Anonymous dupes users into joining Metaupload attack

Computerworld - The Anonymous hacking group recruited unwitting accomplices in Thursday's attacks against U.S. government sites, a security researcher said today.

The distributed denial-of-service (DDoS) attacks began Thursday just hours after the U.S. Department of Justice announced arrests of four men associated with the popular Megaupload "cyberlocker" site on charges of copyright infringement, money laundering and racketeering.

Federal authorities shuttered Megaupload.com and other sites, and seized assets belonging to the company, including hundreds of servers. Three of the seven men indicted remain at large, but four were arrested in New Zealand by local authorities and face extradition to the U.S.

Almost immediately, Anonymous retaliated with DDoS attacks against Justice's website, and those operated by Universal Music, the Recording Industry Association of America (RIAA), the Motion Picture Association of America (MPAA), and others. Some of those sites were inaccessible during parts of Thursday.

In a message on Twitter and in a blog post, Anonymous claimed Thursday's DDoS attacks were its largest ever, and said that 5,600 people collaborated in the assaults.

Previously, Anonymous had said that its followers were using the Low Orbit Ion Cannon (LOIC) tool, a favorite of the group since its first widespread DDoS attacks in December 2010.

But some of the 5,600 who participated may have done so unwittingly, said Graham Cluley, a senior technology consultant with U.K.-based antivirus vendor Sophos.

According to Cluley, members of Anonymous distributed links via Twitter and elsewhere that when clicked automatically launched a Web version of LOIC. The links pointed to a page on PasteHTML.com, a free HTML code-hosting site, which in turn executed some JavaScript to fire LOIC at Anonymous-designated targets.

Many of those messages said nothing about LOIC or that clicking the link shanghaied the user into the DDoS attack, Cluley said, noting several Twitter messages as examples.

In an email reply to questions today, Cluley said that while the links were launching LOIC against more than one website, "It's clear that justice.gov is getting a lot of attention."

The Department of Justice's website was operating normally early Friday.

Anonymous is still recruiting people to its campaign. A quick search of Twitter using a string published on Gawker.com indicated that the link was being shared Friday morning at the rate of about 10 to 18 times per minute on the micro-blogging site.

On a Sophos blog, Cluley reminded readers that DDoS attacks were illegal, and cautioned users to be wary of clicking links.

"Anonymous might be hoping that participants could argue that they did not knowingly assist in the DDoS attack, and clicked on the link in innocence without realizing what it would do," said Cluley.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His e-mail address is gkeizer@computerworld.com.

See more articles by Gregg Keizer.

Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.

This independent paper from senior analyst Jon Collins at FreeForm Dynamics considers how Web-based security threats are evolving, within the context of IT trends including mobile, home computing and other forms of remote access that could potentially increase the attack surface of the companies. It defines the scale and types of threat, what to look for in a corporate web security solution and compares the different types of technological approach available to companies and the processes that need to be considered for effective protection.

Read now.

Security is not an option. This KnowledgeVault Series offers professional advice how to be proactive in the fight against cybercrimes and multi-layered security threats; how to adopt a holistic approach to protecting and managing data; and how to hire a qualified security assessor. Make security your Number 1 priority.

Read now.

New IP-based communications systems are being deployed by small and midsized businesses at a rapid rate. Learn how these organizations are enabling faster responsiveness, creating better customer experiences, speeding office or mobile interactions, and dramatically reducing existing communications costs.

Read now.

View the original article here

Microsoft gives details on mobile broadband improvements in Windows 8

AppId is over the quota
IDG News Service - Microsoft has given details on a variety of ways in which the upcoming Windows 8 operating system does a better job than its predecessors at letting users manage their connections to Wi-Fi and mobile broadband networks.

"We looked at the fundamentals of wireless connectivity and re-engineered Windows 8 for a mobile and wireless future, going beyond incremental improvements," reads a blog post published on Friday.

Windows 8 has been designed to simplify the process of connecting to mobile broadband networks and of managing those connections, including monitoring data usage and controlling costs.

"We knew that if we were to give you true mobility, that Wi-Fi alone would not be enough. Therefore, for Windows 8, we fully developed and integrated mobile broadband (MB) as a first-class connectivity experience within Windows -- right alongside Wi-Fi," wrote Billy Anders, a Microsoft group program manager and the blog post's author.

Windows 7 allows users to connect to mobile broadband networks, but it's up to users to find and install required drivers and software, including searching for them online at times.

Windows 8 comes with a common mobile-broadband class driver that works with devices from a variety of mobile operators and vendors, eliminating the need for users to install device driver software. "You just plug in the device and connect. The driver stays up to date via Windows Update," Anders wrote.

Another enhancement in Windows 8 is that it provides native management within a single console of mobile broadband device functions, such as turning on and off their radios and configuring their connection settings. Previously, users had to perform these tasks in the individual management application for each device.

"Prior to Windows 8, you needed these applications to compensate for functionality not provided natively in Windows. This additional software confused and frustrated users by conflicting with the Windows connection manager, showing different networks, network status, and a separate user interface," he wrote. "Windows 8 eliminates this confusion by providing simple, intuitive, and fully integrated radio and connection management."

Wi-Fi and Bluetooth device functions can also be managed centrally from within Windows 8. The operating system's network settings console also lets users establish connection priorities, so that their machine will automatically opt to, say, connect to a Wi-Fi network as the first option if available, and, if it's not, then seek a mobile broadband connection.

Windows 8 also "learns" about the user's connection priorities based on their actions. As a result, when returning from "standby" mode, a Windows 8 machine is able to reconnect faster than Windows 7 -- in about a second.

"You do not have to do anything special for this -- Windows just learns which networks you prefer and manages everything for you. This work was a major part of the architectural work we did in the networking stack and with our hardware partners," Anders wrote.

Reprinted with permission from IDG.net. Story copyright 2010 International Data Group. All rights reserved.

View the original article here

Micron to acquire PCIe virtualization vendor Virtensys

Computerworld - Micron Technology on Friday announced it has signed an agreement to acquire Virtensys Ltd., a U.K.-based provider of PCIe-sharing products. No financial details on the deal were released.

Micron plans to use Virtensys' PCIe virtualization technology to allow data centers to share local solid-state drive (SSDs) storage across multiple servers.

For example, Virtensys' VIO-4000 Series PCIe Sharing appliances can virtualize network and storage connectivity to a rack of servers, providing up to 80Gbps of Ethernet uplink bandwidth, 32 Gbps of Fibre Channel bandwidth, and/or up to 16TB of local storage connectivity to up to 16 servers.

Virtensys' Vio-4000 PCIe I/O sharing appliance

Edward Doller, Micron's chief memory systems architect, said the acquisition would enable "a combination of enterprise technology solutions that have the opportunity to virtualize SSD storage on the path to a more flexible and dynamic data center."

Micron will continue to support their deployment of I/O virtualization products. We have been working closely with Virtensys to include our PCIe SSD [P320] into their appliance and plan on rolling that solution out later this year," Doller said.

Micron said it expects the transaction to close by the end of the month.

Lucas Mearian covers storage, disaster recovery and business continuity, financial services infrastructure and health care IT for Computerworld. Follow Lucas on Twitter at @lucasmearian or subscribe to Lucas's RSS feed . His e-mail address is lmearian@computerworld.com.

Read more about Storage in Computerworld's Storage Topic Center.

This independent paper from senior analyst Jon Collins at FreeForm Dynamics considers how Web-based security threats are evolving, within the context of IT trends including mobile, home computing and other forms of remote access that could potentially increase the attack surface of the companies. It defines the scale and types of threat, what to look for in a corporate web security solution and compares the different types of technological approach available to companies and the processes that need to be considered for effective protection.

Read now.

Security is not an option. This KnowledgeVault Series offers professional advice how to be proactive in the fight against cybercrimes and multi-layered security threats; how to adopt a holistic approach to protecting and managing data; and how to hire a qualified security assessor. Make security your Number 1 priority.

Read now.

New IP-based communications systems are being deployed by small and midsized businesses at a rapid rate. Learn how these organizations are enabling faster responsiveness, creating better customer experiences, speeding office or mobile interactions, and dramatically reducing existing communications costs.

Read now.

View the original article here

Google kills more services

AppId is over the quota IDG News Service - Google is continuing to weed out its services and on Friday announced it will shut down Picnik, Google Message Continuity and Needlebase and make changes to some other services.

Google acquired Seattle-based Picnik in 2010, saying it would integrate the photo editing service with its own Picasa. "We're retiring the service on April 19, 2012, so the Picnik team can continue creating photo-editing magic across Google products," Dave Girouard, vice president of product management for Google, wrote in a blog post Friday.

The company is also discontinuing Google Message Continuity, its service for backing up Microsoft Exchange emails. Since launch, "hundreds" of businesses have signed up for the service, but it's clear many more are interested in Google Apps, Girouard wrote. "Going forward, we've decided to focus our efforts on Google Apps and end support for GMC," he wrote.

Google will shut down Needlebase, a data management platform, on June 1, and the Social Graph API, which isn't being widely used, on April 20.

Google also will stop offering a client-hosted version of Urchin, an online analytics product on which the company built Google Analytics. It will instead focus on the online offering of Analytics.

Finally, Google plans to open source Sky Map, the Android application that uses GPS to show users constellations in the night sky. Through a partnership with Carnegie Mellon University, Google hopes to see students use Sky Map for projects, it said.

Last year Google announced the closure of a number of other products and services including Buzz, Code Search, Jaiku, Aardvark, Fast Flip, Sidewiki, Image Labeler and others.

Nancy Gohring covers mobile phones and cloud computing for The IDG News Service. Follow Nancy on Twitter at @idgnancy. Nancy's e-mail address is Nancy_Gohring@idg.com

Reprinted with permission from IDG.net. Story copyright 2010 International Data Group. All rights reserved.

View the original article here