Last week, the Associated Press reported that Comcast is interfering with users' ability to run file-sharing applications over its network.

cialis costs 0in; font-family: Verdana” align=”justify”> 

We spoke to Comcast last month and understood them to deny that they are doing this, so we've been running our own tests.

On Friday, we posted about some experiments showing that Comcast is forging packets in order to interfere with its customers' use of BitTorrent. There have been reports of strange things happening with other protocols, and we've been running some tests on two other file transfers protocols in particular — HTTP (which is used by the World Wide Web) and Gnutella. Comcast has also been strenuous in telling us, "We don't target BitTorrent". Perhaps not.

Perhaps what they're doing is even worse.

Read the AP report:

http://news.yahoo.com/s/ap/20071019/ap_on_hi_te/comcast_data_discrimination

Read what EFF's technologists discovered in the complete

post:

http://www.eff.org/deeplinks/2007/10/comcast-also-jamming-gnutella-and-lotus-notes

For our previous post:

http://www.eff.org/deeplinks/2007/10/eff-tests-agree-ap-comcast-forging-packets-to-interfere

I'm sure most of you have heard of Wikipedia before, but just in case you haven't, let me tell you a little about it before we move on. Basically, Wikipedia is a free encyclopedia that anyone can use and edit. That's right, if you want to add something to the Wikipedia database or if you want to edit someone else's entry, you can do so right through the Wikipedia Web site. Cool, huh?! (If you're still not sure what I'm talking about, you can learn more about it by reading this tip as well). Now, I know what you're probably thinking: "How can I get started?" Well, allow me to show you! Here’s how:

1.) First, go to the Web site of http://en.wikipedia.org.

2.) In the top right hand corner, click Sign In/Create Account.

3.) On the next page that appears, click Create One, which can be found above the Username box.

4.) Next, you will need to fill in your desired username (it has to be unique, as in not too long and not similar to anyone else’s), your desired password (twice) and your e-mail address. Although your e-mail address is optional, if you are going to get serious with Wikipedia, I suggest entering it in. There is also a spam blocker at the top of the page (a CAPTCHA test), so fill that in too and you'll be all set!

5.) Once you have completed all of that, go to your e-mail account and click the link in your e-mail to fully activate your account.

6.) Now, return to http://en.wikipedia.org and in the top right hand corner (where the Sign In link used to be), there is a small toolbar. Click My Preferences (see screenshot below) to get started.

7.) Here you can set up a signature that will appear when you type on certain pages. For now, click on the Editing tab in the gray toolbar at the top of this area. The bottom checkbox that says "Prompt me when entering a blank edit summary" should be unchecked. Check that and then click Save at the bottom of the page. cialis 10mg price

8.) Now, you’re finished setting your preferences and you are free to explore the encyclopedia. A good starting point would be the Wikipedia: Introduction, which can be found by typing "WP: INTRO" into the search box on the left hand toolbar. But the choice is yours!

Now you can go and Wikipedia away!

By William Kilmer, News.com

Published on ZDNet News: Oct 8, 2007 4:00:00 AM

The Storm Worm ranks as one of this year's most virulent and persistent viruses. After making a January debut, transported by e-mail, the virus was notable for the more than 50,000 variants that it subsequently spawned.

The Storm Worm has since continued unabated, most recently in the form of Web-based attacks. E-mails, socially engineered to look like electronic greeting cards and linked to a Web site containing malware, completely avoided traditional e-mail antivirus gateways. The Storm Worm's course change to the Web reflects a growing trend of malware Web-based attacks launched through e-mail.

The simple logic behind these e-mail-based blended threats is astoundingly effective: no attachment means no antivirus block. And when combined with a user-friendly invitation, it creates the opportunity for a high infection rate.

Blended threats easily lead people to Web sites where malware gets downloaded–often without user interaction or knowledge. The industry is just now realizing the severity of the problem,

Researchers at Google recently published a paper concluding that approximately 10 percent of reviewed URLs contained "drive-by downloads" of malware binaries (PDF) and many more that were flagged as suspicious.

Malware once lurked in the dark corners of the Internet, but recent hacks have shifted it to the places we all frequent.

buying generic cialis 9pt; margin: 0in; font-family: Verdana” align=”justify”>Our research at Avinti examined URLs being "advertised" through e-mail by spammers, and we found similar results: 40 percent of all e-mails contain at least one URL, and of those, approximately 7 percent linked to a malware site.

Malware once lurked in the dark corners of the Internet, but recent hacks have shifted it to the places we all frequent. For evidence, look no further than this year's hacking of the Web site for Dolphin Stadium, home to Super Bowl. Or the Sydney Opera House. Even popular social-networking sites like MySpace and Facebook have been platforms for exploits. Yes, the sites we frequent daily and trust may be the biggest threats we face in the future and we may be lured there by an innocuous e-mail link to view a greeting, blog or video.

The new Web (2.0) is a fertile breeding ground for malware. Links, blog postings, shared applications and syndicated traffic are all backdoor opportunities for unknown exploits to invade legitimate sites.

At the same time, traditional tools such as Web filters, originally built for blocking objectionable content, struggle to catch these attacks as much as antivirus products do in keeping up with ever-changing e-mail-borne attacks. Spammers and hackers have automated the process so that these sites can be up and running and then down in a matter of hours long enough to carry out their attacks. Like the Storm Worm variants, these sites may be up, active and out of business before a bad URL or IP address is ever logged.

Given the frequency of hackers hijacking a legitimate Web site to insert malware, such as an attack spoofing the Better Business Bureau, blocking a domain or subdomain is becoming more problematic. What about linked pages? Are they blocked by association or if they serve up the malicious link? What if a single IP address hosts sites for both malware and non-malware sites? Without proper control, we may end up either blocking too much, or jeopardizing our trust in valid Web sites.

Fortunately, there is some light now that we have recognized the problem. Organizations like Stopbadware.org and Google are beginning to address ways to share information on malware sites. More vigilance by social sites and IT directors on patching and maintaining their Web sites is going to become more critical than ever.

In addition, there is a greater realization among vendors that since hackers and spammers don't look at e-mail, IM, or the Web independently, they can't afford to either. What we need now are proactive solutions that are as dynamic as the attacks they are trying to prevent; that can detect both known and unknown threats, whether on the Web, e-mail, or IM. Until then, beware the next time you get an e-mail greeting card.

Pasted from <http://news.zdnet.com/2010-1009_22-6211929.html?tag=nl.e550>

October 5th, 2007

Posted by David Berlind @ 9:33 am

Yesterday was the last straw for me when it comes to the way spam is impacting my work. First, before purging the junk mail folder in my Outlook, I did a quick scan only to notice that almost every other e-mail that was classified as spam was actually a legitimate e-mail that should have flowed into my inbox. Why was it in my junk mail folder? I have no idea. That’s part of the problem. In many cases (not all), you can’t look at the e-mail, see what the offending issue was, and notify the sender of why their e-mails are getting classified as spam.

But that wasn’t all that happened yesterday. For the events company (Mass Events Labs) that Doug Gold and I co-own to produce Mashup Camp, Startup Camp, and other events, we use a masseventslabs.com-specific context of Google Apps for e-mail, documents, spreadsheets, etc. In other words, when Doug and I send e-mail to each other through the masseventslabs.com domain, both he and I are sending and receiving from and to a Google Apps-based version of Google’s GMail. Yet somehow (as you can see in the attached video), yesterday, when he replied from his Google Apps account to an important e-mail that I sent to him via my Google Apps account, GMail redirected his reply to my spam folder. How can this be? That’s the equivalent of users of the same, behind-the-firewall copy of Microsoft’s Exchange Server not being able to send e-mail to each other because it’s getting classified as spam. Surely, an e-mail server has some idea of when the source of e-mail is itself.

So, what’s the problem and whose to blame for “friendly fire” and other SNAFUs in the battle against spam? The problem is that the major e-mail technology providers won’t work together to come up with some standard approaches to stopping spam. And when I say major, I mean AOL, Google, Microsoft, and Yahoo. If those four companies simply got together and said it’s time to fix the problem and here’s how we’re going to fix it, the rest of the world would have no choice but to follow. Don’t agree with me? Watch the video. From my interview the other day with Matt Glotzbach, director of product management for Google Enterprise, I extracted the part where he unequivocally agreed that that’s all it would take.

Yet, here we are, more than five years after the major e-mail tech providers said that they’d find a way to curb the problem, and the situation buying cialis is markedly worse. Markedly. Compounding the problem is that there is some cooperation going on between pockets of vendors and Web sites here and there. But the end game there will be separate Internets. If Yahoo! and eBay get together as they’ve just done to address phishers going after users of eBay and PayPal and Google does something different with GMail to address phishers going after users of Google Checkout, pretty soon, you end up in a situation where you have to enter completely different multi-site contexts (walled Internet silos) to get anything done. That was not the idea behind the Internet.

So, are you outraged enough to join me in taking action? How can we (you and I) solve the problem. We have to put the pressure on AOL, Google, Microsoft, and Yahoo. I’ve recorded a video Technology Shakedown (see above) and I’ve licensed it under a Creative Commons license that allows you to re-use it anywhere you want. It’s not easy to grab our videos from ZDNet (I’ll work on that). So, if you want a copy of the video to paste into your blog or Web site, feel free to grab the YouTube version. Maybe together, we can all send a clear message to these four technology providers that its time to stop dilly-dallying and to lead the Internet to a standard “stack” of anti-spam solutions that will have most spammers and phishers looking for a new line of work.

David Berlind has been Executive Editor at ZDNet since 1998 and has been a technology journalist since 1991. Although he can't respond to all e-mails, he reads them all. You can reach David at david.berlind AT cnet.com. If you don't want the content of your e-mail to turn up in a blog entry, make sure you say so. To the extent that most e-mail he receives looks to sway his opinion about something, he usually looks to pass those points of view onto ZDNet's audience members for their consideration . For disclosures on David's industry affiliations, click here.

Pasted from <http://blogs.zdnet.com/Berlind/?p=817&tag=nl.e539>

October 3, 2007

The Washington Times

Time is running out for the Internet taxation moratorium. The current ban expires Nov. 1, after which states and municipalities can swarm Internet users with new e-commerce levies (and they will). There is even talk of taxing individual e-mail messages. Congress should extend the ban.

This widely popular legislation has been extended twice over nine years and has enjoyed wide bipartisan support. It flew through the Senate by a 93-3 margin when it was renewed in 2004. Everyone from Sen. Chuck Schumer, New York Democrat, to bill sponsor George Allen, Virginia Republican, supported it. In the House, its 134 cosponsors included figures across the spectrum, from Rep. Marty Meehan, Massachusetts buy tadalafil cialis Democrat, to Rep. Tom Tancredo, Colorado Republican. The merits of the moratorium have not changed much.

So why the delay? The short answers are dueling legislators and the accompanying congressional foot-dragging. Groups such as the U.S. Conference of Mayors and the National Governors Association want a short extension; grandfathered privileges for the nine states that tax e-commerce; and a narrowing of definitions. Last week, Rep. John Conyers, Michigan Democrat, introduced a bill containing those and extending the moratorium through 2011. This follows Mr. Conyers' apparent rejection of a bill by Rep. Anna Eshoo, the California Democrat who represents Silicon Valley, and Rep. Bob Goodlatte, Virginia Republican, to make the ban permanent. (We prefer a permanent ban.)

A ban expiry would be a serious disservice to consumers, not to mention a drag on a high-performing sector of the economy. Some on the left are swayed by the argument that the Internet tax moratorium places a disproportionate tax burden on low-income Americans because it is the wealthy and middle class, not the poor, who spend online. This is more than a bit of tax-and-spend revenue hunger. The disparity is likely to lessen in the future, as the costs of computers and online access continue to fall.

There is no compelling reason for this commonsense legislation to expire, other than to fill the grubby hands of state and local politicians. On behalf of consumers, businesses and for economic prosperity generally, Congress should renew the moratorium on Internet taxes.

Pasted from <http://www.washingtontimes.com/apps/pbcs.dll/article?AID=/20071003/EDITORIAL/110030017/1013/EDITORIAL&template=printart>