Indian Cyber Army

The new kid in the cyber block “Google buzz” the contender for the others like facebook, twitter is here, When you first go into Google Buzz, it automatically sets you up with followers and people to follow.A Google spokesperson tells us these people are chosen based on whom the users emails and chats with most using Gmail.

That’s fine.

The problem is that — by default — the people you follow and the people that follow you are made public to anyone who looks at your profile.

In other words, before you change any settings in Google Buzz, someone could go into your profile and see the people you email and chat with most.

A Google spokesperson asked us to phrase this claim differently. Like this: “In other words, after you create your profile in Buzz, if you don’t edit any of the default settings, someone could visit your profile and see the people you email and chat with most (provided you didn’t edit this list during profile creation).”
When you first post to Google Buzz, there is a dialogue box that reads “Before participating in Buzz, you need a public profile with your name and photo.”
It also says — albeit in tiny gray letters against a white background, “Your profile includes your name, photo, people you follow, and people who follow you.”

But it does not say that these publicly viewable follower lists are made up of people you most frequently email and chat with.

Even if it did say that, we doubt most users bother to read the text in the dialogue box before clicking “save profile and continue.”

(This is why it’s always safest for Web services providers to make it so sharing information is always an “opt-in,” rather than “opt-out,” setting. Just ask Facebook, which still remembers Beacon.)

There is also a “Welcome To Buzz” panel that shows who you are following and who is following you. In a long bit of unbolded text, it says “Buzz is a new way to share updates, photos, videos and more, and start conversations about the things you find interesting. You’re already set up to follow the people you email and chat with the most.”

If a user notices the box, it might help users “catch” that they might be following people they don’t want the world to know they’re following. But you don’t have to close the box to use Buzz. Closing the box does not trigger a warning or anything else that alerts the user they’ve agreed to publish a list of the people they email and chat with most.

It looks like this:
as u say ok later would be this

The whole point is: Google should just ask users: “Do you want to follow these people we’ve suggested you follow based on the fact that you email and chat with them? Warning: This will expose to the public who you email and chat with most.” Google should not let users proceed to using Buzz until they click, “Yes, publish these lists.”

In my profession — where anonymous sourcing is a crucial tool — the implications of this flaw are terrifying.

But it’s bad for others too. Two obvious scenarios come to mind:

Imagine if a wife discovering that her husband emails and chats with an old girlfriend a ton.
Imagine a boss discovers a subordinate emails with executives at a competitor.
A Google spokesperson tells us the followers lists are public by default so that people can quickly find new people to follow. Obviously, that’s a good thing for Google, which is hoping to get as many people using Google Buzz as soon as possible. It’s also meant to be helpful for users. And for those who are unconcerned with telling the world who they email most, it is. But for everyone else, it’s terrible.

It gets to a deeper problem with Google Buzz: It’s built on email, which is a very different Internet application than a social network.

The good news for Google is that this is a very easy problem to fix. Google must either shut off auto-following, or it must make follower lists private by default as soon as possible.

In the meantime, here’s how to IMMEDIATELY make these list private and then edit them >

Update: We’ve updated this post to emphasize that there are a few instances where Google does allow users to opt-out of inadvertently publishing a list of the people they email and chat with most.

We continue to believe these chances to opt-out do not force the user to make a real choice about this setting.

We believe Google could and should simply make this feature “opt-in” so that people know what they’re doing.

We’re stunned the people at Google don”t agree. We bet they change their minds.

On that point, here’s a statement from Google:

“We thought very carefully about how to create a great experience in Google Buzz with as minimal setup as possible. We designed our auto-following system to enable users to immediately see content from the people they email and chat with most, so when they start using Buzz, it “just works.” If users are automatically followed to anyone they’d rather not follow, it’s easy to remove these individuals during the auto-following step by clicking on the “edit” link and then clicking “unfollow” next to their names.

After that, the first time the user creates a post or comment, we ask them to create a profile, principally so they have a name to display next to their post. There’s more information on why you need a profile here: http://mail.google.com/support/bin/answer.py?hl=en&answer=17073. In this profile creation step, we inform users that the lists of people they follow and people following them will be displayed on their profile, and make it easy to view and edit these lists. We also make it possible to hide the lists of people they’re following and people following them from their profile.”

Hi guys!
woundn’t it be easier to find out first that the site which you are going is safe or not

here are few tips to find it out
www.makeuseof.com/tag/4-quick-sites-that-let-you-check-if-links-are-safe

Intevydis published a flash video on Monday showing what appears to be a new 0day exploit against MySQL 5.x. The demo (http://intevydis.com/mysql_demo.html ) is for a recent exploit included in their VulnDisco exploit pack for CANVAS as of Aug 2009. The demo shows as running against 5.0.51a-24+lenny2 but the description appears to be “MySQL 5.x Exploit” which suggests it may work against other versions as well. Current versions for MySQL are 5.1 (recommended) with a 5.5 release available.
If anyone has any additional details on this vulnerability we’d love to hear about it.

For two years as a researcher with security company FireEye, Atif Mushtaq worked to keep Mega-D bot malware from infecting clients’ networks. In the process, he learned how its controllers operated it. Last June, he began publishing his findings online. In November, he suddenly switched from de fense to offense. And Mega-D–a powerful, resilient botnet that had forced 250,000 PCs to do its bidding–went down.
Targeting Controllers

The bots receive marching orders from online command and control (C&C) servers, but those servers are the botnet’s Achilles’ heel: Isolate them, and the undirected bots will sit idle. Mega-D’s controllers used a far-flung array of C&C servers, however, and every bot in its army had been assigned a list of additional destinations to try if it couldn’t reach its primary command server. So taking down Mega-D would require a carefully coordinated attack.
ynchronized Assault

Mushtaq’s team first contacted Internet service providers that unwittingly hosted Mega-D control servers; his research showed that most of the servers were based in the United States, with one in Turkey and another in Israel.

The FireEye group received positive responses except from the overseas ISPs. The domestic C&C servers went down.

Next, Mushtaq and company contacted domain-name registrars holding records for the domain names that Mega-D used for its control servers. The registrars collaborated with FireEye to point Mega-D’s existing domain names to no where. By cutting off the botnet’s pool of domain names, the antibotnet operatives ensured that bots could not reach Mega-D-affiliated servers that the overseas ISPs had declined to take down.

Finally, FireEye and the registrars worked to claim spare domain names that Mega-D’s controllers listed in the bots’ programming. The controllers intended to register and use one or more of the spare do mains if the existing domains went down–so FireEye picked them up and pointed them to “sinkholes” (servers it had set up to sit quietly and log efforts by Mega-D bots to check in for orders). Using those logs, FireEye estimated that the botnet consisted of about 250,000 Mega-D-infected computers.

Down Goes Mega-D
MessageLabs, a Symantec e-mail security subsidiary, reports that Mega-D had “consistently been in the top 10 spam bots” for the previous year (find.pcworld.com/64165). The botnet’s output fluctuated from day to day, but on November 1 Mega-D accounted for 11.8 percent of all spam that MessageLabs saw. Three days later, FireEye’s action had reduced Mega-D’s market share of Internet spam to less than 0.1 percent, MessageLabs says.

FireEye plans to hand off the anti-Mega-D effort to ShadowServer.org, a volunteer group that will track the IP addresses of infected machines and contact affected ISPs and businesses. Business network or ISP administrators can register for the free notification service.

Hey fellas!
if you ever thinking to or have decided to click on .sg domain please think again,
Spam masters are zeroing in on the .sg domain. Singapore was singled out as the 10th-riskiest domain out of 104 worldwide in a recently released McAfee report – and the rise of such sites, said experts, could cause Internet users worldwide to lose trust in Singapore websites.

The report warned that more .sg domains are being used for phishing and spam activities and to serve up viruses – almost one out of every 20 (4.6 per cent) tested by the security company this year.

The jump is spectacular – from just 0.3 per cent last year to 4.6 per cent this year.

In contrast, Hong Kong and Japan were noted for their “aggressive steps to clamp down on scam-related registrations” and stricter registration requirements for domain names.

McAfee senior research analyst Shane Keats noted that pharmacy sites touting pills were the main route used to send spam.

Some examples of such sites, no longer active, include www.overthenetdrugs.sg and www.overnightpharmonline.sg Singapore’s position in the world as a financial centre also makes it vulnerable.

Mr Keats said: “Later this year, we saw a shift towards a lot of .sg phishing sites that mimic real financial websites and try to trick people into entering sensitive information, like bank-account numbers.

“We have (also) recently seen .sg sites serve up the Koobface virus that has affected many social networks.”

On the potential implications for Singapore, computerscience academic Liang Zhenkai of the National University of Singapore said: “The rapid increase in the number of risky .sg sites may cause users to have less trust in Singapore sites.

“Cyber Monday,” the digital equivalent of the brick-and-mortar world’s “Black Friday,” is one of the busiest online shopping days of the year. It happens Monday, when most employees return to work for the first time since Thanksgiving.
But with the increased propensity to hit the internet for shopping deals comes an augmented security risk.

“Employees doing holiday shopping online from work computers may inadvertently introduce malware into the network,” Randy Abrams, director of technical education at anti-virus vendor ESET, told SCMagazineUS.com on Tuesday.

Having a dedicated PC for employees to use for non-work related purposes can help mitigate some risk, Abrams said.

To prepare for the influx of online shoppers, cybercriminals are creating fake e-commerce sites, hoping to trick users into voluntarily divulging their credit card information, experts said. In addition, rogue anti-virus scams will be prevalent throughout the holiday season.

“We are already seeing a large number of Christmas-themed sites that are hacked or have been deliberately set up to lure people,” Roger Thompson, chief of research at security firm AVG, told SCMagazineUS.com on Tuesday.
Scammers also likely will “poison” search results so that their malicious sites appear near the top of search results for popular terms, Sean Sullivan, security adviser at anti-virus vendor F-Secure, told SCMagazineUS.com on Tuesday.

Consumers can expect to encounter malicious links near the top of search results when searching for products that are projected to be popular this holiday season, such as the video game “Call of Duty: Modern Warfare 2″ or merchandise related to the Michael Jackson film This Is It, in addition to the Flip UltraHD Camcorder, Apple’s iPod, Nintendo’s Wii, or Playskool’s Chuck My Talking Truck, Sullivan said.

While surfing i discovered this amazing Computer Search Engine: SHODAN –> http://shodan.surtri.com/
It lets you find ervers/ routers/ etc. by using the simple search bar up above. Most of the data in the index covers web servers at the moment, but there is some data on FTP, Telnet and SSH services as well.

Lets say you want to find servers running the ‘Apache’ web daemon. A simple attempt would be to use:

apache

How about finding only apache servers running version 2.2.3?

apache 2.2.3

You can also narrow down the results using the following search parameters:

country:2-letter country code
hostname:full or partial host name
net:IP range using CIDR notation (ex: 18.7.7.0/24 )
port:21, 22, 23 or 80

For example: get all web (port:80) hosts running ‘apache’ in switzerland (country:CH) that also have ‘.ch’ in any of their domain names:

apache country:CH port:80 hostname:.ch

Just for the shake of hackers lets try some examples:
huh sorry i cant get u that list..

If you are still lagging with the natourious IE8 speed u can still lag or if u want to over come the speed limit google has compe with its own frame which make IE8 run 10 faster than present speed…
Google Chrome Frame is an early-stage open source plug-in that seamlessly brings Google Chrome’s open web technologies and speedy JavaScript engine to Internet Explorer. With Google Chrome Frame, you can:
Start using open web technologies – like the HTML5 canvas tag – right away, even technologies that aren’t yet supported in Internet Explorer 6, 7, or 8.
Take advantage of JavaScript performance improvements to make your apps faster and more responsive.
download the Google Chrome frame here:-
http://www.google.com/chromeframe/thankyou.html?oneclickinstalled=&statcb=

During rescent talks of LogMeIn CEO Michael Simon, we have come to know about company’s new LogMeIn Central dashboard for IT managers, designed to help them keep tabs on thousands of computers at a time.
We chuckled a bit about the version of LogMeIn that’s embedded in the dashboard of some Ford F150 pickup trucks, so their owners can remotely control their office PCs. And I heard about a LogMeIn technology, just now reaching the market, that enables not just remote diagnostics of computers but also access to data on the hard drives of PCs that are turned completely off. Gulp.
That last technology, part of Intel’s VPro system architecture, has just started to ship in a few new PCs. It’s designed for corporate networks so that support personnel can get into a machine–to run a backup, for example–regardless of whether it’s running Windows, has crashed into a blue screen, or has been shut down. As long as the PC is plugged into the wall and to an Ethernet connection, the computer, even though in an off state, will continue to draw a small amount of power (about 4 watts) while it monitors the network for control packets.

The technology is getting built into motherboards using the Q45 support chipset. Only a few corporate desktops use this technology, in particular HP’s DC 7900 and Lenovo’s ThinkCentre M58 lines.
Simon told to rafe needleman that the technology does not provide a wide-open backdoor. There are security protocols. The user has to agree to use the technology, and like all LogMeIn remote-control products, remote access isn’t possible unless the computer’s owner agrees to it. And in many ways, it is similar to current remote-access products that rely on “Wake-on-LAN” packets to power up a PC so it can then be controlled remotely. The difference here is of degree.
And I don’t worry about this in the enterprise. If you’re using a computer provided to you by your company, it is owned by your company, not you. If your employer want to get your data or mess with your work, it does not need a tool like this to do so. This technology just gives IT pros more capabilities, and it sounds like a very useful tool.
Even for home users, in most cases, this won’t be a problem, mostly because VPro PCs aren’t marketed to home users. But assuming that they were, the VPro protocols still specify that the user must consent to remote access each time someone wants to use it.

Every morning begins with this words in ur mind “Nothing can screw up a well-managed network faster than the people for whom you built it. ” Whether it’s user error, optimistic expectations, or simply that bastard Murphy, IT’s job is rarely predictable.
Stupid user trick No. 1: Home is where the malware is
Stupid user trick No. 2: Message to self: E-mail isn’t for everything
Stupid user trick No. 3: Outsourcing Web development to the corner office
Stupid user trick No. 4: Keep your enemies close, but your Linux talent closer
Stupid user trick No. 5: Facebook
Stupid user trick No. 6: Offshoring while under the influence of MBA
Stupid user trick No. 7: Duct tape doesn’t fix everything
Stupid user trick No. 8: Executive privilege
Stupid user trick No. 9: User populations are like bacterial ecosystems from distant planets
in detail here