http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2009-07-04 19:20:30 - News : The iPhone scored quite a few headlines related to overheatingproblems with the 3GS this week Depending on whom you believe, thoseissues are either real, exaggerated, the fault of users or somecombination of the threeread moreIMAGEhttp://www.secuobs.com/revue/news/116922.shtmlhttp://www.secuobs.com/revue/news/116922.shtml 2009-07-03 23:57:43 - BadwareBusters.org Most recent topics : Please help me find the “bad code” that google is talking about ican’t find anything and have never had issues before…http://www.secuobs.com/revue/news/116838.shtmlhttp://www.secuobs.com/revue/news/116838.shtml 2009-07-03 19:28:52 - BadwareBusters.org Most recent topics : Hi,I was informed by google tha my site wwwkeralastoresin had acted asintermediarie for transmitting malware I have no idea how thishappened except that I have placed ads through adsense from google isthis the root cause I want this site to be safe for all users Howshould i proceed and the steps to be followed to inform google about minnocencePlease help…http://www.secuobs.com/revue/news/116771.shtmlhttp://www.secuobs.com/revue/news/116771.shtml 2009-07-03 11:24:15 - gHacks technology news : The Google Update process was the bane for many Internet users as itseemed to come up again even if it was disabled on the computersystem The process googleupdateexe was running all the time on thecomputer system trying to connect to Google to see if there were anyupdates for Google software available http://www.secuobs.com/revue/news/116676.shtmlhttp://www.secuobs.com/revue/news/116676.shtml 2009-07-03 10:34:03 - BadwareBusters.org Most recent topics : I have a site here http://wwwegyptianspiritinfo/ when i open thissite in Firefox i see “Reported Attack Site” and if we open this sitein “IE” that is internet explorer then i don see any error We alsosubmitted our site twice to http://stopbadwareorg/ but this time i amunable to understand them The strange thing is that why FF is showingus that message which is not with “IE”, infact my more than 10 siteshave been affected and i really wanna get rid of this We alreadychecked that there is no virus on siteI would appreciate if any of you help us in this asaphttp://www.secuobs.com/revue/news/116657.shtmlhttp://www.secuobs.com/revue/news/116657.shtml 2009-07-03 06:51:50 - News : The US Department of Justice confirmed on Thursday that it isinvestigating a settlement involving Google Book Search for possibleantitrust violations, following months of speculation that the agencyhad its eye on the serviceread moreIMAGEhttp://www.secuobs.com/revue/news/116609.shtmlhttp://www.secuobs.com/revue/news/116609.shtml 2009-07-03 06:51:50 - News : Google made a few updates to various Apps services this week,including one that lets users within an organization share templateswith each otherread moreIMAGEhttp://www.secuobs.com/revue/news/116607.shtmlhttp://www.secuobs.com/revue/news/116607.shtml 2009-07-03 06:06:27 - BadwareBusters.org Most recent topics : Hi All,I too have received a google notification saying there’s malware on mywebsiteBut I have no idea what malware even looks like in a website… so canyou please help me find it and tell me how to get rid of itwwwtravellingphotographerscomThank you so muchhttp://www.secuobs.com/revue/news/116593.shtmlhttp://www.secuobs.com/revue/news/116593.shtml 2009-07-03 03:15:32 - Hack In The Box : Google App Engine - the development and hosting cloud that serves upthird-party apps and websites - was on the fritz for a good six hoursthis morning According to a public note from Google's App Engineteam, the service began experiencing problems at around 6:30amPacific "We're currently seeing elevated Datastore latency anderror-rates, as well as elevated serving error-rates," the note read"All applications accessing the Datastore are affected" By 8:45am,the App Engine team was in "unplanned maintenance mode," disabling allapplication deployments, Datastore writes, and memcache writesProblems continued for nearly four hours At 12:35, the team announcedthat all functions had returned to normalhttp://www.secuobs.com/revue/news/116572.shtmlhttp://www.secuobs.com/revue/news/116572.shtml 2009-07-03 02:49:17 - Slashdot Your Rights Online : An anonymous reader points to Digital Daily, writing "Looks like thefireworks have begun early in Mountain View On Thursday afternoon,the Department of Justice officially notified Google that it isinvestigating its book deal for violations of the Sherman AntitrustAct"IMAGERead more of this story at SlashdotIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/116552.shtmlhttp://www.secuobs.com/revue/news/116552.shtml 2009-07-02 12:06:28 - Ivan Ristić : Two weeks ago, I announced SSL Labs and my technique for passive SSLcipher suite analysis It won’t surprise you to learn that I've beencarefully observing the cipher suites used in the requests that cameto the web sitehttp://www.secuobs.com/revue/news/116226.shtmlhttp://www.secuobs.com/revue/news/116226.shtml 2009-07-02 04:55:06 - eWeek Security Watch : Researchers at Google reported a surge in spam during the second quarterof 2009 on the back of image spam and e-mails sent out with virusesThe report largely echoes findings from MX Logic, which reported a 300percent jump in spam since FebruaryIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/116118.shtmlhttp://www.secuobs.com/revue/news/116118.shtml 2009-07-02 04:49:48 - Security Bloggers Network : The Google toolbar is a powerful add-on for your browser It adds verynice features of course, to be used sparingly if you don’t wantGoogle to know everything about you There is also an API whichoffers extra features for webmasters such as creating custom buttonsHere is a quick how-to to add custom http://www.secuobs.com/revue/news/116112.shtmlhttp://www.secuobs.com/revue/news/116112.shtml 2009-07-02 00:14:03 - Internet Security News : Google's trying to keep its users safe from spam, but the fight isn't aneasy one Amanda Kleha of the company's message security and archivingteam supplied some stats regarding spam today, and the situationdefinitely looks hairy enough to keep filters on their figurativetoesGoogle Weighs In On Q2 Spam TrendsGoogle Weighs In On Q2 Spam TrendsIMAGEThe good guys are winning occasional victories; the McColo takedown inNovember had a huge impact, and the dismantling of 3FN in early Junehelped a lot There's also an interesting trend in that the spammerswho step forward to fill the holes are trying old tricks with whichsecurity professionals are already familiarStill, in regards to the 3FN development, Kleha writes, "Since June 4,spammers have already made up a significant amount of ground, climbing14% from the initial drop"And the end result on an overall scale is that "Q2'09 average spamlevels are 53% higher than in Q1'09 and 6% higher than in Q2'08"It's reports like these that make the security professionals whoprotect us more appreciated, anywayOn that note, Kleha did take the opportunity to promote her team,writing, "For more information on how Google email security services,powered by Postini, can help your organization provide better spamprotection and take a load off your network by halting spam in thecloud, visit wwwgooglecom/postini"IMAGEIMAGE IMAGE IMAGE IMAGE IMAGEhttp://www.secuobs.com/revue/news/116047.shtmlhttp://www.secuobs.com/revue/news/116047.shtml 2009-07-01 20:29:02 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/115968.shtmlhttp://www.secuobs.com/revue/news/115968.shtml 2009-07-01 19:54:57 - News : Google will roll out on Wednesday a series of changes to Gmail'slabels, the feature designed to let people categorize and organizetheir e-mail messages in lieu of folders, which the company hasresisted providing in its webmail serviceread morehttp://www.secuobs.com/revue/news/115923.shtmlhttp://www.secuobs.com/revue/news/115923.shtml 2009-07-01 19:54:57 - News : Spammers are pumping out an increasing number of garbage messages asthey regain their capacity to send spam through hacked PCs, accordingto the latest statistics released by Google on Wednesdayread morehttp://www.secuobs.com/revue/news/115922.shtmlhttp://www.secuobs.com/revue/news/115922.shtml 2009-07-01 15:49:44 - Security Bloggers Network : I am posting a quick question, since most of what I have been finding hasbeen product pitches Could someone point me to information aboutGoogle Analytics and compliance - specifically HIPPA and PCI Thanksand be safe out thereJameshttp://www.secuobs.com/revue/news/115837.shtmlhttp://www.secuobs.com/revue/news/115837.shtml 2009-07-01 14:58:08 - BadwareBusters.org Most recent topics : Hi,I have been through the web content on this domain name and attemptedto clean out all the iframes and java codes that have caused this siteto be blocked However this site has not been picked up by googlesince the 17th juneIs there anything I can do to have google index the site again Or isit just a case of sitting and waitinghttp://www.secuobs.com/revue/news/115815.shtmlhttp://www.secuobs.com/revue/news/115815.shtml 2009-07-01 08:35:14 - BadwareBusters.org Most recent topics : Hi,I can not find the badware in the code but Google says there is Couldit be in imagesMy site is wwwsupportgovcomThankshttp://www.secuobs.com/revue/news/115720.shtmlhttp://www.secuobs.com/revue/news/115720.shtml 2009-07-01 05:02:11 - News : Google has fixed an issue with the Outlook synchronization tool itreleased recently for its Apps hosted communications and collaborationsuite, Google said Tuesdayread moreIMAGEhttp://www.secuobs.com/revue/news/115654.shtmlhttp://www.secuobs.com/revue/news/115654.shtml 2009-07-01 01:53:19 - Hack In The Box : Google has launched a new mobile phone that links Twitter and Facebookupdates to a user's contact book Google has launched a new mobilephone that links Twitter and Facebook updates to a users contact bookThe HTC Hero, which runs on Google's Android platform, is aimed atrivalling recent smartphones such as Apple’s new iPhone 3Gs andNokia's N97 phone The Hero lets users to view their Twitter messageson their homescreen and see friends' online updates alongside theircontact detailshttp://www.secuobs.com/revue/news/115581.shtmlhttp://www.secuobs.com/revue/news/115581.shtml 2009-07-01 01:06:12 - gHacks technology news : A Google account offers access to numerous popular and often timesimportant services This includes access to the popular Gmail emailservice, Google Docs for storing documents but also access to GoogleAdsense or Adwords for webmasters Losing an account, either byforgetting the password or email address associated with it or by asuccessful http://www.secuobs.com/revue/news/115538.shtmlhttp://www.secuobs.com/revue/news/115538.shtml 2009-06-30 20:51:42 - News : read moreIMAGEhttp://www.secuobs.com/revue/news/115403.shtmlhttp://www.secuobs.com/revue/news/115403.shtml 2009-06-30 16:37:26 - News : Usually crime victims don't like to be reminded of what they sufferedBut a 14-year-old boy who was mugged in the Netherlands was pleasantlysurprised to see a photo record of the attack on him recorded forposterity on Google Street Viewread morehttp://www.secuobs.com/revue/news/115284.shtmlhttp://www.secuobs.com/revue/news/115284.shtml 2009-06-30 16:18:58 - Governmentsecurity.org : So it looks like Google Voice has finally begun to send out invites,and I admit that I have been waiting for mine for a while and can'twait to use it For those that don't know what Google Voice is:You get a single Google provided phone number that you can use Itwill then handle all of your voice mail and other text messages Youcan also change how your phones ring Which is all really useful forpeople that have a huge amount of phonesWill you guys use it Do you have concerns about the security and theprivacy of Google VoiceIMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/115261.shtmlhttp://www.secuobs.com/revue/news/115261.shtml 2009-06-30 13:48:42 - Rootsecure.net : Google Blog: High court won't block remote storage DVR systemhttp://www.secuobs.com/revue/news/115239.shtmlhttp://www.secuobs.com/revue/news/115239.shtml 2009-06-30 04:19:40 - News : The organizations are offering an SMS-based information service inUgandaread moreIMAGEhttp://www.secuobs.com/revue/news/115079.shtmlhttp://www.secuobs.com/revue/news/115079.shtml 2009-06-30 01:02:34 - Security Response Weblog : During one of my recent journeys around the Internet there was aparticular ad being displayed on a website that caught my attentionThe type of ad I am referring to wasn’t a totally new concept—ads likeit have been running on websites for years, and actually found theirstart in print in the decades previous You must have seen them Theseare the ads that promise incredible monetary returns for working fromhome, but without doing a lot of workhttp://www.secuobs.com/revue/news/115053.shtmlhttp://www.secuobs.com/revue/news/115053.shtml 2009-06-30 00:59:20 - Rootsecure.net : c|net: Google move paves way for Firefox on Androidhttp://www.secuobs.com/revue/news/115046.shtmlhttp://www.secuobs.com/revue/news/115046.shtml 2009-06-29 20:51:06 - SecurityFocus News : Jackson searches resemble attack to Googlehttp://www.secuobs.com/revue/news/114964.shtmlhttp://www.secuobs.com/revue/news/114964.shtml 2009-06-29 16:03:03 - Revue de presse : PEKIN AFP — La crise économique devrait profiter en Chine aulogiciel libre et bon marché Linux, qui y a vu ses revenus progresserde 26% en glissement annuel en 2008, a estimé mercredi le cabinet demarketing IDCL'étude d'IDC souligne que les vendeurs de Linux ont investilourdement pour éduquer le consommateur chinois et développer leurmarché, avec des résultats visiblesLes systèmes libres basés sur Linux sont très populaires en Chine, auBrésil, en Inde et autres pays émergents, selon le distributeur delogiciels libres Novellhttp://www.secuobs.com/revue/news/114838.shtmlhttp://www.secuobs.com/revue/news/114838.shtml 2009-06-29 12:03:02 - Rootsecure.net : PC Authority: Google mistook MJ searches for net attack "Web giant Googlehas admitted it thought the sudden spike in searches for MichaelJackson on Thursday was a massive, coordinated internet attack"http://www.secuobs.com/revue/news/114774.shtmlhttp://www.secuobs.com/revue/news/114774.shtml 2009-06-28 18:38:46 - La Quadrature du Net Revue de presse : IMAGEDans un jugement inédit rendu ce 24 juin 2009 par le TGI de Paris,Jean-Yves Lafesse vient une nouvelle fois d’échouer contre Google pourdes vidéos hébergées sur les serveurs de la société Cette décision aura de lourdes conséquences puisque toutesmanipulations automatisées d'IP imposeront un passage devant la CNILhttp://wwwpcinpactcom/actu/news/51620-lafesse-google-video-hebergementhttp://www.secuobs.com/revue/news/114637.shtmlhttp://www.secuobs.com/revue/news/114637.shtml 2009-06-28 14:28:25 - Steve on Security : http://www.secuobs.com/revue/news/114601.shtmlhttp://www.secuobs.com/revue/news/114601.shtml 2009-06-27 16:22:30 - Rootsecure.net : The Register: Google mocks Bing and the stuff behind ithttp://www.secuobs.com/revue/news/114448.shtmlhttp://www.secuobs.com/revue/news/114448.shtml 2009-06-27 12:02:06 - Rootsecure.net : The Register: Google Voice invites callershttp://www.secuobs.com/revue/news/114431.shtmlhttp://www.secuobs.com/revue/news/114431.shtml 2009-06-27 10:26:56 - MalwareCity News : The site was created because Google has a significant interest in makingsure that ad blocking doesn't become a standard security practiceIMAGEhttp://www.secuobs.com/revue/news/114422.shtmlhttp://www.secuobs.com/revue/news/114422.shtml 2009-06-26 22:54:14 - kinqpinz.info : This is a quick script I wrote to test the points made in this Googledeveloper video regarding faster|est code execution in PHP Turnsout it's right on point The short of the text and video is that youshould use echo with the comma notation for printing strings to avoidmemory intensive string concatenating routines and single quotes forstrings When PHP encounters double quotes it wants to first find andpopulate variables within that string, then move on to printing it,whereas single quotes move right along Since I'm working on my OOP,here's an easy bench class that uses, in the alleged now proven slowtest, double quotes with nested variables, and single quotes with echoand comma notation for appending variables in the fast test If youwish to try it out, do it from the command line by making this codeexecutable in a file that will accept its first argument, $argv1, asthe main loop amount In short tests, the optimized PHP runs at doublethe speed As the time lengthens, the gap is not so great but stillquite tangible Note the comments in the code's header to see myresults on an old yet good laptop See link for codehttp://www.secuobs.com/revue/news/114259.shtmlhttp://www.secuobs.com/revue/news/114259.shtml 2009-06-26 22:44:45 - Security Bloggers Network : I was driving into Brussels this afternoon and saw two Google cars Thesecond one stopped just in front of me at a traffic light The cameraswere recording I saw some activity on the LEDs on top of the cams Iwrote down the place and time Let’s see now how much time it willhttp://www.secuobs.com/revue/news/114244.shtmlhttp://www.secuobs.com/revue/news/114244.shtml 2009-06-26 22:41:36 - News : Google moved to boost its Android mobile device software platform thisweek by offering developers a kit that enables them to call nativecode from Android applicationsread moreIMAGEhttp://www.secuobs.com/revue/news/114240.shtmlhttp://www.secuobs.com/revue/news/114240.shtml 2009-06-26 17:40:10 - Bill Mullins' Weblog Tech Thoughts : Guest writer Megan Jones takes you on a tip trip with Google SketchUpWhether you want to design a new addition to your house, plan yourlandscaping or just make a drawing for fun, Google SketchUp offerswonderful functionality for creating 3D models Even better, it’scompletely free If you’d like to try your hand at http://www.secuobs.com/revue/news/114109.shtmlhttp://www.secuobs.com/revue/news/114109.shtml 2009-06-26 15:57:48 - Security Park : In total, 45857 unique malicious, advertising, and potentially unwantedprograms were detected on users' computers in March 09 alone accordingto Kaspersky Security Network This tidal wave of malware has becomeso overwhelming, that even Google has created a custom search engine -Anti-Malvertisingcom - designed to help ad network customers conductquick background checks It researches a var morehttp://www.secuobs.com/revue/news/114089.shtmlhttp://www.secuobs.com/revue/news/114089.shtml 2009-06-26 10:48:15 - TrendLabs Malware Blog by Trend Micro : We have recently discovered a version, of online fraud that takes theguise of a legitimate-lookng news website At first glance, thecontent of the purported news page appears real but after conductingfurther analysis, one will realize that the news page is actually aspammy site What’s supposed to be a news article is actually Post from: TrendLabs | Malware Blog - by Trend MicroGoogle Cash Club Makes Headlines in Phishing Attackhttp://www.secuobs.com/revue/news/113994.shtmlhttp://www.secuobs.com/revue/news/113994.shtml 2009-06-26 05:46:59 - BadwareBusters.org Most recent topics : When I go to googlecom and put in search information, google goes outto search It brings up results when i click on one of the results, Ican see the google toolbar say “jumping” and then the URL goes towwwfind-mecom and before I can go to tools, phishing filters tocapture/report it, the url then jumps to a different url and brings upall these other search items to select on Each time this happens –the ‘next’ URL after wwwfind-mecom is a completely different one Iam totally unable to google search now unless I cut/paste the actualURL that is in the initial google search and paste into the URL and goto the site that way to avoid wwwfind-mecom getting to my stuff Ialso have blocked wwwfind-mecom so then what happens when I click ona google searched result – it brings me back to google as if it neversearched for the requesthttp://www.secuobs.com/revue/news/113916.shtmlhttp://www.secuobs.com/revue/news/113916.shtml 2009-06-26 03:09:33 - Hack In The Box : We aim to serve on this blog, so when a reader of my last post asked forsome thoughts on the interesting stand-off between Google and Chinaover web censorship, I set to work Or rather, I got in touch with anold friend who knows far more about this subject than I do QuentinSommerville, formerly a business correspondent in London, is now theBBC's Beijing correspondent Not only has he lived in China for thelast four years, he's a very tech-savvy guy, and has plenty ofknowledge of the workings of the Great Firewall of China So I senthim some questions - and he gave me some very useful answershttp://www.secuobs.com/revue/news/113903.shtmlhttp://www.secuobs.com/revue/news/113903.shtml 2009-06-26 03:05:16 - EFF.org Updates : Three simple facts about Google and HTTPS:One: as we posted last week, we're very pleased to hear that Google istrialling full HTTPS encryption of all Gmail pagesTwo: if Google's trials are successful, and the company does indeedmake HTTPS encryption the default protocol for reading and writingGmail messages, it will have taken a two-step lead on its competitorsin the free webmail and social networking spaces People use YahooMail, Hotmail, LiveJournal and Facebook for their privatecommunications, but all of the private messages on those servicestravels over the network unprotected1 MySpace doesn't even supportHTTPS for passwordsThree: webmail is one thing, but search is another Sadly, it isn'tpossible to use Google's excellent search engine over HTTPS If youattempt to visit googlecom via https, you'll just be redirected backto unencrypted HTTP If you try the same thing at Yahoo or Microsoft,you'll receive unhelpful error messagesWe've been privately urging Google to make their search serviceavailable by HTTPS for some time, but nothing has happened Yahoo andMicrosoft should of course do the same At the moment, the only searchengine that offers protection against eavesdropping is a metasearchsite called Ixquick they also have a truly excellent privacy policyWe hope that some day, the major search engines can catch up withIxquickThose are three simple observations If you're interested in someless-simple technical detail about what HTTPS actually does, why it'simportant, and what its limitations are, continue reading below thefold1 1 Yahoo Mail is the least worst of these services, since itdefaults to HTTPS login, but all of these services are severelylacking in securityread morehttp://www.secuobs.com/revue/news/113896.shtmlhttp://www.secuobs.com/revue/news/113896.shtml 2009-06-25 23:13:34 - Rootsecure.net : PC World: China Appears to Block Google Siteshttp://www.secuobs.com/revue/news/113828.shtmlhttp://www.secuobs.com/revue/news/113828.shtml 2009-06-25 22:01:17 - News : Nearly two years after acquiring Grand Central, Google is acceptingsome new users to its Google Voice serviceread moreIMAGEhttp://www.secuobs.com/revue/news/113773.shtmlhttp://www.secuobs.com/revue/news/113773.shtml 2009-06-25 18:21:02 - Slashdot Your Rights Online : shekared was one of a number of readers to write in to tell a similarstory He says "I'm an American currently living and working inChongqing, China As of 9am UTC +8 China began blocking googlecom,gmailcom, google analytics and many if not most other google sitesother than googlecn Internet speed for connections outside themainland have in general have come to a crawl Surprisingly this hasyet to pick up major coverage in the press Using an open proxy or VPNfor connection to hosts outside of the mainland continues to allowaccess to google, as does connecting directly to a googlecom IPaddress As of 6pm UTC +8 access to gmail and googlecom havereturned to normal"IMAGERead more of this story at SlashdotIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/113718.shtmlhttp://www.secuobs.com/revue/news/113718.shtml 2009-06-25 17:42:36 - Toutes les actualités : Google s'est donné un nouvel objectif : accélérer la navigation sur leWeb pour la rendre aussi rapide que « tourner les pages d'un magazine» Pour cela, IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/113693.shtmlhttp://www.secuobs.com/revue/news/113693.shtml 2009-06-25 17:27:13 - MX Logic Security News : A letter to Google CEO Eric Schmidt last week signed by 37 web securityexperts urged the company to enable encryption by default for theusers of Gmail, Google Docs and Google CalendarGoogle already uses Hypertext Transfer Protocol Secure HTTPSencryption technology to protect customers' login information, whichis available as an option for users of Google's webmail and othercloud-based servicesHowever, encryption is not enabled by default to protect data sent byusers of Google Mail, Docs or Calendar As a result, the securityexperts said, Google customers who use a public connection such asopen wireless networks "face a very real risk of data theft andsnooping"Alma Whitten, from Google's security and privacy teams, responded onthe Google public policy blog that the company is planning a trial inwhich it will move small samples of different types of Gmail users toHTTPS "to see what their experience is and whether it affects theperformance of their email"The group Consumer Watchdog said Google should be praised for agreeingto offer improved security but asked why the company waited so long toactThe group is calling on other online companies like Yahoo, Microsoft,Facebook and MySpace to offer the same protectionADNFCR-1765-ID-19236271-ADNFCRhttp://www.secuobs.com/revue/news/113675.shtmlhttp://www.secuobs.com/revue/news/113675.shtml 2009-06-25 17:05:37 - BadwareBusters.org Most recent topics : I cannot find any reason why my site was flagged,please can someonehelpIt ishttp://wwwlbgroupltdcomIt claims we are responsible for malware being downloaded andinstalled I cannto see any issues and have checked EVERYTHING, but Iguess I may be missing somethinghttp://www.secuobs.com/revue/news/113657.shtmlhttp://www.secuobs.com/revue/news/113657.shtml 2009-06-25 17:05:37 - BadwareBusters.org Most recent topics : From what I can gather, www {dot afre eco n dot org has maliciouslinks to these three sites:maislexnetopenstatsinfommdnewswirecomHowever, I cannot personally verify this Is there obfuscated codethat I am missing Are there tools I can run as a sanity check Cananyone provide any more information as to why this site isblacklistedThankshttp://www.secuobs.com/revue/news/113655.shtmlhttp://www.secuobs.com/revue/news/113655.shtml 2009-06-25 10:38:10 - Rootsecure.net : The Register: Why Google Wave makes Tim Bray nervoushttp://www.secuobs.com/revue/news/113556.shtmlhttp://www.secuobs.com/revue/news/113556.shtml 2009-06-24 22:16:54 - Rootsecure.net : O'Reilly Radar: Bing and Google Agree - Slow Pages Lose Usershttp://www.secuobs.com/revue/news/113328.shtmlhttp://www.secuobs.com/revue/news/113328.shtml 2009-06-24 21:25:57 - News : Google Web sites including its English search engine becameinaccessible in China late Wednesday, following the country'scriticism of Google last week for serving up pornographic searchresultsread moreIMAGEhttp://www.secuobs.com/revue/news/113265.shtmlhttp://www.secuobs.com/revue/news/113265.shtml 2009-06-24 21:25:57 - News : Smartphone developer High Tech Computer HTC introduced a completelyrevamped user interface on its latest smartphone running GoogleAndroid software, the HTC Hero, highlighting the importance companiessee in making users love the software on their handsetread moreIMAGEhttp://www.secuobs.com/revue/news/113260.shtmlhttp://www.secuobs.com/revue/news/113260.shtml 2009-06-24 20:39:25 - BadwareBusters.org Most recent topics : We were blacklisted today by google and reviewed our sitehttp://wwwpromionet The only thing we found was a supsicios cachefile in an openx adserver subdir We completely removed thisinstallation and setup an actual release from the scratch and askedgoogle and stopbadwareorg for a new reviewWe don`t have any idea, what could be the reason for the blacklistingAny suggestions to help finding the reasonThanks in advance,R Englerhttp://www.secuobs.com/revue/news/113226.shtmlhttp://www.secuobs.com/revue/news/113226.shtml 2009-06-24 16:45:46 - Governmentsecurity.org : Less than two weeks after the last vulnerabilities were closed, Googlehas released version 2017233 of Chrome, a security update fixinganother critical vulnerabilityIMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/113135.shtmlhttp://www.secuobs.com/revue/news/113135.shtml 2009-06-24 14:18:07 - Rootsecure.net : c|net: Want a job Give Bozeman your Facebook, Google passwordshttp://www.secuobs.com/revue/news/113107.shtmlhttp://www.secuobs.com/revue/news/113107.shtml 2009-06-24 14:18:07 - Rootsecure.net : Slashdot: Has Google Broken JavaScript Spam Munginghttp://www.secuobs.com/revue/news/113105.shtmlhttp://www.secuobs.com/revue/news/113105.shtml 2009-06-24 13:53:52 - CNET France Spécial : Deux correctifs sont ajoutés dans la version 2017233 du navigateurGoogle, dont un qui comble une vulnérabilité critique qui permettait àun hacker de prendre le contrôle du PC à distanceLire l'articlehttp://www.secuobs.com/revue/news/113091.shtmlhttp://www.secuobs.com/revue/news/113091.shtml 2009-06-24 10:06:47 - Rootsecure.net : Google Blog: A new landmark in computer visionhttp://www.secuobs.com/revue/news/113052.shtmlhttp://www.secuobs.com/revue/news/113052.shtml 2009-06-24 08:53:05 - Security Bloggers Network : Microsoft’s new Bing search engine, boosted by $100 million in marketing,quickly grabbed a 16 percent market share and is second to Google nowat 71 percentAnd the joke has started:Q: “What does ‘Bing’ standfor”A: “But It’s Not Googhttp://www.secuobs.com/revue/news/113018.shtmlhttp://www.secuobs.com/revue/news/113018.shtml 2009-06-24 08:53:05 - Security Bloggers Network : I missed this when it made the press last week It turns out thatGoogle’s Street View had a privacy implication that made a bust forthe Dutch police From Metrocouk: Dutch police have arrested twinbrothers on suspicion of robbery after their alleged victim spotted apicture of them following him on Google’s Street View map http://www.secuobs.com/revue/news/113012.shtmlhttp://www.secuobs.com/revue/news/113012.shtml 2009-06-24 05:48:28 - Hack In The Box : Google has created a Web site for developers that is focused exclusivelyon making Web applications, sites and browsers faster The site grewout of Google's decision to publicly share a set of best practices thesearch company has developed over the years By offering tutorials,tips and performance tools via the new site, Google wants to help makethe Web faster by assembling a community of developers interested inonline speed and performance The site will allow developers to submitideas, suggestions and questions via a discussion forum and by usingGoogle's Moderator tool, said Google product manager Richard Rabbat inan interviewhttp://www.secuobs.com/revue/news/112984.shtmlhttp://www.secuobs.com/revue/news/112984.shtml 2009-06-23 23:56:31 - Latest articles from SC Magazine US : Google has plugged a hole in is Chrome browser to fix an issue that couldhave enabled an attacker to cause a browser crash and executearbitrary code, according to a company blog post Version 2017233,released Monday, is patched for the buffer overflow vulnerability,rated "critical" by Google and discovered internally Chromeautomatically updates itself and requires no user action It has abouta six percent share in the browser market — DKIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/112874.shtmlhttp://www.secuobs.com/revue/news/112874.shtml 2009-06-23 21:02:46 - CGISecurity Website and Application Security News : "Google Chrome 2017233 has been released to the Stable and Betachannels This release fixes a critical security issue and two othernetworking bugs CVE-2009-2121: Buffer overflow processing HTTPresponsesGoogle Chrome is vulnerable to a buffer overflow in handlingcertain responses from HTTP servers A specially crafted response froma serverhttp://www.secuobs.com/revue/news/112837.shtmlhttp://www.secuobs.com/revue/news/112837.shtml 2009-06-23 20:16:25 - Security Bloggers Network : Dear Google, some messages for you Same story has the one of teenagerwho made a giant penis on the roof of his parents’ house, but thistime on a car I took the picture in a parking not far from Brussels,Belgium The message is clearhttp://www.secuobs.com/revue/news/112798.shtmlhttp://www.secuobs.com/revue/news/112798.shtml 2009-06-23 20:12:30 - News : Google disbled Google Suggest features on Googlecn and made severalother changes to block smutread moreIMAGEhttp://www.secuobs.com/revue/news/112784.shtmlhttp://www.secuobs.com/revue/news/112784.shtml 2009-06-23 20:12:30 - News : The latest Chrome release -- version 2017233 -- fixes an issue thatcould let a malicious hacker carry out a buffer overflow attack,Google said Monday in an official blogread moreIMAGEhttp://www.secuobs.com/revue/news/112781.shtmlhttp://www.secuobs.com/revue/news/112781.shtml 2009-06-23 19:33:02 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/112744.shtmlhttp://www.secuobs.com/revue/news/112744.shtml 2009-06-23 16:57:24 - Threatpost Feed : Google has released a new version of its Chrome browser, whichincludes a fix for a serious buffer overflow vulnerability Thevulnerability in Chrome lies in the way that the browser handlescertain responses from HTTP servershttp://www.secuobs.com/revue/news/112705.shtmlhttp://www.secuobs.com/revue/news/112705.shtml 2009-06-23 12:54:15 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans Google Chrome, qui pourrait êtreexploitée par des personnes malintentionnées pour compromettre unsystème vulnérablehttp://www.secuobs.com/revue/news/112638.shtmlhttp://www.secuobs.com/revue/news/112638.shtml 2009-06-23 03:54:50 - News : Publishers with custom domains hosted on Google's Bloggerblog-publishing service have been losing traffic for the past week dueto a bug affecting how visitors get redirected from the Blogger domainto the publishers' own domainsread morehttp://www.secuobs.com/revue/news/112483.shtmlhttp://www.secuobs.com/revue/news/112483.shtml 2009-06-22 20:32:53 - CGISecurity Website and Application Security News : An article on security in Google's Chrome browser has been published"The Web has become one of the primary ways people interact with theircomputers, connecting people with a diverse landscape of content,services, and applications Users can find new and interesting contenton the Web easily, but this presents ahttp://www.secuobs.com/revue/news/112347.shtmlhttp://www.secuobs.com/revue/news/112347.shtml 2009-06-22 19:42:45 - Internet Security News : Google has introduced a new search site called Anti-Malvertisingcom inan effort to help its ad network partners flag potential providers ofmalicious advertisementsGoogle Goes After Malware In AdsGoogle Goes After Malware In AdsIMAGEThe company launched an initial custom search engine at the beginningof the year, aimed at allowing ad networks to do background checks onpotential advertisers to reduce the risk of malware"It checks a variety of independent, third party sites that trackpossible attempts to distribute malware through advertising," it sayson the site"Its search results should not be considered the last word on aprospective customer, but one potential source of helpful informationIf a party you're researching comes up in a search result here, werecommend you take a closer look at the party in question beforerendering judgment"The Anti-Malvertisingcom site recommends for publishers to alwaysperform in-depth quality assurance on creatives and that they avoid adnetworks without strong anti-malware security measures in placeIn early 2008, Google found that about 2 percent of malicious websiteswere distributing malware via advertising, based on an analysis ofnearly 2,000 advertising networks In a first quarter 2007 Web TrendsSecurity Report released by Finjan found that about 80 percent ofmalicious code came from online ads"The world of online advertising, like the offline world, is a dynamicenvironment that contains a diverse mix of people with differentgoals-both good and bad," the site reads"This website focuses on malvertising the threat of malware beingdistributed through advertising and how you can help prevent it"IMAGEIMAGE IMAGE IMAGE IMAGE IMAGEhttp://www.secuobs.com/revue/news/112319.shtmlhttp://www.secuobs.com/revue/news/112319.shtml 2009-06-22 15:38:30 - gHacks technology news : It is essential to have a solid backup strategy in place with cloudstorage space becoming more popular While many users run backupsoftware on their local computer system to backup important data onlya few take care that uploaded data is also regularly backed up Thereason for this is that many users believe that http://www.secuobs.com/revue/news/112227.shtmlhttp://www.secuobs.com/revue/news/112227.shtml 2009-06-22 10:48:25 - BadwareBusters.org Most recent topics : i cannot entire to my site through googlethis is the error messege isee Warning – visiting this web site may harm your computerhttp://www.secuobs.com/revue/news/112150.shtmlhttp://www.secuobs.com/revue/news/112150.shtml 2009-06-22 04:24:13 - Hack In The Box : Google has made several enhancements to its anti-malvertising site tohelp its ad network customers prevent attempts to distribute malwarethrough advertising The web giant launched an initial custom searchengine at the beginning of the year, which is designed to allow adnetworks to perform quick background checks on prospective advertisersto minimise the risk of malware "It checks a variety of independent,third party sites that track possible attempts to distribute malwarethrough advertising," said a statement on the site "Its searchresults should not be considered the last word on a prospectivecustomer, but one potential source of helpful information If a partyyou're researching comes up in a search result here, we recommend youtake a closer look at the party in question before renderingjudgment"http://www.secuobs.com/revue/news/112108.shtmlhttp://www.secuobs.com/revue/news/112108.shtml 2009-06-22 03:18:50 - News : Google has enhanced its search engine's capacity to index Adobe'sFlash files, which are very popular on the Web but tricky for searchengine spidersread moreIMAGEhttp://www.secuobs.com/revue/news/112103.shtmlhttp://www.secuobs.com/revue/news/112103.shtml 2009-06-21 23:38:49 - Slashdot Your Rights Online : I Don't Believe in Imaginary Property writes "The Chinese government hasasked Google to disable Google Suggest because it has been suggestingthat people search for pornography based on its analysis of the mostpopular search terms in China This comes on the heels of a fake CCTVinterview being used to support the government requirement that allnew computers ship with the 'Green Damn' Internet censoring program,which is still in force, despite reports to the contrary" The storyon the chinaSMACK site demonstrates that Chinese search engine Baidufeatures a comparable search-suggestion function, which similarlyrecommends adult-themed sites, but that the government has notattacked Baidu over the issue of pornIMAGERead more of this story at SlashdotIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/112080.shtmlhttp://www.secuobs.com/revue/news/112080.shtml 2009-06-20 19:40:39 - Rootsecure.net : acmqueue: Browser Security - Lessons from Google Chromehttp://www.secuobs.com/revue/news/111893.shtmlhttp://www.secuobs.com/revue/news/111893.shtml 2009-06-20 19:40:39 - Rootsecure.net : Network World: Google grabs 1 million phone numbers for Google Voicehttp://www.secuobs.com/revue/news/111892.shtmlhttp://www.secuobs.com/revue/news/111892.shtml 2009-06-20 19:40:39 - Rootsecure.net : H Security: New Google service helps find dodgy advertisershttp://www.secuobs.com/revue/news/111887.shtmlhttp://www.secuobs.com/revue/news/111887.shtml 2009-06-20 08:14:01 - DarkReading All Stories : 'Anti-Malvertising' lets Website owners do background checks on potentialonline advertisershttp://www.secuobs.com/revue/news/111830.shtmlhttp://www.secuobs.com/revue/news/111830.shtml 2009-06-20 00:28:17 - eWeek Security Watch : Google has revamped its Anti-Malvertising site to include moreinformation about fighting malware in online ads The site alsoincludes a custom search engine that allows users to look upinformation about advertisers for background checksIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/111755.shtmlhttp://www.secuobs.com/revue/news/111755.shtml 2009-06-20 00:21:47 - Toutes les actualités : Orange se lance dans la vidéo sur Internet L'opérateur téléphonique doitbientôt lancer un service de diffusion de vidéos en ligne, baptiséWelles Selon IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/111743.shtmlhttp://www.secuobs.com/revue/news/111743.shtml 2009-06-20 00:21:47 - Toutes les actualités : Orange se lance dans la vidéo sur Internet L'opérateur téléphonique doitbientôt lancer un service de diffusion de vidéos en ligne, baptiséWelles Selon IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/111742.shtmlhttp://www.secuobs.com/revue/news/111742.shtml 2009-06-19 18:00:14 - Wired Danger Room : Some of the Web’s leading firms are rolling out new features, toaccommodate worldwide interest in the protests in Iran — and tonot-so-subtly help out the pro-democracy movement inside the countryIran’s activists have been relying on blogs, Tweets, text messages,Facebook groups, and uploaded YouTube videos to share information withone another, and with http://www.secuobs.com/revue/news/111604.shtmlhttp://www.secuobs.com/revue/news/111604.shtml 2009-06-19 17:52:43 - News : Google promised to step up control of "vulgar" online search resultsin China late Thursday, after a government-backed arbiter warned thatits filtering of pornography was too weakread moreIMAGEhttp://www.secuobs.com/revue/news/111590.shtmlhttp://www.secuobs.com/revue/news/111590.shtml 2009-06-19 12:14:30 - Rootsecure.net : The Register: Google accused of avoiding YouTube revenueshttp://www.secuobs.com/revue/news/111517.shtmlhttp://www.secuobs.com/revue/news/111517.shtml 2009-06-19 04:52:52 - Hack In The Box : "Google China's website has not installed filters to block pornography inaccordance with the laws and regulations of our nation," the ChinaInternet Illegal Information Reporting Centre CIIRC said in astatement "A lot of overseas internet pornographic information hasspread into our nation by way of this website, seriously violatinglaws and regulations" The statement was read on state-run broadcasterChina Central Television's evening news bulletin The issue was alsothe main item on the "Focus" current events programme that follows thenews "CIIRC strongly condemns Google China and demands that itthoroughly clean up the pornographic and vulgar content on its sites,"the centre saidhttp://www.secuobs.com/revue/news/111431.shtmlhttp://www.secuobs.com/revue/news/111431.shtml 2009-06-19 04:02:45 - News : Google last month reserved 1 million phone numbers with Level 3,signaling that it may finally be ready to roll out itslong-anticipated Google Voice serviceread moreIMAGEhttp://www.secuobs.com/revue/news/111402.shtmlhttp://www.secuobs.com/revue/news/111402.shtml 2009-06-19 03:16:38 - BadwareBusters.org Most recent topics : My friends website was giving him trouble and he gave me ftp access todownload all the files… shortly thereafter, I found it to be infectedwith code There’s some malicious obfuscated javascript in “indexphp”and some kind of php exploit with “ba se 64_ dec ode $ _ POST exi t;}” as key parts of the string Any recommendations for its effectiveremoval would be appreciatedhttp://www.secuobs.com/revue/news/111393.shtmlhttp://www.secuobs.com/revue/news/111393.shtml 2009-06-18 22:30:35 - EFF.org Updates : Earlier this week, privacy and security researchers urged Google toimprove the security of Gmail, Google Docs, and Google Calendar byenabling the more secure HTTPS encryption by default As it stands,all users currently log in to Google services over HTTPS However,most conduct the remaining bulk of their online business with Google-- reading and sending email, editing spreadsheets, and recordingappointments -- over HTTP, an unsecure method that gives unfetteredaccess to attackers interested looking at your communicationsGoogle responded promptly to the letter, saying in a blog post thatthey are planning tests to investigate the performance trade-offsinvolved with always-on HTTPS for Gmail, and that the additional costof processing HTTPS connections would not keep them from implementingit across the board EFF would like to applaud Google's efforts tooffer better privacy defaults to its Gmail users, and we also urgethem to prioritize these trials in order to expedite the widespreadpublic implementation of always-on HTTPS Users should come to expectHTTPS from far more online communication services -- from webmail, tosocial networking, and even web search With constant improvements intechnology and decreasing computing costs, every provider ought toaccelerate efforts to support HTTPS for a wider variety of onlinecommunicationIn Surveillance Self-Defense, EFF encourages webmail users to alwaysuse HTTPS, whether through browser plugins like CustomizeGoogle forGmail, or by activating an "always use https" setting, if availableBut research has shown that many users don't change the defaultsettings given to them in an application or service A paper on groupcalendar software reported that around 80% of the users maintained thedefault access settings for their calendar -- whether the default wasextremely permissive or more privacy protective For something asimportant as the security of private email communications, it's clearthat encryption should be the default Users should have strongprotection right out of the starting gate for webmail and other onlineapplicationshttp://www.secuobs.com/revue/news/111335.shtmlhttp://www.secuobs.com/revue/news/111335.shtml 2009-06-18 21:48:06 - gHacks technology news : Google Books is an ambitious project to offer which allows web users tosearch through more than seven million books online Google justrecently came to an agreement with rights holders that will allow themto expand the service further Several new additions to Google Bookshave been announced yesterday that bring new features and http://www.secuobs.com/revue/news/111313.shtmlhttp://www.secuobs.com/revue/news/111313.shtml 2009-06-18 19:31:09 - Network World on Security : Google has agreed to delete some of the original, unblurred photographscaptured by its German Street View service, ceding to demands byHamburg's Data Protection Officehttp://www.secuobs.com/revue/news/111275.shtmlhttp://www.secuobs.com/revue/news/111275.shtml 2009-06-18 15:09:53 - Security Bloggers Network : http://whereistheirvotex10hostingcom/the resources at http://wwwnetvibescom/mailforlen Iranprotests areupdatedthere are about 32 deaths untill now, but they continue to marchthey are trying to stop the flow of the information on the net but theflow is too greatIMAGE IMAGE IMAGE IMAGE IMAGE IMAGEhttp://www.secuobs.com/revue/news/111179.shtmlhttp://www.secuobs.com/revue/news/111179.shtml 2009-06-18 11:36:17 - Security Bloggers Network : http://whereistheirvotex10hostingcom/the resources at http://wwwnetvibescom/mailforlen Iranprotests areupdatedthere are about 32 deaths untill now, but they continue marchthey are trying to stop the flow of the information on the netIMAGE IMAGE IMAGE IMAGE IMAGE IMAGEhttp://www.secuobs.com/revue/news/111117.shtmlhttp://www.secuobs.com/revue/news/111117.shtml 2009-06-18 00:45:33 - BadwareBusters.org Most recent topics : hello,I need some help to identify where the actual problem is on my websitewwwinterchicknetGoogle has reported it as a virus site with malware and warningbrowsersI reinstall the site from the beginnning and I have tried to contactGoogle but they have not responded yetPlease you kindly helpTNXMehttp://www.secuobs.com/revue/news/110955.shtmlhttp://www.secuobs.com/revue/news/110955.shtml 2009-06-17 22:04:31 - Latest articles from SC Magazine US : In reaction to a letter from 37 respected names in the computer securityfield, Google is considering tighter security of its web applicationsIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/110897.shtmlhttp://www.secuobs.com/revue/news/110897.shtml 2009-06-17 19:05:33 - News : What's smaller than the iPhone and thinner than the G1 It'sT-Mobile's second Android-powered phone: myTouch 3G Or at leastthat's the rumor, anyway Next week, T-Mobile is expected to announcea summer launch date for another Android-powered phone from HTC calledthe myTouch 3G, according to The Wall Street Journalread moreIMAGEhttp://www.secuobs.com/revue/news/110808.shtmlhttp://www.secuobs.com/revue/news/110808.shtml 2009-06-17 13:31:19 - Rootsecure.net : Light Blue Touchpaper: Open letter to Google "calls upon Google to honourthe important privacy promises it has made to its customers andprotect users communications from theft and snooping"http://www.secuobs.com/revue/news/110651.shtmlhttp://www.secuobs.com/revue/news/110651.shtml 2009-06-17 13:31:19 - Rootsecure.net : Google Public Policy Blog: HTTPS security for web applicationshttp://www.secuobs.com/revue/news/110650.shtmlhttp://www.secuobs.com/revue/news/110650.shtml 2009-06-17 09:48:18 - Computer Security News : Google is putting millions of users at risk of fraud from hackers andneeds to enable encryption by default on its most popular web apps,including Gmail and Google Docs, a gaggle of security researchers toldthe search giant Tuesday in an open letterhttp://www.secuobs.com/revue/news/110614.shtmlhttp://www.secuobs.com/revue/news/110614.shtml 2009-06-17 03:33:45 - Security Bloggers Network : Since we aren\'t getting proper images form Iran, we need GoogleSatellite to update images of Tehran so we can follow the protests----------------------------------------------------Added by: iranprotest on June 15, 2009, 8:46:37 am----------------------------------------------------Since the Iranian government has blocked the internet and mobile phonereception and have thrown foreign journalists out of the country andIranian journalists into jail, we can't access up to the minute imagesof the protests that are going on, even now as we speak We needGoogle to upload new images of Tehran and other cities so we canfollow the movement of protestersRight now Iran is trying to pass off this movement as a smallinsignificant protest, we need the proof that it's a nationwidemovementhttp://wwwpetitionspotcom/petitions/irangooglemap/IMAGE IMAGE IMAGE IMAGE IMAGE IMAGEhttp://www.secuobs.com/revue/news/110505.shtmlhttp://www.secuobs.com/revue/news/110505.shtml 2009-06-17 03:28:10 - News : After prompting by a group of privacy advocates, Google said Tuesdaythat it plans to test a more secure version of its Gmail service tosee if it is viableread moreIMAGEhttp://www.secuobs.com/revue/news/110501.shtmlhttp://www.secuobs.com/revue/news/110501.shtml 2009-06-17 00:05:20 - Threatpost Feed : A collection of some of the top names in the security community hassent a letter asking Google to force users of its online applicationsto use secure connections by default And Google has respondedquickly, saying that it is investigating the possibility of enablingHTTPS connections by default for users of Gmail, Google Calendar andother applicationshttp://www.secuobs.com/revue/news/110475.shtmlhttp://www.secuobs.com/revue/news/110475.shtml 2009-06-16 23:56:54 - Security for the Masses : Academics call for Google security for Cloud servicesRead the post here Read the letter hereIMAGEhttp://www.secuobs.com/revue/news/110469.shtmlhttp://www.secuobs.com/revue/news/110469.shtml 2009-06-16 23:25:29 - Internet Security News : Earlier today, 38 security experts sent an open letter to Googleconcerning the security and privacy afforded by Gmail, Google Docs,and Google Calendar The search giant responded soon after with a blogpost, and it appears to represent almost exactly what the expertswanted to hearExperts, Google Discuss More Secure GmailExperts, Google Discuss More Secure GmailIMAGEFirst, let's look at the semi-complaint It basically expressesdispleasure over the fact that HTTPS encryption technology, whileavailable as an option, isn't a default feature across all of Google'sofferings Jacob Appelbaum of the Tor Foundation, Ian Brown of Oxford,Benjamin Edelman of Harvard, Robert Hansen of SecTheory, and BruceSchneier of the BT Group signed itAlma Whitten, a software engineer on Google's Security et PrivacyTeams, responded by writing on the Google Online Security Blog, "Free,always-on HTTPS is pretty unusual in the email business, particularlyfor a free email service, but we see it as an another way to make theweb safer and more useful In fact, we're currently looking intowhether it would make sense to turn on HTTPS as the default for allGmail users"One sticking point, according to Whitten, is speed - Google intends totest whether or not people will find a safer-but-slower Gmailacceptable Different regions' and networks' responses to HTTPS willalso be examinedYet the key point is that Google does mean to test turning on HTTPS bydefault, which is a rather big deal Indeed, the pressure will reallybe on other email providers note Whitten's "pretty unusual" commentto catch up if Google pulls this offIMAGEIMAGE IMAGE IMAGE IMAGE IMAGEhttp://www.secuobs.com/revue/news/110448.shtmlhttp://www.secuobs.com/revue/news/110448.shtml 2009-06-16 23:23:57 - SecGuru : Microsoft's chief software architect has branded Google's Wavecollaboration effort as "anti-web"Ray Ozzie told a speaking engagement in California late last week thatWave violates a principle he currently holds dear - that complexity isthe enemy of the web Ozzie said the open web relies on open dataformats and protocols, not opaque packages and payloads being tunneledacross the web - yes, that was Microsoft saying thatHe did not explain exactly how he believed Wave to be complex, butrather Ozzie suggested Wave would rely on open-source because withoutit, Google's collaboration platform would be too complicated for thoseoutside the company to implementOriginal news sourceIMAGEIMAGEIMAGE IMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/110440.shtmlhttp://www.secuobs.com/revue/news/110440.shtml 2009-06-16 23:15:41 - The Tech Herald Security News : In a six page letter, signed by 36 experts in computer science,information security, and privacy law, Google was asked to toughentheir security practices on behalf of the user The letter says thatthe best way to protect the user and their communications from theftand snooping while using GMail, Docs, and Calendar, was to enforceHTTPS and enable it by defaulthttp://www.secuobs.com/revue/news/110414.shtmlhttp://www.secuobs.com/revue/news/110414.shtml 2009-06-16 22:47:48 - Ivan Ristić : A group of 38 researchers and privacy advocates sent a letter to Googleasking it to enable SSL encryption by default in all its applicationsGoogle has had the always-use-SSL option for a while but, since thefeature is disabledhttp://www.secuobs.com/revue/news/110410.shtmlhttp://www.secuobs.com/revue/news/110410.shtml 2009-06-16 20:42:11 - Rootsecure.net : CNN: Google's censorship struggles continue in Chinahttp://www.secuobs.com/revue/news/110396.shtmlhttp://www.secuobs.com/revue/news/110396.shtml 2009-06-16 20:42:11 - Rootsecure.net : The Register: Google to delete Street View source imageshttp://www.secuobs.com/revue/news/110392.shtmlhttp://www.secuobs.com/revue/news/110392.shtml 2009-06-16 20:33:10 - Light Blue Touchpaper : I am one of 38 researchers and academics almost all of whom are far moreimportant and famous than I will ever be, who has signed an OpenLetter to Google’s CEO, Eric Schmidt The letter, whose text isreleased today, calls upon Google to honour the important privacypromises it has made to its customers http://www.secuobs.com/revue/news/110385.shtmlhttp://www.secuobs.com/revue/news/110385.shtml 2009-06-16 19:55:09 - Packet Storm Security Headlines : http://www.secuobs.com/revue/news/110355.shtmlhttp://www.secuobs.com/revue/news/110355.shtml 2009-06-16 18:54:30 - BadwareBusters.org Most recent topics : Hi allI’ve just recieved message from Google saying they’ve put me on awarnig list It says it’s a adencypl address, though I’m not using itfor anything – I use sub-domain fotoadencypl I’ve put clean back-upcopy on the site and changed FTP passowrd Could somebody tell mewhere to look for the problem – ie point me at the tool which willshow me what files hav been compromisedYour help is much appreciated,Petehttp://www.secuobs.com/revue/news/110278.shtmlhttp://www.secuobs.com/revue/news/110278.shtml 2009-06-16 18:54:30 - BadwareBusters.org Most recent topics : Hi,We allready checked the site source code It’s clear : Here is no anyreason for blockingWe send review request at stopbadwareorg and we are waiting Couldsomeone help us to make this process more quickhttp://www.secuobs.com/revue/news/110276.shtmlhttp://www.secuobs.com/revue/news/110276.shtml 2009-06-16 15:33:10 - TrendLabs Malware Blog by Trend Micro : A recent set of spam emails were seen abusing yet another Google searchfeature: The URL in the spam email above uses the search featureq=site: in order to direct the user clicking on the link to a Googleresults page returning the spam site: What works in the spammersadvantage is Google displays the first few Post from: TrendLabs | Malware Blog - by Trend MicroAnother Google Search Feature Abusedhttp://www.secuobs.com/revue/news/110218.shtmlhttp://www.secuobs.com/revue/news/110218.shtml 2009-06-16 07:14:38 - BadwareBusters.org Most recent topics : hello,I need some help to identify where the actual problem is on my testwebsitewwwfashionfuturecomau/test Google has reported it as a virus sitewith malware and warning browsers I have tried to contact Google butthey have not responded yetPlease helphttp://www.secuobs.com/revue/news/110112.shtmlhttp://www.secuobs.com/revue/news/110112.shtml 2009-06-16 03:07:32 - BadwareBusters.org Most recent topics : I have no idea why I got Google Safe browsing alert on two of mywebsiteswwwrqbanquetescomwwwbradigancommxthe sites are CLEANthey haven’t been modified in a while, and both of them just appearedas possible malware infectedI have no idea where to start I have several more sites on the sameserver and only those appear to have the problemhttp://www.secuobs.com/revue/news/110029.shtmlhttp://www.secuobs.com/revue/news/110029.shtml 2009-06-16 00:38:03 - Rootsecure.net : Out Law: Google to delete Street View source images at privacy watchdogs'requesthttp://www.secuobs.com/revue/news/110024.shtmlhttp://www.secuobs.com/revue/news/110024.shtml 2009-06-16 00:30:04 - Silent noise : Interesting Checking it outFake antivirus via Google checkoutMaybe more laterhttp://www.secuobs.com/revue/news/110023.shtmlhttp://www.secuobs.com/revue/news/110023.shtml 2009-06-15 23:05:48 - BadwareBusters.org Most recent topics : For two months now we have been trying to get a Google Safe browsingalert off this page wwwprescottedu/jobs – the site is clean – wemonitor it constantly and have put in several reconsideration requeststhrough Google Webmaster tools – yet the alert is still there eventhough it states no malware or suspicious behavior in the last 90days Any solutions/suggestionshttp://www.secuobs.com/revue/news/109961.shtmlhttp://www.secuobs.com/revue/news/109961.shtml 2009-06-15 21:37:28 - Rootsecure.net : Google Blog: CIA adopting Web 20 tools despite resistancehttp://www.secuobs.com/revue/news/109953.shtmlhttp://www.secuobs.com/revue/news/109953.shtml 2009-06-15 19:34:31 - BadwareBusters.org Most recent topics : Hello,Two different sites I host have been marked blocked by google andfirefox When going to the detail page they give me no specifics onthe page They say there is only a few I have looked, downloaded thewhole site Looked at most my data in mysql and find nothing I haverequested a rescan and when I go to my webmaster tools that indicatedthat the site has been cleared and will need some time to propogateBut this is about a week ago and it still has not And the currentscans still say there are a few pages that are in error Any help inlocating the error would be great If I could have a page that wouldhelp It says the offending site is hightstatsnet/ Can’t find a linkanywhere in my siteDetails:site: nexttripsbc-incnetjoomla siteSite is used as a normal iframe in another site could this be why itis flagged That site is fineIf someone can help point me in the right direction that would begreat Also would be willing to hire a service that would help withthis problemThanks so much,Davehttp://www.secuobs.com/revue/news/109834.shtmlhttp://www.secuobs.com/revue/news/109834.shtml 2009-06-15 10:10:51 - Rootsecure.net : c|net: Does Microsoft's Bing have Google running scaredhttp://www.secuobs.com/revue/news/109701.shtmlhttp://www.secuobs.com/revue/news/109701.shtml 2009-06-15 06:26:42 - BadwareBusters.org Most recent topics : Hi all, looking for some help with removing a virus/attack from mysitesI own a couple of sites based on two different servers, all sites onboth servers have been hacked and have had malicious code insertedinto them This code only seems to get injected into my index filesfor each directory one level deep max and even when all inserts areremoved it appears again and againGoogle tagged my site as harmful, i removed the code, reuqested areview which was given, and the harmful tag was removed from me,however 2 days later the malicious code was back and Google has taggedme as harmful againOn the server / coding part of things im very green so please begentle in any recommendations, iv included my access log forinspection as searches on this subject have shown this to be helpfulto you guys, so i hope you can tell me what steps to take to stopthese bstrds getting back into my sitesACCESS LOG:2041536170 – - 14/Jun/2009:16:55:51 0400 “GET /phpmyadmin/INSTALLHTTP/11” 404 297 "" “M Fucking Scanner”2041536170 – - 14/Jun/2009:16:55:51 0400 “GET /myadmin/INSTALLHTTP/11” 404 294 "" “M Fucking Scanner”2041536170 – - 14/Jun/2009:16:55:51 0400 “GET /admin/INSTALLHTTP/11” 404 292 "" “M Fucking Scanner”2041536170 – - 14/Jun/2009:16:55:51 0400 “GET /phpMyAdmin/INSTALLHTTP/11” 404 297 "" “M Fucking Scanner”2191536661 – - 14/Jun/2009:19:19:06 0400 “GEThttp://wwwaccessteamscom/proxyheaderphp HTTP/11” 404 300 ""“Mozilla/40 compatible; MSIE 60; Windows NT 51”2088019537 – - 14/Jun/2009:21:46:52 -0400 “GET / HTTP/10”200 3275 “-” "Mozilla/40 compatible; MSIE 70; Windows NT 60; SV1;SLCC1; NET CLR 2050727; Media Center PC50; NET CLR 3004320"Thankyou in advance for any help / replieshttp://www.secuobs.com/revue/news/109683.shtmlhttp://www.secuobs.com/revue/news/109683.shtml 2009-06-15 04:44:08 - Hack In The Box : Microsoft may have developed a contender that threatens Google's Websearch dominance In a story headlined "Fear grips Google," the NewYork Post reports that the launch of Microsoft's Bing search enginehas so upset Google co-founder Sergey Brin that he has top engineersworking on "urgent upgrades" to Google's service Brin is said to beleading a team to determine how Microsoft's search algorithm differsfrom the closely guarded one Google employs The tabloid also notesthat it's rare for Google's co-founders to have such a hands-oninvolvement in the company's daily operations "New search engineshave come and gone in the past 10 years, but Bing seems to be ofparticular interest to Sergey," an anonymous source described as an"insider" to the newspaper A Google spokesperson declined to commenton the level of Brin's involvement but did tell the newspaper that thecompany always has a team working on improving searchhttp://www.secuobs.com/revue/news/109664.shtmlhttp://www.secuobs.com/revue/news/109664.shtml 2009-06-13 22:19:01 - BadwareBusters.org Most recent topics : We found a virus at this link Avoid :::##Lake Foest School District Minnesota Hochheimautomobile …Lake foest school district minnesota I have no idea what the schoolare like, … school in rail trail hudson ma railroad ties for sale inminnesota rain …oafiredx2ynet/uighercanenahtml – 13 hours ago – Similarhttp://www.secuobs.com/revue/news/109403.shtmlhttp://www.secuobs.com/revue/news/109403.shtml 2009-06-13 11:25:06 - Rootsecure.net : Lifehacker: Google Wave Questions and Answershttp://www.secuobs.com/revue/news/109353.shtmlhttp://www.secuobs.com/revue/news/109353.shtml 2009-06-13 10:17:52 - BadwareBusters.org Most recent topics : so every time i check my gmail my computer gets 2 tracking cookies perevery time i even open my google home page what should i dohttp://www.secuobs.com/revue/news/109335.shtmlhttp://www.secuobs.com/revue/news/109335.shtml 2009-06-13 05:15:16 - BadwareBusters.org Most recent topics : On June 11 Google listed my site “This site may be distributingmalware” customer started calling us and our sales dropped off Wehad our hosting service restore the site from about 2 weeks ago, whenthey think this may have started because of a compromised FTP accountWe requested a review through Google toolbox, and now it says: Site islisted as suspicious – visiting this web site may harm yourcomputerThe last time Google visited this site was on 2009-06-12, andthe last time suspicious content was found on this site was on2009-06-11So it is now June 12, and they reviewed it, but still listing it asbad Does this mean that there are still files on there that are badHow can we find out if there are still bad files on there, we changedthe passwords and restored the site to a previously un-infectedversion supposedly Help thanks,http://www.secuobs.com/revue/news/109278.shtmlhttp://www.secuobs.com/revue/news/109278.shtml 2009-06-12 21:29:21 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/109154.shtmlhttp://www.secuobs.com/revue/news/109154.shtml 2009-06-12 20:09:06 - PenTestIT : You all must be aware of Google as the ‘hackers best friend‘ It playsan important role in reconnaissance You can find a lot of dorks forall those web applications, etc There are tonnes of Google enabled,applications which let you do it all But, when a name like cDc, shortfor Cult of http://www.secuobs.com/revue/news/109151.shtmlhttp://www.secuobs.com/revue/news/109151.shtml 2009-06-12 19:45:50 - Les derniers documents du CERTA. : Deux vulnérabilités dans Google Chrome, dont une permettant l'exécutionde code arbitraire à distance, ont été corrigéeshttp://www.secuobs.com/revue/news/109140.shtmlhttp://www.secuobs.com/revue/news/109140.shtml 2009-06-12 16:56:55 - SANS Internet Storm Center, InfoCON green : Google has released an update for Chrome, their own web browser Fromtheir advisory here: Goo morehttp://www.secuobs.com/revue/news/109042.shtmlhttp://www.secuobs.com/revue/news/109042.shtml 2009-06-12 13:54:15 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/108981.shtmlhttp://www.secuobs.com/revue/news/108981.shtml 2009-06-12 12:31:37 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans Google Chrome, qui pourrait êtreexploitée par des personnes malintentionnées pour potentiellementcompromettre le système d'un utilisateurhttp://www.secuobs.com/revue/news/108969.shtmlhttp://www.secuobs.com/revue/news/108969.shtml 2009-06-12 10:19:43 - Rootsecure.net : The Huffington Post: Why Google Bothered to Appeal a $761 Small ClaimsCase and Wonhttp://www.secuobs.com/revue/news/108947.shtmlhttp://www.secuobs.com/revue/news/108947.shtml 2009-06-12 04:39:36 - Security for the Masses : The ZeroDay blog reports that Google has patched the Chrome WebKit fortwo serious vulnerabilities, the most serious:"A memory corruption issue exists in WebKit’s handling of recursion incertain DOM event handlers Visiting a maliciously crafted website maylead to a tab crash or arbitrary code execution in the Google Chromesandbox This update addresses the issue through improved memorymanagement"See ZeroDayIMAGEhttp://www.secuobs.com/revue/news/108895.shtmlhttp://www.secuobs.com/revue/news/108895.shtml 2009-06-12 04:20:53 - News : Google has released an early version of a new type of database whoseapproach to data management will be revolutionary, according to ananalyst who has studied the technology behind itread moreIMAGEhttp://www.secuobs.com/revue/news/108857.shtmlhttp://www.secuobs.com/revue/news/108857.shtml 2009-06-12 01:36:01 - Toutes les actualités : L'objectif de la technologie proposée par Google cette semaine est defaire en sorte que les utilisateurs quittent Exchange Avec cettetechnologie IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/108774.shtmlhttp://www.secuobs.com/revue/news/108774.shtml 2009-06-12 01:36:01 - Toutes les actualités : L'objectif de la technologie proposée par Google cette semaine est defaire en sorte que les utilisateurs quittent Exchange Avec cettetechnologie IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/108771.shtmlhttp://www.secuobs.com/revue/news/108771.shtml 2009-06-11 23:42:32 - EFF.org Updates : There is mounting concern in some quarters that the Google Book Searchsettlement see previous posts here, here, and here could haveanticompetitive effects Everyone including Google seems to agreethat, all else being equal, we shouldn't want a world where Google isthe only entity that is scanning and providing online access to books,particularly the majority of out-of-print books whose owners can't befound ie, "orphan works"So what would be necessary to create a marketplace with an opportunityfor real competition Obviously, entities other than Google will haveto be able to get the same kind of blanket copyright license oncomparable terms Unfortunately, the proposed settlement makes Googlethe only company that can get a blanket license that covers orphanworks — that issue has received considerable attentionBut those who are worried about market entry and long-term competitionin this arena should also be thinking about another thing competitorsneed: access to the scans themselvesThe raw scans themselves should not be subject to copyright protectionBut if Google hoards the scans, preventing bulk copying with eitherlegal or technical measures, then competitors will be forced to spendmillions to re-scan the very same books in order to compete withGoogle This not only is a barrier to entry, but also entails enormouslong-term social waste — do we really want a world where every bookneeds to be re-scanned, over and over, by anyone who wants to enterthis marketOf course, Google and anyone else who wants to undertake theexpensive task of scanning books should be entitled to someopportunity to recoup their costs But it's hard to see why thatshould translate into an eternal barrier to entry for others It makesno sense to require the 5th or 10th or 99th newcomer to spend millionsto scan books that have already been scanned multiple timesOne good compromise might be to require that anyone who takes ablanket license whether under the Google Book Search settlement, orunder any legislation that might expand the settlement to others mustdeposit a copy of the raw scans that they create with the Library ofCongress or with the entity that administers the blanket licenseeg, the Books Rights Registry After a period of years, let's say14, the term of the Founder's Copyright, those scans should be madeavailable at no cost to any others who take the relevant copyrightlicensesThis would not only encourage market entry and competition in theonline digital books arena, but would also foster innovation in thefield There's nothing that encourages digital innovation quite likeaccess to an enormous dataset After all, before Larry Page and SergeyBrin founded Google, they were graduate students at Stanford Theywere able to build a new search engine by downloading their own copyof the web, messing around with it, and figuring our a betteralgorithm for querying it New start-ups working with digital booksshould have the same kind of opportunityIt makes no economic sense for us to force every future pair ofgraduate students who want to experiment with the book dataset tospend those hundreds of millions of dollars before they can launchtheir new startup On the other hand, Google deserves some fair rewardfor navigating the obstacles and getting the books scanned Acompromise like a 14-year escrow rule might be just the way to achievethathttp://www.secuobs.com/revue/news/108752.shtmlhttp://www.secuobs.com/revue/news/108752.shtml 2009-06-11 23:10:50 - Toutes les actualités : L'objectif de la technologie proposée par Google cette semaine est defaire en sorte que les utilisateurs quittent Exchange Avec cettetechnologie IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/108710.shtmlhttp://www.secuobs.com/revue/news/108710.shtml 2009-06-11 22:54:26 - Latest articles from SC Magazine US : Google Chrome was updated Wednesday to fix security issues in the WebKitweb browser engine Meanwhile, Google withdrew updates for adevelopment Chrome version soon after releaseIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/108702.shtmlhttp://www.secuobs.com/revue/news/108702.shtml 2009-06-11 20:57:08 - gHacks technology news : Google today announced the public alpha release of their new datamanagement product Google Fusion Tables that focuses on fusing datamanagement and collaboration by offering means to merge multiple datasources and to query, visualize, discuss and publish the data on theInternet Users with a Google account, for example one from a Gmailaccount, http://www.secuobs.com/revue/news/108662.shtmlhttp://www.secuobs.com/revue/news/108662.shtml 2009-06-11 18:56:15 - Threatpost Feed : From The H SecurityA vulnerability in WebKit can be exploited by an attacker to crash atab or execute arbitrary code in Google Chrome due to a memorycorruption issue in WebKit's handling of recursion in certain DOMevent handlers For an attack to be successful, a victim must firstvisit a maliciously crafted website The malicious code, however, willbe sandboxed, limiting the damage that an attacker can do whenexploiting the vulnerability Nonetheless, Google considers thevulnerability to be a high risk Read the full story h-onlinecomhttp://www.secuobs.com/revue/news/108593.shtmlhttp://www.secuobs.com/revue/news/108593.shtml 2009-06-11 18:38:33 - Zero Day : Google has shipped a Chrome browser update to fix two serious securityissues in WebKit According to Google Chrome program manager MarkLarson, the most serious of the two flaws could allow hackers toexecute harmful code in the browser’s sandbox It is rated “highseverity” From Google’s advisory: A memory corruption issue exists inWebKit’s IMAGEhttp://www.secuobs.com/revue/news/108567.shtmlhttp://www.secuobs.com/revue/news/108567.shtml 2009-06-11 14:03:59 - Security Response Weblog : Attackers often use search engines to deliver malware Earlier wereported that Yahoo-sponsored search results were used to promotemisleading applications Also, attackers reportedly abused Googleadvertisement services in order to push out misleading applicationshttp://www.secuobs.com/revue/news/108477.shtmlhttp://www.secuobs.com/revue/news/108477.shtml 2009-06-11 11:32:58 - Rootsecure.net : H Security: Google closes vulnerabilities in Chrome 2 "A vulnerability inWebKit can be exploited by an attacker to crash a tab or executearbitrary code in Google Chrome"http://www.secuobs.com/revue/news/108428.shtmlhttp://www.secuobs.com/revue/news/108428.shtml 2009-06-11 00:21:26 - Security Bloggers Network : Here is a link to an interesting post from Preston Gralla over atComputerWorld regarding privacy concerns he sees with the new GoogleVoice service and I wholeheartedly agree The service allows you tohave one Google supplied phone number that can be linked to all ofyour existing phone numbers and gives you voice http://www.secuobs.com/revue/news/108221.shtmlhttp://www.secuobs.com/revue/news/108221.shtml 2009-06-10 22:35:32 - Syn : Whilst looking at the security of a web application today I was able toextract the usernames and passwords using SQL Injection, which wasnice Well being a bit of a newbie after I got the passwords I wasconfused about the encoding/encryption I managed to figure it out byusing the encoding page on Cleznet and by encoding/decoding one ofthe password that I knew the cleartext of my test account It wasusing Base64 reversed I also noticed that many of the passwords were=Qmcvd3czFGc which decoded to password after reversing itNow the accidental bitMy friend Bob got to hear of this and decided to Google the reverseBase64 string "=Qmcvd3czFGc" He got a few hits, but the first resultwas real interestingIt seems his fist hit returned email addresses, login names, weirdstrings that might be base64 reverse encoded passwords he'll lookinto that later I imagineThen Bob put his Google Fu to work Seeing that the site had someinteresting details available to just about anyone he wondered justhow much Google had indexedsite:yimwhancom filetype:txt intext:passwordOh dearwithin seconds Bob found a password Surely it was old andprobably not active anymoreWell we all know Bob, his curiosity gets the better of himBob just couldn't help himself could heI think this clearly demonstrates that anything you send can andprobably will be picked up by Google and someone like Bob might juststumble across it at some time in the futureIMAGEhttp://www.secuobs.com/revue/news/108189.shtmlhttp://www.secuobs.com/revue/news/108189.shtml 2009-06-10 22:12:18 - News : The DOJ has stepped up its review of a deal that would settle alawsuit publishers and authors filed against Google over the latter'sbook search engine, according to published reportsread moreIMAGEhttp://www.secuobs.com/revue/news/108161.shtmlhttp://www.secuobs.com/revue/news/108161.shtml 2009-06-10 19:12:38 - BadwareBusters.org Most recent topics : This is my conversation in another post I decided to include it inthe first post to speed things upCuda said:What if google gets a false positive Then marks your page is infectedwhen it isn’tKaleh said:It is my understanding that false positives are rare But if someonereally believes it is an issue of a false positive, that’s when theyshould ask for a review through StopbadwareorgMore often than not, the more challenging issues are because themalware is getting sneakier and sneakier and only presents itselfrandomly, or under certain sets of circumstances Sometimes it isbecause of an issue on the server that the web-host needs to beinvolved with, if you can convince them to take a close enough lookCuda said;Thank you for your help Kaleh, And I would consider a private reviewDo you mean that the malicious code will only present itself to theweb surfer “randomly or under certain circumstances” or will only showup on the web html randomlyWhat would you conceder to be an issue on the server; other siteshosted on the server have been infected and so the hosting serveritself is being listed, or the code is propagating itself thru themachine to other site pagesAnd if you mean that the hosting group should take a closer look, theydid and found that our web page code had not been altered in monthsnot even after we were listed and then cleared We also own com andnet for our page and they both resolve to the same web page The comwas listed but the net was notKaleh said;There are others who could provide more detail about the variety ofcircumstances that can occur You would probably get greater exposureand assistance if you start your own conversation with more detailsabout what you are experiencingIt helps others to help you if you can provide your URL However, ifyou are not comfortable doing so, you will want to review thefollowing articles:Tips for Cleaning et Securing yourWebsitehttp://wwwstopbadwareorg/home/securityHow to remove the ‘This site may harm your computer’http://25yearsofprogrammingcom/blog/20071223htmAt the minimum, you may want to provide the names of the domains thatare listed in your Google SafeBrowsing Diagnostic reportCuda said:I have 1 domain listed "googleanalytlcsnet/ "And one network that is a name that I don’t recognize but inparentheses is my hosting company nameBelow there are two statements;did not appear to function as an intermediary for the infection of anysitesNo, this site has not hosted malicious software over the past 90 dayshttp://www.secuobs.com/revue/news/108065.shtmlhttp://www.secuobs.com/revue/news/108065.shtml 2009-06-10 17:04:13 - News : In another move by Google Inc to woo enterprises to its hostedsoftware, the company today unveiled Google Apps Synch for MicrosoftOutlookread moreIMAGEhttp://www.secuobs.com/revue/news/108016.shtmlhttp://www.secuobs.com/revue/news/108016.shtml 2009-06-10 14:04:57 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107960.shtmlhttp://www.secuobs.com/revue/news/107960.shtml 2009-06-10 12:47:17 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Deux vulnérabilités ont été identifiées dans Google Chrome, quipourraient être exploitées par des personnes malintentionnées pourdivulguer des informations sensibles ou potentiellement compromettrele système d'un utilisateurhttp://www.secuobs.com/revue/news/107905.shtmlhttp://www.secuobs.com/revue/news/107905.shtml 2009-06-10 04:49:37 - News : Google Tuesday unveiled synchronization technology that supportsMicrosoft Outlook as the front end to Gmail, giving users an option toscrap Exchange on the back end while allowing users to keep theirfamiliar desktop clientread moreIMAGEhttp://www.secuobs.com/revue/news/107803.shtmlhttp://www.secuobs.com/revue/news/107803.shtml 2009-06-09 23:59:57 - La Citadelle Electronique Identité numérique et authentification forte : Usurpation de votre identité: réalité ou fiction Dans la série CookBook, voici un guide qui vous explique commentprotéger l'accès à vos réseaux sociaux en sécurisant son couple"username password"L'idée est de mettre en œuvre la solution SeatBelt de Verisign Celogiciel est capable de faire du Secure SSO Il est basé sur uneauthentification forte pas certificat numérique X509 Ce certificatpeut être stocké soit sur votre ordinateur ou sur un support hadwareToken CryptographiqueLe protocole utilisé pour l'authentification forte est OpenID Unefois authentifié de manière forte sur l'IDP de Verisign, il estensuite possible de se connecter sur ces sites, comme Google,Facebook, Linkedin, etcSi vous aussi, vous ne voulez pas que quelqu'un usurpe votre identitécette solution est un 1er pas dans le sens de la sécuritéBonne lecture de ce guideIMAGEhttp://www.secuobs.com/revue/news/107712.shtmlhttp://www.secuobs.com/revue/news/107712.shtml 2009-06-09 23:17:44 - BadwareBusters.org Most recent topics : http://wwwforward-insightscomwe think the hosting at godaddy was compromised but dont see anythingharmfulcan you help http://www.secuobs.com/revue/news/107675.shtmlhttp://www.secuobs.com/revue/news/107675.shtml 2009-06-09 19:09:42 - News : Google has brought out a translator toolkit that combines thecompany's machine translation technology with online tools formanually editing contentread moreIMAGEhttp://www.secuobs.com/revue/news/107543.shtmlhttp://www.secuobs.com/revue/news/107543.shtml 2009-06-09 18:45:43 - BadwareBusters.org Most recent topics : I was added to the malware list recently I created a site for aclient and now his site is down I tried looking for anything awry andhave found nothing, I contacted my host and nothing as well I dontknow what to do, my site is wwwimpresionesnuevomundocom Thank youfor your help in advance :http://www.secuobs.com/revue/news/107514.shtmlhttp://www.secuobs.com/revue/news/107514.shtml 2009-06-09 04:49:49 - News : Expectations are running high for an event Google will hold on Tuesdayto announce enhancements to the business-oriented Premier edition ofits Apps collaboration and communication suiteread moreIMAGEhttp://www.secuobs.com/revue/news/107248.shtmlhttp://www.secuobs.com/revue/news/107248.shtml 2009-06-09 03:32:44 - Hack In The Box : Microsoft's chief software architect has branded Google's Wavecollaboration effort as "anti-web" Ray Ozzie told a speakingengagement in California late last week that Wave violates a principlehe currently holds dear - that complexity is the enemy of the webOzzie said the open web relies on open data formats and protocols, notopaque packages and payloads being tunneled across the web - yes, thatwas Microsoft saying that He did not explain exactly how he believedWave to be complex, but rather Ozzie suggested Wave would rely onopen-source because without it, Google's collaboration platform wouldbe too complicated for those outside the company to implementhttp://www.secuobs.com/revue/news/107223.shtmlhttp://www.secuobs.com/revue/news/107223.shtml 2009-06-08 22:17:20 - gHacks technology news : You do not get a blank page whenever you open a new tab in the Googlebrowser Google Chrome displays thumbnails of the most visitedwebsites together with a search function and a list of recently closedpages which can be a great time saver if the user intents to open awebsite that is http://www.secuobs.com/revue/news/107128.shtmlhttp://www.secuobs.com/revue/news/107128.shtml 2009-06-08 19:41:25 - MX Logic Security News : A recent report from web security researchers identifying the domainBeladennet as having infected 40,000 websites appears to have beenoverblown According to the Google security blog, Google hasidentified only 3,500 sites infected by BeladenGoogle said its scans of the web have uncovered more than 4,000 sitesthat appear to have been set up for distributing malware - 1,400 ofwhich are located in ChinaThe top 10 domains included Gumblarcn, which infected 60,000 websitesbefore the domain was moved to a UK site called Martuz, which hasinfected another 35,000All of the domains on Google's top 10 list have compromised more than10,000 websites The domain googleanalyticsnet, which like severalother malware sites spoofs a legitimate Google site, had infectedaround 20,000 sitesResearchers said Beladen also uses a domain name similar to thelegitimate Google Analytics domain to record the users' browsingstatistics for the attacker Beladen's 3,500 infected sites ranked itonly 124 on the list, Google saidSecurity researchers last week likened these mass infection sites tobotnets of infected websitesADNFCR-1765-ID-19208057-ADNFCRhttp://www.secuobs.com/revue/news/107015.shtmlhttp://www.secuobs.com/revue/news/107015.shtml 2009-06-08 17:43:46 - gHacks technology news : You sometimes encounter websites or text on the Internet, in emails or indocuments on your computer desktop that are written in a language thatyou either do not understand completely or have only a limitedknowledge of Automatic translation services are one of the mostcomfortable and fastest ways of translating these information intohttp://www.secuobs.com/revue/news/106981.shtmlhttp://www.secuobs.com/revue/news/106981.shtml 2009-06-08 15:28:08 - Security Bytes : Google maps integration looks cool, but in this tough global economy aresoftware vendors going to spend the money needed to pursue offendersVi Laboratories, Inc, is adding Google maps to its CodeArmorIntelligence piracy threat software Independent software vendors canuse the company’s software by integrating it into the software releaseprocess If the http://www.secuobs.com/revue/news/106928.shtmlhttp://www.secuobs.com/revue/news/106928.shtml 2009-06-08 04:35:18 - Slashdot Your Rights Online : An anonymous reader writes "Google has recently added FFMpeg to Chrome tobetter support HTML5's video element FFMpeg is licensed under LGPL21 which states that 'if a patent license would not permitroyalty-free redistribution of the Library by all those who receivecopies directly or indirectly through you, then the only way you couldsatisfy both it and this License would be to refrain entirely fromdistribution of the Library' Google admits to having obtained apatent license for their use, but still claims they are not violatingLGPL Among the confused we find Håkon Wium Lie and Miguel de Icaza,who wonders what FSF might say Google doesn't feel like asking FSFfor clarification"IMAGERead more of this story at SlashdotIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/106774.shtmlhttp://www.secuobs.com/revue/news/106774.shtml 2009-06-08 02:59:44 - ZATAZ News : Rajeev Motwani, professeur d'informatique américain, est décédé Il ajoué un rôle clé dans la création de Googlehttp://www.secuobs.com/revue/news/106767.shtmlhttp://www.secuobs.com/revue/news/106767.shtml 2009-06-07 21:17:26 - BadwareBusters.org Most recent topics : My website has been labelled ‘This site may harm your computer’ inGoolge searchUsing Google Safe Browsing Diagnostics, I get the following:“Of the 43 pages we tested on the site over the past 90 days, 3pages resulted in malicious software being downloaded and installedwithout user consent The last time Google visited this site was on2009-06-05, and the last time suspicious content was found on thissite was on 2009-06-05Malicious software is hosted on 1 domains, includingdirectseekorg/This site was hosted on 1 networks including AS8560 SCHLUND"How do I get rid of this Thank you all in advance for your helphttp://www.secuobs.com/revue/news/106721.shtmlhttp://www.secuobs.com/revue/news/106721.shtml 2009-06-07 10:06:22 - Sunnet Beskerming Security Advisories : Google's Online Security Blog published some information regarding thenumber of potentially malicious sites that appear to have been set upfor distributing malware Of the more than 4,000 sites that they haveidentified, more than a quarter are registered under a cn hostnameand there were several that tried to play on Google services to trickusers into thinking that they were legitimateBased on the chart presented in the post, it seems that the bestopportunity to avoid detection and blacklisting by Google is to selecta non cn domain, and to pick a name that is inoffensive and bland anddoesn't correlate to any pre-existing service that it plainly isn'tFrom the chart, it seems that orgsiteinfo had the greatest level ofsuccess, both in terms of the length of time before being added to themalware list, and with the number of people reached before beingaddedJust because a site is added to Google's malware list doesn't meanthat it is going to fade from significance Gumblar's recent and rapidrise to prominence, including not peaking until well after being addedto Google's malware list highlights this succinctly It reflects thegrowing number of sites that Google has identified as being infectedwith the Gumblar malware, all of which points back to the problematicgumblarcn domain Almost all of the sites flagged by Google aspointing towards gumblarcn would be legitimate websites that havebeen compromised by a group or groups as part of a widespread Internetattack that is being used to distribute malware to Windows PCs thoughit could always easily be repurposedIMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/106660.shtmlhttp://www.secuobs.com/revue/news/106660.shtml 2009-06-07 05:29:25 - SecGuru : * Offers hands-on tips and numerous code examples that show Webdevelopers how to leverage content and feeds from today's top Websites-including Google, eBay, PayPal, Amazon, Yahoo, and FedEx* Introduces APIs Application Program Interfaces in general anduses real-world examples that show how to produce and documentthem* Explains how to use the popular scripting language PHP to createAPIs that interact with unrelated applications over the Web* Examples take readers through each stage of the API process, frombasic test implementations to integration with existing sitesIMAGEIMAGEIMAGE IMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/106630.shtmlhttp://www.secuobs.com/revue/news/106630.shtml 2009-06-07 00:06:40 - gHacks technology news : So the developers of Google Chrome have released a “developer only”version of Chrome saying you should NOT install it unless you are adeveloper They warn you short of saying that the developer release ofGoogle Chrome will ruin your love life, steal your cash, and flirtwith your mother With this warning I http://www.secuobs.com/revue/news/106593.shtmlhttp://www.secuobs.com/revue/news/106593.shtml 2009-06-06 11:09:45 - BadwareBusters.org Most recent topics : Hi,i am administrator of wwwkayavloncom my site was infected withmalware now i have fixed the error and clean the website now thereis no virus i have also submitted website to webmaster tool ofgoogle now can anyone please tell me, is there any other way to makefast review request or any procedure to make my site onlinefastbecause google webmaster tool takes savaral week to review andrescanhttp://www.secuobs.com/revue/news/106493.shtmlhttp://www.secuobs.com/revue/news/106493.shtml 2009-06-06 11:09:45 - BadwareBusters.org Most recent topics : When I do a google search for “ton photography,” my website link isredirecting to tubepornolivecom A fake scan comes up indicating Ihave viruses on my computer and asks me to download stuff I know thisis not true because I am starting out with a clean installation of XPHow can I get rid of this problem on google search I have reportedthis problem through google webmaster tools What else can I doPlease help as my business is affected when potential client is usinggoogle to search for my businesshttp://www.secuobs.com/revue/news/106491.shtmlhttp://www.secuobs.com/revue/news/106491.shtml 2009-06-06 00:58:09 - SecurityShell : In order to get more feedback from developers, we have early developerchannel versions of Google Chrome for Mac OS X and Linux, but whateveryou do, please DON'T DOWNLOAD THEM Unless of course you are adeveloper or take great pleasure in incomplete, unpredictable, andpotentially crashing softwareHow incomplete So incomplete that, among other things , you won't yetbe able to view YouTube videos, change your privacy settings, set yourdefault search provider, or even printMeanwhile, we'll get back to trying to get Google Chrome on theseplatforms stable enough for a beta release as soon as possibleSourceIMAGEhttp://www.secuobs.com/revue/news/106435.shtmlhttp://www.secuobs.com/revue/news/106435.shtml 2009-06-06 00:24:05 - Latest articles from SC Magazine US : Google has released versions of its Chrome browser for the Mac OS X andLinux but is warning users not to download either of themIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/106410.shtmlhttp://www.secuobs.com/revue/news/106410.shtml 2009-06-05 22:31:17 - News : According to JavaScript rendering tests run by Computerworld, thejust-released developer edition of Chrome clearly edges Safari 4 Beta-- it's about 10% faster -- and leaves Mozilla's latest "nightly"build in the dustread moreIMAGEhttp://www.secuobs.com/revue/news/106381.shtmlhttp://www.secuobs.com/revue/news/106381.shtml 2009-06-05 20:57:51 - Network World on Security : Germany and Google remain at an impasse over how long certain data shouldbe retained by the company for its Street View imageryhttp://www.secuobs.com/revue/news/106359.shtmlhttp://www.secuobs.com/revue/news/106359.shtml 2009-06-05 20:07:25 - News : Security start-up Dasient is expected to come out of stealth mode intwo weeks and reveal its plans to help companies fight cybercrimeread moreIMAGEhttp://www.secuobs.com/revue/news/106322.shtmlhttp://www.secuobs.com/revue/news/106322.shtml 2009-06-05 18:00:00 - gHacks technology news : The Google Chrome development team has released long awaited publicdeveloper builds of the Google browser for the Apple Macintosh andLinux operating systems Up until now it was only possible to get mostof the functionality by downloading third party builds of the webbrowser The developer builds of Google Chrome can be downloaded http://www.secuobs.com/revue/news/106275.shtmlhttp://www.secuobs.com/revue/news/106275.shtml 2009-06-05 17:55:00 - News : Google late Thursday released developer-only versions of its Chromebrowser for Mac and Linux, making good on a nine-month-old promisethat it would eventually add those editions to the Windows versionthat debuted last Septemberread moreIMAGEhttp://www.secuobs.com/revue/news/106267.shtmlhttp://www.secuobs.com/revue/news/106267.shtml 2009-06-05 17:36:25 - Governmentsecurity.org : Google has published statistics on the top 10 malware source sitesfrom its scans over the last two months Six of the top ten sitesshown are hosted using the Chinese cn top level domainIMAGE IMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/106248.shtmlhttp://www.secuobs.com/revue/news/106248.shtml 2009-06-05 11:14:52 - Rootsecure.net : BNET: Google's Long Shot At Kicking Microsoft Off The Desktophttp://www.secuobs.com/revue/news/106159.shtmlhttp://www.secuobs.com/revue/news/106159.shtml 2009-06-05 11:14:52 - Rootsecure.net : H Security: Google statistics reveal top 10 malware siteshttp://www.secuobs.com/revue/news/106156.shtmlhttp://www.secuobs.com/revue/news/106156.shtml 2009-06-05 07:50:25 - BadwareBusters.org Most recent topics : Hi,To-day I noticed the warning from Google Webmaster tools that, yoursite is infected with gianttopseekcn virusCan anybody help me to identify the virus in my site et how to removeGoogle suggested following two pageshttp://softwebsolutionscom/forum/install/If I remove all the pages that Google shows infected , Will it work Awaiting for some great helps as I received in the pastThankshttp://www.secuobs.com/revue/news/106115.shtmlhttp://www.secuobs.com/revue/news/106115.shtml 2009-06-05 03:52:10 - Hack In The Box : Security start-up Dasient is expected to come out of stealth mode in twoweeks and reveal its plans to help companies fight cybercrime Dasientis officially keeping mum until its official launch the week of June15, but co-founders Neil Daswani formerly Google security productmanager, Ameet Ranadive once a senior associate at McKinsey et Co,and Shariq Rizvi formerly a software engineer at Google have left atrail of clues across the Web Dasient can be expected to unveil anoffering intended to help customers defend and recover from Web-basedattacks, and that will include tools for diagnostics and remediation,Ranadive said in an interview earlier this year with Hostingcon thatWeb-hosting providers could be expected to generate a revenue streamthrough Dasient's offeringhttp://www.secuobs.com/revue/news/106063.shtmlhttp://www.secuobs.com/revue/news/106063.shtml 2009-06-05 00:01:49 - InfoSecPodcast.com : Well thanks to a borked Feedburner to Google transfer I need to update myfeed location The current feedfeedsfeedburnercom/wwwInfosecpodcastcom will be moved tofeeds2feedburnercom/infosecpodcastcom one week from today, 6/11/09–Chris Technorati Tags: Feedburner, Google Sucks Related Posts:SavantProtection supports Google AndroidURL Obfuscation ExamplesGoogleacquires Postini for $625 millionGoogle exposing IP camerasFirstPodcast on 7/20http://www.secuobs.com/revue/news/105991.shtmlhttp://www.secuobs.com/revue/news/105991.shtml 2009-06-04 22:01:55 - News : Google Docs, a hosted suite of office productivity applications, stillhas a ways to go in its development, but users can expect dramaticchanges in the next 12 monthsread moreIMAGEhttp://www.secuobs.com/revue/news/105940.shtmlhttp://www.secuobs.com/revue/news/105940.shtml 2009-06-04 21:48:22 - Latest articles from SC Magazine US : The URL hosting the Gumblar attack, which has compromised thousands oflegitimate websites with code that silently redirects users to asingle Chinese domain, heads its list of Top 10 malware sites,according to GoogleIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/105928.shtmlhttp://www.secuobs.com/revue/news/105928.shtml 2009-06-04 19:55:42 - EFF.org Updates : San Francisco - "Terms of Service" policies on websites define howInternet businesses interact with you and use your personalinformation But most web users don't read these policies -- orunderstand that the terms are constantly changing To track theseever-evolving documents, the Electronic Frontier Foundation EFF islaunching "TOSBack": a "terms of service" tracker for Facebook,Google, eBay, and other major websites"Terms of service form the foundation of your relationship with socialnetworking sites, online businesses, and other Internet communities,but most people become aware of these terms only when there's aproblem," said EFF Activism and Technology Manager Tim Jones "Wecreated TOSBack to help consumers monitor terms of service for thewebsites they use everyday, and show how the terms change over time"At wwwTOSBackorg, you can see a real-time feed of changes andupdates to more than three dozen polices from the Internet's mostpopular online services Clicking on an update brings you to aside-by-side before-and-after comparison, highlighting what has beenremoved from the policy and what has been addedThe issue of terms-of-service changes -- and how and why they are made-- was highlighted earlier this year when Facebook modified its termsof use Facebook users worried that the change gave the company theright to use members' content indefinitely After a user revolt,Facebook announced that it would restore the former terms while itworked through the concerns users had raised"Some changes to terms of service are good for consumers, and some arebad," said EFF Senior Staff Attorney Fred von Lohmann "But Internetusers are increasingly trusting websites with everything from theirphotos to their 'friends lists' to their calendar -- and sometimeseven their medical information TOSBack will help consumers flagchanges in the websites they use every day and trust with theirpersonal information"For TOSBack:http://wwwTOSBackorgContacts:Tim JonesActivism and Technology ManagerElectronic Frontier Foundationtim@efforgFred von LohmannSenior Intellectual Property AttorneyElectronic Frontier Foundationfred@efforghttp://www.secuobs.com/revue/news/105905.shtmlhttp://www.secuobs.com/revue/news/105905.shtml 2009-06-04 19:48:49 - Threatpost Feed : Misspelled versions of two popular Google services are among the Top10 sites hosting exploits for use in drive-by malware downloadattacksOn the heels of two massive drive-by attacks -- ten of thousands ofhijacked sites launching attacks via the browser -- Google released alist showing that malicious hackers are typo-squatting on its domainsto evade detection and to keep malware sites alive for long periodsHere’s the top 10 list click image for full size:http://www.secuobs.com/revue/news/105902.shtmlhttp://www.secuobs.com/revue/news/105902.shtml 2009-06-04 19:31:45 - Information Security Resources : Excerpts From IT Pro Google identifies the ten domains responsible forcompromising the most number of sites on the internet In response toa recent surge in websites being infected with malware, Google hasrevealed the top ten most popular malware sites in the last couple ofmonthshttp://www.secuobs.com/revue/news/105875.shtmlhttp://www.secuobs.com/revue/news/105875.shtml 2009-06-04 19:28:20 - gHacks technology news : A great way of testing a new search engine is to compare it to thedominant established search engine BingAndGoogle offers a combinedsearch interface that is more comfortable than working with two webbrowser windows or switching between tabs in the same window Thesearch engine mashup displays a single search form on the main http://www.secuobs.com/revue/news/105872.shtmlhttp://www.secuobs.com/revue/news/105872.shtml