MP3 spam on the rise, despite being utterly stupid

As anti-spam tools and e-mail users become more sophisticated, spammers are turning to new mediums to get their unwelcome messages through filters and into inboxes. One of the more recent developments is spam with attached MP3 files. One security software vendor, MXSweep, is reporting that MP3 spam now accounts for between 7 and 10 percent of all spam being sent.

The files are given innocuous-sounding names like elvis.mp3, oursong.mp3, smashingpumpkins.mp3, or coolringtone.mp3. The payload is disappointing: a voice recording touting the virtues of some corporate stock; in other words, it’s pump-and-dump stock spam in a new format. It’s also a dumb idea. The overlap of those gullible enough to click on MP3 files of unknown provenance and those willing and able to invest in a stock that they’ve never heard of is certainly minute. It’s bound to be more of an annoyance than anything else and seems unlikely to result in the desired stock purchases.

Attachment spam can be easily filtered, but the sheer size of the messages can cause headaches. The MP3 files currently used run from 85KB to 147KB, according to MXSweep. “Although these emails now account for 8 percent of current traffic they consume up to 55 percent of e-mail bandwidth use, which in business terms is a huge additional cost,” said Danny Jenkins, CTO and founder of MXSweep.

So far, security researchers haven’t identified any malicious payloads in any of the MP3 stock spam messages, so the biggest headache will be configuring spam filters to stop the MP3 message from hitting inboxes. That should be fairly easy for corporate IT departments who aren’t already stopping e-mails with audio attachments. If your e-mail client supports rules-based filtering, simply set it to flag and delete messages with MP3 attachments.

The Federal Trade Commission believes legislation such as the CAN-SPAM Act and some high-profile convictions are making a difference, but spammers have responded by moving more of their operations offshore, going deeper underground, and coming up with new means of getting their unwelcome messages into inboxes.

Naturally, once countermeasures against MP3 spam are widely in place, spammers will move on to another payload. That’s why we’re facing MP3 spam now: anti-spam tools have become adept at dealing with image spam (e.g., GIF and JPEG images attached to a message), PDF spam, and Excel spam. Just a few months ago, PDF spam accounted for nearly 20 percent of all image spam; that number has since plummeted to under 1 percent, according to e-mail security company Proofpoint. Image-based spam has also plummeted to 2.23 percent of all messages as of the end of September.

Read more »

Google gives social networking another go

Though almost everything Google touches seems to turn to gold, there is one project that never quite became ubiquitous (at least here in the U.S.). Orkut may have found a following in Brazil and Asia, but I don’t know anyone who uses the service. As Erick Schonfeld reports in TechCrunch, that may be about to change.

Known internally as Maka-Maka, the project will provide a means for all of Google’s existing applications to work together within a social-networking landscape. Google is also building a series of APIs that will allow developers to integrate their own applications into the Google universe.

Schonfeld describes the Google initiative as an attempt to “‘out-open’ Facebook” and predicts that the APIs will roll out for Orkut and iGoogle before percolating down through the Google universe.

All eyes will be on Google, but don’t expect anything too earth-shattering straight out of the gate. Many of these apps will be copycats of what is already available on Facebook (just as the very first apps on Facebook were ported over from other parts of the Web). This first go-round, Google will just be trying to match Facebook’s ante. Remember, even on Facebook, the best apps didn’t emerge on Day One. And now Facebook has a six-month lead.

Given that Orkut seems to have already lost the battle for social network supremacy, I have doubts that a barrage of borrowed Facebook apps will inspire anyone to switch. But if other Google properties begin to incorporate social-networking elements, then it seems like Google may succeed, if only through its near-complete Web saturation.

As I see it, the biggest shortcoming of social-networking sites is their inability to play well with others. Between MySpace, Facebook, LinkedIn, Tribe, Pownce, and the numerous also-rans, it seems as if maintaining an active presence at all of these sites could erode into becoming a full-time job. If Google can somehow create a means for all of these services to work together, and seamlessly interact with the Google family, then perhaps this is the killer app that people don’t even realize they’ve been waiting for.

On the other hand, if Google delivers a platform that simply mimics Facebook, while opening up the API just a little bit further, I have doubts that it’ll go anywhere. The business of social networking has been a bit of an enigma for many of the larger companies. Whereas Friendster, MySpace, and Facebook were practically born in dorm rooms and garages, their success has dwarfed anything that Yahoo or Google have been able to accomplish. Perhaps that’s all about to change, but amongst each segment of the population, there is usually only room for one social-networking portal, and Google will have a rough road ahead of it trying to convince kids, teens, and adults alike that this spot should belong to Google.

Read more »

McAfee to acquire ScanAlert

McAfee announced plans on Tuesday to acquire ScanAlert in deal worth approximately $51 million in cash.

And what is McAfee looking to get for its money? For starters, it’ll snap up ScanAlert’s Hacker Safe Web site security certification service, bolster its own SiteAdvisor security-rating system, and become the keeper of ScanAlert’s proverbial “good housekeeping” seal for sites seeking to reassure customers that they are conducting safe online transactions.

The acquisition, expected to close in the first quarter, calls for integrating ScanAlert’s e-commerce security certification service into McAfee’s SiteAdvisor system. McAfee last year acquired SiteAdvisor, which informs users about the safety of their returned search results, estimating the likelihood that a site could potentially infect their computer with spyware, spam, or a browser attack.

ScanAlert issues a Hacker Safe certification to Web sites that have undergone its scanning service for vulnerabilities, as well as demonstrating that they have been fixed. The sites also need to undergo daily scans by ScanAlert, in order to maintain their Hacker Safe stamp of approval.

The Hacker Safe certification will be visible through SiteAdvisor, once the acquisition is completed, and the technologies are integrated.

Security fears have resulted in consumers delaying their online-shopping decisions and transactions by more than half a day, according to ScanAlert’s own research.

Those concerns are nothing new. Two years ago, a fourth of online shoppers reduced their purchases, as fear over identity theft soared, according to a report by RSA Security.

E-commerce site operators, as a result, have been particularly interested in trying various techniques to boost the security of their sites.

As part of the McAfee deal, ScanAlert may see its overall acquisition price jump by another $24 million, should it hit certain performance targets.

The company has 8,000 customers, who represent more than 75,000 Web sites. Those customers include Toshiba, Warner Bros., and the American Red Cross.

Read more »

Yahoo releases Messenger 9.0 Beta

Yahoo! has announced the beta release of its leading IM service Yahoo Messenger 9.0. The new version is powered with intuitive design and functionalities like integrated media player and user-friendly tools which enable people to connect with their friends in an easy manner. The new Yahoo Messenger comes with a localize language support in new markets including Philippines, Indonesia, Malaysia, Thailand, India (in Hindi), and Vietnam, which takes Yahoo Messenger’s international base to over 25 nations.

The new features have been designed keeping the needs of Yahoo’s existing users in mind. Apparently, Yahoo messenger users spend approx. an hour daily which exceeds the time spent on any other IM service. The power-packed connectivity options include IM, Voice and SMS support.

So what’s new in this Beta version?
For a start, the friends list interface is revamped. Now a user can easily see the online presence indicator, display image and status all in one go. All it takes is a single-click to connect with users via voice, text message or instant messages.

In-line Media Player: The media player enables users to send image,video and map URLs to their friends and family members. File transfer becomes safe and secure than ever with scan support being provide by Symantec Norton AntiVirus.

The call forwarding option (similar to VOIP giant Skype’s) allows users to stay connected while they’re are away from their desktops. Moreover, all voice mails are sent as email attachments in MP3 format. Extensive personalization empowers users to add their personal touch to the way Yahoo Messenger appears. So they can play around with skins customize their designs and do more. In line with web2.0 the new beta comes with Flickr integration so users can share their Flickr photos with IM buddies.

On the occasion of news announcement, Sabrina Ellis, Yahoo’s Vice President said, “We’ve punched up Yahoo! Messenger to make keeping in touch with friends and family even more fun, with features like the in-line media player that helps people easily share their favorite videos, images and photos right in the IM window”.

Yahoo Messenger is the default communication tool which connects over 94 million users across the globe. Don’t waste your time go and grab the beta of the new Yahoo! Messenger can at http://beta.messenger.yahoo.com.

Read more »

Photoshop for Linux? Don’t hold your breath

There’s a few applications that would help make Linux more of a mainstream OS, but don’t expect to see them ported to Linux anytime soon. One of the least discussed in this fashion? Adobe Photoshop.

Yes, I know I’ve said before that in my purview Linux doesn’t need mainstream success to be “succesful”, but this is one of those canards that gets waved under my nose often enough that it needs to be addressed at least once.

Why Photoshop? For one, apart from Microsoft Office, it’s one of the most broadly used programs in the whole of the computer world, both Mac and PC. Everyone either wants Photoshop or “a program like Photoshop.” And in many cases, they don’t have the luxury of choosing: they’re in a graphic-arts or design job where Photoshop is mandatory, not optional. By far the most overriding reason is support for CMYK colorspaces (you can’t do proper graphics work for print without CMYK support). Lack of proper CMYK support is one of the biggest reasons why GIMP, the open-source Photoshop-like app for Linux, hasn’t been able to displace Photoshop in a professional context.

And why no Linux-specific version of Photoshop? First, and most likely, Adobe probably believes there just isn’t a market for Photoshop on Linux — yet — especially since the perceived size of that market isn’t even a fraction of its total sales, whether for Mac or Windows.

There’s also the question of commercial application support on Linux, a topic which deserves its own post but which can be summed up this way: Closed-source apps generally only get supported on a couple of distributions at a time — Red Hat and SuSE are two of the biggest, although Ubuntu is turning up more and more — since the effort involved for more than a couple of distros is more than many software companies want to take on.

(This is where I agree at least in part with Alex Wolfe about there being too many distros — too many for the software makers, but that still means a plurality of choices for the users.)

What’s ironic is that a while back, Adobe had an IRIX version of Photoshop available for a number of Silicon Graphics computers. I played with an SGI O2 workstation that had it running, and it operated exactly like its Windows counterpart. Surely it wouldn’t be difficult to take the work done for the IRIX version and apply that to a Linux edition? Probably not — programming for IRIX, Linux, and the Mac OS are almost certainly as unalike as it gets in many ways.

Finally, there’s the problem of third-party add-ons. Photoshop has a giant library of plug-ins, and many Photoshop users are married to their plug-in collections. Said plug-ins would not work on Linux, unless a) they were rewritten from the ground up (not terribly likely) or b) the Linux edition of PS had, say, some kind of back-end into Wine that allowed the plug-in to run correctly. There’s always the possibility of running the Windows edition of Photoshop in an emulated Windows session or in Wine, but that sort of defeats the point.

So if Adobe ever bothers to offer Photoshop for Linux, I suspect it’s going to be for very specific breeds of Linux, and not Linux generically. I’m dead certain Adobe is not about to make Photoshop into an open-source product; they’re going to be as stalwart about this as Microsoft is about Office. But again, it’s a question of how much Adobe feels it’s likely to get back for that effort — which, at this point, is probably not a lot at all.

Read more »