Archive | March, 2008

Gmail in Germany?: Nein Danke

18 Mar

Google has lost another court battle in Germany to trademark the term Gmail.  The Office for Harmonization in the Internal Market (OHIM) has just published a ruling made last month, dismissing Google’s appeal of the original decision against the company. The trademark will remain with an email service founded in 2000 by Daniel Giersch.  

Plus, German courts are growing weary of Google’s repeated legal attempts to co-opt the brand and have banned the company from taking up the Gmail/G-mail issue outside of OHIM or an official settlement (which Giersch is not interested in).

Google will be forced to use Google Mail nomenclature in Germany, although email addresses will still use @gmail.com.

Crackers Using Your Own SEO Techniques Against You

18 Mar

This, ” IFrame exploit takes advantage of web site query caching. Web sites often cache the results of search queries that are run locally. These search results are forwarded to search engine providers (think Google or Yahoo), who use the information to generate their own search results. Hackers exploit the system by typing a query immediately followed by the text of an IFrame. This data (including the IFrame) is then passed to various search engines and displayed if a user searches for a relevant keyword. When the user visits an apparently legitimate document, the IFrame activates and attempts to complete whatever instructions it has been given. 

The major advantage of an injected attack versus an embedded one is that an injected attack requires no direct access to a web site’s server backend. Instead, it takes advantage of the company’s SEO (Search Engine Optimization) practices and poisons the results that are fed back to web surfers. The first wave of injections targeted ZDNet Asia and torrentreactor.net. The attackers shifted away from these two domains quickly and branched out into other web sites. One key purpose of the attack was to advertise the rogue antivirus product developed by the RBN (Russian Business Network), XP Antivirus.

XP Antivirus is a cute piece of work. On the surface, it seems to be an ordinary anti-virus program, and it makes all the usual claims one would expect regarding its ability to keep a system clean and virus free. Once installed, however, XP Antivirus actually creates a set of registry keys that it will detect and flag as malware installations once a scan is run. The only way to remove these threats from the system, of course, is to buy the XP Antivirus software package. Additional IFrame were eventually added that pointed to downloads for Spyshredderscanner and MediaTubeCodec, both of which attempt to download additional malware into a system.

 —Ars Technica

Google acknowledged that this was a known attack vector, and confirmed that they are indeed working on ways to manipulate and “sanitize” links provided by them in an effort to minimize the effect of incidents such as XSS on indexed sites. They also share our opinion on the reality of XSS and its affects on web browsing: “Google recommends that sites fix their cross-site scripting vulnerabilities as a priority. These can be abused in a number of ways, including bad interactions with search engines. Google is helping by reaching out to affected organizations. In addition, Google has internal processes to block abuses when the situation warrants.

WSOP Bound

5 Mar

I’m heading to Atlantic City to play in a couple of WSOP circuit events so no more blogging til Monday.

Yahoo Delays Board Meeting: prelude to friendly MSN negotiation?

5 Mar

“Yahoo! extended a deadline to nominate board directors, buying the company time to pursue alternatives to Microsoft Corp’s $41.7 billion offer, while also giving Yahoo room to negotiate a friendly deal with Microsoft.

The original March 14 deadline could have catapulted Microsoft and Yahoo into a formal proxy contest next week. Instead, Yahoo said on Wednesday the deadline would fall 10 days after it announces the date for its annual shareholder meeting, which has yet to be scheduled.

Yahoo has explored tie-ups with several other Internet and media companies that would allow it to retain more independence. Delaying board nominations reduces the pressure on Microsoft to turn hostile in its takeover strategy in which it could nominate an alternative slate of Yahoo directors.

Talks about a deal with Time Warner Inc’s (TWX.N) AOL unit have accelerated, a person briefed on the discussions said on Wednesday. News Corp (NWSa.N) and Yahoo are still discussing possible options, a source familiar with the talks said.”

http://news.yahoo.com/s/nm/20080305/tc_nm/yahoo_microsoft_dc&printer=1

6 Botnets Responsible for 85 Percent of all Spam

5 Mar

From Ars technica:

Security firm Marshal estimates that six botnets account for 85 percent of the total spam sent world-wide. Srizbi is currently in the lead, with 39 percent of the “market,” followed by Rustock at 20 percent, Mega-D at 11 percent, Hacktool.Spammer at seven percent, Pushdo (6 percent), and Storm (two percent).

These numbers track the amount of spam each botnet is producing rather than the total number of systems infected by each botnet.

Niche Shopping Engines: a primer

5 Mar

My good friend Rob Walter will be conducting a webinar on the changes to the Comparison Shopping landscape, techniques to leverage the niche engines for customer growth and tactics to maximize your CSE footprint. If you are interested in attending…shoot me an email or leave a comment!

Google Rocks It: 66% of all searches

4 Mar

Google accounted for 66.44% of all US searches in the four weeks ended February 23, while Ask.com increased its share of searches 18% year over year – from 3.52% of searches in Feb. ‘07 to 4.16% in Feb. ‘08, according to Hitwise.

Yahoo Search and MSN Search, second and third, received 20.59% and 6.95% of US searches, respectively, in February.

%d bloggers like this: