Tuesday, May 31, 2011

Microsoft downplays IE 'cookiejacking' bug

But clickjacking expert Jeremiah Grossman calls cookie hijacking attack 'clever'

Computerworld - Microsoft today downplayed the threat posed by an unpatched vulnerability in all versions of Internet Explorer (IE) that an Italian researchers has shown can be exploited to hijack people's online identities.

The bug, which has been only discussed and not disclosed in detail, was part of an attack technique described by Rosario Valotta, who dubbed the tactic "cookiejacking," a play on "clickjacking," an exploit method first revealed in 2008.

Valotta combined an unpatched bug, or "zero-day," in IE with a twist on the well-known clickjacking tactic to demonstrate how attackers can steal any cookie for any site from users duped into dragging and dropping an object on a malicious Web page.

He had demonstrated the attack at a pair of security conferences in Amsterdam and Zurich earlier this month, then published more information on his blog Monday.

By hijacking site cookies from IE7, IE8 and even IE9, attackers would be able to access victims' Web email, Facebook and Twitter accounts; or impersonate them on critical sites that encrypt traffic, like online banks and retail outlets.

Jeremiah Grossman, founder and CTO of WhiteHat Security, called Valotta's attack "clever" and said he could see hackers taking to it as a fallback to clickjacking, which he and Robert Hansen uncovered and publicized nearly two years ago. "In the event they can't find a cross-site scripting or clickjacking vulnerability, this would be a nice fallback plan for [attackers]," Grossman said.

Read full story...

Tuesday, May 24, 2011

Microsoft Kissing Windows Mobile 6 Goodbye

Ever since Windows Phone 7 devices hit the shelves, Windows Mobile 6 has been pushed aside in favor of its more modern successor. It’s no secret that Microsoft’s main focus is WP7, and the company has confirmed will take another step away from Windows Mobile this summer.

Microsoft has set the end-of-support date for Windows Mobile 6.x. According to WinRumors, the company told Windows Marketplace for Mobile developers that it will no longer accept new Windows Mobile 6.x applications or application updates from July 15 onwards.

Read full story...

Saturday, May 21, 2011

IBM to invest $100 million for big-data analysis research

IDG News Service - Sensing a greater need in big-data analysis tools, IBM will invest US$100 million to research advanced large-scale analytics, the company announced Friday.

IBM also said it will have 20 new service offerings to help customers quickly analyze petabytes of data.

"We think it's a good time from a research perspective to double down on how we think about big data and how people can get actionable insights from it," said Rod Smith, IBM vice president of emerging technologies.

The money will be used to investigate ways of advancing software, systems and services to better analyze data. "Analytics are terrific, but if you can combine analytics with specific problems and expertise around certain problems, then you can define outcomes in unique ways," Smith said.

While the IT industry already has plenty of business intelligence and analytics software, tools are still lacking for analyzing large amounts of unstructured data, Smith said. About 80 percent of the data in an enterprise is unstructured, meaning it is not easily categorized in databases.

Smith said many IBM customers are collecting large amounts of data through sensors, either software- or hardware-based, but do not have ways of analyzing the results. "From a research perspective, we can ask, 'What does that mean, and what can we do in these new areas to help them?' " Smith said.

Read full story...

Tuesday, May 17, 2011

Report: Microsoft to Buy Nokia Mobile Division

It’s been a big year for Microsoft so far. Between signing a landmark deal with Nokia and its more recent bid to purchase Skype, the Redmond team has certainly been busy. However, it seems Ballmer and co. may have another trick up their sleeve for us. 

The latest scuttlebutt says Microsoft has its eye on Nokia and the two companies will be entering discussions next week. If fruitful, they would see Nokia’s mobile phone division sold to Microsoft. The source of these reports is Russian blogger Eldar Murtazin. Murtazin focuses mostly on phones and has a pretty decent track record. Though he doesn’t know the finer details, Murtazin claims both parties are in a hurry and that the deal could close before the end of this year.

Of course, lending credence to the rumors, is the fact that Nokia recently signed a deal with Microsoft that will see Windows Phone 7 become the Finnish company’s primary smartphone OS. Prior to this decision, Nokia was very dedicated to its own software and desperate to differentiate itself from other manufacturers by developing its own OS. That all changed when current CEO Stephen Elop took the reigns. Oh, and did we mention that he's a former Microsoft employee?

Read full story...

Tuesday, May 10, 2011

Microsoft TV ads to target old PCs with anti-'good enough' angle

Campaign to push consumers off Windows XP, blunt surges by smartphones and tablets, says analyst

Computerworld - Microsoft on Monday night will debut a new television advertising campaign hoping to convince consumers to upgrade their older PCs to ones running Windows 7.

The ads will run on ABC, CBS and NBC starting in the 8 p.m. time slot. One of them is available now on YouTube.

As first reported by Todd Bishop of GeekWire, the ads will be the latest incarnation of the "I'm a PC" campaign that ran more than two years ago, but will target consumers already using Microsoft Windows.

"The ads feature real couples who thought their old (4+ years) PC was 'good enough' being surprised to find a Personal PC store built out in their homes," Microsoft said in a statement.

Read full story...