, Urban Dictionary creator Aaron Peckham. Ars Technica http://arstechnica.com/etc/rdf/ars.rdf 2006-10-25 Wed 25 October 2006 06:59:00 PDT Http://www.PrivacyDigest.com/2006/10/24.html#a7471 Apple Says Some iPods Shipped With Virus. Apple Computer this week warned customers that some Video iPods sold over the past five weeks were shipped with a computer virus capable of infecting computers running Microsoft Windows and exposing them to attacks by hackers. Apple said the virus was embedded in less than 1 percent of the Video iPods available for purchase after September 12, 2006. Greg Joswiak, vice president of iPod product marketing at Apple, said the company traced the virus back to a Windows machine used to test iPod software in the manufacturing process. Joswiak declined to say how many devices were affected, citing the potential impact on investors closely watching the company's earnings reports today. But he said Apple has corrected the problem and that all video iPods the company is currently shipping are virus-free. The virus (more accurately, a computer worm) variously dubbed "RavMonE.exe" and "W32/Rjump.worm" by different anti-virus vendors, first surfaced in June and attempts to spread to all memory storage devices attached to an infected computer. It also opens a "back door" on infected PCs that criminals can use to gain access to the machines. Joswiak said affected Windows users should be able to clean up the problem with up-to-date anti-virus software. Because the virus spreads to all removable media attached to an infected machine, any media inserted into the PC after the acquisition of the Video iPod should also be scanned for infection. From Apple's advisory: "After installing an anti-virus application, you should attach your Video iPod to your Windows computer and run the anti-virus program. If your Windows system is infected with this virus, an alert will be triggered and inform you that the virus has been detected and either quarantined or removed. You should then use iTunes 7 to easily restore the software on your newly purchased Video iPod." Apple said it has received fewer than 25 reports about the problem. But Ed Felten, director of the Center for Information Technology Policy at Princeton University, said many Windows users who have this virus on their machines may not have noticed, as it silently installs itself when the users merely plugs the device into their computer. "This type of thing is a risk that follows from fact that these are storage devices, but also that Windows is designed to accept programs from storage devices very easily," Felten said. "Twenty-five complaints translates into who knows how many people infected." Eric Gaertner, 19, of East Brunswick, N.J., said he noticed his Video iPod was infected on Oct. 6 when his anti-virus program threw up a warning after he plugged the week-old device into his Windows XP computer. Gaertner said he was able to delete the virus and the three infected files it installed, but that he remains bitter about the whole ordeal. "I paid $250 for this thing, and it's pretty ridiculous that Apple's quality control is not better than that, because a lot of people who might get an iPod probably don't have up to date anti-virus [software] installed," he said. The iPod news comes just days after McDonald's Japan recalled MP3 players it gave away as prizes to customers after learning that the devices shipped with spyware designed to steal sensitive data that users entered at financial and e-commerce Web sites. Last year, multimedia giant Creative acknowledged that roughly 4,000 of the company's Zen Neeon MP3 players shipped with a Windows computer worm embedded inside. One final note: I took a look this morning at the Internet servers (located in China) that the virus is designed to connect back to, but at the moment they do not appear to be online or accepting any connections. Update, 4:11 p.m. ET: The above post was edited to include comments from an individual whose PC was infected after plugging in a brand new Video iPod. [Security Fix] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-24 Tue 24 October 2006 19:50:21 PDT Http://www.PrivacyDigest.com/2006/10/24.html#a7470 Attacks, Flaw Reports Mar IE 7 Release. Microsoft released a major update of its Internet Explorer Web browser this week, but the red-letter occasion was stained by reports of anti-virus miscues, phishing attacks and what turned out to be untrue reports that the new product contains previously documented security flaws. First came a run of junk e-mail claiming to be from Microsoft that tried to get recipients to click on a link and download the latest version of IE (the link, as you may have already guessed, installs a Trojan horse program that opens a back door for hackers on infected PCs.) Then came reports of a vulnerability in IE 7 that was somehow carried over from the older IE 5.5 version. Vulnerability watcher Secunia said it developed a proof-of-concept attack using the bug that could allow a maliciously crafted Web site to steal any data a user may enter at a separate Web site. Not exactly, Microsoft responded. In a post to its Security Response Blog Thursday evening, Microsoft said the problem is related to a component of Outlook Express, the default e-mail client installed on Windows PCs. "These reports are technically inaccurate: the issue concerned in these reports is not in Internet Explorer 7 (or any other version) at all. Rather, it is in a different Windows component, specifically a component in Outlook Express. While these reports use Internet Explorer as a vector the vulnerability itself is in Outlook Express," the company said. Microsoft urged users to temporarily disable anti-virus and anti-spyware software before installing the program, noting that IE 7 makes a large number of changes to the Windows registry, which the table of contents on Windows that determines which programs should be loaded when Windows or certain user accounts are started up. Some security software will block those changes. Finally, some of the top tech blogs have been less than impressed with IE 7, according to a round-up at USA Today. Computerworld also has a decent compilation of IE 7 coverage. I have traditionally been hard on Microsoft with respect to security in IE, and I don't think undeservedly so, either. I'm afraid it's going to take some time for Microsoft to win back some credibility on browser security (and plain old functionality) in the tech community. For my part, I was asked several times in today's Security Fix Live Web chat what I thought about IE 7. In retrospect, my response the final time I answered was probably below-the-belt, but it gets to the point I was just trying to make about trust. A reader asked: "Why should I bother upgrading to IE 7 since Firefox is a superior browser? IE6 works fine for the limited amount of usage I need." My response: "Would you leave a loaded gun sitting on the table in a house with toddlers? Hopefully not. Okay, that's a little harsh, but think of it this way: lots of things on Windows use IE's built in rendering engine, and if you have a more secure version of the browser available, why not switch to it? This advice is especially aimed at households where more than one person uses the PC. " Final note: If you want to install IE 7, keep in mind that it requires you to validate your copy of Windows. [Security Fix] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-24 Tue 24 October 2006 19:47:16 PDT Http://www.PrivacyDigest.com/2006/10/24.html#a7469 New Bug Installs Legit Anti-Virus Program. Are you using a Microsoft Windows machine to cruise the Web but don't have up-to-date anti-virus software installed? No worries: A sophisticated new breed of malware identified this week will silently download and install a legitimate anti-virus program on your computer if it manages to sneak its way onto your machine. But this isn't a good thing, as the malware is really intended to make it easier for spammers to do their business. For several years now, the top method for sending spam has been to infect Microsoft Windows machines with malware that turns the PCs into "zombies" (or "bots") that bad guys can use to anonymously relay junk e-mail. Tons of malware in circulation today will actively search for and remove other hacking programs that may have already set up shop on infected computers. The goal for the spammers is efficiency -- they want to ensure their bot networks are not cluttered with competing malware that might otherwise slow the machines to a crawl and alert the victims to a problem. A new class of bot programs seeks to accomplish that task by downloading and installing a pirated version of Kaspersky Anti-virus, according to research published by Joe Stewart, a researcher for Atlanta-based SecureWorks. "Although we've seen automated spam networks set up by malware before ... this is one of the more sophisticated efforts," Stewart wrote. "The complexity and scope of the project rivals some commercial software. Clearly the spammers have made quite an investment in infrastructure in order to maintain their level of income." Stewart says the invader (which he dubbed "Spamthru" because the few anti-virus tools that did detect it as malicious assigned it a nondescriptive, generic name) also updates itself using a custom-made peer-to-peer (P2P) method similar to those employed by popular file-trading networks. Most bots are configured to connect to a central online chat or Web server that attackers can use to control the activities of infected PCs, but those control servers can be a single point of failure for the bad guys if the good guys succeed in convincing an Internet service provider to shut them down. By having P2P as a back-up, spammers can redirect zombie machines to a new control server if the master server is shuttered. All it takes is simply sending a command out to one of the infected PCs and having it relayed to the rest of the drone army. This is hardly the first time a bot program has tried to implement P2P. Others, such as the Phatbot family of malware, include built-in file-sharing capabilities, but the networks almost always choke after more than a few dozen infected machines try to exchange information. According to Stewart, the new bot can accommodate communications between several thousand PCs at once. People who spend a lot of time tracking down and combating botnets have long feared that P2P would become the normal mode of communications between infected PCs, and that spammers also would encrypt the traffic to make it difficult for the good guys to gather intelligence on botnet operations. While "Spamthru" does include encryption, the data-scrambling technique is used to prevent investigators from downloading the HTML code that each infected host is directed to send out in their spam runs. Should the spammers decide to encrypt all of the traffic traveling over a botnet's P2P channels, it could soon become a lot tougher for botnet hunters like ChangeIP.com President Sam Norris, a botnet hunter I interviewed earlier this year for a Washington Post Magazine article. In that piece, I wrote: "Norris shares that fear and worries that more botmasters will begin to exploit emerging peer-to-peer communication technologies of the sort that power controversial music- and movie-sharing networks like Kazaa and LimeWire. Such networks would allow enslaved computers to communicate instructions and share software updates among one other, so that they would no longer depend on orders from the master servers that Norris and other bot hunters search out and disable every day. "'When P2P becomes the norm with these bots,'" Norris says, 'that's when I call it quits with this botnet stuff, because, at that point, it will be pretty much out of my hands.'" [Security Fix] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-24 Tue 24 October 2006 19:43:56 PDT http://www.privacylawyer.ca/blog/2006/10/ontario-commissioner-unveils-plan-for.html Additional Resources: 7 Laws of Identity: The Case for Privacy-Embedded Laws of Identity in the Digital Age Kim Cameron's Identity Weblog The LAWS OF IDENTITY The key to this site: an introduction to Digital Identity - the missing layer of the Internet. The IDENTITY METASYSTEM A proposal for building an identity layer for the Internet Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-24 Tue 24 October 2006 19:40:48 PDT Http://www.PrivacyDigest.com/2006/10/24.html#a7467 7 Laws for Privacy-Embedded Internet Identity.Ann Cavoukian, the Information and Privacy Commissioner of Ontario, has released a whitepaper augmenting Kim Cameron's seven laws of identity with privacy protections: 7 Laws of Identity: The Case for Privacy-Embedded Laws of Identity in the Digital Age (PDF). I'm busy travelling, so I can't print and read the entire document right now, but here are excerpts form the commission's press release: The next generation of intelligent and interactive web services ("Web 2.0") will require more, not fewer, verifiable identity credentials, and much greater mutual trust to succeed. Identity systems that are consistent with the Privacy-Embedded Laws of Identity will help consumers verify the identity of legitimate organizations before they decide to continue with an online transaction. These Privacy-Embedded Laws offer individuals: easier and more direct user control over their personal information when online;enhanced user ability to minimize the amount of identifying data revealed online;enhanced user ability to minimize the linkage between different identities and actions;enhanced user ability to detect fraudulent messages and websites, thereby minimizing the incidence of phishing and pharming. Corresponding Privacy-Embedded Principles Take, for example, Law #1, Personal Control and Consent, which emphasizes that individuals should be in full local control of their own identity information, and exercise informed consent over how their identity information is collected and used by others. One privacy benefit of applying this principle is that identity credentials could be stored locally and securely on a user's own computer rather than in a centralized online database. Another example: Law #2, Minimal Disclosure for Limited Use: Data Minimization, speaks to building technical identity systems that minimize the amount of identity information used and disclosed in a given online transaction. In the privacy world, a cardinal rule is that the identification provided should be proportional to the sensitivity of the transaction and its purpose. Why should a credit card number ever be used to verify one's age? Put another way, why isn't there a credential that allows people to prove they're over 65 without revealing all of their other identity information? If someone can prove she is a bona fide university student to gain preferential access to online resources at other educational institutions, then why is her name needed? These privacy-enhanced solutions are all possible under the Privacy-Embedded Laws of Identity. "We call upon software developers, the privacy community and public policymakers to consider the Privacy-Embedded Laws of Identity closely, to discuss them publicly, and take them to heart," Dr. Cavoukian declared. "In joining with us to promote privacy-enhanced identity solutions at a critical time in the development of the Internet and e-commerce, both privacy and identity/security will more likely be strongly protected." [via Canadian Privacy Law Blog] Posted in Privacy, michaelzimmer.org] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-24 Tue 24 October 2006 19:38:47 PDT Http://www.PrivacyDigest.com/2006/10/24.html#a7464 # Privacy: Search Engine Privacy Standard Proposed. Virante, a SEO & Internet marketing company, has propsoed a new privacy standard to prevent search engines from tracking certain search queries. The standard is called #Privacy, and is pretty simple: "Pound Privacy" is a campaign to create the first standard for search engine query privacy. The implementation is fairly straightforward: If you append the phrase "#privacy" at the end of a query on any search engine or site search, your query should not be tracked by IP or cookie, and should not be made public in keyword tools. It is that simple. This is an interesting propsal, and a way to give search engine users much more control over the infromation search providers can collect. But it isn't a complete solution to the problem of search engine privacy. In the #Privacy paradigm, the collection of user information is still the default - users must take action to prevent certain searches from being collected. Further, there are no real ways to ensure that search engines actually abide by the addition of the #Privacy instruction. In fact, Virante's proposal allows search engines to ignore the flag "when the query indicates that a crime is being committed." Not sure what that is supposed to mean, or who gets to decide what searches fit that category. #Privacy is an interesting idea - a good first step. But I think a better solution would be one where search engines are prevented from collecting information on their users altogether. Short of that, there should be limits on the kind of information collection, how long it can be kept, etc. Users should have the ability to see the information on file, correct errors, and delete information as they see fit. Forcing users to append their searches with a tag in order to protect their privacy accepts the premise that search engines should be allowed to collect personal information by default. And that is what must change. [found via Canadian Privacy Law Blog] UPDATE: More light criticism of the # Privacy endeavor: Seth Finkelstein notes an obvious flaw in the comments: appending such a tag to your searches merely notifies anyone watching that "This is a really interesting search! Hot stuff here!" And Michael at Better Software... reminds us that any search engine results clicked would still, by default, send the search query to the host's site through the HTTP "referer" header. (He also sees this entire proposal as perhaps just a means to get "a bit of nice publicity" for Virante, which is probably why I (subconsciously?) didn't provide a link to the SEO firm in the first place). UPDATE 2: And Emergent Chaos rightfully calls it a "silly idea." [michaelzimmer.org] Privacy Digest http://www.privacydigest.com/xml/rss.xml 2006-10-24 Tue 24 October 2006 19:28:25 PDT http://news.digitaltrends.com/article11601.html Regular readers will know that we don't generally toot our own horn in this space, but we hope they will perhaps forgive a short note about horn-tooting happening elsewhere. Digital Trends announced today that it has entered a partnership with Internet Broadcasting to put Digital Trends' video feeds in the Technology Channels of 60 Internet Broadcasting sites, including the Web sites of Boston's ABC affiliate WCVB, Denver's KMGH-TV Atlanta's WSB-TV (wsbtv.com), Houston's K Read | Permalink | Email This | Linking Blogs | Announcements Designtechnica Articles http://www.designtechnica.com/backend.php 2006-10-24 Tue 24 October 2006 14:00:00 PDT http://news.digitaltrends.com/article11597.html Google has launched the Google Custom Search Engine, a way for Web site operators, bloggers, and online publishers to create custom search portals for their site which not only tap into the full power of Google's market-dominating Internet search engine, but enable sites to customize search results to make them more relevant to their sites' visitors. And, of course, more-relevant results means Google can charge more for advertisements appearing on those search portals. The Google Custom Search Engine enables Web publishers to create a search engine focusses on a site's particular topic and interests, and lets publishers customize the search res Read | Permalink | Email This | Linking Blogs | Computing Designtechnica Articles http://www.designtechnica.com/backend.php 2006-10-24 Tue 24 October 2006 12:00:00 PDT http://news.digitaltrends.com/article11596.html If everything goes according to plan, Mozilla should officially release Firefox 2.0 today, putting the popular alternative browser head-to-head with Microsoft's just-released Internet Explorer 7. Although the release was posted to Mozilla's FTP servers yesterday, the release should be available shortly from the Firefox home page. Versions are available for Windows, Mac OS X, and Linux. Mozilla 2.0 features new anti-phishing technologies designed to protect users frmo online identity theft, as we Read | Permalink | Email This | Linking Blogs | Computing Designtechnica Articles http://www.designtechnica.com/backend.php 2006-10-24 Tue 24 October 2006 11:30:00 PDT http://news.digitaltrends.com/article11595.html For a couple years now, we've been seeing old television series re-syndicated via the Internet, along with original scripted video content developed exclusively for the Web. Now, for the first time, a series developed for the Internet is making the jump to network television: CBS announced today that it will br promoting its broadband series InTurn, currently running on its Innertube online offering, to its broadcast schedule beginning November 24, 2006. InTurn is a reality series that followed young actors as they struggle to be cast in a role on the CBS daytime drama As The World Turns; A Read | Permalink | Email This | Linking Blogs | Home Video Designtechnica Articles http://www.designtechnica.com/backend.php 2006-10-24 Tue 24 October 2006 11:15:00 PDT http://feeds.feedburner.com/~r/arstechnica/BAaf/~3/40300122/20061022-8047.html A district court judge has ruled that articles posted on the Internet are subject to the same statute of limitaion rules as those printed on paper. Ars Technica http://arstechnica.com/etc/rdf/ars.rdf 2006-10-24 Sun 22 October 2006 16:00:00 PDT http://feeds.feedburner.com/~r/SlackerManager/~3/39366969/asinine-church-signs.html Saw this church sign on the way home from a walk in the woods yesterday: “Download your worries. Get online with God!” I didn’t notice the denomination of the church that this sign was on, but it was out in the sticks. Maybe the rural location has something to do with their internet illiteracy. Download your worries. [...] Slacker Manager http://feeds.feedburner.com/SlackerManager 2006-10-24 Thu 19 October 2006 21:03:14 PDT http://www.gizmodo.com/gadgets/wireless/the-definitive-guide-to-airline-wifi-access-210186.php Curious as to which airline gives you WiFi access up in the air? Check out this list, meticulously compiled by people who really, really don't want to miss any emails. Apparently there are two types of WiFi service, which is then customized for each provider. The first is Connexion by Boeing, and the second is OnAir by Airbus. There's also a third type, cellular air-to-ground, which is only useful in continental US flights and isn't really adopted seriously yet. You can bet we're booking one of these airlines when we go on vacation. Liveblogging from the plane? Oh yes. – Jason Chen The DEFINITIVE guide to Airline WiFi and Internet Access [OTBeach] Gizmodo http://www.gizmodo.net/index.xml 2006-10-25 Wed 25 October 2006 17:32:06 PDT http://www.gizmodo.com/gadgets/feature/frankenfight-ie7-vs-firefox-2-209938.php In one corner we have Internet Explorer 7. After 18 months of development and a shiny new set of tabs, he's in top shape and looking better than his predecessor ever did. That is, before he entered the ring with Firefox 2.0. Now he's just a cripple with fancy RSS reading. This battle wasn't pretty. Lifehacker's own Gina Trapani points out that, "Ironically, Fx runs on more versions of Windows than IE 7 does." And it was all downhill from there. While IE 7 was away training in the Himalayas for a year and a half, living off walnuts and squirrel meat, Firefox was poking his wife, being a fill-in-dad for his kids, wearing his favorite tighty whities and learning all his secrets. Check out our graphs, but equip yourselves with those special solar eclipse glasses first. Then hit the jump for our Frankenfight—where whomever yells the loudest wins. It's sort of the new policy. OK, fuck this unbiased attitude. Firefox 2 just froze on me while typing this. It can burn in hell. Wait, it just restored all my windows. – Mark WilsonFrankenreviewer says: Interface "Unlike IE 7, which has reorganized its toolbar, Firefox 2 changes only the look and feel of its buttons." "The new shiny-glass look [firefox] is much more sophisticated, as are the rounded tabs and the hairline borders around the address bar and the search engine box." "IE 7's new streamlined look resembles Vista's." "You can't miss the new user interface, with tabbed browsing, integrated searching, and newsfeed support..." "The overall interface of IE has also been cleaned up and simplified..." "The tabs don't get their own row, however, so they can start to appear somewhat squished if you have many open at once." - No victory in the Hot or Not competition. Tabbed Browsing "Perhaps the biggest change within IE 7, aside from the overall interface redesign, is tabbed browsing." "The tabs, which can be reordered, can also be previewed on a page with clickable thumbnail displays of each open tab." "Microsoft's implementation is OK, but is curiously inconsistent." "The page preview available within IE 7, called Quick Tabs, requires an extra mouse click, which is an annoyance for the ergonomically minded." "...lets you view, on one page, thumbnails of all the pages you have open in tabs." "It's very nice, but reminiscent of an Apple feature called ExposĂ©." "...while Mozilla is touting a revamped tabs interface, it doesn't seem much improved to me." "New in Firefox 2 is session restore; if Windows crashes and you have several tabs open in Firefox at the time, you can now relaunch Firefox with all the tabs intact..." "Firefox 2's tab updates are generally a step ahead of IE's. For example, you can configure Firefox to always save your last session for future use; with IE 7 you have to click a box every time." - Sorry guys, tabs are tabs. RSS "RSS isn't treated lightly within IE7; in fact, Microsoft built an entire RSS reader and bundled it in with the browser." "However, you have no way to quickly preview the feed's contents without opening the feed's rendered page in IE, which somewhat defeats the purpose." "Firefox 2 makes the raw [RSS] feed understandable, and offers a range of new subscription options." "Possibly the coolest new feature is Live Titles, formerly Microsummaries, which allows Web sites to stream updated data to your bookmarks." "Think of Live Titles as RSS-like feeds for your otherwise static bookmarks." "Web sites must be specifically enabled for this feature for Firefox 2.0, so it's not widely useful yet." - Still a good idea. Add-ons "Unfortunately extensions designed for Firefox 1.5 will probably break within Firefox 2." "About 80% of the extensions I use are supported." "In my Firefox setup, Firefox 2.0 obviated the need for five extensions and another two customizations that I apply to all Firefox 1.x installations." "Another area where IE7 has serious shortcomings is with add-ons that give extra features to the browser." "...most of the add-ons you'll find aren't free." "You can enable, disable, and delete add-ons in IE's manager, but it's not very user-friendly..." "...many of these so-called add-ons are not designed to work directly inside IE and integrate with the browser..." - Microsoft will never let people develop for IE as freely as they can Firefox. Security "Security enhancements within Firefox 2 continue. New is a dialog box informing you of cross-domain scripting, a tactic used by criminal hackers to link nonrelated sites to sites you think may be legit." "Firefox's default protection stops at comparing sites against a known blacklist of phishing sites, while IE 7 includes site analysis that will try to warn you about a suspicious site even if it's not yet on a blacklist." "...we found that IE 7 consistently failed to catch phishing sites less than 1 hour old, although IE 7 caught all phishing sites known for at least 1 hour or more..." "You also get a new "Fix Settings for Me" feature that warns you if you reset security settings to something Microsoft deems unsafe." "Overall, the new IE has many more security fixes than the revised Firefox. But such fixes were necessary to address IE 6's many holes..." "With IE7, the default security level has been raised from medium, which is the IE6 default, to medium-high. Not only that, but there are now no lower security levels than medium..." "But the most important new security feature in IE 7 -- something called Protected Mode, which stops Web sites from changing your computer's important files or settings -- will work only in the new Vista version of Windows." - Tacky. Performance "IE 7 still uses essentially the IE 4 Web engine. So in terms of page performance, Mozilla Firefox, which updated its Web engine with Firefox 1.5, remains the much faster browser." "In my informal tests immediately after installing and launching IE 7, the browser with three open tabs used 80MB of memory; under similar conditions and with the same three tabs, Firefox used 58MB. Otherwise, the performance of the two browsers appeared similar." Random Tidbits "Firefox 2 also gives you the ability to correct your spelling mistakes online, just like using a word processor." "Once you have access to inline spell-checking, you won't want to surf the Web without it." "Speaking of accessibility features, IE 7 includes zoom technology and the new Clear-type page technology, which Microsoft claims renders page fonts as sharp and clear as those printed on a piece of paper." "Even if you zoom to the maximum level, 400 percent, we found that the Clear-text technology within IE 7 remains quite clear with fonts." - Zoom feature is a nice innovation from Microsoft. Conclusion "The new Internet Explorer is a solid upgrade, but it's disappointing that after five years, the best Microsoft could do was to mostly catch up to smaller competitors." "Of the two rivals, Firefox remains the better application." - I plan on running Firefox 2, but I own a Mac. CNET 1 CNET 2 PCWorld Computerworld 1 Computerworld 2 WSJ Photo 1 Photo 2 Gizmodo http://www.gizmodo.net/index.xml 2006-10-25 Wed 25 October 2006 13:45:49 PDT http://www.activewin.com/awin/comments.asp?HeadlineIndex=36973 While the Microsoft-sanctioned name of the next version of Internet Explorer (IE) is IE "Next," it seems it will likely be christened IE 8.0. That's according to Chris Wilson, the new platform architect for IE. (IE-team veteran Wilson, until a few days ago, was the group platform manager of IE. In his new role, Wilson will be spending his time focusing on making IE a better Web-development platform.) Wilson delivered a couple of addresses at the Ajax Experience 2006 conference in Boston this week. In addition to dropping the IE 8.0 name, Wilson shared a few other IE-related tidbits, too. ActiveWin.com http://www.activewin.com/awin/headlines.rss 2006-10-25 Wed 25 October 2006 00:00:00 PDT http://www.activewin.com/awin/comments.asp?HeadlineIndex=36987 IntelliAdmin reports that users who use Outlook to manage their Hotmail accounts report problems after installing Internet Explorer 7. Outlook keeps asking for the password for hotmail - even when it is correct. ActiveWin.com http://www.activewin.com/awin/headlines.rss 2006-10-25 Wed 25 October 2006 00:00:00 PDT http://www.gizmodo.com/gadgets/deals/dealzmodo-1gb-memorex-flash-drive-5-ar-209840.php Tiger Direct has a 1GB Memorex TravelDrive that includes CA Internet Security for $90 with an $85 mail-in-rebate. There is always mixed reviews about Tiger Direct mail-in-rebates, so take this one with a grain of salt. Other than the risquĂ© mail-in-rebate, this is a pretty damn good deal. Five bones for a 1GB flash drive? Hell yes. The rebate expires on October 31. I would jump on this deal, but I already have a good flash drive that can even withstand being peed on. – Travis Hudson Product Page [Via uberbargain] Gizmodo http://www.gizmodo.net/index.xml 2006-10-24 Tue 24 October 2006 13:03:06 PDT http://www.fileflash.com/program/141/ SuperCleaner is an all in one disk cleaner for Windows. Its built-in Garbage Finder can find hundreds or even thousands of megabytes of unneeded files taking up space on your computer. The Internet Privacy features of SuperCleaner will let you erase your web browser's cache, history, cookies, and even the hidden index.dat files! If there are cookies you want to keep, you can use the built-in Cookie Manager to manage them. The Start menu cleaner can find items in your Start menu which are dead (pointing to files that no longer exist), and gives you the option of deleting them. For maximum security, you have the option of erasing files using a file wipe. This prevents someone using "undelete" software from recovering any of your files. SuperCleaner is very powerful, yet easy for beginners to use. [Shareware $38.99 30 days 465 KB] File Flash http://www.fileflash.com/rss.php 2006-10-25 Wed 25 October 2006 17:41:27 PDT http://www.fileflash.com/program/803/ HS CleanDisk Pro cleans unwanted files from your harddisk and cleans your system registry. It cleans drives from files left aside and unused, cleans internet cookies and cache, and more. [Shareware $20.00 15 Days 2.29 MB] File Flash http://www.fileflash.com/rss.php 2006-10-25 Wed 25 October 2006 07:47:14 PDT http://www.fileflash.com/program/5312/ AusLogics BoostSpeed - the ideal solution to keep your PC running faster, cleaner and error-free. This powerful optimization suite will boost Internet connections, tweak Windows to its peak performance, clean registry, block banners and more. It's a great way to keep your computer clean and optimized. [Shareware $24.95 15 Days 2.77 MB] File Flash http://www.fileflash.com/rss.php 2006-10-25 Wed 25 October 2006 07:47:00 PDT http://www.fileflash.com/program/4444/ Firefox is a free, open-source web browser based on the Mozilla codebase. It is small, fast and easy to use, and offers many advantages over Internet Explorer, such as the ability to block pop-up windows. [Freeware 5.6 MB] File Flash http://www.fileflash.com/rss.php 2006-10-24 Tue 24 October 2006 08:44:50 PDT http://www.emaginacion.com.ar/cym/photoshop-or-real-beauty/ This one has been going around the internet for a couple of hours now; it’s a campain from Dove where a model take sit and a group of professionals start working on her until she is a real beauty… don’t know why, but it seems like those models look all the same; she had a [...] Clear Your Mind - Management, Design and productivity by a geek called Javier Cabrera http://www.emaginacion.com.ar/cym/feed/ 2006-10-25 Tue 17 October 2006 11:52:15 PDT http://feeds.feedburner.com/~r/neowin-all/~3/41857602/index.php 5 years ago today Windows XP was launched worldwide after it had RTM'd a day earlier.It has been without a doubt the longest running operating system Microsoft has ever produced. Microsoft typically updated the client version of Windows every 2 years with Windows 95 being released in early 1996, the successive OSR updates until 1997 when Microsoft were hammered by anti-trust cases for bundling Internet Explorer 4.0 with Windows 95 OSR2, Windows '98 in 1998, Windows 98 Second Edition in 1999 and Windows Millennium in the February of 2000 after an extremely short beta cycle.The flop that was Millennium was a last ditch attempt to salvage what was left of the outdated 16-bit legacy kernel, it was never at the top of Microsoft's comparison charts when Windows XP became available, they typically used Windows 98 SE as an example of how far the client version had come by switching to the proven NT kernel, offering for the first time the kind of stability only the industry had enjoyed with Windows 2000 Professional, the business workstation version of Windows.Now, 5 years later Windows XP has been released with as many as 5 different flavors of which includes a 64-bit version and the latest version you can buy in the stores is Windows XP SP2b (an updated Service Pack 2 version). SP3 has been pushed back as far as 1H of 2008, long after its successor Windows Vista will be sitting on store shelves.Less popular additions to the client version of Windows are WGA (Windows Genuine Advantage) and "Activation" a technology that "calls home" and verifies the product key. Both of the above, like all previous versions of Windows however have been circumvented at least once and Microsoft continues to make it harder to pirate Windows and its other software packages. Lets hope Microsoft also goes as far as to "improve" its pricing after reeping the benefits of less pirating and more sales. Link: Windows XP Website @ Microsoft | Neowin Forum Discussion Read full story... NeoWin.net http://www.neowin.net/backend.php 2006-10-26 Thu 26 October 2006 05:24:57 PDT http://feeds.feedburner.com/~r/neowin-all/~3/41524450/index.php Thanks to Slimy for letting us know that Opera has updated its mobile web browser to support the latest Blackberry and Palm Treo hand held devices.Opera Mini is a fast and tiny Web browser, that allows you to access the full Internet on your phone. Take all your favorite Web sites on the go with Opera Mini! The new version further improves the browsing experience by enabling download of images, MP3s, etc directly to your phone."Opera Software today announced that Opera Mini™, the free Web browser for mobile phones, is available for the popular BlackBerry™ and Palm® handsets. Opera Mini™ offers BlackBerry™ and Palm® Treo™ users a faster delivery of Web pages and overall better user experience.Opera Mini™ offers faster and better page rendering while saving on memory and data usage, which reflects as a healthier handset and smaller bill for those with limited data plans. Opera Mini™ achieves this via a server-based component that compresses Web pages, ultimately reducing the size of data transferred and associated costs." Download: Opera Mini View: Opera Mini Simulator | Opera Mini Home Read full story... NeoWin.net http://www.neowin.net/backend.php 2006-10-25 Wed 25 October 2006 14:38:57 PDT http://rss.freshmeat.net/~r/freshmeat/feeds/fm-releases-osx/~3/40954792/ mxGraph is a JavaScript library that uses built-in browser capabilities to provide an interactive drawing and diagramming solution. Target applications are Web based applications that require workflow/BPM, diagram, network, or general graph editing to be available in-place on a Web page. License: Free for non-commercial use Changes: This release adds a DHTML option that provides 80-150% speed improvements over VML on Internet Explorer in core visualization features. The DHTML may still be mixed with VML for areas where DHTML is functionally limited. Firefox 2 and Minefield 3 are new browsers supported. Internet Explorer 7 did not require any changes to work correctly. An online organisation chart editing application has been added as an example with automatic node positioning. A number of bugfixes and minor features were also added. freshmeat OS X http://osx.freshmeat.net/backend/fm-releases-osx.rdf 2006-10-24 Tue 24 October 2006 06:45:20 PDT http://rss.freshmeat.net/~r/freshmeat/feeds/fm-releases-global/~3/40926751/ Asbru Web Content Editor is a cross-browser and cross-platform WYSIWYG HTML/XHTML Web content editor component for Web designers and programmers. It can be integrated into Web applications to give non-technical users access to create and update Web content. It can be used as a replacement for a simple TEXTAREA input field in contact forms, message boards, Web email systems, and Web content management systems. Features include CSS style sheet support, drag and drop editing, and advanced hyperlink and media managers. License: Other/Proprietary License with Source Changes: This release adds improved drop-down option handling in Microsoft Internet Explorer. freshmeat.net http://www.freshmeat.net/backend/fm-releases.rdf 2006-10-24 Tue 24 October 2006 05:00:40 PDT http://feeds.feedburner.com/~r/katywhitton/tvVU/~3/38175086/fubar.asp Testing is the most important part of the whole web production process. I don't care what anybody else tells you - listen to me, not them! At a company I once worked for (who shall remain nameless for obvious reasons!), we released a rather large website update. In normal circumstances our procedures were excellent (well, they had to be to maintain ISO 9001:2000 status) but in this case we were running late. Very late. So late in fact that the project manager decided that the version of the website we had on our development server was fine and we didn't need to bother with loading onto the staging server for the client to see (they had signed all the content off already but that's not the point), the project manager also decided that we didn't need to run it in our testing suite. Yes, we were posh and had a "suite". Oh, okay, I admit it, it was a workbench but we called it a suite in front of clients! Anyway, the project manager said "Launch the site, we'll loose money!", we argued about testing and the project manager stuck their fingers in their ears, so we did what we were told and published the site. Whoops! What a mistake 3 years worth of financial announcements were lost, the site now only worked on Internet Explorer 4 (and most people who hit it were running Netscape at the time - yes, it was that long ago!), half of the images were missing (including the company logo, very good) and the site was riddled with 404 errors. We still don't really know how it happened, in theory there should have been no missing/deleted content but there was. If we'd have taken a copy of the live site, put it on a staging server (that was identical to the live server) and run the update we would have seen these problems and they would have been avoided. As it was, poor muggins here had to stay in the office until midnight repairing the site from backups. Fun! That's just one (worse case) scenario of what can go wrong when you don't test a site properly. Other problems that you may encounter may include: Browser incompatibility Accessibility issues Broken links/images Server errors Database errors Component errors Incorrect/old content Corrupted files Plus much more - scary stuff, huh? Okay, you've convinced me, I don't want to mess up my biggest client's website. What do I do? Testing can be broken down into four key areas: User Testing - Testing whether certain data entered into a form breaks it, are there spelling mistakes (surprisingly common!), do all the links work, is all the page content there etc. Accessibility Testing - Is it (if specified in the TRS) accessible in all browsers, does the code validate, are there alt tags on all images, what happens if stylesheets are turned off etc. Server Testing - Can the server handle the bandwidth, are the correct compontents/databases installed, are the versions the same as the development server, does it have permission to send email through the company firewall etc. Database Testing - Can it handle X number of concurrent users, does the web developer have the correct permissions to run queries, is it on the correct port etc. The amount of testing that is required will obviously vary depending on the size and type of website. For example, a small 10 page brochureware site can be validated quite quickly with only User Testing, Accessibility and perhaps email permissions on the server (for the website's contact form) needing to be tested. For larger sites, the testing process may even be longer than the actual development process! Okay, I'm off to test the site.... Really? How? Sure, link checking, code validation and certain accessibility issue are easy to test and can be largely by automated routines/programs but that's not enough. How will you know what conditions you are going to test against? What are the expected results if a user enters a valid or invalid email address into a form? How will you know if the site works in Opera if you have only looked at it in Internet Explorer? A lot of people rush the testing process (or ignore it entirely), but as you have seen from my earlier example it's something that can't be ignored or rushed. Here are the main points to consider before beginning the testing process: Where will the site be tested? What machines are available to test the site on, do they have the correct Operating Systems/Browsers on them What conditions are you testing against? What is supposed to happen when a user does something correct or incorrect? How will the bugs be tracked/fixed/retested? How will the testing be signed off? Depending on the type of site you have, the above list may change but I think that it's the bare minimum you should consider when thinking out your testing plan. I'll go over each point below and discuss what you need to condsider and what to look out for. Where will the site be tested? Whilst I have been lucky in the past to have access to a "suite" of different machines with different Operating Systems/Browsers on, sometimes its not possible to have this luxury. Many people over look this step as they feel they can't test sites in this way which isn't strictly true. There are plenty of software emulators that can show you how your site will run (or look) on different platforms, operating systems and browsers. Be aware though, that whilst these programs/websites are quite useful they may not necessarily give an accurate representation of how the site will actually responsd in a real-world scenario. If you have access to the various pieces of software you need (or can download trial versions with the features you required enabled), you can install VMWare (or equivalent Virtual Machine software) which allows you to create a virtual "desktop" on an existing PC. This software keeps your own PC, software and configuration clean and gives you a "clean" install of your chosen Operating system. If neither of these options work for you, don't forget the power of the Internet! If you website is publically accessible, there are many online forums and user groups where you can post your URL and other like-minded web developers will test your website in various environments. Be aware though that they might have certain software on their machines that may affect the way your website runs, or just be petty as you've built a nicer site than them! Note though, with the last option, you would need to have this specified in the contract or have some form of agreement from the client - the last thing they want is their biggest competitor seeing their new site before it's released! Operating Systems/Browsers Different sites can, and invariably will, react differently with different browsers and operating systems. I have to hold my hand up here. A website we designed and built for a rather large multi-national ran perfectly in every browser on Windows (3.1, 95, 98 & 2000 - I told you I'd been doing this job for a while!) but did we test it on a Mac? Did we heck! Consequently what we had to do was some nasty JavaScript browser sniffing and write another 3 versions of the homepage depending on whether the browser was Mac/Netscape, Mac/I.E 4 or Mac/I.E 5 - 4 h