Blackmoor Vituperative

European regulators hit Microsoft with a $357.3 million fine Wednesday, citing the software giant’s continued noncompliance with its landmark 2004 antitrust ruling.

The European Commission issued the 280.5 million euro fine for the period between Dec. 15 and June 20. That figure amounts to a daily fine of 1.5 million euros, which the Commission is prepared to increase to up to 3 million euros per day if the software giant does not come into full compliance beginning July 31.

“I don’t buy Microsoft’s line that they didn’t know what was being asked of them because the March 2004 order is absolutely crystal clear,” Neelie Kroes, who heads the Commission’s antitrust bureau as its competition commissioner, said Wednesday at a press conference in Brussels. “And in order to increase the incentive for Microsoft to comply, the Commission has decided the ceiling for potential fines will be raised.”

(from ZDNet, EU knocks Microsoft with $357 million fine)

On the one hand, the comment “the Commission has decided the ceiling for potential fines will be raised” gives me the willies. I have seen firsthand what kind of power “commissions” have. They are essentially laws unto themselves, even here in the USA, and can impose fines and penalties at will. On the other hand, if it had to happen to someone, it may as well be Microsoft. After all, they can afford a $1.5 million per day fine: they earn roughly $121 million per day.

Nokia has made a major update to the Linux PDA it doesn’t want you to think is a Linux PDA, the 770.

Available for free download, OS 2006 edition introduces version 2.0 of Nokia’s Linux platform, Maemo. Included are system level performance improvements, support for VoIP clients, and Google Talk. There’s a full feature list here.

However, according to Nokia, the update breaks backward compatibility.

“Installed applications designed for OS 2005 will not be compatible with OS 2006 edition and will not be restored even from backup,” warns the company.

So, er … look out.

(from The Register, Nokia updates Linux tablet

Since day one of The SCO Group’s lawsuit against IBM on the grounds that the corporate giant had stolen its Unix intellectual property for the betterment of Linux, SCO’s opponents have shouted that there was nothing to the company’s accusations.

Now, more than three years since the fight began, lawyers think that the court’s recent decision to dismiss many of SCO’s claims has shown that SCO’s enemies were right all along.

What appears to be the real end of the case came on June 28. On that day, U.S. District Court Magistrate Judge Brooke Wells dismissed about two-thirds of SCO’s claimed 294 examples of IBM contributing Unix code to Linux.

Is there anything of substance left to SCO’s case? The lawyers say no.

(from Linux Watch, Staking the Vampire: SCO’s case comes to an end?)

This sample chapter from How to Break Web Software: Functional and Security Testing of Web Applications and Web Services describes the most common and notorious attacks to help developers and testers assess a Web application’s vulnerability:

…sample chapter…

It’s not been a great day for Microsoft.

Microsoft not complying with EU

Microsoft faces second WGA lawsuit

Korea says Microsoft injunction request rejected

Meanwhile, Microsoft earns roughly $121 million per day.

Google says bill could spark antitrust fight

A security researcher with expertise in rootkits has built a working prototype of new technology that is capable of creating malware that remains “100 percent undetectable,” even on Windows Vista x64 systems.

Joanna Rutkowska, a stealth malware researcher at Singapore-based IT security firm COSEINC, says the new Blue Pill concept uses AMD’s SVM/Pacifica virtualization technology to create an ultra-thin hypervisor that takes complete control of the underlying operating system.

Rutkowska plans to discuss the idea and demonstrate a working prototype for Windows Vista x64 at the SyScan Conference in Singapore on July 21 and at the Black Hat Briefings in Las Vegas on Aug. 3.

The Black Hat presentation will occur on the same day Microsoft is scheduled to show off some of the key security features and functionality being fitted into Vista.

(from eWeek, ‘Blue Pill’ Prototype Creates 100% Undetectable Malware)

This is neat: Music publisher/distributor ships Linux PMP.

Playing on Apple’s past “Switch” ad campaign, which was aimed at getting Windows users to migrate to Apple’s Mac OS X-based computers, a few longtime Mac and open-source gurus are vocally publicizing their switch away from Apple’s platform to more open-source solutions.

Though the practical impact is impossible to gauge, their arguments have been making waves.

The first was Mark Pilgrim, who wrote free software for the Mac in the mid-1990s.

He is involved with various current open-source projects, was a certified Mac OS X trainer and has written about Web site accessibility and scripting.

In a post on his blog, Pilgrim wrote that though he has long been impressed by Apple’s hardware and software, he thought that the latter had grown less attractive and more “restrictive,” leading him to seek alternatives.

Pilgrim wrote that he regretted that Apple’s software, including the operating system, was not open-source (Pilgrim has published software under the GNU GPL [General Public License]; the license states that software published under it includes the source code, which users can modify to their liking as long as they document the changes.)

He noted that most applications he uses are so open — “Why keep running them on an operating system that costs money and restricts my rights and my usage?”

(from eWeek, Tech Gurus Say They’ll ‘Switch from Mac’)

And here I thought that there was no hope for Mac users once they drank the Kool-Aid. If even a Mac user can come to her senses, maybe there’s hope for other apparently-lost causes. Good heavens — I think I may be feeling optimistic!

While on the subject of the poisonous fruit, check out Defective By Design.

File under “as if you needed yet another reason to swich to OpenOffice”:

A weakness in how Office applications handle Macromedia Flash files exposes Microsoft customers to cyberattacks, experts have warned.

Flash files embedded in Office documents could run and execute code without any warning, Symantec said in an alert sent to customers on Thursday. The security issue is the third problem reported within a week that affects Microsoft Office users.

“A successful attack may allow attackers to access sensitive information and potentially execute malicious commands on a vulnerable computer,” Symantec said in the alert, which was sent to users of its DeepSight security intelligence. The vulnerability was reported by researcher Debasis Mohanty.

The issue relates to the ability to load ActiveX controls in an Office document and is not a vulnerability but an Office feature, a Microsoft representative said. “This behavior is by design and by itself does not represent a security risk to customers,” he said. An ActiveX control is a small application typically used to make Web sites more interactive.

(from ZDNet, Microsoft Office hit by another security problem)

Microsoft Office, Flash, and ActiveX? Wow, that’s a trifecta. If it was put to music, it’d be a country music song. All it’s missing is a Sony rootkit, and you’d have the four horsemen of the software apocalypse.