The U.S. Computer Emergency Readiness Team (CERT) has issued a warning for what it calls “active attacks” against Linux-based computing infrastructures using compromised SSH keys.

The attack appears to initially use stolen SSH keys to gain access to a system, and then uses local kernel exploits to gain root access. Once root access has been obtained, a rootkit known as “phalanx2″ is installed, US-CERT said in a note on its current activity site.

Phalanx2 appears to be a derivative of an older rootkit named “phalanx”. Phalanx2 and the support scripts within the rootkit, are configured to systematically steal SSH keys from the compromised system. These SSH keys are sent to the attackers, who then use them to try to compromise other sites and other systems of interest at the attacked site.

Phalanx, which dates back to 2005, is a self-injecting kernel rootkit designed for the Linux 2.6 branch. It allows an attacker to hide files, processes and sockets and includes a tty sniffer, a tty connectback-backdoor, and auto injection on boot.

Link: More at ZDNet

Windows Live Hotmail Wave 3 will be launched shortly. Whats new !?

Faster than ever. It'll be up to 70 percent faster to sign in and see your e-mail. Of course, along with more speed, you'll get powerful technology that deflects spam and helps protect you against viruses and scams.
Simpler, cleaner design. We're combining the classic and full versions of Hotmail, so you get access to everything Hotmail has to offer. The reading pane will let you check out your e-mail without having to open it up.

Put more you in your e-mail. New themes and colors will let you design the look of your inbox, so your personality can really shine through.

Closer to your contacts. Just start typing in the "To" line and you'll get a choice of e-mail contacts that most closely match what you've typed. Plus, it'll be even easier to e-mail groups of people.

Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency.

The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination.

Emboldened by settlements with Apple and AT&T, inventor Judah Klausner filed a voicemail patent lawsuit on Tuesday against Google, Verizon Communications, LG Electronics, Comverse Technology, Citrix Systems, and Embarq. Anticipating the attack, Verizon filed its own lawsuit against Klausner two weeks ago in the U.S. District Court for the Eastern District of New York that seeks to have a federal judge declare the inventor's visual voicemail patent invalid.

The new case involves claims by Klausner tied to patents in various countries he began receiving in 1992 for "visual voicemail"—applying a graphical way of interacting with voicemail messages that allow it to be used like e-mail. In June, Apple, which recently popularized "visual voicemail" through its hit iPhone device, together with AT&T and eBay, the owner of Web-based calling service Skype, settled a patent suit filed last December by Klausner. Klausner previously sued and won settlements from Time Warner's AOL and Vonage.

View: Full Story at eWeek

A television advert for the iPhone misled consumers, the Advertising Standards Authority has ruled. Two complaints to the watchdog noted that the advert said "all the parts of the internet are on the iPhone". But the ASA said because the iPhone did not support Flash or Java - two programs that form part of many webpages - the claim was misleading. Apple had argued its claim referred to availability of webpages, rather than their specific appearance.

The iPhone employs a web browser called Safari, which is built on freely available software. Many webpages, however, employ small software programs like Flash and Java to display graphics and animations. Those programs are proprietary software, and Apple opted not to enable them on the iPhone. The result is that pages viewed with Safari may look different to those same pages viewed on other browsers.

View: Full Story at the BBC

Google has commented on our IE8 Beta 1 improvements, and we’ve made IE8 even faster since then. Some of the tests we have done show pure JScript performance improvements up to 2.5 times. We also measured the performance gains on common Gmail operations, like loading the inbox (34%), opening a conversation (45%) and opening a thread (27%) compared to IE7. Thus far, tweaks to the JScript engine have contributed to improve IE8’s performance on the SunSpider benchmarking suite by 400% compared to IE7.

The second area in which we are invested heavily in IE8 is in improvements to our memory usage. To date we have fixed just under 400 separate memory leaks in Internet Explorer. For users, these changes reduce the amount of memory consumed by IE, improve our startup times, speed up navigating between pages, and help IE remain stable for longer periods of time. As we started building IE8 it was clear that we could do more to take advantage of the increasing prevalence of high bandwidth connections. Two key improvements we made with IE8 were to unblock downloads in the presence of external scripts and to increase the number of parallel connections per server that we support.

View: Full Story at IEBlog

Haptic technology maker Immersion said on Tuesday it has settled its legal dispute with Microsoft. The maker of tactile feedback technology for mice and joysticks sued both Sony and Microsoft in 2002 for patent infringement. Though both suits were settled, Microsoft filed a separate suit against Immersion in June 2007 and asked the court to enforce a portion of a sublicensing agreement between the two companies that stated Microsoft would get a portion of Immersion's settlement it received from Sony. Immersion countersued, alleging Microsoft had breached a confidentiality agreement.

View: The full story @ ZDNet

Advanced Micro Devices has quietly started to sell dual-core microprocessors featuring the latest K10 micro-architecture in Europe, at least, based on the results from a search engine. If the information is correct and AMD is shipping its Phenom X2 parts for revenue, then the chipmaker may attract additional attention to its microprocessor line among price-conscious buyers looking for modern tech.

According to a screenshot taken on Geizhalz.at price search engine in Europe and published by Hardware-Infos web-site, AMD has started shipping AMD Phenom X2 GE-6400 (1.90GHz, 1MB of L2 cache [512KB per core], 2MB L3 cache), GE-6500 (2.10GHz, 1MB of L2 cache [512KB per core], 2MB L3 cache) and GE-6600 (2.30GHz, 1MB of L2 cache [512KB per core], 2MB L3 cache) microprocessors to channel customers.

View: The full story @ Xbit-Labs

Mozilla is stepping up its efforts to drive users to Firefox 3. The company has begun a campaign which offers Firefox 2 users the option of an upgrade to the new browser upon launching. The pop-up window provides a short list of the improvements in the latest version of the browser and offers users the option of updating immediately, sending another reminder later, or never asking the user to update again.

Because Firefox lacks the type of automatic standalone update utility employed by Apple and Microsoft for updating Safari and Internet Explorer, Mozilla relies on alert messages within the browser to update users when a new version of Firefox is available. The new components of the browser, most notably the built-in antimalware tools, require the company to issue a new end-user license agreement, unlike most Firefox updates.

View: The full story @ vnunet

A computer worm that ferrets out passwords managed to stow away on laptops aboard the International Space Station, NASA has confirmed. It is not the first time a NASA computer has become infected. SpaceReg.com identified the infection as W32.TGammima.AG, a worm that spreads by copying itself to removable media devices. Once in place, it steals passwords to various online games, according to anti-virus software provider Symantec, which first spotted the worm 12 months ago.

"This is not the first time we have had a worm or a virus," a NASA spokesman told Wired News. "It's not a frequent occurrence, but this isn't the first time."

View: The full story @ The Reg

Fujitsu is developing an eight-core version of its Sparc64 processor, which should give a performance boost to the Sparc Enterprise Servers that Fujitsu jointly develops with Sun Microsystems. Fujitsu's Takumi Maruyama mentioned the chip briefly at the end of a presentation at the Hot Chips conference in Palo Alto, California, Tuesday but he provided few details, including when the processor will ship.

It will succeed the four-core Sparc64 VII processor released in servers from Fujitsu and Sun in July. The Sparc Enterprise Servers use Fujitsu's chips and Sun's Solaris 10 operating system. The companies develop the systems together but market and sell them separately. The eight-core processor is code-named Venus and will be manufactured using a 45-nanometer process, Maruyama said, a step up from the 65-nanometer process used for the quad-core Sparc64 VII.

View: The full story @ PCWorld

This morning, my editor asked why I hadn't blogged about Internet Explorer 8. My response: "Who cares?" Do you? Maybe we both should. For weeks, Microsoft has been dribbling out information about IE 8, which has to be released as a public beta this week to make the self-pronounced August release. The most recent IE 8 blog post discusses new privacy features.

In rereading the post, from yesterday, Aug. 25, I'm thinking that I should have cared more about IE 8. Ridiculous blogs have interpreted new IE 8 privacy features as "porn mode." That's a dramatic mischaracterization of privacy enhancements that are arguably trendsetting. IE 8 will give users more control over privacy than any other browser. It's not "porn mode" but something much bigger. After deciding to write this post, I IMed my editor: "Someone should send dunce caps to ... every other blogger using that term. Idiots." I wanted to say something else, but, hey, there's nothing private about instant messaging.

View: The full story @ MS-Watch

Microsoft has updated software that verifies whether a copy of Windows is genuine in its Windows XP Professional edition, making it similar to the notification in Windows Vista and thus more persistently visible to users. In a blog posting attributed to Alex Kochis, a Microsoft director of product marketing and management, the company said it made the changes to the Windows Genuine Notification (WGA) alerts for XP Pro because it is "the product edition that is most often stolen."

Now when a version of Windows XP Pro is found to be pirated or counterfeit, the next time a user logs on to the system, the desktop screen background will be black, replacing whatever custom desktop may have been set by the user. This will reappear every 60 minutes, even if a user resets the screen's background. Previously, this was not a part of the WGA notification for Windows XP Pro.

View: The full story @ InfoWorld

Ubuntu is the latest Linux vendor to patch a vulnerability in the open-source operating system's kernel that could have left the door open for hackers to find their way into users' machines. In an email sent overnight on Monday, the Linux vendor warned users to update all machines running recent versions of Ubuntu, ranging from 6.06, which was released back in mid-2006, to version 8.04, which came out earlier this year. The problem also applied to other versions of Ubuntu such as Kubuntu, Edubuntu and Xubuntu.

"It was discovered that there were multiple NULL-pointed function de-references in the Linux kernel terminal handling code," wrote Ubuntu administrators in the email. "A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service."

View: The full story @ ZDNet UK

Google Inc. dropped Bluetooth and the GTalkService instant messaging APIs from the set of tools for the first version of the mobile phone operating system, Android 1.0, according to the Android Developers Blog. But the company made clear that handsets using the Android OS will work with other Bluetooth devices such as headsets, for example.

Dropping the Bluetooth API (application program interfaces) means software developers won't be able to create applications that utilize Bluetooth for the Android OS. Bluetooth is a short-range radio technology that allows devices to work and communicate together wirelessly. An API is a set of tools and protocols designed to help programmers build new software applications.

View: The full story @ Computer World