DukeTech writes "This week marks the end of an era for one of the earliest pieces of Internet history, which got its start at Duke University more than 30 years ago. On May 20, Duke will shut down its Usenet server, which provides access to a worldwide electronic discussion network of newsgroups started in 1979 by two Duke graduate students, Tom Truscott and Jim Ellis." Rantastic and other readers wrote about the shutdown of the British Usenet indexer Newzbin today; the site sank under the weight of a lawsuit and outstanding debt. Combine these stories with the recent news of Microsoft shuttering its newsgroups, along with other recent stories, and the picture does not look bright for Usenet.

Keith noted that Krebs has an interesting story on a Russian businessman being accused of running a spam ring while serving as an anti-spam adviser to the Russian government. It's a strange tale including an investigation in 2007 that was abandoned when the chief investigator was actually hired to work for the spammer. Not suspicious at all, no way.

Trailrunner7 writes in with a Threatpost.com article that begins: "For years, security experts, analysts and even users have been lamenting the state of desktop security. Viruses, spam, Trojans and rootkits have added up to create an ugly picture. But, the good news is that the desktop security battle may be over. The less-than-good news, however, is that we may have lost it. Jeremiah Grossman, CTO of WhiteHat Security, said Thursday that many organizations, particularly in the financial services industry, have gotten to the point of assuming that their customers' desktops are compromised. And moving forward from that assumption, things don't get much prettier." It goes on to speculate about home routers being targeted and infected.

eldavojohn writes "Some 2,000 public and 2,200 private newsgroups devoted to and managed by Microsoft support are going to be phased out in favor of forums because of newsgroup spam. The Register calls it 'killing newsgroups' but Microsoft eloquently calls it 'the evolution of communities.' Always managing to spin it in a positive light! Let's hope the spam posts and voting bots in their forums remain controllable."

An anonymous reader writes "AOL has sold ICQ to Digital Sky Technologies (DST), Russia's largest Internet company, for US$187.5 million. DST's offer was apparently more attractive than those of Russia's ProfMedia and China's Tencent. ICQ, originally released in 1996 and bought by AOL in 1998 for US$407 million, was one of the world's first major instant messaging systems. Although largely forgotten in English-speaking countries, it remains widely popular in Central Europe, Russia, and Israel. Moscow News has additional coverage of the deal."

An anonymous reader writes "The United States continues its reign as the king of spam, relaying more than 13% of global spam, accounting for hundreds of millions of junk messages every day, according to a report by Sophos. However, most dramatically, China – often blamed for cybercrime by other countries – has disappeared from the 'dirty dozen,' coming in at 15th place with responsibility for relaying just 1.9% of the world's spam."

wto605 writes "As computers are used for more and more vital business functions, small businesses must have office employees who understand the dangers of, and how to recognize and avoid, malware, spam, and phishing. After having been stung by monthly virus cleanups (at $75 an hour) due to an otherwise competent office manager, my parents have realized they need to be aware of their employees' computer skills beyond the ability to type a letter in Microsoft Word (currently the closest thing they have to a test of computer competence). The problem is, as a small business, they have no IT expert who would be able to judge a potential employee's competency. I'm wondering if anyone knows of a good way to test these security/safety awareness skills, such as an online test, a set of questions, etc. I have already pointed them to Sonicwall's Spam and Phishing test, but it definitely does not cover all of the issues facing computer users."

workie writes "Using data derived from website infections, RescueTheWeb.org has found several interesting link-spam architectures. One architecture is where concentric layers of hijacked websites are used to increase the page rank and breadth of reach (within search engine search results) of scam sites. The outer layers link to the inner layers, eventually linking to a site that redirects the user to the scam site. Another architecture involves hijacked sites that redirect the user to fake copies of Google, having the appearance that the visitor is still within Google, but in reality they are on a Google lookalike that contains only nefarious links."

We've been getting submissions about an uptick in compromised Gmail accounts in the last few days, but nothing that could be substantiated. Robert McMillan did a bit of digging and now reports in PC World that "Google is investigating a growing number of reports that hackers are breaking into legitimate Gmail accounts and then using them to send spam messages. The problem started about a week ago but seems to have escalated over the past few days. ... [I]n forum posts, Gmail users note that the hackers appear to be sending spam via Gmail's mobile interface — which gives mobile-phone users a way to check their Gmail accounts — and wonder if there may be a bug in the mobile interface that is allowing criminals to send the spam. ... Google says there's no Gmail bug. ... 'Spammers may sometimes use a mobile interface to access accounts they have already compromised because it's simpler for bots to use this method at large scale.'" Here's how to tell if your Gmail account has been accessed by bad guys, and what to do about it.

Stoobalou writes "Not content with its iPhone scoop, Gizmodo has probably ruined the career of a young engineer. The tech blog last night exposed the name of the hapless Apple employee who had one German beer too many and left a prototype iPhone G4 in a California bar some 20 miles from Apple's Infinite Loop campus. Was that really necessary?" It also came out that they paid $5K for the leaked prototype and that Apple wants it back.

Krebsonsecurity.com has a writeup on the decision of UK anti-fraud activist site bobbear.co.uk to retire from the fray. The 66-year-old fraud fighter said he was getting too old for the work, which takes him about 15 hours a day. "We had so many messages of thanks, and congratulations on the site, but it is so stressful and takes so much out of you, and there is always the worry of litigation hanging over your head." "The owner and curator of bobbear.co.uk, a site that specializes in exposing Internet fraud scams and phantom online companies, announced Saturday that he will be shuttering the site at the end of April. Bobbear and its companion site bobbear.com are creations of [the pseudonomous] Bob Harrison, a 66-year-old UK resident who for the last four years has tirelessly chronicled and exposed a myriad of fraud and scam Web sites. The sites, which are well-indexed by Google and other search engines and receive about 2,000 hits per day, often are among the first results returned in a search for the names of fly-by-night corporations advertised in spam and aimed at swindling the unsuspecting or duping the unwitting." Any ideas on who might want to take over the domains and carry on the work would be appreciated by the Internet community at large.

alphadogg writes "Despite security researchers' efforts to cut spam down to size, it just keeps growing back. The volume of unsolicited email in the first quarter was around 6 percent higher than a year earlier, according to Google's e-mail filtering division Postini. Security researchers have won a few significant battles against the spammers in the last year, first against those hosting the spammers' control systems, and later against the control systems themselves, but they will have to change tactics again if they want to win the war. In the first half of last year, security researchers concentrated their efforts on identifying the ISPs or hosting companies that allowed command-and-control servers to operate, and shutting these botnet purveyors down. The success of that tactic was short-lived, however."

Zarrot writes "In the next step for their Free 2 Play model, Turbine Entertainment, publisher of Dungeon and Dragons: Online, Lord of the Rings: Online, and Asheron's Call, has partnered with notorious 'lead generation company' SuperRewards. Initial testing by forum users shows that just accessing the page without clicking on any offers sends the user's email and game login in clear text to SuperRewards. Reports of new spam and fresh malware infections on test systems are already being reported on the company's forums. Is the Zynga business model the future of Internet gaming?"

An anonymous reader writes "Apple's recent decision to restrict the languages that may be used for iPhone and iPad development has provoked some invective from Adobe's platform evangelist Lee Brimelow. He writes on TheFlashBlog, 'This has nothing to do whatsoever with bringing the Flash player to Apple's devices. That is a separate discussion entirely. What they are saying is that they won't allow applications onto their marketplace solely because of what language was originally used to create them. This is a frightening move that has no rational defense other than wanting tyrannical control over developers and more importantly, wanting to use developers as pawns in their crusade against Adobe. This does not just affect Adobe but also other technologies like Unity3D.' He ends his post with, 'Speaking purely for myself, I would look to make it clear what is going through my mind at the moment. Go screw yourself Apple. Comments disabled as I'm not interested in hearing from the Cupertino Comment SPAM bots.'"

eldavojohn writes "TV pitchman Kevin Trudeau was sentenced to 30 days in jail because he urged his fans and followers to spam a judge. Apparently the judge (who was deluged with emails) decided that this was an act of contempt of court on the court's 'virtual presence' since nothing happened while the court was in session in regards to Trudeau's courtroom behavior. US Marshals are now trudging through those emails to decide if any are threatening."

An anonymous reader writes "A proposal to let Internet service providers conceal the contact information for their business customers is drawing fire from a number of experts in the security community, who say the change will make it harder to mitigate the threat from spam and malicious software, according to a story at Krebsonsecurity.com. From the piece: 'The American Registry for Internet Numbers (ARIN) — one of five regional registries worldwide that is responsible for allocating blocks of Internet addresses — later this month will consider a proposal to ease rules that require ISPs to publish address and phone number information for their business customers. Proponents of the plan couch it in terms of property rights and privacy, but critics say it will only lead to litigation and confusion, while aiding spammers and other shady actors who obtain blocks of addresses by posing as legitimate businesses.'"

This weekend saw the delivery of iPads into hundreds of thousands of filthy hands. I managed to get my hands on a 32GB unit and put it through its paces for a battery charge and a half, and wanted to take a few minutes to share some notes with you. But if you don't care to read the whole review, let me give you a hint: I am typing this review on my laptop.

Wolf pointed me to a video clip demonstrating this game: "Miegakure is a platform game where you explore the fourth dimension to solve puzzles. There is no trick; the game is entirely designed and programmed in 4D." Nothing to download yet.

An anonymous reader writes "Even though over 80% of email users are aware of the existence of bots, tens of millions respond to spam in ways that could leave them vulnerable to a malware infection, according to a Messaging Anti-Abuse Working Group (MAAWG) survey. In the survey, half of users said they had opened spam, clicked on a link in spam, opened a spam attachment, replied or forwarded it — activities that leave consumers susceptible to fraud, phishing, identity theft, and infection. While most consumers said they were aware of the existence of bots, only one-third believed they were vulnerable to an infection."

www.sorehands.com writes "In the first case brought by a spam recipient to actually go to trial in California, the Superior Court of California held that people who receive false and deceptive spam emails are entitled to liquidated damages of $1,000 per email under California Business & Professions Code Section 17529.5. In the California Superior Court ruling (PDF), Judge Marie S. Weiner made many references to the fact that Defendants used anonymous domain name registration and used unregistered business names in her ruling. This is different from the Gordon case, where one only had to perform a simple whois lookup to identify the sender; here, Defendants used 'from' lines of 'Paid Survey' and 'Your Promotion' with anonymously registered domain names. Judge Weiner's decision makes it clear that the California law is not preempted by the I CAN-SPAM Act. This has been determined in a few prior cases, including my own. (See http://www.barbieslapp.com/spam for some of those cases.)"