A new Windows only worm has appeared, and this one uses weak installations of the MySQL database server on Windows running machines. The worm uses a list of 1000 passwords to try and get admin user in MySQL, and if it does, it uses a known exploit to install malicious code onto the server. The “owned” machine will then join an IRC server and await instructions. (apparently the current instructions are to look for other machines to infect, but that could change.) The name of the worm is Forbot, and you can read about it further here.

So folks, if you are silly enough to have a Windows server running MySQL, and that copy of MySQL is not locked down to disallow remote root access, and there is no decent password, (a good password is at least 8 characters, and a mix of letters, numbers and symbols), then now is a good time to scan your system for the exploit. There is no reason to allow remote root access over the net. In fact I go further then that and locked all our users down to all localhost or local network connections only. (We are running Linux servers, so this isn’t applicable anyway, but tight settings are a good basis for any server. ) It seems to me that the main issue that leads to such compromises is people not considering the security implications of a specific action. The best way to set up security, is to lock the machine up totally, so it cannot do anything, and then lower that step by step till you can achieve only exactly what you need.

While working on increasing the search engine findability of a site we worked on recently, I happened on to a new Beta over at Google that I had not seen before. It is not listed off of the front page at Google, nor is it listed on the Google Options page. It is Google Video and it searches the closed caption text from television shows and delivers that text along with a screenshot taken at approximately that time. Interesting little bit if you missed your show this week I guess. Now you can read it.

This is the latest addition to the google labs projects. Keep an eye on these folks, they do some pretty neat stuff.

Want the latest Microsoft Press releases delivered to you? You not only need to register, but you need Passport. Why not RSS Bill? The rest of the world is using it … or doesn’t that allow enough private information to be collected? Why passport and not simply an email address? This is why people don’t trust you guys.

“In the second half of 2005, visitors to the Microsoft Download Center (http://www.microsoft.com/downloads) and Windows Update (http://v5.windowsupdate.microsoft.com/v5consumer) will be required to participate in Windows Genuine Advantage to access all content. To help customers who may require more time to move to genuine Windows software, Microsoft is offering security updates through Automatic Updates in Windows, with or without Windows Genuine Advantage validation.” (Source: Microsoft to Implement Worldwide Anti-Piracy Initiative)

For some time now MicroSoft has been trying to get people to verify that their copy of Windows is valid and licensed. In-and-of-itself, requiring people to be legit to gain services isn’t a truly bad thing. However, it causes difficulty in two specific cases: 1) they say you aren’t valid when you in fact are; and 2) they gather additional information beyond that required to determine validity (historical example). You wouldn’t take your Ford to a GM dealer for warranty service. On the other hand, when you look at it you know it is a Ford.

MicroSoft will begin requiring users in three countries to prove thier validity of license before they can get serviced as of February 7, 2005 … and the rest of the world won’t be far behind.

A new worm doing the rounds called “W32/Cisum.A” has an added twist. If you get infected by this thing, it will tell you how silly you are by playing an MP3 containing the words “You are an idiot” over and over. The worm also tries to shut-down firewalls and anti-virus apps as well as any running copies of the Bagle and Netsky Viruses it happens to fine. It spreads by copying itself to network drives, so it’s not likely to spread too widely. Read InternetNews for more.

There is a new search engine in town folks, it has a name that is likely to get Google’s attention sometime soon, and it has one thing that makes it different to all the other search engines. It can read the results back to you audibly.

The engine is called Speegle, and it can be found here: http://www.speegle.co.uk/ If you do a search for “statistical hit counter” you will find us as the primary result. (as with most engines.) It’s fun to hear your site read out by a search engine, give it a try. I imagine this will be quiet popular with the geeks among us, but I don’t know how useful it will be to the vision impaired as they already have screen readers. Fun though.

Speakeasy, a national US ISP based in Seattle has put a customized version of Firefox onto their new user CD’s. The founder and chairman of Speakeasy, Mike Apgar was quoted as saying: “We’re thrilled to be the first broadband service provider to adopt Firefox, taking our customers’ browsing experience to the next level. This special edition is just the first step in making browsing the Web better for our customers. We plan to continually enhance the browser with features that will benefit Speakeasy’s home, business and gaming subscribers.” A Mozilla spokesman said that this would be the first of many such roll-outs. You can get a copy of the Speakeasy Firefox release here, and you can read the full article here. I’m actually surprised that this hasn’t happened sooner. ISP’s are often the ones who pay when their users all have viruses and spyware infested systems, because it’s the ISP’s IP address that gets blacklisted if an infected PC is used as a spam relay, and also because 10,000 infected Windows machines chew up a great deal of bandwidth.

So folks, we have government security organizations, independent security companies, dozens of magazine reviews and now Internet Service Providers all giving Firefox the thumbs up and recommending it to their users. If your not using Firefox to read this, perhaps it is time you gave it a shot and find out what all the fuss is about.