Cody Taylor

mask.of.sanity writes “BitDefender has released what it claims is the first vaccination tool to remove the notorious Conficker virus that infected some 9 million Windows machines in about three months. The worm, also known as Downadup, exploits a bug in the Windows Server service used by Windows 2000, XP, Vista, Server 2003 and Server 2008. It spreads primarily through a buffer overflow vulnerability in Windows Server Service where it disables the operating system update service, security center, including Windows Defender, and error reporting. The Romanian security vendor said its removal tool will delete all versions of Downadup and will not be detected by the virus.”

Read more of this story at Slashdot.

eggegick writes “My wife has taken a number of college courses over the last three years and many of the classes used on-line materials rather than books. The problem was these required IE along with Java, Active X and/or various plug-ins (the names of which escapes me), and occasionally I’d have to tweak our firewall to allow these apps to run. I don’t think any of these training apps would work with Firefox. All of this made me cringe from a security point of view. Myself, I use just use Firefox, No-Script, our external firewall and common sense when using the web. I have a very old windows 2000 machine that I keep up to date. To my knowledge I’ve never had a virus or malware problem. Her computer is a relatively new XP machine, and this point she feels here computer has something wrong. But now she prefers to use my old machine instead of hers since it seems to be more responsive. We plan to run the recovery disk on hers. Assuming the college course work applications were part of the cause, what recommendations do any of you have when having to run this kind of software? Is there a VMware solution that would work — that is have a Windows image that is used temporarily for the course work and then discarded at the end of the semester (and how do you create such an image, and what does it cost?).”

Read more of this story at Slashdot.

eggegick writes “My wife has taken a number of college courses over the last three years and many of the classes used on-line materials rather than books. The problem was these required IE along with Java, Active X and/or various plug-ins (the names of which escapes me), and occasionally I’d have to tweak our firewall to allow these apps to run. I don’t think any of these training apps would work with Firefox. All of this made me cringe from a security point of view. Myself, I use just use Firefox, No-Script, our external firewall and common sense when using the web. I have a very old windows 2000 machine that I keep up to date. To my knowledge I’ve never had a virus or malware problem. Her computer is a relatively new XP machine, and this point she feels here computer has something wrong. But now she prefers to use my old machine instead of hers since it seems to be more responsive. We plan to run the recovery disk on hers. Assuming the college course work applications were part of the cause, what recommendations do any of you have when having to run this kind of software? Is there a VMware solution that would work — that is have a Windows image that is used temporarily for the course work and then discarded at the end of the semester (and how do you create such an image, and what does it cost?).”

Read more of this story at Slashdot.

A third version of Downadup has been identified by Symantec, which says the new variant gives infected machines more powerful instructions to disable antivirus software and analysis tools, among other actions.

**$tarDu$t** recommends a Washington Post Security Fix blog post dissecting the Tigger.A trojan, which has been keeping a low profile while exploiting the MS08-66 vulnerability to steal data quietly from online stock brokerages and their customers. An estimated quarter million victims have been infected. The trojan uses a key code to extract its rootkit on host systems that is almost identical to the key used by the Srizbi botnet. The rootkit loads even in Safe Mode. “Among the unusually short list of institutions specifically targeted by Tigger are E-Trade, ING Direct ShareBuilder, Vanguard, Options XPress, TD Ameritrade, and Scottrade. … Tigger removes a long list of other malicious software titles, including the malware most commonly associated with Antivirus 2009 and other rogue security software titles… this is most likely done because the in-your-face ‘hey, your-computer-is-infected-go-buy-our-software!’ type alerts generated by such programs just might… lead to all invaders getting booted from the host PC.”

Read more of this story at Slashdot.

KillerBob writes with an advance on the news from a year back that stem cells can be produced from human skin — discussed here. Now Canadian researchers have found a safe way to generate stem cells without using viruses to modify the genome, a process that can have its own dangers. “The ethical debate over embryonic stem cell use may soon be moot, thanks to a Canadian team of researchers who, together with a team out of Scotland, has found a safe way to grow stem cells from a patient’s own skin. The revolutionary finding, described in a paper published yesterday by the international science journal Nature, means doctors may be one step closer to treating a multitude of diseases, including Alzheimer’s, diabetes and Parkinson’s.”

Read more of this story at Slashdot.

Ars Technica reports on a proceeding being held by the Canadian Radio-television and Telecommunications Commission regarding net neutrality. They requested comments from the public as part of the debate, and several Canadian ISPs took the opportunity to explain why they think it’s a bad idea. Quoting: “One of the more interesting responses came from an ISP called Videotron, which told the CRTC that controlling access to content … ‘could be beneficial not only to users of Internet services but to society in general.’ As examples of such benefits, Videotron mentioned the control of spam, viruses, and child pornography. It went on to suggest that graduated response rules — kicking users off the ‘Net after several accusations of copyright infringement — could also be included as a benefit to society in general. … Rogers, one of Canada’s big ISPs, also chimed in and explained that new regulations might limit its ability to throttle P2P uploads, which it does at the moment. ‘P2P file sharing is designed to cause network congestion,’ says the company. ‘It contributes significantly to latency, thereby making the network unreliable for certain users at periods of such congestion.'”

Read more of this story at Slashdot.

Plasmoid writes “The NYTimes is reporting that scientists have starting developing what could turn out to be a ‘universal’ flu vaccine. They created antibody proteins that can neutralize different strains of the influenza virus, including the deadly H5N1 bird flu, the virus behind the 1918 epidemic, and common seasonal strains. These new antibodies target part of the virus that is shared between different strains and thus appear to be broadly effective. However, some experts question whether a universal vaccine of this kind is even possible, since the human body has been unable to come up with an antibody solution. An article on nature.com describes the work further.”

Read more of this story at Slashdot.

Plasmoid writes “The NYTimes is reporting that that scientists have starting developing what could turn out to be a ‘universal’ flu vaccine. They created antibody proteins that can neutralize different strains of the influenza virus, including the deadly H5N1 bird flu, the virus behind the 1918 epidemic, and common seasonal strains. These new antibodies target part of the virus that is shared between different strains and thus appear to be broadly effective. However, some experts question whether a universal vaccine of this kind is even possible, since the human body has been unable to come up with an antibody solution. An article on nature.com describes the work further.”

Read more of this story at Slashdot.