Blog

In kicking off Twitter’s Chirp developer conference, the company finally revealed its long mysterious registered user number, and it’s surprisingly large (based on some prior outside estimates): 105 million, or to be exact, 105,779,710, according to a slide showing behind Co-founder Biz Stone during his opening remarks. The growth’s not over either — Twitter says its still adding 300,000 users per day. Moreover, as many have speculated, most of Twitter’s traffic — 75% of it in fact — comes from third-party clients and applications. ...

On April 9th, Tavis Ormandy published a proof of concept about how to use the latest version of Java to compromise a pc. You can read about it here. He notified Sun, but they weren’t concerned enough to break their patch cycle, so he published the code. The problem is that when Sun released Java 6, update 10 in April 2008, they introduced a new feature (it’s not a bug, it’s a feature folks) called Java Web Start. In order to make it easier for developers to install software, they created a method to execute a program from a website. ...

Last week we received a mass mailing that at first glance appeared no different from the usual mailbox clutter. The messages were in German and advertised an online casino. Nothing out of the ordinary there – after all, gambling-themed spam is one of the most popular in the German-speaking realms of cyberspace. But after a closer inspection, these messages turned out to be of much more interest – all the links in the messages led to pages created on legitimate sites that had been compromised. The links looked like this: **\*.com/news_.php or *****.com/1500.php. ...

A universe filled with kaleidoscopic colors blazes across your desktop in this theme for Windows 7, revealed by the infrared imaging of NASA’s Spitzer Space Telescope. Discover more about Spitzer’s unique view of stars, nebulae, and galaxies on the Spitzer Space Telescope website. Download: NASA Hidden Universe Theme Download ...

Yesterday evening our spamtraps started receiving the email below in a mass mailing action. The email was immediately flagged as spam even before reaching our spamtraps. No wonder since it has no To:-field, it has a different Reply-to:- than the From:-field and it comes from a DSL line IP address. If the user replies to the email, the return address is set to [email protected]. Nice try, but the email is just to generic to be actually taken seriously by anyone. I expect to see targeted emails in the next days (as we’ve already seen last year). ...

Does anyone really care about opening a zip file to examine an RTF or JPEG file? This task—combined with a dull, unexciting, unstimulating subject line—competes with the content of the email to win a race of worthlessness. Spammers have traditionally used zip files to carry executables, but in most cases the subject line or the content of the message made an effort to encourage users to open the attachment. There are cases of spamming attacks in which HTML attachments opened up a fully functional Web page, capable of carrying sensitive user information back to the fraudsters. However, with this latest spam attack using zipped files, not only have the spammers made an attempt to escape anti-spam filters, they’re missing out on reaching any users as well. The scope of returns for these messages looks to be much less rewarding than other comparable attacks. ...

If, like me, you live outside of the U.S. and you’re waiting for your chance to purchase the iPad, you’re out of luck. Apple has delayed the international launch of the device until the end of May because it has sold more iPads (over half a million) than it anticipated. Here’s the official announcement: “Although we have delivered more than 500,000 iPads during its first week, demand is far higher than we predicted and will likely continue to exceed our supply over the next several weeks as more people see and touch an iPad™. We have also taken a large number of pre-orders for iPad 3G models for delivery by the end of April. ...

Of course I’m talking about football. When I say football I mean the game that is played with one ball thas is kicked with the foot, not the other game that is known as football in the US even though it’s played using the hands. Anyway I don’t like football at all, it’s too boring fo me. But, at least in Europe, everyone loves football. And one of the best national championships is the Spanish one, with the 2 biggest teams being Real Madrid and F.C. Barcelona. Every time they play against each other, millions of people watch that game, and news about it are going around all the time. Last Saturday they played in Madrid, and being this such a popular match, cybercriminals couldn’t miss this opportunity. ...

Although there’s a heated Adobe vs. Apple discussion going on, creative professionals are probably much more excited about the latest version of Adobe’s Creative Suite, which is now officially available. Besides the new versions of Photoshop, Illustrator, InDesign, Premiere Pro and Dreamweaver, Adobe Creative Suite 5 also brings Flash Player 10.1 and Adobe AIR® 2, which are “optimized for high performance on mobile screens and designed to take advantage of native device capabilities for a richer, more immersive user experience.” ...

Every once in a while, you find some odd piece of text in a piece of malware. Debugging the TDL 3 rootkit yields some interesting results. Here are messages that dump in the debug window at various times: Fri Apr 9 09:02:37.495 2010 (GMT-4): You people voted for Hubert Humphrey, and you killed Jesus Fri Apr 9 09:03:01.900 2010 (GMT-4): Ah Lou, come on man, we really like this place Fri Apr 9 11:53:08.715 2010 (GMT-4): Dude, meet me in Montana XX00, Jesus (H. Christ) Fri Apr 9 12:18:27.522 2010 (GMT-4): I felt like putting a bullet between the eyes of every panda that wouldn’t screw to save it’s species. I wanted to open the dump valves on oil tankers and smother all those french beaches I’d never see. I wanted to breathe smoke ...