An anonymous reader writes "IM company Digsby has quietly included malware in an update to their client software that utilizes users' computing power and bandwidth while idle for a quick buck. When questioned, developers at Digsby claim that they have done no wrong and that users should not complain because the client software is 'free.'" The money-making distributed computing software is in addition to six "crapware" apps that users must refuse during installation. The terms of service that no one ever reads does describe the CPU- and bandwidth-robbing moneymaker, and its off switch is located behind the "Support Digsby" menu item.

holy_calamity writes "Yahoo research have started a private beta of a scheme that resurrects the idea of charging people to send email to cut spam. Centmail users pay $0.01 for each message they send, with the money going to a charity of their choice. The hope is that the feel good effect of donating to charity will reduce the perceived cost of paying for mail and encourage mass adoption, making it possible for mail filters to build in recognition of Centmail stamps."

The Narrative Fallacy writes "The Washington Post reports that online swindling takes dedication even in the best of times but succeeding in the midst of a worldwide economic meltdown takes patience, resolve, and hard work. 'We are working harder. The financial crisis is not making it easy for them over there,' said Banjo, 24, speaking about Americans, whose trust he has won and whose money he has fleeced, via his Dell laptop. 'They don't have money. And the money they don't have, we want.' US authorities say Americans — the easiest prey, according to Nigerian scammers — still lose hundreds of millions of dollars a year to cybercrimes, including a scheme known as the Nigerian 419 fraud, named for a section of the Nigerian criminal code. 419 is cemented in Nigerian popular culture. and the scammers, known as 'yahoo-yahoo boys,' are glorified in pop songs such as 'Yahoozee,' which gained even more fame after former secretary of state Colin L. Powell danced to it at a London festival last year."

SeanCier writes "We're a small (two-person) iPhone app developer whose first game has recently been released in the App store. In the process, we've inadvertently stepped in it, bringing up a question of the GPL and free software ethics that I'm hoping the Slashdot community can help us clear up, one way or the other. XPilot, a unique and groundbreaking UNIX-based game from the early/mid nineties, was a classic in its day, but was forgotten and has been dead for years, both in terms of use and development. My college roommate and I were addicted to it at the time, even running game servers and publishing custom maps. As it's fully open source (GPLv2), and the iPhone has well over twice the graphics power of the SGI workstations we'd used in college, we decided it was a moral imperative to port it to our cellphones. In the process, we hoped, we could breathe life back into this forgotten classic (not to mention turning a years-old joke into reality). We did so, and the result was more playable than we'd hoped, despite the physical limitations of the phone. We priced it at $2.99 on the App store (we don't expect it to become the Next Big Thing, but hoped to recoup our costs — such as server charges and Apple's annual $99 developer fee), released the source on our web page, then enthusiastically tracked down every member of the original community we could find to let them know of the hoped-for renaissance. Which is where things got muddy. After it hit the App store, one of the original developers of XPilot told us he feels adamantly that we're betraying the spirit of the GPL by charging for it." Read on for the rest of Sean's question.

Al writes "The head of Google's Web-spam-fighting team, Matt Cutts, warned last week that spammers are hacking more and more poorly secured websites in order to 'game' search-engine results. At a conference on information retrieval, held in Boston, Cutts also discussed how Google deals with the growing problem of search spam. 'I've talked to some spammers who have large databases of websites with security holes,' Cutts said. 'You definitely see more Web pages getting linked from hacked sites these days. The trend has been going on for at least a year or so, and I do believe we'll see more of this [...] As operating systems become more secure and users become savvier in protecting their home machines, I would expect the hacking to shift to poorly secured Web servers.' Garth Bruen, creator of the Knujon software that keeps track of reported search spam, added that some campaigns involve creating up to 10,000 unique domain names."

Al writes "A team of researchers at the Georgia Institute for Technology say they have developed a way to catch spam before it even arrives on the mail server. Instead of bothering to analyze the contents of a spam message, their software, called SNARE (Spatio-temporal Network-level Automatic Reputation Engine), examines key aspects of individual packets of data to determine whether it might be spam. The team, led by assistant professor Nick Feamster, analyzed 2.5 million emails collected by McAfee in order to determine the key packet characteristics of spam. These include the geodesic proximity of end mail servers and the number of ports open on the sending machine. The approach catches spam 70 percent of the time, with a 0.3 false positive rate. Of course, revealing these characteristics could also allow spammers to fake their packets to avoid filtering."

An anonymous reader writes "While spam levels globally remain at a two-year high of approximately 90 percent, some European countries are seeing levels of over 95%. According to a new MessageLabs report (PDF here), countries such as Germany, France and the Netherlands are being heavily targeted by spammers with automated spam translation techniques. The use of automated translation services enables multiple-language spam runs and is responsible for a 13% increase in spam levels in these countries since May."

An anonymous reader links to Ars Technica's report that (quoting) "Microsoft today announced that Windows 7 and Windows Server 2008 R2 have hit the Release to Manufacturing (RTM) milestone. The software giant still has a lot of work to do, but the bigger responsibility now falls to OEMs that must get PCs ready, Independent Software Vendors (ISVs) that are testing their new apps, and Independent Hardware Vendors (IHVs) that are preparing their new hardware. The RTM build is 7600, but it is not the same one that leaked less than two weeks ago (7600.16384). We speculated that Microsoft may end up recompiling build 7600 until it is satisfied, but it only took the company one more shot to get it right: 7600.16385 is the final build number. Microsoft refused to share the full build string, but if you trust leaks from a few days ago, it's '6.1.7600.16385.090713-1255,' which indicates that the final build was compiled over a week ago: July 13, 2009, at 12:45pm. This would be in line with the rumored RTM date but it is also the day Microsoft stated that Windows 7 had not yet hit RTM. Although the final build had been compiled, Microsoft still had to put it through testing before christening it as RTM."

Meshach writes "An article in Ars Technica claims that 12% of internet users have actually responded to spam messages and tried to buy items. Although I find this hard to believe, it does explain why my spam folder is always full." Also in spam news, wjousts links to a Technology Review article about how spammers get your e-mail address, writing "E-mail addresses in comments posted to a website had a high probability of getting spammed, while of the 70 e-mail addresses submitted during registration at various websites, only 4 got spammed."

A new study has shown that even sperm can be superficial. Researchers found that males of many animal species, including humans, can adjust the speed and effectiveness of their sperm by regulating the amount of seminal fluid they produce during copulation. The determining factor on that amount of fluid seems to be whether the male finds the female attractive.

S2 Games, longtime fans of the "Defense of the Ancients" (DotA) mod for Warcraft 3, have decided to create an entire game based around it (which IceFrog had no objection to). Without offending their still-active NDA, I can say that Heroes of Newerth is shaping up to be a very polished RTS, with the ability to play both via S2's own online service and local games, something that even Blizzard seems to be missing these days. Unlike most publishers, S2 has also decided to simultaneously release Windows, Mac, and Linux clients, making this one of the best looking games that I have ever seen on my Linux box. Additionally, S2 would like to invite another 400 players to the HoN beta, so if you are an RTS fan (and especially if you are a DotA fan) just send an email to scuttlemonkey at slashdot dot org with the subject line of "HoN Beta Key Request" and I'll reply to the first 400 requests as best I can. Update 20:37 GMT by SM: In case you don't notice in your haste to create a beta account, let me remind you that this game is still under strict NDA, so please no specifics in the discussion below. Update 00:01 GMT by SM: Well, given the 800+ emails that flooded my inbox in the first half hour or so we're all out of beta keys, but keep an eye out for a release date. Update 01:00 GMT by SM: Apparently your friends over at S2 games were quite impressed with the level of interest and are furnishing another 2,000 beta keys for me to continue working through the requests in my inbox (I'm at around 1,500 requests total as of this update, and only about 350 keys sent out). Please be patient as I slowly try to catch up. Also a point of clarification, while IceFrog doesn't mind S2 diving in to this space with a game based on DotA (competition is good in the long run after all), he wanted to make sure loyal fans of DotA knew that he plans to continue developing and improving DotA for WC3. Update 7/10/2009 13:06 GMT by SM: to all those still waiting on a beta invite, please be patient. I use gmail as the central repository for my email for ease-of-use, and while I was only expecting to have to hand out 400 keys, apparently gmail has an email cap of 500 per day. Last night my account got locked for excessive use, so I am waiting on the wrist-slap to expire so I can continue my key-spam. It looks like all who have requested a key so far will get one.

bfire writes to tell us that marketing firm uSocial has decided to apply a new monetization scheme to the Twitter service by providing packages of followers for purchase. "According to the firm, a single Twitter follower could be worth $0.10 a month. It is selling followers in various packages, starting at 1,000 for $87, which is delivered in seven days, and going all the way up to 100,000 followers at a cost of $3,479, delivered over a year." This is just the latest in a number of different exploits and problems of the Twitter universe as individuals try to subvert a popular tool into a self-serving device.

CNet has a story about the security measures Google employs to protect their email systems and fight the never-ending war on spam. Their Postini team, acquired two years ago, has a variety of monitoring tools and automated response systems to find and block undesirable messages. Quoting: "The system scores each message on numerous combinations of criteria, assigning a weight to each and then comparing the score to those in a database of several hundred thousand message types that have been flagged as good or bad from Postini honey pots and customer spam reports. ... To block fresh spam attacks not covered by existing heuristic technologies and viruses not covered by existing signature databases Postini relies on proprietary Zero-Hour technology to identify new outbreaks that show up in the traffic patterns and quarantine them for later rescanning. Customers can also create and build out their own white lists of message senders they trust and blacklist others they don't trust. It takes an average of 150 milliseconds for a message to be scanned by the antivirus engines that Postini licenses from McAfee and Authentium.

cin62 writes "The number of Internet scammers offering fake versions of the anti-swine flu drug Tamiflu has surpassed those selling counterfeit Viagra, reports CNN. Since the H1N1 virus, also known as swine flu, was declared a global pandemic last month, there has been an increase in the number of Web sites and junk emails offering Tamiflu for sale. 'Every Web site that used to sell Viagra is now selling Tamiflu. We are pretty sure that the same people are making the Tamiflu as are making the Viagra,' said Director of Policy for the UK's Royal Pharmaceutical Society." This news fits in nicely with a report Wired ran a couple weeks ago about the hysteria behind H1N1.

There are many initiatives to bring tech to developing areas of the globe; things like OLPC, Geekcorps, and UN programs. One new approach from SolarNetOne strives to allow users in those developing areas to have access to an internet connection without having to depend on unreliable infrastructure. "Each SolarNetOne kit is a self-powered communications network. Energy is produced from a solar array sized to each locale's latitude and predominant weather conditions. The generated power is stored in a substantial battery array, and circuit breakers and electronics protect the gear from overloads and other perturbations. A basic kit includes five 'seats,' implemented as thin clients connected through a LAN to a central server. The networking gear also includes a long-range, omnidirectional WiFi access point, and a Session Initiation Protocol (SIP) device. Each kit also includes all the cables and wires required to assemble the system, so few additional materials are required for an installation."

An anonymous reader writes "A recent Lenovo automatic software update has the great feature of displaying annoying pop-up ads for Lenovo products. What's worse, it appears that many users are unable to turn the advertisement 'feature' off, subjecting them to pop-ups every couple of hours. Gee guys, a note about your 20% off sale in my e-mail wouldn't have bothered me that much, but you really had to pop up over top of my PowerPoint slides? I'm sure that all of my office colleagues will be running to order ThinkPads ..."

An anonymous reader writes "An IBM researcher has solved a thorny mathematical problem that has confounded scientists since the invention of public-key encryption several decades ago. The breakthrough, called 'privacy homomorphism,' or 'fully homomorphic encryption,' makes possible the deep and unlimited analysis of encrypted information — data that has been intentionally scrambled — without sacrificing confidentiality." Reader ElasticVapor writes that the solution IBM claims "might better enable a cloud computing vendor to perform computations on clients' data at their request, such as analyzing sales patterns, without exposing the original data. Other potential applications include enabling filters to identify spam, even in encrypted email, or protecting information contained in electronic medical records."

An anonymous reader lets us know about the dire straits the SORBS anti-spam blacklist finds itself in. According to a notice posted on the top page, long-time host the University of Queensland has "decided not to honor their agreement with... SORBS and terminate the hosting contract." The post, signed "Michelle Sullivan (Previously known as Matthew Sullivan)," says that the project needs either to "find alternative hosting for a 42RU rack in the Brisbane area of Queensland Australia" or to find a buyer. Offers are solicited for the assets of SORBS as an ongoing anti-spam service — it's now handling over 30 billion DNS queries per day. An update to the post says "A number of offers have already been made, we are evaluating each on their own merits." Failing a successful resolution, SORBS will cease operations on July 20, 2009 at 12 noon Brisbane time. Such a shutdown could slow or disrupt anti-spam efforts for large numbers of mail hosts worldwide.

Baxil writes "For years now, Javascript munging has been a useful tool to share email addresses on the Web without exposing them to spammers. However, Google is now apparently evaluating Javascript when assembling summary text for web pages' listings, and publishing the un-munged email addresses to the world; and spammers have started to take advantage of this kind service." Anyone else seen this affecting their carefully protected email addresses?

Czmyt sends the excellent news that one of the US's most notorious spammers has pleaded guilty and could serve 6 years in jail. "Five individuals pleaded guilty today in federal court in Detroit for their roles in a wide-ranging international stock fraud scheme involving the illegal use of bulk commercial e-mails, or 'spamming'... Alan M. Ralsky, 64, of West Bloomfield, Mich., and Scott K. Bradley, 38, also of West Bloomfield, both pleaded guilty to conspiracy to commit wire fraud, mail fraud and to violate the CAN-SPAM Act. ... Ralsky and Bradley also pleaded guilty to wire fraud, money laundering, and violating the CAN-SPAM Act. Under the terms of his plea agreement, Ralsky acknowledges he is facing up to 87 months in prison and a $1 million fine..."