Opera/Microsoft antitrust case drama

It seems Microsoft are in the dock again. This time it’s the turn of Norwegian browser producer Opera, to pursue the software giant. The case is an anti trust allegation, claiming that Microsoft are ‘abusing their powers, by only shipping copies of their operating system Windows, with only their own “Internet Explorer 8.0” browser and none of their competitors’.

The Chief technology officer for Opera, is quoted as having said “Microsoft is ignoring web standards and should use its position to promote competition, among browser”. Meanwhile Mozilla, producers of the popular “Firefox” browser, claimed that the “browser wars are over”, at this years South by South West festival in Texas.

What Mozilla meant by ‘the end of the browser wars’ is that the main browser manufacturers are now working much more closely  together on a common set of standards, to ensure that all browsers act and display information is a uniform way. There have been some minor disputes, one being Microsoft going off and developing their own security systems, but in in their defense, they have made the code available for other vendors to utilize. Internet security is something that most people agree can not wait for agreements to be made, at the expense of leaving clients vulnerable and contrary to Opera’s claim, Microsoft’s Internet Explorer 8.0 does actually support internet standards.  By default Internet Explorer 8.0  has standards support turned on for the internet , but the  intranets, claiming that this is so that developers can continue to use internet explorer 7.0 while they upgrade their systems.

Microsoft’s stance on the shipping of browsers has been that Explorer and by extension  Internet Explorer form an integral part of the operating system and should be shipped with windows.

In the latest bid to appease the European Courts, Microsoft offered to go back on previous stance, that Explorer and by extraction Internet Explorer form an integral part of the operating system and should be shipped with windows. Offering to ship a version of their operating system for Europe (to be known as version e) without any browser at all.
After discussions with Opera, the courts dismissed this suggestion after a single day, saying “the move would not further its goal of promoting browsers that compete with Internet Explorer.”

The only hearing scheduled in the case, was set for early June, but has been cancelled after Microsoft complained that many European antitrust officials who could attend the hearing as observers were unable to do so because of a competing conference in Switzerland. The commission is under no timetable to release its ruling in the browser case, but in the past, it has publicized crucial decisions, fines and sanctions before leaving for its summer break in late July.

The truth is, that Apple also ship their operating system with only Safari, their own browser and yet Opera have not sued them. In fact its doubtful that it is Microsoft they should be chasing, as Microsoft do not install or ship most of the Windows products that go out, hardware manufacturers do. Companies like Dell, IBM, HP, ASUS often add their own utility software,  anti virus products and other extras, I’m sure that if Opera where truly demanded by end users, then they would be more than happy to bundle them with their products.

The idea of a modern operating system not coming with a browser at all is quite ridiculous, having to get installers on a cd or memory device and install one before connecting to the internet would make registration, licensing ad upgrade a far more arduous task.  Operating systems coming with a choice of  3 or 4 browsers, would also have implications to large corporate IT systems, supporting and keeping on top updates and security control for multiple browsers would be a very large undertaking in many cases.

In some ways I believe it is Opera’s own best interest to have users download their browsers from the internet if they want it, firstly this keeps them competitive as they have to make truly better browsers, and secondly because it gives them much needed information on who is using their browser.

Regardless of what the courts decide, remaining the default browser will be a lot harder than just being put on the installation disk. Opera,  will still have its work cut out, as it does have its downsides, there is a general lack of support for all important plug-ins and a large number of sites that don’t support it.

I myself am a big fan of Opera, and have been using it as my browser of choice  of late, but I do also use Explorer, Chrome, Flock and Safari on a daily basis, each of which has it own benefits.

Advertisements
Opera/Microsoft antitrust case drama

Viruses target social networks

Last week i fell victim to a virus. More correctly i fell victim to  a piece of maleware / spyware. Being as i a work in IT it didn’t cause to much of a problem, but it did make me take another look at the whole spyware problem.

The first think that surprised me wass that my current anti virus/maleware software had not picked it up. I’m a bit of a security control freak and actually run online, gateway , server and desktop Av, none of which detected or matched the patterns in this virus. The virus managed to set up its own proxy server on my machine, bypass my own proxy server, disable my local Av software and  run a number of exe files that mimicked the windows alert modules telling me the system had detected a problem and offering to install software to help. In fact even when i ran deep scans with trend, and spybot search and destroy, 2 leading titles in anti maleware they reported that my system was running normally with to viruses found. It was obvious that i did have a problem, in that there were around 160 exe files running and a new windows explorer window appearing every couple of minutes. It didn’t take long to do a quick google search on the individual exe files and find something that could remove it.

The second thing that surprised me, how easily i almost fell for providing my credit card details on a machine i knew to be affected. After 2 days of working on my laptop, while the very time consuming deep scans ran on my workstation,  I was so pleased to have found something that promised to kill the virus for once and for all that i very almost, went ahead and payed the $30 for an online license.

The third thing worth mentioning is how i fell for getting the virus in the first place. I guess it was a cross between a social engineering attach and a straightforward maleware attack. I in short i got a message on facebook inviting me to view a movie clip from a friend, this then took me to what looked like that persons you tube account, but where you would expect to see the movie playing there was a message saying that my version of flash player was out of date and to click to continue, the usual warning popped up before installing. All of which i clicked through, as it look so similar to a genuine flash updater. Next think you know i’ve restarted and all sorts of pop ups are saying a virus has been detected and linking to software products to purchase to remove this.

When you think about it, this is genius. The latest generation of internet users are very into social networks, but are much less tech savvy when it comes to security, and protecting themselves. They are so used to clicking ‘yes’,  ‘install’, ‘accept’, ‘i agree’, without reading anything of what they are actually agreeing to that they are easy targets when it comes to installing harmful stuff, like maleware and viruses. I myself am a classic example, busy day in the office and a box pops asking me to agree to an update to software i trust from a person i know and i say yes without a second thought.

It would seem that i am nt the only one thought, cnet this week reported on the koobface virus currently hitting facebbok users, and there are no end of others popping up everyday.

Viruses target social networks

Who’s Responsible for Data in the Cloud.

While trawling through the internet i came accross an a couple of articles that made me think, about

The first one was on the bbc technology site and it talked about cloud computing and the US Patriot Act, this is similar to the UK’s anti terrorism legislation and as far as i can see it gives the US government the right to look at data stored in the states if they think that it might include information about terrorists.

You might me thinking, well what does that have to do with me i’m not an american, so what if the americans can look at data within their own country. But what you have to remember is that many many services like amazons S3 data storage, hotmail, skydrive and gmail are all hosted in the states, so any data stored on these is covered by the Patriot Act.

What’s i bet that if they really wanted to they could make these laws extend to any data travelling through there network, so if you send an email, a twitter message, a file or any other string on ones and zeros and its routed through the us or any ther country they would be at liberty to read that information, and use it to whatever purpose they saw fit.

This got me to thinking as a system administrator, if i’m storing data in the states and viewing it on terminals in the Uk, do i need to adhere to both the Uk’s data protection Act and any american version of the same act, or does the data protection act only apply to data held on citizen of a particular country, if so do what laws do i have to adhere to if i have a mailing list which contains data from people in several different countries.

The second artical i came accross was something on tech crunch about a German Politician, that had a legal ruling made to prohibit the local german version of wikipedia from accessing information on the main wikipedia database in miami.

The focus of my thoughts here really is were does responsability lie if an english company say has a website hosted in the US, but bought and paid for in the UK, and you want to take them to stop them from false advertising, do you persue the Uk company, or the US isp hosting their data? And what if for example the banner ads you object to on the site as simply embedded links to data on a video server in say germany. In fact the whole area of links seems quite complicated, if you for example display an rss on your site from elsewhere on the internet and they say something that is could be slanderous are you also guilty of slander and howdoes this work across borders, i mean something may be deemed slanderous in one country but not another. There was talk yesterday that the german politicians background in the german police was protected under german law, but does that extend outside of germany.

what are you thaughts on this?

Who’s Responsible for Data in the Cloud.

Virtual murder, leads to real life arrest.

Earlier this week I wrote a post about Wayne Forrester, the 34 year from here in the Uk, jailed for life for murdering his wife after she changed her facebook status to single. Well in a strange turn of events I find myself blogging once again, this time about a real arrest following a virtual murder.

Mayumi Tomari a Japanese woman of 43, was taken 620 miles from her home in Southern Miyazaki to Sapporo for questioning by police on suspicion of illegally accessing a computer and manipulating electronic data, to kill off his in game avatar.

It is believed that the old piano teacher became so enraged that her online husband (in computer game MapleStorey) had unexpectedly divorced her, that she used logon information the 33 year old office workers had given her while they were happily married (in the game) to delete his account. It is believed that the two have never met in the real world and that the man made the complaint to police after finding his avatar (character that represent’s him in the game) was dead.

While she has not yet formally been charged she could face a 5 year prison sentence or a fine of more that £3,000 if convicted. There have been several arrests in the past for virtual crimes, but unlike this case these usually involved corresponding material gains in the real world.

I think this is a case of real life being stranger than fantasy. Also in the news this week was the story of a blogger arrested in Newcastle and charge with offences under the obscene publications act for describing what he would like to do to a geordie pop star in girl band Girls Aloud. The blurring of reality and virtual reality has to make you wonder what will be next? Will we start getting actual speeding fines for racing cars on online games, or worse still tax bills for virtual purchases.

My advice to Japanese office workers considering a quicky divorce from their online spouses – change your password first!
My advice to this victim, if your behavior results in murder in the virtual world, stay single in the real world!  Finally my advice to miss Tomari’s piano students – keep practicing she’s obviously easily upset!

Sources: the telegraph, The Yomiuri Shimbun, associated news

Virtual murder, leads to real life arrest.

FBI Honeytrap Darkmarket.ws is sprung

Following a two year undercover operation in conjunction with a number of other international law enforcement agencies, this week the FBI nabbed 56 Cyber Criminals and prevented an estimated $70 million in frauds.

Reports in Computer weekly state that the Uk’s Serious Organised Crime unit worked closely with the FBI Cyber Crimes Division and that arrests were made in London, Manchester, Leicester, Humberside and South Yorkshire.

The operation revolved around online ‘carder’ forum, Darkmarket.ws, where members buy and sell stolen credit card data, login credentials, other financial information and devices used to carry out certain financial crimes.

Darkmarket.ws was shuttered on 4th October 08, Master Splyntr blamed this on the site drawing too much attention after fellow administrator known as Cha0, aggresivetly marketed a high quality card skimmer on the site.

The site was registered in June 2006 and believed to have had 2,500 members, attracting 563,299 hits last month, Most members believing the site to be ran out of Eastern Europe, but it was almost exposed in 2006 when uber-hacker Max Ray Butler cracked the site’s server and announced to the underground that he’d caught Master Splynter logging in from the NCFTA’s office

In an FBI press release Cyber Division Assistant Director Shawn Henry states that ‘in a world of rapidly expanding technology, cyber crimes can be perpetrated instantly from anywhere in the world’ and explains the importance of being flexible and creative in their approach to this sort crime that taking them to online forums more and more frequently.

While the operation would appear to be a huge success, there has been some criticism from victims of these crimes, suggesting that the FBI actually set up and ran the site as a honey trap. German public radio went as far as to suggested that Master Splyntr the man believed to be behind the site was actually an FBI agent and that a Darkmarket server was located in an FBI building in Pittssburgh.

Researching this subject did beg the questions, how do you pay when your buying a stolen identities online from a bunch of cyber criminals? And what does a cyber criminal actually look like, are we talking an Arthur daily style character in a sheep skin jacket and sovereign rings, a Gordon Gecko in a sharp business suit or a pimply teenaged geek like the kid in war games?

Sources:  FBI, wired, itworld

FBI Honeytrap Darkmarket.ws is sprung