Saturday, December 22, 2007

Tech: Microsoft Forced by EU to Release Filesharing Code

A positive development for interoperability:
Open-source software project Samba has signed an agreement with Microsoft to receive protocol documentation for the software giant's Windows workgroup server products.

The deal will enable the organisation to build software that will interoperate with those products.

The non-disclosure agreement was brokered on behalf of Samba by the Protocol Freedom Information Foundation (PFIF), an organisation that seeks to facilitate the exchange of free and open-source software information. PFIF, which is paying a one-off fee of €10,000 (£7,240) for the documentation, is part of the Software Freedom Law Center.

Samba's software, used for sharing files over a network and controlling networked printers, is designed to facilitate interoperability between Linux/Unix servers and Windows-based clients.

Andrew Tridgell, creator of Samba, said in a statement: "We are very pleased to be able to get access to the technical information necessary to continue to develop Samba as a free software project."

Samba expects that the agreement will allow the project to add features including full support for Microsoft's Active Directory, encrypted files, a better search interface and support for "SMB2", a new version of Microsoft's Server Message Block protocol from which the Samba project took its name. SMB2 is built into Windows Server 2008.

How to Spam a Poll

Ron Paul supporters and their techniques.

Friday, December 21, 2007

Google Goes to Washington

The Atlantic has a short, interesting article about Google's Washington presence:

At the same time, many businesses overshadowed by Google have begun looking for political arguments that might slow its seemingly unstoppable ascent. “There is no company on the face of the planet that scares as many businesses as Google,” says Blair Levin, a telecom and media analyst at the financial-services firm Stifel Nicolaus. The most popular and potentially effective argument against Google is the charge that it has become a monopoly that needs reining in. (The political power of this criticism is increased by fears that Google will misuse the vast amount of personal data it has accumulated.) In late September, Congress held the first antitrust hearings concerning Google—the opening salvo in what is likely to be one of the most important business and policy stories of the next few years.

The computer world is in the midst of its next great transition, as many applications and services—word processing, spreadsheets, e-mail, data storage—migrate from the personal computer to the Internet. Success for all sorts of businesses will soon depend on whether customers have easy and fast access to these Internet-based applications. Because gaining primacy will involve winning battles over regulation and federal oversight, companies like Microsoft and the major cable and telephone companies are now squaring off against Google in an arena where it has never competed and they have: Washington.

Until recently, a company’s Washington strategy tended to evolve at the same pace as its business. As the company grew larger, it would add lobbyists and advisers to protect its interests. But as Microsoft grew more powerful in the 1990s, it mostly ignored politics. It had gotten to the top of the new economy without aid or interference from Washington—why change? Microsoft assumed the government posed no threat—until its competitors persuaded the Justice Department to launch an antitrust suit. Though the company avoided a breakup, its stock price stagnated for years.

Microsoft’s example illustrates a pro­blem that can plague any fast-growing tech company: You can control vast markets and terrify your competitors, but still be a Washington rookie. As the government focuses on Google, the city’s familiar machinery is gearing up for battle on the question of whether the company is the large but benign force for innovation its corporate slogan, “Don’t be evil,” suggests—or whether, like Stan [Google's T-rex corporate mascot], it’s a carnivore on the loose.

Friday, December 07, 2007

Spambots for Ron Paul

Interesting stuff:
In a report published this week by security firm SecureWorks, researchers reveal that the recent flurry of Ron Paul spam originated from a Reactor botnet controlled by a commercial spammer through a colocation facility in the US.

The researchers analyzed header elements of the spam e-mails to trace them back to zombie systems that were infected with the Srizbi trojan, an unusual piece of malware with highly advanced features. According to Symantec research, which has independently studied Srizbi, the trojan is one of the first pieces of malware found in the wild to operate fully in kernel mode with no userspace code. Srizbi bypasses firewalls and packet sniffers by directly manipulating the kernel-level TCP/IP stack. The Srizbi trojan is largely propagated by the well-known msiesettings.com site, which is paid by spammers to deploy viruses and trojans for spam botnets.

SecureWorks collaborated with network administrators to analyze the traffic from some of the computers infected with Srizbi that were responsible for sending the Ron Paul spam. This allowed the researchers to discover the location from which the botnet was operated—a colocation facility in the US. The researchers collaborated with Spamhaus to get the server shut down and then obtained the source code used on the control system, a Python-based spam botnet management tool known as the Reactor Mailer. The logs present on the system prove that it was indeed the origin of the Ron Paul spam. Further research showed that other systems in the same colocation facility were also controlling various segments of the Srizbi botnet, and using it to transmit spam advertising replica watches and enlargement pills.

The evidence leads researchers to conclude that the Ron Paul spam was transmitted by a spammer called nenastnyj who operated a single node in a colocation facility and was likely affiliated with or renting access from the Reactor syndicate. The messages were transmitted by approximately 3,000 bots using a 3.4GB e-mail database file with over 160,000,000 addresses.

"While the total count of Ron Paul spam messages that actually landed in peoples' inboxes can't be known, it certainly was received by millions of recipients," writes the author of the SecureWorks report. "All this was done using around 3,000 bots—this speaks to the efficiency of the template-based spam botnet model over the older proxy-based methods. The front-end also plays a part in the efficiency, by allowing the spammer to check the message's SpamAssassin score before hitting send, simplifying the process of filter evasion and ensuring maximum delivery for the message."

Although it's likely that somebody paid nenastnyj to transmit the Ron Paul spam, there is no evidence to indicate that it was anyone directly associated with the Ron Paul campaign.

Thursday, December 06, 2007

Paintball for Terrorists? BBC Paid Islamic Radicals

If you thought media bias was bad in this country, flip around the international channels on your cable/satellite box and you'll see it could be much worse:

The BBC funded a paintballing trip for men later accused of Islamic terrorism and didn't pass on information about the 21/7 bombers to police, a court heard yesterday.

The organisation gave Mohammed Hamid, an Islamic preacher accused of radicalising British Muslims, a £300 fee and paid for fellow defendants to go and be filmed for a documentary.

After the botched July attacks Hamid told a BBC reporter he had worked with on the programme 'Don't Panic, I'm Islamic' that he knew the identities of the culprits - but she felt 'no obligation' to tell police, the court heard.

The journalist informed her boss and the information was passed on up to senior executives but a decision was taken not to pass it on.

The claims emerged during the trial of Mr Hamid who, along with four others, is accused of running a two-year radicalisation programme to groom London Muslims for jihad.

The court was told Mr Hamid was first approached by BBC researcher Nasreen Suleaman in late 2004 when she was making a documentary before the July 2005 attacks.

It was shown on June 12, 2005 on BBC2.

The BBC paid for Hamid, fellow defendants Mohammed Al Figari and Mousa Brown and others to go on a paintballing trip at the Delta Force centre in Tonbridge, Kent, in February 2005.

The court was told that July 21 bombers Ramzi Mohammed and Hussein Osman also went on a trip to the same centre before the 7/7 attacks. Ms Suleaman said she was unaware that they were on the trip.
Sick stuff. Makes you wonder how many New York Times editors would act if they were in a similar situation.