Update: Microsoft Deny Bursting

By | November 24, 2011
 Here’s Microsoft’s take on the Burst.com case I mentioned in a previous posting. Would the correct version please stand up? In a nutshell it comes down to the question: did Microsoft deliberately erase weeks of emails from all servers and backups related to the case?
 
Winnet.mag quotes a Microsoft spokesman as denying that a judge ordered Microsoft to turn over “missing emails” and said that Burst.com’s account of that part of the trial is inaccurate and groundless. “Their fundamental premise, that there were missing emails from a specific period of time, is simply wrong. [At the hearing, we] discussed a routine discovery issue arising from the fact that not every email sent or received gets saved. [The judge] simply directed us to do a more thorough search of our backup files to search for any emails that, as a matter of business routine, were not saved elsewhere.” This is either spin out of control, or Robert X. Cringely’s version is wrong.

Software: A Virus Alternative

By | November 24, 2011
 Further to my earlier post about the rising virus conflict, one option to consider is a non-mainstream Anti Virus program. There are some out there, and they might just do a better job of saving your hide: They may work better, and they may put out updates faster. One is the unfortunately named NOD32, from Eset Software which seems to be on the cutting edge: today it announced it has become the first product for the (next) Windows 2003 operating system to receive prestigious Checkmark certification at Levels 1, 2 and Trojan, from SC Magazine’s West Coast Labs.
 
 
NOD32 Antivirus claims its effectiveness is “due to its unique core technology that addresses both known and unknown viruses”. In other words, it’s not just looking for stuff we know to be viruses, but also “virus-like activity”. It also claims to be fast: more than twice the speed of the next best product on the market, means it’s less likely to slow down your computer while checking incoming stuff for viruses. I haven’t checked out NOD32 but I’m about to.

News: A Patch In Time Saves You Online

By | November 24, 2011
 This from the guys at Information Security Magazine, a warning about some new, and serious vulnerabilities in Microsoft software. The most critical vulnerability is titled ?Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution? (MS 03037). Microsoft provided few details about the actual vulnerability, but says the flaw is dangerous and users of affected software should apply patches immediately. This is not just for techheads and sysops: Affected software includes Access (97/2000/2002), Excel (97/2000/2002), PowerPoint (97/2000/2002), Project (2000/2002), Publisher 2002, Visio
(2000/2002), Word (97/98(J)/2000/2002), Works Suite (2001/2002/2003) and several versions of Microsoft Business solutions.
 
There are other vulnerabilities too:
?Flaw in Word Could Enable Macros to Run Automatically? (MS 03035)
?Buffer Overrun in WordPerfect Converter Could Allow Code Execution? (MS 03036)
?Unchecked Buffer Overflow in Microsoft Access Snapshot Viewer Could Allow Code Execution? (MS 03038)
?Flaw in NetBIOS Could Lead to Information Disclosure? (MS 03034)
 
If we’ve learned nothing in the past month, we should have at least learned to patch, patch and keep patching.

News: We’re Losing the Virus Arms Race

By | November 24, 2011
This week’s New Scientist confirms what readers of this blog already knew about the growing imbalance in the virus arms race. Antivirus specialists, the mag says, are fighting a losing battle against malicious code like viruses and worms. Research undertaken at Hewlett-Packard’s labs in Bristol, UK, is the first to evaluate the effectiveness of antiviral software. It shows that the way we fight viruses is fundamentally flawed, because viruses spread faster than antivirus patches can be distributed. By the time the antivirus software catches up, the damage has already been done.
 
 
Hewlett-Packard researcher Matthew Williamson designed a computer model to mimic the way in which viruses spread, based on a model that tracks the spread of biological viruses. He then introduced parameters to represent the way the antivirus software responds to this spread. He found that even if a signature is available from the moment a virus is released, it cannot stop the virus spreading if it propagates fast enough. Should we be worried? Yes.

News: Have Microsoft Done It Again?

By | November 24, 2011
 An excellent, and damning, article by Robert X. Cringely on Microsoft shenanigans, this time in court over a lawsuit with Burst.com. Read the whole thing: In short, Microsoft appear to have been caught deleting emails that could be evidence. The judge has ordered Microsoft to produce the missing messages.
 
 
Here’s Robert’s conclusion: “What happens next with Microsoft and Burst is interesting. In a few weeks, Microsoft will either find the messages or not. If they do find the messages and produce them, whatever is in those messages becomes part of the case. If they don’t find the messages and the case goes to trial, the judge will tell the jury that Microsoft deliberately withheld and destroyed evidence. Juries are generally unimpressed by such behavior.”
 
From here it looks like Microsoft not playing by the rules to sideline a tiny competitor anxious to sell up. This does not sound unusual. Watch this space. Or more correctly, this space.