Microhoo at last and lots of security news

Well, we can all sleep a little easier now that Microsoft and Yahoo have finally announced details of the search deal they have worked on for months (and that has kept some of us on the edge, as tidbits of the story had an unsavory habit of breaking on weekends). All of the details, and then some, can be found by following the links in this week's top entry. Otherwise, with the Black Hat conference under way, there was a load of security news, with DefCon to follow this weekend (no rest for the weary).

1. Microsoft and Yahoo sign search deal, take on Google, CEOs: Devil was in details of Yahoo, Microsoft search tie-up and Microsoft-Yahoo deal: Why you stand to lose: After tracking this would-be news for about a year, all we feel is relief that it was finally announced. Now we can shift attention to whether Microsoft and Yahoo's big search deal, once approved by regulators, will work out for them and for users.

2. Clampi Trojan revealed as financial-plundering botnet monster: The news of a massive botnet associated with more than 45,000 Web sites and capable of stealing financial data is one of those instances that makes us wish that superheroes were real and that we could sic Batman on the bad guys and just end this nonsense once and for all.

3. Sensitive data compromised by SSL encryption flaws: Flaws in the software that uses SSL (Secure Sockets Layer) encryption could compromise sensitive personal data, security researchers said. The problem apparently is in the way SSL has been implemented into many browsers and also in the X.509 public key infrastructure system. (And there is more unsettling security news ahead in numbers five and eight.)

4. Apple: Jailbreaking could knock out transmission towers and EFF: Apple's claim that jailbroken iPhones can crash cell towers a 'hill of beans': There's nothing quite like a public spate to spice up the headlines. Apple told the U.S. Copyright Office as part of a review of the Digital Millennium Copyright Act that unauthorized modification of the iPhone OS -- so-called "jailbreaking" -- could cause major network disruptions, including the possibility of crashing transmission towers. The claim was made in response to a request by the Electronic Frontier Foundation that such modifications do not violate the DMCA and should be permitted. So, the EFF responded to Apple by saying, more or less, "get real!"

5. Extra '&' in Microsoft development code gave hackers IE exploit: "The bug is simply a typo," said Michael Howard, a principal security program manager at Microsoft, to explain how an extra "&" in development code has enabled hackers to exploit Internet Explorer for weeks.

Page Break

6. IBM to buy BI software partner: IBM plans to buy SPSS, the analytics software specialist, for US$1.2 billion. The companies had announced just last month that IBM will embed SPSS technology into its business intelligence and performance management tools.

7. Intel rushed to create Atom chip, executive said: Intel was behind the competition in developing chips for mobile devices and so had to speed up its process, which led to development of the successful Atom chip, an Intel executive revealed.

8. iPhone SMS attack to be unleashed at Black Hat: iPhone hacker Charlie Miller showed at the Black Hat conference how to take over one of the smartphones using a series of malicious SMS (short messaging system) messages exploiting an unpatched bug. Although more work would have to be done for a hacker to do anything seriously bad using the flaw, such things seem always to just be a matter of time.

9. Facebook etiquette: 10 rules for better socializing: Although etiquette rules for social networking, e-mail and other aspects of Web life would seem to be, more or less, the same as the manners employed apart from cyberspace, those of us who have been assaulted on our Facebook pages by revelations regarding the type of deodorant a "friend" fancies have come to realize that some lessons are called for.

10. Microsoft details how to upgrade between Windows 7 SKUs: Microsoft's deal with Yahoo wasn't the only news from the software company this week. Microsoft also released details on how people can upgrade to a different version of Windows 7. Users can purchase a package with an upgrade key, which gives them the ability to trade up to the next version of the OS. Upgrading will cost $79.99, $89.99 or $139.99 depending on what version a user selects.