Users who browse pro-Tibet sites can be infected with the Fribet Trojan. The best guess is that the Trojan is using a VML flaw (MS07-004) which Microsoft released a patch for last year. Unpatched systems visiting these sites can be subjected to an attack that creates a backdoor on the victimized systems.

The Trojan loads a 'SQL Native Client' ODBC library and executes SQL statements sent by command and control servers. This allows the attackers to gather data or modify databases the victims' machines are connected to with the appropriate logins and permissions. The monitoring feature of the Trojan allows the interception of passwords so the attackers will be able to log in to the databases.

Shinsuke Honjo and Geok Meng Ong, researchers for McAfee, wrote that, "This Trojan apparently can be used as an alternate to SQL injection attacks, but in a more direct way. Even the administrators of secure Web sites, protected against common SQL injection attacks, should ensure database backends are equally secure to defend against such a penetration vector."

The Windows Live CAPTCHA system used for Hotmail and the equivalent system at Gmail have been compromised by botnets which can crack the system. CAPTCHA was designed to stop spammers from opening Hotmail and Gmail accounts. These systems display distorted characters and are supposed to force a human to read, recognize and type the characters, thus preventing the automated creation of email accounts.

CAPTCHA is an acronym for Completely Automated Public Turing test to tell Computers and Humans Apart.

Spammers like Gmail accounts because they are free and not likely to be blacklisted. Now that the spammers own these types of free accounts, more spam is coming from those free providers' email accounts. Anti-spam services then attempt to slow down the flow of spam from those compromised accounts.

MessageLabs' Paul Wood said, "We're seeing more spam coming from Gmail and Yahoo. Where a service is widely abused its reputation goes down and it's held back in the queue. This happens automatically. These traffic management controls are not designed to block messages, they are intended only to slow down their transit. For messages that are subsequently blocked there should be a reason given in the non-delivery report."

February, 2008's spam report indicated that 4.6 percent of spam is sent from Web-based mail services. The Gmail-originated span doubled from January to February to 2.6 percent. Yahoo was the worst of the Web-based mail services, accounting for 88.7 percent of Web-based spam.

Meanwhile, in India, the spam rajas who do not have the good CAPTCHA-cracking bots employ sweatshop labor for $4 per day to establish Web-based email accounts

The GAO report stated that, "GAO found numerous defense-related items for sale to the highest bidder on eBay and Craigslist. A review of policies and procedures for these Web sites determined that there are few safeguards to prevent the sale of sensitive and stolen defense-related items using the sites."

The GAO investigators clicked around from January 2007 through March 2008, and came up with two F-14 components (from two vendors), night-vision goggles with the friendly force identifying 'component,' body armor and an Army combat uniform.

Continuing, the GAO report made the point that bad guys getting hold of this stuff could reverse engineer it to come up with countermeasures.

This GAO report, which the GAO characterized as not comprehensive in any way, did not address whether export controls would keep bad guys from getting the stuff, nor did it look at the failed property management practices which have made stuff available in the past.

Instead, we have the CEO of Craigslist called before Congress to explain what Craigslist is. Jim Buckmaster explained that the GAO report was mistaken when it called Craigslist "a global marketplace with international reach" and that instead Craigslist was a collection of separate local marketplaces. He also explained that users are discouraged from engaging in sales which require shipping.

To continue the theme of fraud and misrepresentation, the following comparison is offered. A Columbian man has been sentenced to nine years for computer fraud. This fraud (if unchecked) could have potentially affected more than 600 people and involved the staggering (attempted and actual) sum of 1.4 million dollars.

To refresh our memories, the contractor who sabotaged the Sixth Fleet navigation computers, which affected more than one submarine and put at risk the crews of every sub in the Sixth Fleet, received one year. To even look at the dollar value associated with the submarines is the wrong thing to do, but instead one must think about the potential loss of life associated with the possibility of a sub colliding with another sub or an undersea hazard.

When Simbaqueba Bonilla was seized by federal agents, the laptop he was carrying had the names and passwords of more than 600 people, as well as other personal and financial information about those people.

Quantum computing at the single photon level is closer to reality with the physicists at Bristol University in the United Kingdom creating an optical "controlled-NOT" gate on a silicon chip which can act on an individual photon. According to a press release from the university, this is "the building block of a quantum computer."

A quantum bit is called a "qubit" and the new gate, which processes the photon, or qubit, can now be realized on a single chip, whereas previously the gate occupied several square meters of space on an optical bench.

Mark Anderson, an influential voice in the technology community, wrote in his Strategic News Service newsletter that, "For those who believe that quantum computing is the next big breakthrough in the computing world, and who see the logic gate as a critical component, this is a critical step forward."

Professor Jeremy O'Brien, the lead researcher on the project, said that the chip "is a crucial step towards a future optical quantum computer, as well as other quantum technologies based on photons." One of Professor O'Brien's, Alberto Politi, also explained that it was the problem of scaling that this chip solved. Previously, the photons had to propagate through the air and required large optical elements. The new chip starts to solve these problems.

The chip has also enabled the researchers to observe quantum entanglement, an interaction of two particles in such a way that the state of an individual interacting particle cannot be defined, but the collective state of the interacting particles can be.

What is most important about this development, and which seems to have been left out of the discussion in the press, is the phenomenon associated with theoretical quantum computing, which is that the foundations of modern cryptography will be rendered obsolete. Symmetric key cryptography is a probabilistic exercise, and a quantum computer can try all of the possible keys to any encrypted message simultaneously. Presumably, then, the discrete log problem and the problem of factoring large numbers will also be solved, and therefore public key cryptography will also be useless for keeping any secrets.

Some individuals have employed questionable tactics to get the Web sites with which they are associated listed higher in the rankings for various search terms. Individuals who conduct these activities maintain that they are not breaking the law, and are only violating terms of service agreements. Search engine optimization has been going on since the advent of the meta tag, and as the search engines have come up with new ideas about relevance and what makes a Web site appear higher in the rankings for various search terms and phrases, optimizers have experimented, intuited, and even quit search engine companies to go into private practice, all in the name of getting those who pay, higher rankings. Those of us who believed in the Web as a level playing field and some concept of fairness have felt victimized by these tactics.

Now, apparently, so too the search engine providers themselves. The search engine optimizers (SEOs) had been finding the holes in the ranking algorithms and exploiting them. Google, around 18 months ago, started to penalize sites it thought were gaming the system, and then starting blacklisting the offending sites. According to critics of the tactic, some said that Google would delist sites without any warning.

Jeremey Schoemaker, the marketer known as Shoemoney, said that, "When people are ranking for a phrase and supporting their family, and then the next day they're off the map, that's really vicious. You can literally ruin someone's life."

One of the more cautious members of the SEO community, Eric Ward, who had been derided in the community for his by the book play, warned that black hat optimization was a dead end.

One of the ways that a site was deemed to be relevant was by how many other sites linked to it. In those days, SEOs built link farms - sites which were nothing but links to the sites which were hoped to get boosted in the ratings, and to each other, so that their rankings would help the end site in the rankings. The spiders crawled the links and added things up; the SEOs knew what to do.

When the search engines got wise to this technique and others like it, the SEO community started to polarize - with some working within the guidelines and others going to more extreme and shady tactics. And then sites which were infected with malware, sometimes through no fault of their own, were also penalized by the search engines.

RSnake is an individual with some experience with Web advertising, SEO work, and runs ha.ckers.org. He said that Google is making assumptions which are erroneous in their administration of search result rankings. RSnake said, "Google can shut you down at any time. But there are all kinds of weird things that could happen to you, upstream problems, a proxy goes bad, someone takes over your site, and there's no way for you to explain that it might not be your fault. They're making false assumptions about how the Internet works, which is that the owner of the IP address is always in control of what happens through that IP address."

Variations on the theme are rampant. Innocent sites are hacked to put links in the same color as the background on the site. Other tactics are cookie stuffing and attacks on high traffic blogs. MySpace and other social networking sites are used for the same linking purposes. And the value of search is lessened.