Census of Files Available via BitTorrent: Via Freedom to Tinker.

BitTorrent is popular because it lets anyone distribute large files at low cost. Which kinds of files are available on BitTorrent? Sauhard Sahi, a Princeton senior, decided to find out. Sauhard's independent work last semester, under my supervision, set out to measure what was available on BitTorrent. This post, summarizing his results, was co-written by Sauhard and me.

Sauhard chose a (uniform) random sample of files available via the trackerless variant of BitTorrent, using the Mainline DHT. The sample comprised 1021 files. He classified the files in the sample by file type, language, and apparent copyright status.

Before describing the results, we need to offer two caveats. First, the results apply only to the Mainline trackerless BitTorrent system that we surveyed. [ Read more ... ]

Browser Versions Carry 10.5 Bits of Identifying Information on Average: Via EFF.org Updates.

This is part 3 of a series of posts on user tracking on the modern web. You can also read part 1 and part 2.

Whenever you visit a web page, your browser sends a "User Agent" header to the website saying precisely which operating system and web browser you are using. This information could help distinguish Internet users from one another because these versions differ, often considerably, from person to person. We recently ran an experiment to see to what extent this information could be used to track people (for instance, if someone deletes their browser cookies, would the User Agent, alone or in combination with some other detail, be unique enough to let a site recognize them and re-create their old cookie?). [ Read more ... ]

Sneaky Microsoft plug-in puts Firefox users at risk: Via computerworld.

Patches critical bug, exploitable because of add-on silently slipped into Firefox last February

An add-on that Microsoft silently slipped into Mozilla's Firefox last February leaves the browser open to attack, Microsoft's security engineers acknowledged earlier this week.

One of the 13 security bulletins Microsoft released Tuesday affects not only Internet Explorer (IE), but also Firefox, thanks to a Microsoft-made plug-in pushed to Firefox users eight months ago in an update delivered via Windows Update.

"While the vulnerability is in an IE component, there is an attack vector for Firefox users as well," admitted Microsoft engineers in a post to the company's Security Research & Defense blog on Tuesday. "The reason is that .NET Framework 3.5 SP1 installs a 'Windows Presentation Foundation' plug-in in Firefox."

The Microsoft engineers described the possible threat as a "browse-and-get-owned" situation that only requires attackers to lure Firefox users to a rigged Web site. [ Read more ... ]

Best Buy Sold Infected Digital Picture Frames - Via NYT > Technology:

Best Buy Co. Inc. sold digital picture frames during the holidays that harbored malicious code able to spread to any connected Windows PC, the big box retailer has confirmed. It is not recalling the frames, however.

What Best Buy called "a limited number" of the 10.4-in. digital frames sold under its in-house Insignia brand were "contaminated with a computer virus during the manufacturing process," according to a notice posted on the Insignia site last weekend. The frame which went by the part number NS-DPF10A has been discontinued, and all remaining inventory pulled, Best Buy added.

But that didn't happen until after some of pre-infected frames were sold to customers. [ Read more ... ]

BioShock Demo Installs SecuROM Service - GamingBOB.com: 2K Games recently issued at statement addressing the DRM protection and widescreen problems for the BioShock PC game. In the statement 2K reveals a change in number of activations available with each copy of BioShock. Consumers are now allowed to activate their copy of BioShock a total of five times via the SecuROM network. Problems have already surfaced on the third-party severs preventing users from activating their copy of the game.

What 2K has failed to address is the the SecuROM service installed on your computer when installing BioShock, which is also included in the demo. [ Read more ... ]

LAWTECH GURU BLOG by Jeff Beard: Windows Vista Security: Pros and Cons, Third Party Solutions Still Needed: "Vista has a number of new security features, such as a two-way firewall, Windows Defender, UAC (User Account Control), BitLocker Drive Encryption, and more. These are certainly improvements over XP in terms of baking more security into Windows. My thoughts and experiences with them so far, along with recommendations for third-party security apps where needed: [ Read more ... ]

TG Daily - Fujitsu announces fingerprint security for Windows: "Sunnyvale (CA) - In an online world dominated by endless user names, passwords and answers to security questions, the idea of simple yet effective security has not been perfected yet. Fujitsu Microelectronics has introduced a fingerprint kit which takes a big step in the right direction: it works in Windows and it's easy to integrate. [ Read more ... ]

Confirmed: Microsoft's Windows Media DRM cracked (again): "The Zune may not be the most popular portable media player, but you wouldn't know it based on the game of cat and mouse that has been going on for nearly a year between Microsoft and 'hackers' who have continually found ways to defeat Microsoft's DRM.

Ars Technica has been able to confirm that the latest attacks on Microsoft's Windows Media DRM work as proclaimed. Via an update of the Individualized Blackbox component (IBX), FairUse4WM can now remove DRM for Microsoft IBX versions 11.0.6000.6324 and earlier, on both XP and Vista.

The release of the update was first announced on the Doom9 forums, where user 'Divine Tao' indicated that he found a way to update FairUse4WM to support new keys (v1.3 Fix2). It would appear as though 'Divine Tao' is not working with the same hacker(s) who broke the Windows Media DRM code last summer, as the user says that access to the FairUse4WM source code is not possible for him or her. ('Divine Tao' is an anagram of 'viodentia,' however, which is suspicious.) [ Read more ... ]

Forget about the WGA! 20+ Windows Vista Features and Services Harvest User Data for Microsoft - From your machine! - Softpedia: "Are you using Windows Vista? Then you might as well know that the licensed operating system installed on your machine is harvesting a healthy volume of information for Microsoft. In this context, a program such as the Windows Genuine Advantage is the last of your concerns. In fact, in excess of 20 Windows Vista features and services are hard at work collecting and transmitting your personal data to the Redmond company.

Microsoft makes no secret about the fact that Windows Vista is gathering information. End users have little to say, and no real choice in the matter. The company does provide both a Windows Vista Privacy Statement and references within the End User License Agreement for the operating system. Combined, the resources paint the big picture over the extent of Microsoft's end user data harvest via Vista. [ Read more ... ]

Windows Media Center DRM - Now With More Bugs!: "

There was some Slashdot buzz earlier this week about Microsoft Windows Media Center users suddenly facing restrictions forbidding playback of recorded analog cable TV content. Was DRM smuggled along with an 'update' into unsuspecting users' machines? [ Read more ... ]

Windows Media Center Restricts Cable TV: "PrescriptionWarning writes 'With the latest Media Center Edition update from Microsoft, I and many others are finding that content available on television is now completely unwatchable from Media Center. The message states: 'Restricted Content: Restrictions set by the broadcaster and/or originator of the content prohibit playback of the program on this computer.' [ Read more ... ]

Security Bites Podcast: QuickTime flaw hits Mac, Windows: "A serious flaw in Apple's QuickTime affects both Mac and Windows machines. Also: Office 2003 to get Office 2007 security, and spyware busters duke it out."

(Read Original Article - Via CNET News.com: Security Bites.)

Weekly Report on Viruses and Intruders:This week's report focuses on the Artesimda Trojan and a worm, Rinbot.Q, that uses several vulnerabilities to spread. It also covers a new combined attack involving members of the Spamta family. [ Read more ... ]

Windows flaw adds to Microsoft's zero-day trouble:

In addition to a trio of zero-day bugs in Office, a yet-to-be-patched vulnerability has been reported in Windows.

Sample code that exploits a flaw in the way Windows handles help system files has been posted to the Internet. [ Read more ... ]

Separated at birth: WMF and ANI bugs compared: "The Windows animated cursor bug patched yesterday by Microsoft Corp. bears more than a passing resemblance to the nasty Windows Metafile flaw that surfaced late in 2005. [ Read more ... ]

Five best practices for mitigating zero-day threats like Windows ANI: "Although Microsoft has patched the animated (ANI) cursor bug, there are still steps companies can take to mitigate the risks from other zero-day threats, according to security experts.

(Via Computerworld Security News.)

Microsoft plugs 'critical' Windows cursor hole | News.blog | CNET News.com:

Microsoft on Tuesday released a security update for Windows, a week before its scheduled release date. [ Read more ... ]

Attackers exploit zero-day Windows flaw | CNET News.com: "

A zero-day exploit that takes advantage of a vulnerability in the Windows cursor could be spreading rapidly. [ Read more ... ]

Microsoft: Attacks on Windows flaw rise - Yahoo! News: "SEATTLE - Hackers stepped up attacks Friday on computers running some versions of Windows, a day after Microsoft disclosed a hole related to the mouse cursor. Microsoft Corp. sent out a security advisory Thursday warning customers that a vulnerability in '.ani' files -- used to change the cursor into an hourglass while a program works, or into a dancing animal or other animation on specially designed Web sites -- was allowing hackers to break into computers and install malicious software.

'Overnight we did see the attacks change from limited and targeted attacks to slightly more, but do still categorize it as a limited attack,' said Mark Miller, director of the software maker's security response group. [ Read more ... ]

Exploit for latest Windows vuln already animated: "

Curse the cursor

A vulnerability in the way Windows handles animated cursors puts users at risk of being pwnd, and several nefarious websites are already trying to exploit the flaw, according to the SANS Internet Storm Center.…

" [ Read more ... ]

Microsoft warns of zero-day Windows bug: "Several versions of Windows, including Vista, are vulnerable to a critical unpatched vulnerability that can be used by attackers on PCs when users surf to malicious sites.

[...]

Microsoft Corp. confirmed today that Windows, including Vista, contains a critical unpatched vulnerability that can be used by attackers to usurp PCs when users surf to malicious sites.

In a security advisory posted this morning, Microsoft's Security Response (MSRC) team acknowledged a bug in Windows' animated cursor, a component that lets developers show a short animation at the mouse pointer's location. Animated cursor files typically use the .ani extension, but the MSRC warned that hackers might disguise malicious animated cursors with other extensions. The SANS Institute, in fact, said it had received reports of in-the-wild exploits using files renamed to .jpg. [ Read more ... ]

Microsoft details network hack in Windows: "Microsoft is warning of an attack that could be used to divert someone's Web traffic through a malicious proxy server.

(Via Computerworld Cybercrime/Hacking News.)

Windows weakness can lead to network traffic hijacks: "Problem in the way Windows PCs obtain network settings could let attackers hijack traffic, researchers warn."

(Via CNET News.com.)

Feds mandates 'secure' Windows set-up | The Register: "Changes in US government purchasing policies due to come into effect this summer could have a huge effect on computer security, particularly for Windows desktops.

A White House directive to federal chief information officers issued this week calls for all new Windows PC acquisitions, beginning 30 June, to use a common 'secure configuration'. Applications (such as anti-virus, email etc) loaded onto systems remain flexible but what will be specified in the registry settings and which services would be turned on or off by default. [ Read more ... ]

Windows Administration: Inside the Windows Vista Kernel: Part 3 -- TechNet Magazine, April 2007: ""

This series has so far covered Windows Vista kernel enhancements related to processes, I/O, memory management, system startup, shutdown, and power management. In this third and final installment, I take a look at features and improvements in the areas of reliability, recovery, and security. [ Read more ... ]