Pirates prefer Windows XP over Vista, says Microsoft

It's planning a PR campaign for early '09 to fight piracy as XP is retired

Software counterfeiters pass on Windows Vista and instead prefer to pirate Windows XP, a Microsoft Corp. attorney said today, outlining a practice that tracks with the leanings of many of the company's customers.

While explaining the "Global Anti-Piracy Day" educational and enforcement effort Microsoft launched today, Bonnie MacNaughton, a senior attorney with the company, acknowledged that pirates prefer Windows XP over Vista.

"Historically, counterfeiters tend to focus on the 'n-1' version of software," MacNaughton said. "Because of the more robust antipiracy and security features in Vista, most sophisticated piracy rings still continue to focus on XP. But that's changing over time."

That pirates have stuck with XP -- which retains the bulk of the Windows operating system's market share -- is "very consistent with what we've seen in counterfeiting in the past," said MacNaughton. "There's usually a lag of between one and two years [before they can] figure out how to replicate those antipiracy and security features."

Counterfeiters currently copy Office 2003 rather than the newer Office 2007 for the same reasons, she said.

MacNaughton also touted the day's announcements of new initiatives and lawsuit filings scheduled to take place in 49 countries, ranging from Argentina to the U.S. "As counterfeiters have gotten more sophisticated, we have realized that this is not a situation that we can address alone," she said. "And we want to stress [today] the collaboration with Microsoft's partners and customers, and governments."

In the U.S., Microsoft filed 20 new lawsuits in federal court against software resellers that, according to the company's allegations, either sold pirated copies of Microsoft Windows XP Professional and Office or installed the counterfeit software on new PCs. Nine of the lawsuits were filed in California; two each were filed in Ohio, Oregon and Texas; and others were filed in Connecticut, Florida, Louisiana, Minnesota and New York.

MacNaughton also said that Microsoft is planning on another antipiracy educational effort early next year to make sure that customers know Windows XP's lifespan is coming to an end. "We're expecting that counterfeiters will attempt to fill the void at XP's end of sales," she said.

Microsoft will halt Windows XP Professional sales to small mom-and-pop computer sellers after Jan. 31, 2009. Larger computer manufacturers, such as Dell Inc. and Hewlett-Packard Co., however, will be able to obtain XP media for "downgrades" from Vista Business and Vista Ultimate licenses through the end of July 2009. Microsoft only recently said that it would extend shipments of XP to OEMs; previously, it had said it would stop the practice in January.

According to MacNaughton, Microsoft will roll out a campaign in early 2009 that will remind people of XP's demise and warn them that copies they obtain after those end-of-sale dates could be counterfeit. "We're planning [a campaign] in January or February to make sure our customers know what our rules and policies are about Windows XP," she said, "to make sure they understand what may be illegitimate and what may be legitimate. We want to make sure that the XP they might be getting is genuine."

Data compiled in August by a Florida developer of Windows performance metrics software showed that more than one-third of all new PCs are still downgraded to Windows XP from Vista, either by the user after purchase or by the computer maker at the factory.

Sun is a software company, new top shareholder says

The investment company that announced Wednesday it has taken a 21 percent stake in Sun Microsystems believes the market doesn't get one important thing about the workstation and server vendor: It's a software company.

At least, that's what Staley Cates, president of Southeastern Asset Management, told investors last June, after his company acquired 10 percent of Sun's stock.

"Sun Microsystems is kind of interesting because it's progressively less of a server company and more of a software company; it's more about Solaris and Java," Cates said at a shareholder meeting for the Longleaf Partner Funds that his company manages. "And that's kind of a change that we don’t think the market's on to at all."

Although Sun still generates the vast majority of its revenue from server and workstation sales, CEO Jonathan Schwartz may now be paying special attention to Cates' message.

Southeastern has been increasing its stake in Sun this year, and on Wednesday it said it had changed its ownership status in the company in a way that allows it to take a more active hand in its management, according to a filing with the U.S. Securities and Exchange Commission. It also said it has been meeting with Sun's management to talk about ways to "maximize the value of the company."

"We welcome feedback from our shareholders and welcome their insight," a Sun spokeswoman said Wednesday. Neither Sun nor Southeastern Asset Management would elaborate on what was discussed at the meetings. Southeastern Asset Management, based in Memphis, Tennessee, does not focus exclusively on technology stocks, but it has also invested in Dell, Symantec and Level 3 Communications.

In recent years Sun has emphasized the strategic role software plays for the company, switching its stock symbol from SUNW to JAVA last year, and placing more marketing dollars in its Solaris operating system. "We are no longer simply a workstation company," Schwartz wrote in a blog post explaining the ticker symbol change.

Earlier this year Sun spent US$1 billion to pick up open-source database vendor MySQL; however, moves like the acquisition haven't helped Sun's stock price. It has plunged from nearly $25 per share a year ago to a close of $4.72 on Wednesday. Schwartz, who ascended to CEO from the ranks of Sun's software division, has said he sees the company as a "systems" vendor that sells both hardware and software.

Asked recently if Sun would consider selling the company's hardware business to focus exclusively on software, Schwartz said it made more sense to continue as a systems vendor, but he did appear open to this possibility. “We are always thinking about being more creative on behalf of our shareholders,” Schwartz told the New York Times. “We want to drive maximum value for them.”

Clues hint at Windows 7 debut in 2009

Microsoft says next month's annual WinHEC will be last before launch

Microsoft Corp. may release Windows 7 as early as next November, bloggers speculated today, pointing to postings on the company's own Web site and comments made by the CEO of Asustek Computer Inc., the company that makes the popular Eee PC line of netbooks.

According to Long Zheng, who writes the Istartedsomething.com blog, and Ed Bott, a well-known Windows blogger, clues point to a 2009 release of Windows 7, the successor to Windows Vista.

Long noted that Microsoft's site for its upcoming Windows Hardware Engineering Conference (WinHEC), which opens Nov. 5 in Los Angeles, warns developers that this year's event will be the last before Windows 7's launch. "Be one of the first to see what's new in Windows 7 and be among a select few to receive a prebeta build of Windows 7," the Microsoft site reads. "WinHEC is the only chance for you to engage with the team at this level -- there is not another WinHEC planned before Windows 7 is released."

WinHEC has been an annual affair since 1991 and has typically been held in April or May. Microsoft delayed the conference this year, however, pushing it back from that usual window to November.

Microsoft has not set a ship date for Windows 7, although executives have said their goal is to launch the operating system three years after the debut of Vista, which was released to businesses in November 2006 and to consumers and PC makers in January 2007. Analysts have typically interpreted Microsoft's broad timetable to mean that Windows 7 will ship in the second half of 2009 or in early 2010.

If Microsoft didn't unveil Windows 7 until 2010, that would mean it would be skipping a WinHEC event during 2009, a first.

Bott also pointed to a story in Laptop magazine that quoted Jerry Shen, the CEO of Asustek, also known as Asus, who said his company would move from Windows XP straight to Windows 7 as a choice for the Eee PC netbook line. Shen pegged Windows 7's release date as the second half of next year.

"We don't plan on putting Vista on any of the Eee PCs," Shen told the publication. "I think in the future, in the second half of next year, we will put Windows 7 on Eee PCs."

Mike Elgan has also said that Asus plans to unveil touch-screen laptops early in 2009 that would take advantage of Windows 7's support for a multi-touch user interface when the operating system is released.

Last month, after Microsoft announced that it would hand out alpha versions of Windows 7 at both WinHEC and its Professional Developers Conference (PDC), scheduled for next week, Michael Cherry, an analyst at Directions on Microsoft, said that it was a good, though not sure, bet that the company is on track for a late 2009 or early 2010 launch. "We now know they're making progress," Cherry said then. "They at least have something they're confident enough in to share. But the next question is, how far along is it? And we won't know that until people load it up."

At the time, he also noted that although Microsoft slates PDC based on software releases -- which means the events aren't on a set schedule -- WinHEC is an annual affair.

Wall Street's collapse may be computer science's gain

The collapse of Wall Street may help make computer science and IT careers attractive to students who abandoned these fields in droves after the pop of the last big bubble, the dot-com bust of 2001.

William Dally, chairman of the computer science department at Stanford University, said that for the last several years, he has watched some students interested in technology go into banking and finance because those fields could be more lucrative.

"Many thought they could make more money in hedge funds," Dally said. He said students are returning to computer science because they like the field and not because it can necessarily make them rich.

John Gallaugher, associate professor of information systems in the Carroll School of Management at Boston College, said he's already seeing a shift in student interest.

"Students have commented to me and written on their course wikis that they're considering changing from finance [majors], both based on the appeal of IS and concern over availability of finance jobs" in the future, Gallaugher said.

After the dot-com bust, computer science enrollments began declining, reaching a low of 8,021 last year from 14,185 in 2003-2004, according to the Computing Research Association (CRA) in Washington, which tracks year-over-year enrollment and graduate trends at 170 Ph.D.-granting institutions.

"Current economic conditions seem to impact the choice that students make in the majors they choose -- that has been true for computer science," said Jay Vegso, a CRA analyst who studies computer science enrollment trends. "Students who are now choosing majors might be looking for safer alternatives," he said, and IT may be a safer alternative.

The dot-com era was a wonderful time to be young, computer-savvy and in search of stock-option riches. Wall Street poured billions of dollars into hundreds of companies that were making little or no money. For instance, Webvan Group Inc., a grocery delivery firm in Foster City, Calif., that was founded in 1997, had so much money that it bought a rival, HomeGrocer, in 2000 for $1.2 billion in stock. Webvan ended in Chapter 11 bankruptcy in 2001.

If the dot-com meltdown wasn't enough, offshore outsourcing also scared away students from technology. In 2004, Carly Fiorina, then CEO of Hewlett-Packard Co., summed up the offshore trend this way: "There is no job that is America's God-given right anymore." Fiorina is now an adviser to Republican Sen. John McCain in his bid for the White House.

Today, companies are suffering from a shortage of technology professionals and baby boomer retirements will only add to the problem.

"The pipeline is inadequate for IT professionals," said Jerry Luftman, who is involved in academics and business as associate dean at the Stevens Institute of Technology's Howe School of Technology Management in Hoboken, N.J., and vice president for academic affairs at the Society for Information Management in Chicago.

The big difference between today and the heyday period of the late 1990s is the type of student that businesses need, Luftman said. Technical skills are still important, but businesses also want to hire students with management and industry training, strong communications abilities, marketing and negotiation skills, he said.

According to the U.S. Bureau of Labor Statistics, IT jobs are among the fastest growing. On the top of the bureau's list of fast-growing career areas is network systems and data communications analysts, which it is forecasting will grow from 262,000 jobs in 2006 to 402,000 jobs by 2008, a 53% increase. Computer software engineers, applications, is expected to increase from 507,000 to 733,000 or 45%; while computer scientists and database administrators will rise from 542,000 to 742,000, a 37% increase.

Randal Bryant, dean of the School of Computer Science at Carnegie Mellon University in Pittsburgh, said his school saw student applications drop to a low of 1,700 from a peak of 3,200 in 2001 at the end of the dot-com boom.

But the situation has been turning around in the past few years, with 2,300 applications coming in last year, he said.

Bryant said he expects that the troubles on Wall Street will likely influence some students to switch majors in the coming months from business to other fields, including computer science. He also urges caution to those students.

"I like to tell students that if you make your career choice that quickly based on what is hottest this month, you're going to be graduating in four years and that field may not be hot anymore," Bryant said. "I tell them to major in something they like and not what's a likely short-term fluctuation in the job market."

"Our peak at the dot-com [period] included people in computer science who had no particular aptitude in it, but they thought they'd get rich," he said.

Microsoft unveils new Visual Studio version

Microsoft Corp. today unveiled the next version of its Visual Studio integrated development environment (IDE) and detailed new features of its Visual Studio Team System (VSTS).

Microsoft did not disclose a release date for the updated tool set, called Visual Studio 2010. However, the company did outline the major themes of the new release and described several new application life-cycle management (ALM) tools that will be part of VSTS 2010, which is code-named "Rosario."

The new version of the developer tool set updates Visual Studio 2008, which was made generally available in January of this year. Microsoft released the first service pack for Visual Studio 2008 last month.

Microsoft said it built Visual Studio 2010 to incorporate what the company called its five major themes -- democratized ALM, riding the next platform wave, delighting developers, breakthrough departmental apps and enabling emerging trends.

As part of the ALM focus for VSTS, Microsoft said it plans to break down the walls that now exist between different developer roles in the development life cycle, such as architects, developers and testers.

Dave Mendlen, Microsoft's director of developer marketing, said VSTS 2010 will also allow teams to configure and adopt any flavor of the Agile development process. In addition, the software is aimed at allowing both technical and nontechnical users to create and use models to work together and graphically define software functionality, the company added.

For example, Mendlen added, the new version of VSTS expands on the notion of a continuous build, which was first introduced in VS 2008 to reduce the chances that developers will "break the build" by checking in bad code. The new tool set has incorporated workflow into the continuous build effort so that an organization can customize development processes, added Cameron Skinner, product manager of VSTS.

For example, he said, a company can create diagrams that show source code that has been inspected against defined restraints, or rules a company sets up to determine if developers are following sound architectural principles. "If a rule is violated … that information is surfaced to you and you can act on it," Skinner said. "We're trying to take the architectural diagrams and get them living and breathing throughout the entire life cycle for the team."

Another new tool, called Architectural Explorer, allows architects to build a graphical model that shows relationships and dependencies of code. This type of model can more easily show developers why certain restrictions are in place and how changes they make may affect other aspects of development, Mendlen said. The new version will support both the Unified Modeling Language and Domain Specific Language.

VSTS 2010 also includes a significant focus on testing. For example, there are new features to eliminate bugs that can't be reproduced and features to ensure that all code changes are tested properly, Microsoft said.

The new version also includes a tool to help developers understand the impact of test cases related to the source code being modified. As a developer makes changes, a window appears that shows the tests that would be impacted by those changes.

Developers and testers often have an adversarial relationship because a tester will find a bug and throw it back to a developer who has to stop work, revert back to that version of the code and try to reproduce what the tester has found. Because it can be difficult for a developer to reproduce that bug, they sometimes dismiss its existence, Mendlen said. The new tool set will include what Microsoft calls "TiVo for debugging," or a way for a developer to see what Microsoft describes as a video of the tester discovering the bug.

"We're actually capturing what is happening during the test process -- the entire state of the machine," Mendlen added. "The developer can watch the video and ... running this tool will emulate the experience of debugging."

A debugging log will put the IDE into a debugging state as if the developer is running the application itself, but the developer actually will only be replaying the debugging log, he noted.

Microsoft also announced today that VSTS 2010 will combine the current development and database editions in VSTS 2008 into a unified VSTS Development and Database product.

Existing Microsoft software assurance customers who currently own Visual Studio Team System 2008 Development Edition or Visual Studio Team System 2008 Database Edition will receive several products starting Oct. 1. The tools, distributed without charge, include the following:

• Visual Studio Team System 2008 Development Edition
• Visual Studio Team System 2008 Database Edition
• Visual Studio 2005 Team System for Software Developers
• Visual Studio 2005 Team System for Database Professionals

Microsoft, Washington state to sue 'scareware' pushers

Microsoft and Washington state are cracking down on scammers who bombard computer users with fake warning messages in the hope of selling them useless software.

On Monday, the state's attorney general and lawyers from Microsoft's Internet Safety Enforcement team will announce several lawsuits against so-called "scareware" vendors, who are being charged under Washington's Computer Spyware Act.

The vendors targeted by the lawsuits are not being named until Monday, but the attorney general's office referred to them in a media alert sent out Friday as "aggressive marketers of scareware -- useless computer programs that bilk consumers by using pop-up ads to warn about nonexistent, yet urgent-sounding computer flaws."

This is not the first time Microsoft and Washington's attorney general have teamed up to fight scareware. In 2005, they jointly sued Secure Computer, a security software company they accused of using fake error messages to scare users into buying its Spyware Cleaner software. Secure Computer eventually paid $1 million to settle the charges.

Washington's attorney general has also brought lawsuits against companies such as Securelink Networks and High Falls Media, as well as the makers of a product called QuickShield, all of which were accused of marketing their products using deceptive techniques such as fake alert messages.

Fake alert messages can be effective. Earlier this week, researchers at North Carolina State University reported that computer users are highly likely to click on fake Windows error messages. In their study, nearly two-thirds of respondents clicked "OK" when presented with a phony Windows pop-up message.

The use of these fake messages is a growing problem on the Internet, said Katherine Tassi, Washington's assistant attorney general, in an interview earlier this week. Scammers are "getting more and more creative, and putting more and more effort into making them look like security messages," she said.

The most prevalent scareware program in circulation today is software called Antivirus XP 2008, according to Alex Eckelberry, president of Sunbelt Software. Often installed on a PC without proper notification, the software bombards victims with fake security warnings, trying to convince them to buy worthless programs that sometimes even harm their PCs

Federal grand jury meets on Palin hacking case

As a federal grand jury convened to hear testimony about the hack of Alaska Gov. Sarah Palin's e-mail account, the lawyer representing the college student suspected of accessing Palin's messages called his client "a decent and intelligent young man" in a statement issued to the media today.

"The Kernell family wants to do the right thing, and they want what is best for their son," said Wade Davies, a partner in the Knoxville, Tenn., firm of Ritchie, Dillard & Davies PC, in the statement. "We are confident that the truth will emerge as we go through the process. David is a decent and intelligent young man, and I look forward to assisting him during this difficult period."

Meanwhile, a Chattanooga, Tenn., newspaper reported today that a grand jury had convened at the federal court there, but had not filed any indictments.

The Chattanooga Times Free Press said the grand jury met this morning, when the three roommates of David Kernell, 20, of Knoxville, appeared. The session ended without an indictment, said the paper, whose Web site was offline as of 3 p.m. Eastern time.

Kernell, a student at the University of Tennessee-Knoxville, was originally linked to last week's hack of Palin's Yahoo Mail account by self-appointed sleuths on blogs and message boards after someone identified only as "Rubico" posted a message claiming to have accessed Palin's mail. Others subsequently connected the Rubico handle to the e-mail address "rubico10@yahoo.com," which was in turn linked to Kernell.

Yesterday, the webmaster of a Georgia-based proxy service confirmed that his server logs showed the intruder used an IP address belonging to an Illinois Internet service provider that serves the Knoxville apartment complex where Kernell lives.

Early Sunday, FBI agents searched Kernell's apartment and served his roommates with subpoenas to appear at the Chattanooga grand jury.

Kernell is the son of Mike Kernell, a longtime Democratic state representative from Memphis.

Amazon's developer cloud service stumbles

Amazon.com Inc.'s hosted Simple Queue Service (SQS) has encountered performance problems this month that have prompted users to question its overall stability and its viability for commercial applications.

The latest incident occurred on Monday, when SQS experienced increased error rates for about 35 minutes after an overloaded router triggered increased packet loss, according to Amazon's Service Health Dashboard for its Amazon Web Services cloud computing offerings.

Between Sept. 9 and 11, increased error rates also rocked SQS, and although Amazon restored the service's stability, the company didn't fully diagnose and fix the problem until Sept. 18.

"The specific change we rolled out is in the way we handle garbage collection in the back-end message nodes. With the removal of this root cause, the Amazon SQS issues of Sept. 9 to 11 have been addressed," Amazon wrote in the service dashboard on Sept. 19, referring to a system upgrade it had performed the day before.

In addition, SQS spit out an assortment of errors over several days in late August and early September, a situation that Amazon resolved on Sept. 4, according to postings from SQS users and Amazon representatives in this thread in the service's official discussion forum.

Since last week, some SQS users have been sounding off on another thread titled "SQS is way too unreliable, what's going on?"

"This is nowhere near the kind of reliability I need from a service that I'm using as part of a production app. Can we get some sort of statement on what's going on? Without some kind of assurance that this will be resolved very soon, I can't continue to use it," an SQS user identified as Paul Dowman wrote last week.

Amazon didn't immediately respond to a request for comment.

Amazon's S3 cloud-based storage service reported outages earlier this year, in February and again in July.

SQS is one of the hosted services that Amazon.com provides to developers via its Amazon Web Services (AWS) suite of generic computing, payment, billing, fulfillment and Web-search services. SQS is a hosted queue for storing messages that are in transit between computers. Developers can use it to move data among distributed components of their applications, according to the company.

AWS is part of a popular trend toward cloud-computing offerings in which vendors provide applications and IT infrastructure services via the Internet from their own data centers.

Cloud-based services and software offer customers an alternative to installing hardware and software on their own premises. In theory, following this cloud model can reduce hardware provisioning costs for clients and free them from maintenance responsibilities.

However, a major objection to cloud computing is the performance and availability of the services. If something fails in the vendor's data center, there is little for customers to do but sit and wait for a solution while fielding end-user complaints.

Microsoft leads effort to solve photo metadata problem

Have you ever been vexed to find that the titles, keywords or ratings you painstakingly entered to organize your digital photo collection disappear when you move them from one software (or service) to another?

Or were you puzzled when the data created when you originally took the photo, such as the exposure, date/time or GPS location end up garbled or missing?

That's not surprising, according to Josh Weisberg, director of Microsoft Corp.'s rich media group. Despite prior standardization efforts, interoperability of photo metadata remains dismal.

"There are several existing standards, but they aren't talking to each other," he said.

Those efforts have failed, he said, because they have been led by vendors in one link of the digital photography chain -- camera manufacturers, or photo software makers -- that didn't consider the needs of other parties.

As a result, there are six different standards for storing something seemingly as simple as photo captions, he said.

Microsoft is leading an effort to fix this by creating a single specification that will, it is hoped, eventually unify all of the existing standards out there.

Announced today at the Photokina trade show in Cologne, Germany, the Metadata Working Group has six corporate members, all leading players in their respective areas of imaging, including Adobe Systems Inc., Apple Inc., Canon Inc., Sony Corp., Nokia and Microsoft.

So far, the group, led by Weisberg, has put out guidelines on how to treat eight key metadata fields. The guidelines are aimed at makers of cameras and cameraphones, software vendors, and Web services and search engines such as Flickr and Google.

They include fields for keywords, descriptions, date and time, location (with different fields for where the photographer was and where the subject was), orientation (i.e. is the photo meant to be displayed vertically or horizontally), rating, copyright and creator.

The guidelines also ask device and software makers to ensure that no metadata is ever deleted without explicitly asking the user, Weisberg said.

The specifications do not create new standards, but build on top of existing ones such as Adobe's XMP (Extensible Metadata Platform) or Exif (Exchangeable Image File).

In other areas, such as office documents, the trend is to use human-readable XML formats such as Office Open XML (OOXML) and OpenDocument Format (ODF), and not to store metadata in hard-coded fields but to embed it -- albeit invisibly -- along with the text or data.

Why not similarly embed these data fields in free-flowing XML and require software and services and search engines to figure out how to pull it out?

While that may work for "ad hoc" data such as captions or tags, Weisberg said that approach isn't up to snuff for highly technical, mathematical data such as GPS coordinates, altitude readings or compass headings. It would create more work for developers, who "would need to write a bunch of code to interpret that data," he said.

Standardizing the metadata doesn't mean that photographers will need to use all of the fields. Photographers may want to omit geographical tags, especially of children's photos, for privacy reasons.

There are no fees or royalties for vendors that want to ensure their products adhere to the specification, Weisberg said. Adhering to the standard is voluntary for any vendor, he explained, noting that attempting to force vendors to cooperate, even if it would be good for consumers, would likely trigger antitrust concerns.

But "there's no licensing cost and not a dramatic amount of engineering work. What's the downside of supporting it?" he asked, although he admitted that it will likely be several years before products supporting the guidelines begin to appear.

There's other work to be done. Only eight fields have been standardized. The Metadata Working Group could eventually rule on hundreds of them.

These guidelines today only apply to digital photos in the JPEG, TIFF and Adobe Photoshop PSD file formats. They do not yet apply to Raw, the format of choice for pro photographers, and, increasingly, advanced amateur photographers. The problem there, Weisberg said, is that there are multiple Raw formats, rather than a single industry one.

The group would like to someday take its specification to a standards body, such as ISO, but it has no timetable for doing so, he said.

Also, some key players haven't joined the Metadata Working Group. Both Yahoo Inc., which owns Flickr, and Google Inc. were invited, but they declined to join, Weisberg said.

Mozilla reacts to rivals with plans to beef up Firefox 3.1

Mozilla Corp. will try to squeeze more into Firefox 3.1, in part as a reaction to rival browsers from Microsoft and Google, the company's chief engineer said today.

"Looking at where we are and the competitive browser landscape, we felt we would be doing a better job if we had another four to five weeks," said Mike Shaver, Mozilla's interim vice president of engineering.

Shaver wasn't sure what impact, if any, the additional work would have on Firefox 3.1's final release date, which Mozilla had targeted as late 2008 or early 2009. "It's too early to know what affect it will have," he said. "But that [late 2008/early 2009 time frame] is still what we're looking at."

In a lengthy post to the Mozilla.dev.planning message forum last week, Shaver spelled out what Mozilla hopes to do. There, he listed several features that would benefit from "one more 'feature cycle' " of development, including TraceMonkey, the browser's revamped JavaScript engine, and a privacy mode that was only recently slated for Firefox 3.1.

In an interview today, Shaver said the move was in part due to faster-than-expected progress on some features, such as extending TraceMonkey's capabilities into other areas of the Firefox code. "We saw we could apply those [TraceMonkey] techniques to performance in other areas, like [Document Object Model]. We think if we could bang on this a little longer, we would get more out of this," he said.

The desire to push TraceMonkey development wasn't a reaction to Chrome, the beta browser Google Inc. released two weeks ago. "That's not a reactive thing, it's just the next logical step," Shaver said, noting that Mozilla started work on TraceMonkey more than two months before Google announced Chrome.

But Shaver acknowledged that some of the extra work Mozilla would like to put into Firefox 3.1 is being prompted by competitive pressure. "We're not blind to the competitive landscape," he said. "We're watching other browsers as much as they're watching us."

He cited Mozilla's plans for a Firefox privacy mode as an example. Both Microsoft Corp.'s Internet Explorer 8, currently in beta, and Google's Chrome have tools that limit or eliminate what those browsers record during their travels.

"There's a difference between when just one browser has a feature and when it's in several," said Shaver. "There are user expectations."

Among the features of a Firefox privacy mode that Shaver would like to squeeze into 3.1 is one that would let users wipe surfing traces retroactively. "It would be nice if you could pretend these last two hours didn't happen," he said.

Other changes that may land in Firefox 3.1 between its first and second betas, said Shaver, include improvements to the location bar -- which Mozilla dubs the "Awesome Bar" -- and detachable tabs, a feature Chrome also sports that lets users drag tabs from a browser to the desktop to open a new window.

"In some ways, we get a free move" with the opportunity to look at rivals like IE8 and Chrome, study how they implement a feature and watch the reactions from users, said Shaver.

Currently in Alpha 2, Firefox 3.1 is scheduled to go "code freeze" at the end of this month, with a tentative ship in four weeks or so, said Shaver. "We're in good shape for mid-October to the third week," he said today.

Firefox 3.1 can be downloaded in its present form from Mozilla's site in versions for Windows, Mac OS X and Linux.

Microsoft issues wrong update for Exchange 2007

Microsoft Corp. last week confirmed that it inadvertently released a pre-release version of an Exchange Server 2007 update that could push servers into an endless series of crashes.

The Update Rollup 4 for Exchange Server 2007 released to users via Microsoft Update and Windows Server Update Services (WSUS), Microsoft's two most popular update mechanisms, was a preliminary version, the company acknowledged.

"For a brief period of time on 9/9, a pre-release version of Update Rollup 4 for Exchange Server 2007 Service Pack 1 was inadvertently made available to Microsoft Update, the Microsoft Update Catalog and WSUS servers for download," an unidentified Microsoft employee said in a post to the official Exchange blog.

Once Microsoft discovered its error, it pulled Update Rollup 4 -- a collection of previously disclosed bug fixes -- from the update services but warned those who had already installed it that it could cause problems. "An issue exists with this pre-release version of the Rollup 4 with regard to the Exchange Web Service (EWS) that creates the potential for a continuous crashing cycle," the blog post continued.

Some users reported that they were unable to back up their Exchange servers after installing the rollup during its window of availability, while others had more dire stories to tell. "It bricked one of my 'just about to go live' servers (services wouldn't start, can't uninstall). Spent today building another one," said Alex Britton, in a message posted to the Exchange support forum. "Serves me right for not disabling the recommended auto-update auto install."

Microsoft recommended that users who had installed Update Rollup 4 uninstall it and then install the previous incarnation, Update Rollup 3.

That wasn't always easy, however, as a Microsoft Exchange engineer acknowledged in a comment added to the blog post. "I want to point out that there is an uninstall case that we just uncovered that people may hit," said Scott Roberts, a member of the Exchange team. After uninstalling Update Rollup 4, Roberts said, EWS is unable to read a configuration file; administrators must open the configuration file and manually edit it to replace instances of an incorrect path name.

Later in the comment thread, however, Roberts told a user to simply install Update Rollup 3 atop the faulty Version 4.

Microsoft did not provide a timetable for issuing a working edition of Update Rollup 4, although Roberts said that from this point forward, such updates would be released on the second and fourth Tuesdays of the month. Next Tuesday, Sept. 23, is the fourth Tuesday of this month.

The whole episode left a bad taste in some users' mouths. "I am sorry but this is absolutely unacceptable," said a user identified as "Andy" in the first comment added to the Exchange blog post. "If a pre-release patch can get into Microsoft Update, you leave me no choice but to disable Automatic Updates."

"We apologize for any inconvenience and are working to make sure this does not happen again," Microsoft said in the Exchange blog.

This isn't the first snafu in Microsoft's update services. In June and July, the company had to fix two bugs in other patching mechanisms, including WSUS and the higher-end System Center Configuration Manager 2007, that had kept administrators from pushing patches to end users' PCs.

Minding online store a case of 'Not my job' for eBay, legal foes

Last month, a federal judge ruled that eBay Inc. had fulfilled its obligations to investigate and control users who were trying to use its Web site to sell counterfeit Tiffany goods — a decision that put the onus on Tiffany & Co. to monitor eBay's site itself.

The ruling by U.S. District Judge Richard Sullivan was a major victory for eBay in its fight with Tiffany and other luxury goods companies over the sale of their merchandise — counterfeit or otherwise — on its auction site. If the ruling stands, it could have big implications for trademark owners, which would have to deploy technology to scour eBay's site for counterfeit and pirated goods, have employees manually monitor the site or pay other companies to watch it for them.

But similar lawsuits filed against eBay in French and German courts haven't turned out in eBay's favor, resulting in a split decision internationally — and the possibility that in the end, eBay might have to bite the bullet and increase its own enforcement efforts.

On June 30, two weeks before Sullivan sided with eBay, the French Tribunal de Commerce in Paris ordered eBay to pay a group of companies a total of $61 million because it failed to stop counterfeit perfumes and other products from being sold through its site. That followed a similar, though much smaller, judgment against eBay by another French court in early June.

And last year, a court in Cologne, Germany, ruled that once eBay's subsidiaries in that country were notified that fake Rolex watches were being sold on the eBay Germany site, the company should have taken measures to prevent the recurrence of counterfeit Rolex postings.

The financial stakes are high on both sides of the legal dispute. Tiffany, which last week filed an appeal of Sullivan's ruling in the U.S. Court of Appeals in New York, said that in the five years before the lawsuit was filed in 2004, it spent $14 million on technology and manpower to police its trademarks on eBay's site.

But between $3 million and $5 million of Tiffany's spending was on the lawsuit itself, and Sullivan described the New York-based company's overall monitoring tab as "relatively modest" in his ruling.

Meanwhile, eBay, which is appealing the European court decisions, said it spends $20 million annually to identify counterfeit goods on its site. That figure would likely increase substantially if eBay were forced to take on more responsibility for rooting out sales of fake products. And the company probably would have to change the way it handles counterfeiting across the board, not just in those two countries.

"EBay operates on one technology platform, and to the extent that eBay has to change its business model in other countries — it would change it everywhere," said Heather McDonald, an attorney at law firm Baker & Hostetler LLP in Cleveland.

McDonald, who specializes in intellectual property enforcement and anticounterfeiting litigation, added that if eBay didn't do so, trademark owners in the U.S. could argue that the company was offering more protections to foreign businesses than it was to them.

"If we have to change our business in relation to [the Tribunal de Commerce's] ruling, it will be a massive undertaking," eBay spokeswoman Nichola Sharpe acknowledged. "We don't view it as just affecting eBay France, but affecting all eBay sites globally."

McDonald and other legal experts said the different rulings weren't surprising, because European courts typically take a stricter stance against trademark infringement and the sale of counterfeit goods than their U.S. counterparts do.

On the other hand, eBay said the ruling in the U.S. case confirms what it has maintained all along: that its efforts to stop counterfeit sales have been reasonable. According to Sharpe, eBay removed 2.2 million potentially counterfeit listings worldwide last year alone. It also suspended about 50,000 sellers who were found to be offering fake goods and took steps to make it harder to post such items, she said.

One of the ways that eBay tries to stop the sale of counterfeit goods is through its Verified Rights Owner Program, or VeRO, which provides software tools to help companies look for fake goods on its site. More than 18,000 businesses take part in VeRO, eBay said; if a company determines that a seller is peddling counterfeit merchandise, it notifies eBay, which immediately takes down the auction.

McDonald said businesses that want to invest in a technical solution to the monitoring problem can write algorithms that automatically scan eBay for listings with their brand names, then dump the information into spreadsheets so workers can determine whether the products are counterfeit.

Ethan Horwitz, an intellectual property attorney at King & Spalding LLP in Atlanta, said trademark owners also can buy packaged software from vendors such as MarkMonitor Inc. and OpSec Security Group PLC that combs the Web and finds uses of their brand names. Or, they can hire services firms to do the online sleuthing for them, he said.

Over a period of about 18 months, the Software & Information Industry Association spent hundreds of thousands of dollars to develop a tool to help it check for counterfeit or pirated software on eBay's site — money that the SIIA said should have come out of eBay's pockets.

Tiffany says eBay can't ignore fake goods on its site

In its appeal of U.S. District Judge Richard Sullivan's ruling in favor of eBay, Tiffany argues that trademark law doesn't allow online auction sites to turn a blind eye to the problem of counterfeit goods.

James Spire, a partner at Washington law firm Arnold & Porter LLP who is representing Tiffany in the case, said that prior court decisions have held that flea market operators and store owners have "a duty to investigate and take action" if they know of a problem with counterfeiting. "In neither instance is there any obligation on the trademark owner to investigate what is happening on-site," he added.

But Tiffany is fighting an uphill battle on the appeal, according to Ethan Horwitz, an intellectual property attorney at law firm King & Spalding. Horwitz said Sullivan's ruling was a "well-reasoned decision" with a solid legal basis for its finding that Tiffany had done "very little, if anything," to protect its trademarks.

Eric Goldman, an assistant professor and director of the High Tech Law Institute at the Santa Clara University School of Law, agreed that the ruling was "almost uniformly thoughtful, thorough and well researched. It looks like the judge intentionally wrote it to be as appealproof as possible."

But Goldman added that if Tiffany does lose on appeal, he wouldn't be surprised to see the battle move to Congress.

In a statement, eBay said Tiffany's appeal "doesn't do anything to combat counterfeiting." The best way to stop the sale of fake goods, it added, is "ongoing collaboration between companies, government agencies and law enforcement."

The SIIA last month threatened to sue eBay over the issue. Like Tiffany, the trade group contended that eBay is making money from the sale of counterfeit and pirated goods and thus should bear the financial burden of stopping such sales.

"At some point, the trademark and copyright owner has done as much as possible," said Keith Kupferschmid, the SIIA's vice president of intellectual property policy and enforcement. "There's so much piracy on the site that eBay really needs to do something [more] about it."

But the ruling in the U.S. case instead reinforced the position that trademark owners have to bear most of the expense of monitoring third-party Web sites.

"[Tiffany] complained, and the court basically said, 'Tough,'" said Eric Goldman, assistant professor and director of the High Tech Law Institute at the Santa Clara University School of Law.

Sullivan's position is that eBay has to be the enforcer but not the detective, noted Horwitz. That puts the burden on trademark owners to do their own investigating of items listed on the eBay site, he said.

At least in the U.S. And at least for now — until the appeals process decides who really should be minding the online auction store.

Google solves Gmail outage, but questions remain

Late Friday night, Google Inc. resolved the third Gmail outage of the past two weeks, but questions remain about the stability of the webmail service, which is affecting the Google Apps hosted software suite.

Like the previous two outages, the latest one occurred as a log-in error that locked users out of their accounts. This time, some users were prevented from accessing their accounts for more than 24 hours.

All three outages affected not only individual Gmail users, but also people who use it as part of the Google Apps suite of collaboration and communication applications.

Google acknowledged the Gmail problem Friday and said it affected "a small subset" of the service's users. The company didn't immediately comment about what is causing the recurring log-in problem, nor did it provide a more specific figure for the amount of Gmail users affected.

The long outage was painful for several Google Apps users contacted via e-mail.

Denmark's chapter of Fair Allocation of Infotech Resources (FAIR), an international nonprofit group, just started using Google Apps. When the outage hit, system developer Benjamin Bach was showing the suite to his colleagues ahead of the planned launch of FAIR Denmark's Web site this week.

The outage lasted more than 24 hours. "Seeing such a long outage during the very first few days makes us wonder if a free solution provided by Google is actually 'pro' enough for us. We cannot correspond with schools in Africa or partners in Denmark and afford being out of mail for a whole day," Bach said.

FAIR, based in Norway, is devoted to supplying computer products to developing countries. The Denmark chapter is just getting off the ground and expects to grow its Apps user base from four people to as many as 20.

Google Apps comes in several versions, including Basic and Education, which are free, and Premier, which costs $50 per user per year and includes additional functionality, a 99.9% uptime guarantee for Gmail and phone-based technical support.

"I can give them a lot of credit for providing a free service, but they lose some of that when saying, 'Your e-mail is totally inaccessible, and we're not going to tell you why or for how long.' It's arrogant. I'm a system administrator, so I deserve to know a little more," Bach said.

Indeed, Google seemed slow to address this latest outage. The first reports started appearing in the official Apps and Gmail discussion forums on Thursday afternoon Eastern time. However, Google didn't acknowledge the problem in the forums until almost 5 p.m. on Friday, more than 24 hours after the first reports appeared. Google declared the problem solved shortly after 10 p.m. on Friday.

Also without Gmail for more than 24 hours was Howard Feldstein, chairman of the Mexico chapter of Democrats Abroad, the official U.S. Democratic Party organization for American expatriates. "We're quite busy leading up to the convention. I have relied on Gmail not only for e-mail but for my primary contact list and was totally isolated for more than a day," he said.

Abhishek Parolkar, an IT consultant in Bangalore, India, also lost access to his Google Apps and Gmail accounts for more than 24 hours, which disrupted important billing messages from clients.

Sadie Upchurch, president of Glinting Communications, a public relations firm near Atlanta, was affected for about 15 hours. "I was on client deadlines and had to work around for reroutes and resends of e-mails from those clients," she said.

"I do remind myself that I'm not paying for the service and that there's a level of patience and adequate backup you've got to have when you're getting something for free," she added.

Still, it's common for organizations to try out Google Apps via its free Basic version before considering a move to the fee-based Premier edition, so a wobbly e-mail component is unlikely to entice anyone to upgrade. Google serves all of its Gmail users, from individuals to Google Apps Premier account holders, from the same infrastructure, so Gmail outages hit all types of users indiscriminately.

The suite, even its free version, is geared toward workplace use and designed for employee collaboration, which is why it contains calendar, word processing, spreadsheet, presentation and Web site creation applications.

For that reason, it's unlikely that Google would consider several lengthy Gmail outages in a span of two weeks as the norm for Apps. After all, Google has aspirations that Apps will grow its very small presence among large enterprises, which demand high performance and availability levels from their software. Apps is currently used mostly by small organizations.

Microsoft faces Taiwan antitrust investigation

Taiwan's Fair Trade Commission has launched an investigation into whether Microsoft Corp. holds a monopoly position over the island's software market and whether it abuses such a position, an official said today.

The government investigation into Microsoft will also look into complaints that Microsoft is limiting consumer choices by restricting the availability of Windows XP on new PCs and whether pricing of Microsoft products is fair to consumers on the island.

Taiwan's investigation is unique in that no other region where Microsoft has previously faced regulatory issues, including the U.S., Europe and South Korea, is currently looking at the company for the same reason.

"Taiwan doesn't have its own [OS] software," said an official from the Fair Trade Commission. "Most people in Taiwan use Microsoft software and depend on it for work. Their market share should be very high," she said.

Should the world's largest software maker be found to have broken Taiwanese antitrust laws, the company could face a fine of up to $797,361 and could be forced to change some of its business practices on the island.

"We fully intend to comply with the process and make sure they get all the information they need," said Matt Pilla, Microsoft's director of public relations in Asia.

Taiwan's investigation was launched in part due to urging by Taiwan's nonprofit Consumers' Foundation.

The group last month called on Microsoft to continue selling Windows XP as an option on all new PCs, saying that discontinuing sales of the operating system would violate Taiwanese antitrust laws. The Consumers' Foundation alleges that Microsoft is using its market position to try to force people in Taiwan to switch to Windows Vista.

The foundation conducted a survey on the island that found 67% of consumers are opposed to Microsoft's decision to stop selling XP at the end of June.

The main complaint is over a lack of choice when people buy new computers. Around 56% of survey respondents who had bought a new computer recently were told they could not buy Windows XP and instead were forced to purchase Vista, the foundation said.

The foundation said Microsoft controls 98% of Taiwan's operating system market share, with 75% of survey respondents using Windows XP on their PCs and 23% using Vista.

A majority of respondents to the survey, more than 53%, said they did not think Vista is as useful as XP, while 23% said Vista is the better operating system.

Pilla pointed out that Microsoft has extended XP's life beyond traditional norms for the company, including allowing it to be sold on certain systems meant for businesses until June 30, 2009, and on ultralow cost PCs through June 30, 2010.

Extending the life of an older product isn't easy, he said. By extending the dates of usage, Microsoft also has to extend the time it will support Windows XP, which now stands at April 2014.

Long after it will cease being sold, the product will still have to be updated with new hardware drivers and other software support.

In addition, most of Microsoft's software developers are working on Vista, so the company has to reallocate resources to continue working on XP.

Taiwan's Fair Trade Commission investigation is at least the third action taken against Microsoft in recent years.

In 2004, the commission worked with Microsoft to resolve disputes around Windows Media Player after a ruling by the European Union found Microsoft guilty of trying to destroy competition in that market. A year earlier, the commission reached a settlement with Microsoft over the bundling of Office software.

Microsoft issues massive security update for Windows, Office

Microsoft Corp. today released its largest security update in 18 months to patch 26 vulnerabilities in Windows, Office, Internet Explorer (IE), Windows Messenger and other software.

"Today is a perfect storm of client-side issues," said Amol Sarwate, manger of Qualys Inc.'s vulnerabilities research lab. "Most or all of Microsoft's client-side applications are affected or patched."

At least two of the vulnerabilities have already been exploited in the wild, Microsoft acknowledged. Those two, plus another pair, said one security researcher, should be considered "zero-day" bugs because technical details about the flaws had been circulating prior to today.

"It's all about the count today," Sarwate said. "This is the largest update in 2008, and the largest in the last 18 months. We have two that we know have been exploited and four zero-days."

Even though today's updates -- 11 total bulletins, six of which were tagged as "critical," Microsoft's highest threat rating -- set a 2008 record, Microsoft left one expected fix off the table. Last week, it said it would patch one or more critical flaws in Windows Media Player 11, the version bundled with Windows Vista.

Microsoft has yanked updates at the last minute in the past, and the company typically cites reliability concerns with the patch or says it was not able to wrap up testing in time. It did the same today. "The bulletin has been removed prior to today's bulletin release because of a last-minute quality issue," said Christopher Budd, a spokesman for the Microsoft Security Response Center (MSRC) in an e-mail.

Of today's 11 updates, two were most anticipated: a patch for a bug in the Snapshot Viewer ActiveX control, which is bundled with Access, Microsoft's database application, and one for a less-critical flaw in Microsoft Word that the company confirmed in a July 8 security advisory. The former was patched by MS08-041, while the latter was fixed by MS08-042.

The Snapshot Viewer and Word vulnerabilities have been exploited by attackers, making them especially important to patch, Sarwate said.

Andrew Storms, director of security operations at security vendor nCircle Network Security Inc., saw two major themes in the massive update. "There's a lot of file-parsing vulnerabilities here," he said, " and a ton of replacement bulletins."

File-format bugs are not new to Microsoft's software, especially the applications in its Office suite, but the number patched today -- a full dozen altogether -- took Storms by surprise. "Every Office product got touched today," he said. "The good thing is that if Office 2007 [applications] are affected, they're less affected, because the file format changed with that version."

File-format vulnerabilities -- like the ones patched in Excel (MS08-043), Office in general (MS08-044) and PowerPoint (MS08-051) -- remain valuable to attackers, Storm maintained.

"They'll continue to pop up because the file formats, the older formats in particular, have been so well documented outside of Microsoft," Storms said.

On the theme of replacement bulletins, Storms noted that seven of the 11 updates unveiled today replace earlier Microsoft security patches. "It's not unusual to have a few, and by 'a few' I think of one or two, maybe three, but we're looking at a full deck here.

"It tells me that one of the best ways to find new vulnerabilities continues to be to look at what Microsoft has patched in the past and what they might have missed when they did," Storms said.

That tactic pays dividends, he argued, citing the large number of replacement updates as proof. "Absolutely, this works. You look in the same area of code as the fix Microsoft applied. Maybe the function call they patched here is being used somewhere else."

While Microsoft addressed six critical vulnerabilities in its IE browser today with MS08-045, it did not tackle a bug first reported in 2006 that returned to the limelight in May 2008 when security researcher Aviv Raff claimed that it could be combined with the so-called "carpet bomb" flaw in Apple Inc.'s Safari. Apple and Mozilla Corp. have patched their browsers to prevent the kind of blended threats that Raff has outlined.

Microsoft also issued a separate security advisory today that announced it had set the "kill bits" for a pair of third-party ActiveX controls from Hewlett-Packard Co. and Aurigma Inc. The practice, which debuted in April, lets Microsoft disable vulnerable ActiveX controls remotely through its Windows Update service.

Microsoft kills more third-party ActiveX controls

Microsoft Corp. today issued "kill bit" updates for ActiveX controls from HP and a Washington state developer, the third time it's disabled third-party add-ons in the last four months.

One security researcher linked the release to a new program Microsoft announced last week that's designed to help other vendors find and fix bugs in their own software.

Microsoft disabled ActiveX controls from two companies, Hewlett-Packard Co. and Tacoma, Wash.-based Aurigma Inc., in its kill bit update, according to the security advisory issued today. The update was released through Windows Update, but it can also be downloaded from the Microsoft site.

Both companies have acknowledged vulnerabilities in their ActiveX controls, and have, in fact, patched those controls. The HP software that Microsoft killed today were older ActiveX controls associated with a customer support application bundled with some of its PCs; the program, dubbed "HP Instant Support," is meant to help users update key drivers and other HP software.

HP patched its Instant Support in early June.

Aurigma's Image Uploader, meanwhile, also has a troubled past. In late January, security vendor Symantec Corp. reported multiple vulnerabilities in the software, which is licensed by sites such as MySpace and Facebook, to give their users a way to upload photos from within Internet Explorer.

Aurigma quashed the bugs in a March 2008 update to Image Uploader.

The first time Microsoft released a kill bit update for another vendors' software was in April, when it disabled a buggy ActiveX control used by Yahoo Inc.'s music player. In June, it released a kill bit that crippled an ActiveX control used by Logitech International SA to retrieve updates for software for its keyboards and mice.

In April, company officials said they would issue kill bit updates whenever asked by a vendor. "If an independent software vendor discovers that they have shipped a vulnerable [ActiveX] control, they should e-mail [us] to work with Microsoft to issue a kill bit, disabling that control," Tim Rains, a spokesman for the Microsoft Security Response Center, said at the time.

Setting the kill bit for an ActiveX control involves modifying the Windows registry. It does not patch the problem, and setting the kill bit means the control's functionality is lost. In today's cases, however, Microsoft was setting the kill bits for the older, vulnerable versions of the HP and Aurigma controls; users who had updated to the newer editions should not lose the programs' functionality.

"This is right in line with Microsoft's presentation at Black Hat," said Andrew Storm, director of security operations at security vendor nCircle Network Security Inc., referring to last week's security conference. At Black Hat, Microsoft said it would launch Microsoft Vulnerability Research in two months. The program helps third-party developers of Windows applications and add-ons find and fix bugs in their software.

"They said many times that they are working as a coalition to better secure the Windows operating system and everything which runs on it," Storms continued. "While Microsoft has issued a few kill bits in the past for third-party products, this is something we are going to continue to see going forward."

Kaspersky Internet Security 2009 -- fast, lean, effective

Fans of all-in-one security suites should take a serious look at the just-released Kaspersky Internet Security 2009, which includes modules for antivirus, antispyware, firewall and more, yet uses little enough system resources and RAM that it won't slow down or clog up your system.

Like many of its competitors, Kaspersky takes the "everything but the kitchen sink" approach to Internet security, and it largely succeeds. The software's sprawling features are well integrated via a single control panel with individual screens for anti-malware, system security, online security and content-filtering sections. The default settings for each module should work well for most people, but for those who like to tweak, the program offers considerable customization tools as well.

Cyberattacks knock out Georgia's Internet presence

Hackers, perhaps affiliated with a well-known Russian criminal network, have attacked and hijacked Web sites belonging to Georgia, the former Soviet republic now in the fourth day of war with Russia, a security researcher claimed on Sunday.

Some Georgian government and commercial sites are unavailable, while others may have been hijacked, said Jart Armin, a researcher who tracks the notorious Russian Business Network (RBN), a malware and criminal hosting network.

"Many of Georgia's Internet servers were under external control from late Thursday," Armin said early Saturday in an entry on his Web site. According to his research, the government's sites dedicated to the Ministry of Foreign Affairs, the Ministry of Defense, and the country's president, Mikhail Saakashvili, have been blocked completely, or traffic to and from those sites' servers have been redirected to servers actually located in Russia and Turkey.

As of midnight Eastern time on Sunday, Georgia's presidential and defense ministry sites were unavailable from the U.S. Although the foreign ministry's site remained online, the most recent news item was dated Aug. 8, the day Georgian and Russian forces first clashed.

Armin warned that Georgian sites that appeared online may actually be bogus. "Use caution with any Web sites that appear of a Georgia official source but are without any recent news [such as those dated Saturday, Aug. 9, or Sunday, Aug. 10], as these may be fraudulent," he said in another entry posted midafternoon on Sunday.

Statements from Georgia's foreign ministry have appeared in a blog hosted on Google, perhaps in an attempt to circumvent attacks.

Researchers at the Shadowserver Foundation, which tracks malicious Internet activity, confirmed some of Armin's claims. "We are now seeing new attacks against .ge sites [Editor's note: .ge is the top-level domain for Georgia.] ... www.parliament.ge and president.gov.ge are currently being hit with HTTP floods," the researchers said in a Sunday update to a July post.

On Saturday, Armin reported that key sections of Georgia's Internet traffic had been rerouted through servers based in Russia and Turkey, where the traffic was either blocked or diverted. The Russian and Turkish servers Armin identified, he said, "are well known to be under the control of RBN and influenced by the Russian government."

RBN, which pulled up stakes last year and shifted network operations to China in an attempt to avoid scrutiny, has been fingered for a wide range of criminal activities, including a massive subversion of Web sites last March.

Later on Saturday, Armin added that network administrators in Germany had been able to temporarily reroute some Georgian Internet traffic directly to servers run by Deutsche Telekom AG. Within hours, however, the traffic had been again diverted to Russian servers, this time to ones based in Moscow.

The attacks are reminiscent of other coordinated campaigns against Estonian government Web sites in April and May 2007 and against about 300 Lithuanian sites on July 1. Like Georgia, both countries are former republics in the Soviet Union.

Three weeks ago, a distributed denial-of-service attack knocked Georgia's presidential site offline for about a day.

Late Sunday, Russian ground forces were reported advancing toward Gori, an important transportation hub in central Georgia.