Hoax: Facebook Gold membership for $9.99

SophosLabs: A hoax claiming that Facebook is planning to start charging users continues to spread across the social network, and has now been adapted by mischief-makers into a claim that the service will be free if users forward a message before midnight.

Duped users are sharing the message with their online friends, believing it will help them avoid charges of between $3.99 and $9.99 per month.

FACEBOOK JUST RELEASED THEIR PRICE GRID FOR MEMBERSHIP. $9.99 PER MONTH FOR GOLD MEMBER SERVICES, $6.99 PER MONTH FOR SILVER MEMBER SERVICES, $3.99 PER MONTH FOR BRONZE MEMBER SERVICES, FREE IF YOU COPY AND PASTE THIS MESSAGE BEFORE MIDNIGHT TONIGHT. WHEN YOU SIGN ON TOMORROW MORNING YOU WILL BE PROMPTED FOR PAYMENT INFO...IT IS OFFICIAL IT WAS EVEN ON THE NEWS. FACEBOOK WILL START CHARGING DUE TO THE NEW PROFILE CHANGES

It's amazing what people will believe when they are sent a message from a trusted friend - but let me assure you, Facebook is *not* going to ask you for your payment when you sign onto the site tomorrow morning. And no, the announcement of Facebook beginning to charge its users has *not* been on the news.

As I explained at the end of last week, these claims are complete and utter poppycock. If a friend of yours forwards you the message, admonish them for spreading a chain letter and suggest they inform all of their friends that they were mistaken (maybe they could link to this article if anybody needs convincing?).

Don't forget you should join the Omid's Blog Facebook page, where we not only debunk hoaxes and chain letters, but we also keep you up-to-date on the latest rogue applications, scams and malware attacks threatening Facebook users.

Mac OS X Trojan hides behind malicious PDF disguise

SophosLabs: A fascinating new example of Mac malware has been discovered, that appears to be adopting an old Windows-style disguise to fool users into running it.

Despite the numerous times that cybercriminals have created boobytrapped PDF files that exploit vulnerabilities to infect unsuspecting users, many people still think that PDF files are somehow magically safer to open than conventional programs.

The OSX/Revir-B Trojan plays on this by posing as a PDF file.

When the malicious Macintosh application file is run it tries to drop a PDF embedded inside it onto the user's hard drive. The Chinese language PDF file displayed is about a controversial topic, "Do the Diaoyu Islands belong to Japan?"

The Diaoyu Islands (known as the Senkaku islands in Japan) are the subject of a long-running dispute between the two countries, with both claiming sovereignty.

Because the document is opened, users may believe that they have opened a harmless PDF rather than run a program.

When we tested the malware inside our labs, we couldn't manage to get it to execute as the author probably intended - however, strings embedded deep inside its code make it clear that it was written with malicious intent.

The malware attempts to install a backdoor Trojan horse (detected by Sophos as OSX/Imuler-A) which would give malicious hackers remote access to your Apple Mac computer.

As our friends at F-Secure point out, we have seen plenty of Windows malware in the past which has pretended to be a PDF rather than an EXE - sometimes using techniques such as the double-extension trick (for instance, filename.PDF.EXE).

It's quite possible that this is evidence that Mac malware authors are attempting something similar, moving on from the fake anti-virus alerts that blighted many Mac users earlier this year.

Facebook to Launch “Major” Profile Redesign at f8

Personally I've a feeling facebook is learning too much from Google Plus and its becoming too Google Plus-ish!, As we see they have created new style of lists (give me a feeling like Google Plus circle), redesigned images, new privacy options like Google plus and many more, and now Mashable wrote:

Facebook to Launch “Major” Profile Redesign at f8

Here’s what we know so far about the profile redesign:

• The redesigned profiles will be more “sticky,” says one source. One of the goals of the new profiles is to get users to stay on them for longer.
• We already knew Facebook is launching a media platform at f8. However, we’ve also learned that the platform — which will include music and video from partner sites — will display the media content a user is watching or listening to on their profiles. Essentially, when you’re listening to Lady Gaga on Spotify, your friends can see and access that on your Facebook profile. This confirms a recent New York Times report.
• The redesigned profiles are part of a larger push into social ecommerce. We don’t exactly know what that means, but we’ve heard whispers that Facebook intends to give Facebook Credits more prominence. We’ve also heard that a Facebook app store may emerge at f8.
• Facebook’s push into ecommerce may be related Project Spartan, an HTML5-based mobile platform rumored to be launching soon.

Read the full article at Mashable: http://mashable.com/2011/09/19/facebook-profile-redesign-f8/

Hacker Rattles Security Circles: 21 Years Old Iranian

The building housing the Dutch company DigiNotar,
which issues digital Web site certificates and
 was hacked last month.

The New York Times: He claims to be 21 years old, a student of software engineering in Tehran who reveres Ayatollah Ali Khamenei and despises dissidents in his country.

“I’m totally independent,” he said in an e-mail exchange with The New York Times. “I just share my findings with some people in Iran. They are free to do anything they want with my findings and things I share with them, but I’m not responsible.” He Said.

“My country should have control over Google, Skype, Yahoo, etc.,” he said by e-mail. “I’m breaking all encryption algorithms and giving power to my country to control all of them.”

Read the full story in The New York Times.

One in four Windows 7 PC run out of date anti-malware

MSDN: One of the things we talk quite a bit about with Windows 8 is making sure Windows is a safe, secure, and reliable computing environment. We have always provided a broad range of solutions for achieving these goals and work closely with a broad range of industry partners. We continue to enhance these capabilities with Windows 8 while making sure you always have choice and control over how to protect and manage your PC. With Windows 8 we are extending the protections provided by Defender to address a broader range of potential threats. Jason Garms, the group program manager of our reliability and security team authored this post that represents work across several teams. --Steven

Read the story here: http://blogs.msdn.com/b/b8/archive/2011/09/15/protecting-you-from-malware.aspx

Happy Birthday Avira FreeAV!

Happy birthday Avira FreeAV! Avira free antivirus solution protecting more than 100 million customers worldwide celebrates its 12th birthday today. Soon you can benefit from new version that is in the final stage of development. Stay tuned!

Iranian block on Tor traffic quickly foiled

The H-Security: The online privacy and security service Tor was blocked by the Iranian government late evening (local time) 13 September. This was done by adding a filter rule to the Iranian border routers which identified Tor traffic and blocked it. The blocking was quickly discovered by Tor and the project released a fix a few hours later. The fix consists of a new version of the Tor software, Tor 0.2.3.4-alpha, and once this is installed on relays and bridges, the company expects normal service to be resumed for users in Iran.

A report on the Tor web site explains how the filter worked. The Iranian block used a peculiarity in the expiry time of Tor's SSL certificates, which was a very unusual two hours and very different to the year which might be typical for a normal CA certificate. It was this minor difference that enabled Tor traffic to be recognised and subsequently blocked. To fix the problem, at least for now, Tor has given its certificates more typical expiry times.

The company accepts that it needs to develop both medium and longer term solutions to the problem of being blocked, and notes that the last time Iran attempted to block its traffic was in January 2011.

Update:

• Tor relays and bridges should upgrade to Tor 0.2.2.33 or Tor 0.2.3.4-alpha so users in Iran can reach them again. More Info: https://blog.torproject.org/blog/iran-blocks-tor-tor-releases-same-day-fix

uTorrent server delivered malware for two hours on Tuesday

The H-Security: The BitTorrent company has confirmed that its uTorrent servers were hacked on Tuesday 13 September and, for almost two hours, anyone downloading the uTorrent client software from the servers received a scareware fake anti-virus package instead. The malware package has been identified as belonging to the "Security Shield" family of scareware; once installed, it falsely informs a user that malware has been detected on their machine and requests payment in order to clean the system.

According to BitTorrent, anybody who downloaded the uTorrent client from utorrent.com between 12.20pm and 2.10pm BST is likely to have received the malware instead and should scan their system with a reputable anti-virus package. BitTorrent took down its servers towards the end of this two-hour window to prevent further downloads, and says that they are now running normally again. Originally it was thought that the bittorrent.com server was also compromised, but the company states that, after testing, it does not believe this to be the case; the BitTorrent Mainline/Chrysalis clients were not affected.

VirusTotal Result of downloaded sample: http://www.virustotal.com/file-scan/report.html?id=ecec8a6a9751d58ea125e280117960cf901911e909c3288706208350daf8668a-1316016874

Credit to my friend, 'Pondus'.

Adobe closes 14 holes in Reader and Acrobat

The H-Security: Adobe has released new versions of Reader and Acrobat to close several critical security holes. Versions 10.x, 9.x and 8.x of both products for Windows, Linux and Mac are affected. Adobe recommends that Reader X and Acrobat X users update to version 10.1.1 as this version offers added protection under Windows through its sandbox. However, the vendor has also made Adobe Reader 9.4.6 and 8.3.1, as well as Adobe Acrobat 9.4.6 and 8.3.1, available to download. Adobe Reader 9.4.6 for UNIX is due to be released on 7 November.

As previously announced, version 10.x offers an updated Adobe Approved Trust List (AATL) from which Adobe has removed all DigiNotar certificates. The 9.x versions don't yet dynamically update the AATL; this feature is planned to be included in future versions. Until then, users are advised to manually delete the certificates – Adobe has released instructions on how to do so.

A previous update for an Adobe product had attracted criticism from security specialists who said that Adobe had tried to cover up the real number of holes it closed. Adobe had only mentioned 13 holes when describing a Flash Player update, but security specialist Tavis Ormandy, who works for Google, pointed out that more than 400 holes had been closed.

Microsoft closes holes in Windows and Office

The H-Security: Microsoft has released two updates for Windows and three for Office to close various security holes. All five updates have only been rated "important" by the company.

A hole in WINS enables local attackers to escalate their privileges on a system. Another patch prevents a new variant of binary planting, or DLL hijacking, attacks that can cause Windows to load DLLs from shared network volumes without the user's permission. This allows attackers to execute code on a computer via specially crafted DLLs. Microsoft has been struggling to contain the insecure DLL loading problem with numerous patches released since mid 2010.

Further updates for Office close five holes in Excel and two general holes in Office that can all be exploited to compromise a PC. Opening a specially crafted document is all that is required to become a victim. Another update fixes five vulnerabilities in SharePoint that allow users to escalate their privileges on a system.

An overview of the updates can be found in the "Microsoft Security Bulletin Summary for September 2011".

GlobalSign gives itself clean bill of health after Iranian hacker's braggadocio

SophosLabs: Following the widely-publicised disgrace of Dutch digital certificate issuer DigiNotar, a person calling himself ComodoHacker claimed that he'd breached four other Certificate Authorities (CAs), too.

Only one of these CAs was named: GlobalSign, the world's fifth-biggest issuer of digital certificates.

In my opinion, GlobalSign would have been justified in ignoring this claim altogether.

It comes across as a stream of made-up, self-serving puffery, including bluster like this:

You see? I'm so smart, sharp, dangerous, powerful, etc. huh?

May I also start a web hacking course for Anonymous and Lulzsec and friends of them, Rootkit development for Stuxnet developers, 0-day vuln. assessment in Windows and Linux environment for Stuxnet developers and other hackers too. huh? What do you think?

WOOOOORLLLLDDD! Wait for me, you have so much more SHOCKINGS to see from me! From a person who came to this world just 21 years ago! JUST WAIT!

But GlobalSign decided, like Shakespeare's Falstaff, that the better part of valour is discretion.

The company suspended its certificate-issuing business to investigate whether ComodoHacker's unlikely claims might have a whiff of truth. GlobalSign even retained Fox-IT, the consultants called in to investigate the DigiNotar disaster, for some objective outside help.

The good news is that everything at GlobalSign to do with certificate signing appears to be in good shape, and the company will resume business-as-usual this week.

The bad news, of course, is that the company had a week's business outage as a result.

Ironically, even after GlobalSign had given itself the all-clear in respect of certificate signing, it reported an apparently-inconsequential breach against its web server.

Any sort of breach is bad news, of course, but I'm willing to overlook GlobalSign's web server issues entirely. I suspect that many companies wouldn't have turned off part of their business voluntarily, and called in outside help, to investigate allegations of the sort made by ComodoHacker.

In fact, in most of Asia Pacific, where there are no data breach notification requirements at all, you might not hear from a company even if it knew it had suffered a Sony-sized leak of your data, let alone if it had spotted someone fiddling with its web server.

Hats off to GlobalSign in this matter.

Yes, Microsoft Did Change The World More Than Apple

Business Insider: A new poll in France says 7 out of 10 people think Microsoft did more to change the world than Apple. We think we would have similar results in other countries, if only because a lot more people (still!) use Microsoft products than Apple products, at least for personal computing which is (still!) the most important part of computing.

It's hard to see a mention of Steve Jobs without the worlds "change the world" or "changing an industry." And let's give him his due. Let's give him his due as one of the greatest entrepreneurs in history, as an amazing entrepreneur and visionary who left many "dents" in the universe. And he did change many industries, like music, film, and yes, personal computing.

But in terms of sheer impact on the world? Microsoft wins, hands down.

Read The Full Story: http://www.businessinsider.com/yes-microsoft-did-change-the-world-more-than-apple-2011-9#ixzz1XOszWk4u

Pink claims her Facebook page was 'hacked'

SophosLabs: Pop singer Pink has posted an angry message to hackers, who she claims stole photographs from her Facebook page.
But was Pink's Facebook page really hacked, or was she just one of the many people who have been careless with their privacy settings?

The Grammy award-winning singer, famous for hit records such as "Get the party started" and "God is a DJ", posted on Twitter about the incident, but didn't clarify the nature of the photos the hackers might have accessed.

My first thought was that the photo may be of her baby daughter Willow, after the singer recently railed against "intrusive paparazzi behaviour" as the media clamoured for the first pictures of her child.

TO ALL THE PEOPLE I DON'T KNOW HACKING INTO MY PRIVATE PICTURES ON FACEBOOK, PLEASE STOP. HAVE SOME RESPECT FOR PRIVACY.

Interestingly, Pink seems to be blaming herself for uploading the photograph to Facebook in the first place.

it's my own fault 4 posting a picture. i should know better.anyways,there are way more important things in the world than my facebook page.

This is quite astute of Pink. As we've said many time times before, if you want to keep something really private - don't upload it to a website, even if they do claim to have privacy controls in place.

Without further information it's hard to clarify whether Pink's Facebook account really was hacked, or whether she was simply sloppy with her privacy settings - allowing people who weren't friends of hers to view what were presumably private photographs.

Last month, Facebook announced it was revamping its privacy settings, making it more obvious to users how their uploaded photos, status updates and personal information was being shared.

If Pink is reading this, and wants to learn more about security and privacy issues on Facebook, she is most welcome to joining the "Omid's Blog!" Facebook page, where people regularly share information on threats and discuss the latest news.

ComodoHacker responsible for DigiNotar Attack

TheHackerNews.com: The hacker warns the Internet community that he has access to 4 other high-profile CAs, among them being GlobalSign, a certification authority from the U.S. He threatens that he will use his power over the companies to issue false certificates, which will later become the weapon of his revenge against countries who deserve it.In his own words, he said “I won't talk so many detail for now, just I wanted to let the world know that ANYTHING you do will have consequences, ANYTHING your country did in past, you have to pay for it...”. Complete Message here.

An Iranian hacker posting a message on a Pastebin account boasting of his exploits and claiming to have access to more CAs. As a proof to show that he really did infiltrate DigiNotar, he shares the domain administrator password of the CA network:Pr0d@dm1n .

Around 300.000 unique requesting IPs to google.com have been identified," Fox-IT said in the report. On Aug. 4 the number of requests rose quickly until the certificate was revoked on Aug. 29. Of these IP (Internet Protocol) addresses, more than 99 percent originated from Iran.The list of IP addresses will be handed over to Google who can inform users that their e-mail might have been intercepted during this period, Fox-IT said. According to SC Magazine, Microsoft has also updated the Certificate Trust List (CTL) to remove any fake certificates. A total of 531 digital certificates were issued for domains that included google.com, the CIA, and Israel's Mossad . The hack implies that the current network setup and procedures at DigiNotar are not sufficiently secure to prevent this kind of attack.

German Censors Approve New Action Game

rockpapershotgun.com: Are you a German teenager? Then do we have some good news for you! After a short seventeen year-long wait, you are now legally allowed to buy a copy of Doom. And, indeed, Doom can now be stocked in normal shops, not just ones ominously deemed ‘adults-only’ – which was basically putting the game right up there with porn.

As of yesterday, Germany’s Federal Department for Media Harmful to Young Persons (Bundesprufstelle) has removed Doom – and Doom II – from its list of ‘controlled’ games, following an appeal by id’s owners Bethesda. Their reasoning? Because the Bundesprufstelle thinks Doom is ‘now only of artistic and scientific interest and will not appeal to youngsters’, according to the BBC.

WHAT.

Alright, so it’s not Call of cocking Duty, but I’m pretty sure most any youngster could have a good time with good old Doom. I’m pretty sure some of them did, when it re-released on Xbox Live a couple of years back. Lunacy! This is Doom. Doom is a great time.

Still, the important thing is that teenagers are now allowed to buy a brightly-coloured, 2D monster-shooting game from 1993. I know Doom’s success went some way towards damning the mainstream games industry to an often tedious obsession with shooting pretending men, but it sure didn’t deserve a 17-year-long stigma.

All that said – you still can’t buy it if you’re under 16. And any version of the game containing the Wolfenstein 3D secret missions remains ‘controlled’ due to the Nazi stuff in ‘em. Them’s the breaks.

Germans! Are you now able to access the Steam re-release of the game, or do those wheels turn too slowly?

Happy third birthday, Chrome!

Google Chrome Blog: It’s that time of the year again for the Chrome team, when we pause on our anniversary to reflect on the amazing life and times of the web. It’s hard to believe that it’s already been three years since we launched our open source web browser, Chrome.

In that time, the web community has continued to inspire us, bringing the power of the web into all kinds of apps and experiences, with all modern browsers making great strides in speed, simplicity and security. To pay homage to the goodness of the web, we’ve put together an interactive infographic, built in HTML5, which details the evolution of major web technologies and browsers:

(With thanks to our friends at Hyperakt, Vizzuality, mgmt design, and GOOD)

In our third year, we’ve also brought Chrome's principles of speed, simplicity and security to a new model of computing: the Chromebook. The Chromebook is pure Chrome—a computer built for everything you ever need to do on the web while doing away with all the usual annoyances of an old, slow PC.

Here’s a quick fly-by through the some of the highlights of the past 12 months on the Chrome platform:

Faster and faster

• We kick off the Year of the Rabbit with a new compilation infrastructure for the V8 JavaScript engine, codenamed “Crankshaft,” which improves JavaScript performance by up to 66 percent.
  
• Chrome’s new settings interface helps you find the right settings quickly with an integrated search box. It also provides direct links to each settings page, which can be copied and pasted for easy troubleshooting.
  
• The omnibox is improved to better suggest partial matches for webpage titles and URLs.
  
• You can optionally enable Chrome Instant, which shows relevant content in the browser window as you type, before you press Enter.
  
• Chrome’s built-in prerendering technology enables sites to build even faster experiences for their users—such as Instant Pages in Google search, which in some cases makes search results appear to load almost instantly.

Simpler and more accessible

• Chrome supports many popular screen readers such as JAWS, NVDA and VoiceOver to help visually impaired people better experience the web.
  
• Print Preview, a popular feature request, uses Chrome’s built-in PDF viewer to display the preview, and enables you to save any webpage as a convenient PDF file using the “Print to PDF” option.
  
• Chrome’s icon takes on a simpler look to embody the Chrome spirit, since Chrome is all about making your web experience quicker, lighter and easier for all.

An even more secure platform

• Our integrated and sandboxed PDF viewer enables you to view PDF files on the web without installing additional software. Furthermore, we built an additional layer of security around the PDF viewer called a “sandbox” to help protect you from security attacks that are targeted at PDF files.
  
• Adobe Flash Player is sandboxed on Windows, further protecting you from security attacks and malware targeted at Flash content on the web.
  
• Chrome warns you before downloading some types of malicious files with enhanced Safe Browsing technology. In order to help protect privacy, malicious content is detected without Chrome or Google ever having to know about the URLs that you visit or the files you download.
  
• To provide greater transparency and control over the data that websites store on your computers, Chrome lets you delete Local Shared Objects created by Adobe Flash Player using the browser’s built-in setting dialogs.

Wowzah, the modern web!

• The Chrome Web Store is an open marketplace where you can search for and discover web applications, both free and paid, along with ratings and reviews. Developers can add in-app payments to their apps for a flat 5 percent transaction fee.
  
• Chrome supports WebGL, which brings hardware-accelerated 3D graphics to the browser with no additional software needed. For a taste of what WebGL can do, check out “3 Dreams of Black,” a 3D music experience for the web browser.
  
• Chrome’s support for the HTML speech input API enables developers to give web apps the ability to transcribe your voice into text. Try it out on www.google.com by clicking on the microphone icon in the search box.
  
• Hardware-accelerated 3D CSS enables snazzier experiences in webpages and apps which use 3D effects.

Delivering a new, simpler model for computing

• Chrome is enterprise ready, with an MSI installer and support for managed group policies. Many organizations such as Vanguard and Procter & Gamble have successfully deployed Chrome to thousands of users in an enterprise setting.
  
• As of this past July, Chromebooks are now available for purchase in eight countries—the U.S., U.K., France, Germany, Italy, Spain, the Netherlands and South Korea. And just like Chrome, the Chromebook always keeps getting better. When you turn your Chromebook on, it updates itself automatically: you get the latest and greatest version of the operating system without having to think about it.

There’s more to come. Keep an eye on the Chrome blog to hear about new features and performance improvements as we continue to ship stable channel updates every six weeks. As always, on both Chrome and Chromebooks you’ll be automatically updated to the new versions as soon as they’re released.

Wikileaks website targeted by hackers

TechSpot: Wikileaks found itself the victim of a cyberattack on Tuesday, shortly after the release of thousands of US State Department communications. News broke of the attack on their Twitter page, which offered another link to the communications, and a message stating "WikiLeaks.org is presently under attack."

It is likely that they were hit with a Distributed Denial of Service (DDoS) attack, the most commonly used method by hackers to cause disruption to websites. It works by flooding the servers with traffic, overloading them, and subsequently causing the servers to crash, or become otherwise unreachable.

"Want to really help Wikileaks fend off attacks? Send us money to pay the bills. Many people x $5 = strength," said Wikileaks in a subsequent tweet, trying to use the situation as an opportunity to get more funding.

The release of communications has drastically increased recently, and a recent blunder by Wikileaks' founder Julian Assange, which saw the release of over 250,000 uncensored US State Department communications after the trusted key to an encrypted file online was somehow published, has certainly drawn more unwanted attention.

It's still unclear what the motives of the hackers were, or who exactly is responsible as nobody has come forward to claim responsibility for the attacks. But it's likely in response to the increased release of communications -- not helped by the blunder by its founder. Widely known hacking groups Anonymous and Lulzsec have been publicly voicing their support for Wikileaks, so it's unlikely either of them are to blame, especially given the fact they have targeted payment companies in the past for preventing the whistle-blowing organization from receiving donations.

The main site wikileaks.org is back online but is clearly still having some issues (it was unreachable during the writing of this article). Wikileaks has said that these connection problems are related to a DNS cache issue.

iPhone 5 giveaways on Facebook - a scam or what?

SophosLabs: Even if it hasn't been officially announced yet, and certainly isn't available to the general public (unless an Apple employee loses a test model in a bar), there are plenty of scammers out there trying to trick you into believing you can get a free iPhone 5.

Here's just a sample of the pages on Facebook claiming to be an iPhone 5 giveaway. Typically they are trying to trick you into clicking on links, driving traffic to online surveys which earns them revenue.

Repeat after me :-)

• There is no free iPhone 
• There is no free iPad 

Very, very occasionally, you will meet people who got an iPad "for free". For example, the Naked Security team won one at this year's Security Bloggers awards when they were named "Most Educational Security blog". :-)

But for every free iPhone or iPad offered, there are probably 10,000,000 or more fake offers.

So if you simply assume ALL "free" iPads and iPhones offered online are scams, you're missing out on a one-in-a-ten-million chance. In other words, you're missing what is mathematically almost indistinguishable from nothing, zero, zilch.

But each time you enter one of these online giveaways, you could be handing over your personal information to scammers and putting money into their pockets.

And you don't want to do that, do you?

It's widely anticipated that Apple will announce the iPhone 5 sometime this month. But don't hold your breath about them offering it for free.

Follow @boelectronic

By the way, if you're a Facebook user and want to keep up on the latest threats and security news I would recommend you join my Facebook page.

Facebook to launch music service on September 22

TechSpot: Facebook plans to launch a music service on September 22, which happens to coincide with the company’s F8 conference. The news comes via CNBC’s twitter feed which reported the headline earlier today.

A quick blurb on CNBC’s website also mentions the pending music service launch, suggesting that Facebook won’t actually host the music, but will partner with a provider to offer the service.

There isn’t much more to go on at the moment, but this isn’t the first time we've heard such rumors. Last month, Facebook announced a video calling feature powered by Skype. Software developer Jeff Ross panned through the program’s code and found references to an app called Facebook Vibes which connects with a music download dialog. Ross posted the following statement on his blog.

"The video chat plugin, called peep, is what is downloaded now. At some point in the future they seem to be prepared to download another app though, called Facebook Vibes. I searched around to see what this is all about, and it seems that this is an unannounced feature that has yet to be released. The vibes app connects with a music download dialog in the page though, so I’m guessing that with this release we are seeing the seeds for Facebook’s upcoming music offering."

In May, we heard rumors that Facebook was partnering with Spotify, a DRM-based streaming service that allows users to instantly listen to millions of songs from several major and independent record labels. Spotify launched in select European countries in October 2008 but only opened their doors to US users on July 14, 2011.

Pending a deal, Facebook is just another name on the growing list of companies looking to offer streaming music to users. Last week RIM announced BBM Music, a streaming music service for BlackBerry users. The service integrates with BlackBerry Messenger, the company's popular messaging service, and gives users access to "millions of songs" from all four major music labels.

Call of Duty: MW3 To Use Steamworks

rockpapershotgun.com: This just came in from Valve: “The PC version of the product will be powered with Steamworks for both the digital and tangible versions of the game and, as with all Steamworks titles, offline play will also be supported along with Auto-Updating, Achievements, and more. Call of Duty: Modern Warfare 3 will also support dedicated servers on day 1.”

Better, I suppose. The game is out November 8th.

Mail.ru protects e-mail users with WOT reputation data

Web of Trust (WOT), the world’s leading website reputation rating service, and Mail.ru Group, Russia’s largest Internet company, have partnered together to improve online protection for 300 million people using Russia's leading free e-mail service, Mail.ru. All links contained in emails received by Mail.ru users are checked through WOT’s reputation database to warn users from following untrustworthy links that could lead to scams, identity theft, malware and other online threats.

The integration of WOT reputation ratings into Mail.ru is similar to WOT's collaboration with Facebook, published in May. WOT will give customers who receive unfamiliar links in their email information to identify dangerous messages and avoid clicking on URLs that might lead to compromised websites or malware downloads. If a user follows a risky link, an explanation of why it does not satisfy WOT’s rating criteria will appear so they can make an informed decision whether to continue, go back or learn more. Mail.ru will not block any links.

“We know that for a majority of Mail.ru users, email is the main tool for communication with friends, colleagues, clients and acquaintances. Of course, we want to make mail.ru as safe as possible. Our cooperation with WOT is the next step in creating the safest email system which warns users about untrustworthy and malicious sites," said Anna Artamonova, Vice President for Strategic Projects at Mail.ru Group.

Targeted email attacks are on the rise
Antivirus companies report an 80 percent reduction in overall spam volumes. Instead of traditional spam, cybercriminals are focusing on higher-value actions, including increased scams and malicious attacks, spearphishing and targeted attacks.

“In recent months, targeted email attacks have increased significantly worldwide,“ said Vesa Perälä, CEO of WOT Services. “Cybercrooks gather personal information from social networks and other web sources to craft tempting emails that users will click. WOT’s real-time reputation ratings provide Mail.ru customers a safe environment from phishing, scams and other forms of email threats.

Read the press release here.

Woman sues after firm tracking stolen laptop records nude video chats

SophosLabs: Imagine the scene.

You buy a second-hand laptop using it to, among other things, have secret sexy video chats with your significant other. Unbeknownst to you, naked photos of you are being taken by a company hired to track down the stolen laptop.

Ouch.

This is what has happened to Ohio-based Susan Clements-Jeffrey and her boyfriend.

Absolute Software is in the business of helping people recover their computers. Fair enough. But is taking nude snaps of the person using the stolen laptop a step too far?

U.S. District Judge Walter Rice thinks so, saying that Absolute Software may have violated 52-year-old widow Susan Clements-Jeffery's rights to privacy.

What does the judge have to do with this? Well, Susan is suing Absolute Software.

She is a substitute teacher who reportedly bought the computer from one of her students in 2008 for $60. The student told her it was a gift from his relatives, that he had got a new one, and this one was now for sale.

Turns out the laptop was stolen from Clark County School District in Ohio. They had purchased and installed Absolute Software's theft recovery service - called LoJack - onto their computers, so when the stolen laptop was connected to the internet, LoJack collected the teacher's IP address.

Rather than handing the information over the police to track her down, Absolute Software employee Kyle Magnus reportedly decided to intercept communications, including Susan Clements-Jeffery's saucy video chats.

Magnus then forwarded the collected information, including revealing pictures and sexy conversations to a police detective. According to Wired, the cops arrested Susan for receiving stolen property, but charges were soon dismissed.

Susan now is suing the lot of them: Absolute Software, their employee Kyle Magnus, the city of Springfield in Ohio, and the two cops who arrested her (did I mention the cops apparently waved the nude snaps when they first knocked on her door?)

So my take on this? I have no problems with Absolute Software and the cops trying to get the stolen laptop back. Fine. But using saucy pics to embarrass who ended up using the stolen property just screams 'a step too far' to me.

You can read a much more detailed report, written by Kim Zetter, on Wired.

Julianne Hough leaked photos published after phone hack

SophosLabs: Julianne Hough is famous in the United States not just for being an actress and country music singer, and dating "American Idol" host Ryan Seacrest, but also for having won ABC's "Dancing with the stars" TV show twice.

So, hardly the kind of woman who you would think would need to resort to a cheap publicity stunt to raise her profile.

But no doubt there are skeptics who are right now wondering if the news that her mobile phone was "hacked" and one hundred of her private photographs published on the net is nothing more than a way of gaining attention.

Because she certainly is getting attention from various showbiz websites - with some unashamedly republishing photographs which are presumably stolen property with headlines like

Julianne Hough Gets Hacked — Check Out Her Sexy Bikini & Cleavage Shots!

There's nothing particularly salacious to be found in the photos that have been published - Julianne has a reputation for being a "good girl" - but clearly the photos of her posing in her bikini and sunbathing were intended for her eyes only (or at least hers and perhaps Ryan Seacrest's). Those hoping for titillating images of the dancer topless or doing a watusi with Ryan Seacrest will be mightily disappointed.

A quick check of Miss Hough's Twitter feed reveals that she normally posts messages from her Apple iPhone.

It's unclear how photos would have been stolen from the iPhone, unless someone else had physical access to the device, to a computer the iPhone had been synched with, or if the photos had been uploaded to the net in some way (in the case of the latter it's not really a phone hack is it?)

Nevertheless, there's some very simple advice I can give to any budding starlet who might be worried about private photos of themselves leaking into the public.

If you don't want your boss, your wife, your schoolfriends, or even the entire internet to see a photo - think twice about taking it in the first place, and if you do take the photo keep it in a very safe place away from the internet.

Furthermore, keep your smartphone secured with a strong passcode. Too many people use easy-to-guess passcodes, or no passcode at all, which isn't going to provide much protection if you leave your iPhone in a bar.

Stars who have claimed to have had private photos of themselves stolen by hackers in the past include Vanessa Hudgens, Miley Cyrus and Lady Gaga.

kernel.org compromised

Read it yourself...

1. ---------- Forwarded message ----------
2. From: J.H. <warthog9@kernel.org>
3. Date: 2011/8/29
4. Subject: [kernel.org users] [KORG] Master back-end break-in
5. To: users@kernel.org
8. -----BEGIN PGP SIGNED MESSAGE-----
9. Hash: SHA1
11. Afternoon Everyone,
13. As you can guess from the subject line, I've not had what many would
14. consider a "good" day.  Earlier today discovered a trojan existing on
15. HPA's personal colo machine, as well as hera.  Upon some investigation
16. there are a couple of kernel.org boxes, specifically hera and odin1,
17. with potential pre-cursors on demeter2, zeus1 and zeus2, that have been
18. hit by this.
20. As it stands right now, HPA is working on cleaning his box, and
21. I'm working on hera (odin1 and zeus1 are out of rotation still for other
22. reasons), mainly so that if one of us finds something of interest, we
23. can deal with it and compare notes on the other box.
25. Points of interest:
27. - - Break-in seems to have initially occurred no later than August 12th
29. - - Files belonging to ssh (openssh, openssh-server and openssh-clients)
30. were modified and running live.  These have been uninstalled and
31. removed, all processes were killed and known good copies were
32. reinstalled.  That said all users may wish to consider taking this
33. opportunity to change their passwords and update ssh keys (particularly
34. if you had an ssh private key on hera).  This seems to have occurred on
35. or around August 19th.
37. - - A trojan startup file was added to rc3.d
39. - - User interactions were logged, as well as some exploit code.  We have
40. retained this for now.
42. - - Trojan initially discovered due to the Xnest /dev/mem error message
43. w/o Xnest installed; have been seen on other systems.  It is unclear if
44. systems that exhibit this message are susceptible, compromised or not.
45. If you see this, and you don't have Xnest installed, please investigate.
47. - - It *appears* that 3.1-rc2 might have blocked the exploit injector, we
48. don't know if this is intentional or a side affect of another bugfix or
49. change.
51. - - System is being verified from backups, signatures, etc.  As of right
52. now things look correct, however we may take the system down soon to do
53. a full reinstall and for more invasive checking.
55. - - As a precaution a number of packages have been removed from the
56. system, if something was removed that you were using please let us know
57. so we can put it back.
59. - - At this time we do not know the vector that was used to get into the
60. systems, but the attackers had gained root access level privileges.
62. That's what we know right now, some of the recent instabilities may have
63. been caused by these intrusions, and we are looking into everything.
65. If you are on the box, keep an eye out, and if you see something please
66. let us know immediately.
68. Beyond that, verify your git trees and make sure things are correct.
70. - - John 'Warthog9' Hawley
71. Chief Kernel.org Administrator
72. -----BEGIN PGP SIGNATURE-----
73. Version: GnuPG v1.4.11 (GNU/Linux)
74. Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
76. iEYEARECAAYFAk5a5U0ACgkQ/E3kyWU9dif+1ACfYPlgq/keFrFO77AmQVduKGwx
77. TAcAnRAu6nHt74+5aC+fPeb8aT0hcy2K
78. =Semd
79. -----END PGP SIGNATURE-----