http://www.freshnews.org/ fresh tech news from around the web en-us 40 An anonymous reader sends news from The Washington Post's Security Fix blog of a new Trojan horse program that takes click fraud to the next level. The Trojan, dubbed FFsearcher by SecureWorks, was among the pieces of malware installed by sites hacked with the Nine-Ball mass compromise, which attacked some 40,000 Web sites this month. The Trojan takes advantage of Google's "AdSense for Search" API, which allows Web sites to embed Google search results alongside the usual Google AdSense ads. (SecureWorks' writeup indicates that Yahoo search is targeted too, but the researchers saw no evidence if the malware redirecting Yahoo searches.) While most search hijackers give themselves away on the victim's machine by redirecting the browser through some no-name search engine, FFsearcher "...converts every search a victim makes through Google.com, so that each query is invisibly redirected through the attackers' own Web sites, via Google's Custom Search API. Meanwhile, the Trojan manipulates the victim's PC and browser so that the victim never actually sees the attacker-controlled Web site that is hijacking the search, but instead sees the search results as though they were returned directly from Google.com (and with Google.com in the victim browser's address bar, not the address of the attacker controlled site). Adding to the stealth is the fact that search results themselves aren't altered by the attackers, who are merely going after the referral payments should victims click on any of the displayed ads. What's more, the attackers aren't diverting clicks or ad revenue away from advertisers or publishers, as in traditional click fraud: They are simply forcing Google to pay commissions that it wouldn't otherwise have to pay." If FFSearcher were the only piece of malware on the machine, it would have a better chance of staying under the radar.Read more of this story at Slashdot. Thu, 02 Jul 2009 19:24:16 -0400 http://www.freshnews.org/article/slashdot/new-click-fraud-attack-is-stealthiest-yet http://www.freshnews.org/article/slashdot/new-click-fraud-attack-is-stealthiest-yet CNETNate writes "The tests prove it: It's the third-fastest browser in the world, and over twice as fast as Firefox 3. In terms of Javascript performance, Firefox 3.5's new rendering engine places it squarely above Opera 10's beta and Internet Explorers 7 and 8 (based on previous benchmarks), plus it's getting on for being almost as quick as the original version of Google Chrome. Also, the new location-awareness feature was testing in central London, and pinpointed yours truly to within a few hundred meters — easily enough for, say, a Starbucks Web site to tell you where your nearest Starbucks is."Read more of this story at Slashdot. Thu, 02 Jul 2009 19:05:01 -0400 http://www.freshnews.org/article/slashdot/firefox-35-benchmarked-close-to-original-chrome http://www.freshnews.org/article/slashdot/firefox-35-benchmarked-close-to-original-chrome Deag writes "A mega colony of one family of ants has spread all over the world. Previous mega colonies in California, Europe and Japan have been shown to be in fact one global colony. Ants from the smaller super-colonies were always aggressive to one another. So ants from the west coast of Japan fought their rivals from Kobe, while ants from the European super-colony didn't get on with those from the Iberian colony. But whenever ants from the main European and Californian super-colonies and those from the largest colony in Japan came into contact, they acted as if they were old friends."Read more of this story at Slashdot. Thu, 02 Jul 2009 20:48:13 -0400 http://www.freshnews.org/article/slashdot/ant-mega-colony-covers-the-world http://www.freshnews.org/article/slashdot/ant-mega-colony-covers-the-world Hugh Pickens writes "The Telegraph reports that dozens of users of the recently released iPhone 3GS have reported overheating issues, with some iPhone owners unable to pick up the device because the handset gets so hot to the touch, while others say the casing turns pink with the heat. 'I am definitely experiencing issues with the iPhone running warm and quick battery life lost,' writes Tom Goldstein on one discussion board. 'The phone seems to warm up almost immediately if I am doing anything that pulls data over the network.' Some users have said the device has been too hot to put to their ear while making a phone call, and others say the overheating seems to occur when owners are using the iPhone's mapping software, which uses the handset's built-in GPS technology. Melissa J. Perenson writes at PC World: 'I became aware the handset had become very hot. Very, very hot — not just on the back, but the entire length of the front face, too.' Some gadget experts believe faulty batteries could be the cause of overheating and poor battery life. 'My guess is there's going to be a whole lot of batteries affected because these [iPhones] are from very large production runs,' said Aaron Vronko, who fixes iPods and iPhones. 'If you have a problem in the design of a series of batteries, it's probably going to be spread to tens of thousands [of device], if not hundreds of thousands, and maybe more.'"Read more of this story at Slashdot. Thu, 02 Jul 2009 16:13:25 -0400 http://www.freshnews.org/article/slashdot/some-overheating-3gs-iphones-glow-pink http://www.freshnews.org/article/slashdot/some-overheating-3gs-iphones-glow-pink avxo writes "Bruce Schneier covers a new cryptanalytic related-key attack on AES that is better than brute force with a complexity of 2^119. According to an e-mail by the authors: 'We also expect that a careful analysis may reduce the complexities. As a preliminary result, we think that the complexity of the attack on AES-256 can be lowered from 2^119 to about 2^110.5 data and time. We believe that these results may shed a new light on the design of the key-schedules of block ciphers, but they pose no immediate threat for the real world applications that use AES.'"Read more of this story at Slashdot. Thu, 02 Jul 2009 20:39:55 -0400 http://www.freshnews.org/article/slashdot/new-aes-attack-documented http://www.freshnews.org/article/slashdot/new-aes-attack-documented