May 22, 2009, 9:29 PM — The mystery surrounding why fraudsters shelled out big bucks for old Nokia phones was solved this week. The answer, of course, involves illegal activities. Another puzzle possibly close to being solved involves Microsoft's new search engine, which supposedly debuts next week. In security news, Adobe Systems took a patch practice from Microsoft and Conficker isn't dead yet.
1. Adobe snaps to attention over security vulnerabilities: Adobe will use a quarterly security patch cycle to fix its flawed software. Hackers have lately targeted Adobe's Acrobat and Reader, which are used to create and read PDF (Portable Document Format) files. Adobe will issue its patches every three months on the second Tuesday, the same day that Microsoft releases its patches. This move was intentionally, Adobe said, and will allow IT staff to simultaneously test the updates before applying them to the PCs. Adobe sees the update cycles as permanent, saying that "no product is going to be completely free of vulnerabilities."
2. Investigators replicate Nokia 1100 online banking hack: Fraud investigators replicated an online banking scheme that involved using old Nokia 1100 mobile phones. Using software created by hackers, some of the phones can be reprogrammed to receive another person's phone number and text messages. Some banks send one-time passwords that are needed to complete Internet banking transactions. A compromised phone gives bad guys access to this sensitive information. This hack also requires a person's online banking log-in information, but security researchers claim key-logging programs can easily garner these details. Unsurprisingly, criminals were willing to pay exorbitant amounts, such as US$7,567, for a used 1100 phone.
3. Sprint will launch Palm Pre on June 6: Sprint starts selling Palm's new smartphone on June 6, the mobile carrier announced on Tuesday. The Pre will run webOS, Palm's new mobile OS, and come with a touchscreen display. Will it draw crowds like the iPhone?
4. Microsoft's Kumo search engine creates buzz: Internet rumors swirled on Tuesday that Microsoft will unveil its Kumo search engine next week. Microsoft has said very little about Kumo, beyond that it is internally testing a search engine using the Kumo.com URL. Screenshots of Kumo leaked to the Web in March led one analyst to believe that the search engine won't contain new technology, but will be tweaked to produce better search results. Microsoft is expected to incorporate semantic search abilities into a future engine. This technology, which attempts to understand the full context of phrases being searched for, was gained through an acquisition Microsoft made last June.
5. Angered by Apple delay, hacker posts Mac Java attack: A security researcher posted attack code that exploits a flaw in Apple's Mac OS X since the company has failed to patch its software. The code exploits a vulnerability in the Java software that comes with the OS. Sun Microsystems, Java's creator, fixed the problem in December, but Apple has yet to address the issue. The flaw allows unauthorized programs to run on a person's Mac. Apple said it is aware of the bug and working on a fix, but did not provide a date.
6. Intel goes after Windows 7 on netbooks with Linux: Intel looks to blunt the prevalence of Microsoft's Windows XP OS in netbooks by releasing Moblin, a Linux OS it designed for affordable laptops. Intel said comparing Windows to Moblin isn't accurate, but did mention that Moblin is optimized to work on netbooks, which are smaller and consume less power than laptops. Moblin is also designed to work well with Atom, the low-power chip that Intel designed which runs most netbooks.
7. Conficker still infecting 50,000 PCs per day: Swine flu may have replaced the Conficker worm as the malady du jour, but the worm is still infecting machines at a robust rate. Symantec researchers estimate that Conficker spreads to 50,000 computers every day, with systems in the U.S., Brazil and India being hit hardest. Researchers said the worm has infected millions of computers across the globe and created the largest botnet network.
8. Security budgets are falling, survey says: A survey of more than 200 information security executives showed that 32 percent face reduced IT security budgets. The same group also revealed that they are less likely to invest in new security technology than they were in 2007, the last time the survey was held. Deloitte, which conducted the poll, said respondents did not reveal the cause for the budget cutbacks, but we suggest the weak economy. Social-networking technology and regulatory concerns ranked as the two main security fears of the sample questioned.
9. Yahoo, Alibaba relationship frays under Bartz: The relationship between Yahoo and Alibaba Group, which runs Yahoo's China operations, has spoiled since Carol Bartz became CEO of the Internet search company, according to a source close to the situation. Bartz distanced herself from Alibaba since taking over Yahoo and avoided Alibaba on a trip to Asia. In March Bartz told Alibaba's CEO that she wanted Yahoo's Chinese brand back, leading the source to speculate that Yahoo, if put up for sale, is less valuable without its Chinese properties. Alibaba executives feel that Bartz has no interest in developing components beyond Yahoo's central operations, the source said.
10. Wall Street Beat: HP, Lenovo disappoint but IPOs rock: IT heavyweights Hewlett-Packard and Lenovo released their quarterly earnings this week. Their results were, well, less than encouraging with both vendors saying they face challenging sales markets for the remainder of the year. Two tech companies did have successful IPOs (initial public offerings), though, with both stocks pricing higher than expected.
