Microsoft Warns of Worm Attack on Windows

Security researchers at Microsoft Corp. last week warned of a significant climb in exploits of a Windows bug it patched with an emergency fix last month, confirming earlier reports by Symantec Corp.

Microsoft again urged users to apply the MS08-067 patch if they have not already done so.

The new attacks, which Microsoft's Malware Protection Center said began last weekend but spiked in the past week, use the same worm Symantec first spotted Nov. 21.

Dubbed "Conficker.a" by Microsoft and "Downadup" by Symantec, the worm exploits the vulnerability in the Windows Server service, used by all versions of the operating system to connect to file and print servers on a network. Microsoft patched the bug in an out-of-cycle update five weeks ago after it discovered a small number of infected PCs, most of them in Southeast Asia .

According to Ziv Mador, a researcher with the Malware Protection Center, the new wave of attacks has spread in corporations and hit "several hundred" home users. Most of the infection reports have come from U.S. users, said Mador in a post to the center's blog , but his team has received calls from users in several other countries too. The worm avoids infecting Ukrainian computers, Mador said, which may indicate the malware was written by a Ukrainian; hackers often purposefully skip systems in the country where they live, hoping that will postpone or eliminate any reaction by local authorities.

"It is also interesting to note that the worm patches the vulnerable API in memory so the machine will not be vulnerable anymore," said Mador. "It is not that the malware authors care so much about the computer as they want to make sure that other malware will not take it over too."

The worm also resets the machine's system restore point, said Microsoft in its technical write-up , which may make it difficult or impossible to "roll back" Windows to a pre-infection state.

PCs that have been patched with the MS08-067 fix are protected, Mador stressed.

Last week, Symantec bumped up its ThreatCon security alert status from "1" to "2" in response to attacks it had tracked hitting its customers and honeypots. Others security vendors, however, disputed the uptick.

Google Rebuts 'Bandwith Hog' Title

An analyst with ties to the telecom industry called Google Inc. a bandwidth hog in a report released this week.

Scott Cleland, president of Precursor LLC., a research firm bankrolled by telecom heavyweights like AT&T and Verizon Communications Inc., released a report on Thursday saying that Google uses 21 times more bandwidth than it pays for. The study (download PDF) estimates that Google accounted for 16.5% of all U.S. consumer Internet traffic this year; that number is predicted to jump to 25% in 2009 and 37% in 2010.

"Internet connections could be more affordable for everyone, if Google paid its fair share of the Internet's cost," wrote Cleland in the report. "It is ironic that Google, the largest user of Internet capacity pays the least relatively to fund the Internet's cost; it is even more ironic that the company poised to profit more than any other from more broadband deployment, expects the American taxpayer to pick up its skyrocketing bandwidth tab."

Google, however, isn't taking the criticism lying down.

Posting a response on the Google Public Policy Blog, Richard Whitt, Google's Washington Telecom and Media Counsel, noted that since Cleland is paid by the phone and cable companies, he's not exactly a neutral party.

"Not surprisingly, in his zeal to score points in the Net neutrality debate, he made significant methodological and factual errors that undermine his report's conclusions," wrote Whitt, calling Cleland's cost estimates "overblown."

"First and foremost, there's a huge difference between your own home broadband connection, and the Internet as a whole. It's the consumers voluntarily choosing to use our applications who are actually using their own broadband bandwidth -- not Google. To say that Google somehow 'uses' consumers' home broadband connections shows a fundamental misunderstanding of how the Internet actually works."

Net neutrality has been a scorching hot button issue for months now. Google, Microsoft Corp. and other major Internet site operators have joined with small Web site owners to oppose broadband providers like AT&T Inc. and Verizon that want to offer faster network performance to companies that pay more. The issue has been dubbed "Net neutrality" by those who oppose a two-tier system of access and pricing.

Google co-founder and president Sergey Brin even met with U.S. lawmakers last summer to press for legislation that would prevent Internet access providers from charging Web sites more for faster content delivery.

It's also well known that Cleland has no qualms about taking shots at Google. Whitt went so far as to refer to the analyst's report as "payola punditry."

"We don't fault Mr. Cleland for trying to do his job," wrote Whitt. "But it's unfortunate that the phone and cable companies funding his work would rather launch poorly researched broadsides than help solve consumers' problems."

Bugs & Fixes: ICal and Entourage Duplicates

Suppose you use Microsoft Office's Entourage to maintain your list of contacts and calendar appointments? Further suppose you wish to sync these data with your iPhone or with your MobileMe account. Can you do it? Yes.

To do so, go to Entourage -> Preferences -> General Preferences -> Sync Services. From here, enable the options to synchronize contacts and events with Address Book, iCal and .Mac (MobileMe).

This is what I've done and it works pretty well overall. Except for one persistent and annoying problem: My calendar appointments inevitably begin to reproduce. That is, at some point, I'll find two of every calendar event in Entourage. At the same time, iCal will show a matching set of duplicates. This replication process expands over time, so that older appointments (once I have saved past their due date) often wind up with four or six copies.

Who's to blame for this bug? There is some dispute (see this Apple Discussions thread for example) as to whether the cause lies primarily with Microsoft Office or with Leopard's Sync Services software. Personally, I give the nod to Microsoft, as I have never had the problem in iCal unless I am syncing iCal with Entourage. What is undisputed is that there is not yet a permanent fix. Neither Apple nor Microsoft appear to be in a hurry to correct the situation.

What can you do in the meantime? Your choices are limited. Either give up on using Entourage for syncing or keep deleting the duplicates as you find them. The latter option can be a time-consuming nuisance, especially if you have a lot of duplicates. If so, try this procedure to eradicate the unwanted copies with a minimum of fuss:

However, when I tried this, and waited about 30 minutes, nothing happened. Growing impatient for results, I tried something else.

I have Apple's Developer software installed on my drive. Inside the /Developer/Applications/Utilities folder is an application named Syncrospector. I don't know much about how this utility works. But I know enough to launch it and click its Sync button. That did the trick. I immediately checked back at Entourage and iCal; all the duplicates had vanished.

The entire process, starting with iCal Duple Deleter, should only take about two minutes. There are probably other variations on this theme, perhaps simpler ones, that would have worked as well. But this is what I tried and it worked. Having a way to prevent the duplicates from appearing in the first place would obviously be a preferred solution. Until then, this will do.

Sponsored Resource:Ten quick fixes for the worst security nightmares
Sponsored Resource:Learn more about ultra light notebooks from Asus and the best warranty in the industry.
Sponsored Resource:Thinking about a new Laptop? Lenovo has models to meet everyone's needs.
Sponsored Resource:Get the truth about remanufactured ink. Learn more from HP.
Sponsored Resource:Back up, access, share, and store all your family's digital media. Windows Home Server.

Windows 7 No 'Magic Bullet' for Enterprises

Microsoft warned enterprise customers this week that the migration path from XP to Windows 7 won't be any easier than it is to Vista, and offered recommendations for how companies can move from older versions of Windows to one of its newer client OSes.

"Moving from XP to Windows 7 is not a magic bullet," said Gavriella Schuster, a senior director of Windows product management, in an interview Tuesday. "You have the same level of application compatibility from XP to Windows Vista or Windows 7."

Enterprise customers who would have had to replace applications in a move from XP to Vista will still have the same task when they move to Windows 7, she said. However, if customers have already made the leap to Vista, it will be easier to move applications to Windows 7 because it's on essentially the same code base, she said.

In a company blog post attributed to Schuster, Microsoft made recommendations to business customers to help them decide whether they should upgrade to Vista now or wait for Windows 7, which is expected later this year or, at the latest, early next year.

Many companies chose to stick with Windows XP instead of upgrading to Vista, causing Microsoft to keep new PCs with XP pre-installed in the market longer than originally planned. Once Windows 7 is released, which most expect before the end of the year, Microsoft will have two OSes built on essentially the same code base in the market at the same time, and Schuster said customers have asked the vendor how to choose between them.

To no one's surprise, Microsoft recommends that business customers still running XP or older versions of the OS upgrade as soon as possible, citing security and remote-management capabilities in both Vista and Windows 7 that weren't baked into the original XP release.

XP also was released before the majority of PCs in enterprises were laptops, and both Vista and Windows 7 have features that allow IT managers to better manage and secure laptops and mobile devices for the type of mobile workforce found in many enterprises today, Schuster said.

"When you think about Windows XP in that context -- it came out in 2001, when less than 10 percent of devices were laptops," she said. "There wasn't ubiquitous broadband. There weren't the levels of compliance and regulatory requirements. There weren't data protections."

What may be surprising in Microsoft's message, however, is that the company doesn't care which of its newer OSes customers move to -- Windows Vista or Windows 7 -- as long as they do what's best for their individual IT environments.

"What strikes me is that Microsoft is being fairly pragmatic about what the options are for customers," said Al Gillen, an analyst with IDC. "Microsoft seems to recognize the reality that customers aren't going to do what Microsoft tells them to do. They're going to do what's right for them."

Indeed, Schuster said Microsoft is "agnostic" about which OS customers upgrade to. She said Microsoft is just trying to set expectations for any upgrade that may be planned or in progress, so that customers aren't surprised by problems or complexities they may encounter.

Customers should examine their application and hardware environments closely to see which would be the best fit for them. "It really depends on the environment," Schuster said.

She did have some advice for customers depending on what OS they are currently running, and whether or not they have begun migrating to Vista already.

For customers still running Windows 2000, "they clearly need to move fast and need to move to Windows Vista," she said. Extended support for Windows 2000 ends in April 2010, and it will take a company 12 to 18 months to complete the upgrade. "They can't wait for Windows 7," Schuster said.

For companies that are halfway through a migration to Windows Vista Service Pack 1, they should continue that migration as planned, she said. However, if a company has begun piloting Vista and is not yet halfway through the migration process, moving to Vista Service Pack 2 -- which should be generally available in April -- is a better option.

Some customers have already said they plan to wait for Windows 7, and Microsoft is not recommending they change that course.

When Windows 7 is available, it won't be the first time Microsoft will have two OSes on the same code base in the business market at the same time. Windows 2000 Pro and Windows XP Pro were built on the same code base as well, and many business customers on Windows 98 waited for XP instead of moving to 2000, Gillen noted.

Windows 7 is essentially the second release of Vista, an incremental update that will include some usability features but not "cause a rift for Windows Vista applications" during a migration, he said.

It will essentially be about as painful for customers to move from XP to Vista as it will be to move from XP to Windows 7, Gillen said, corroborating Schuster's warning. He agreed, too, that a migration from Vista to Windows 7 will be far easier.

However, Gillen said that Microsoft's argument that customers should pick one or the other is more in its own self-interest than an actual necessity for enterprise customers.

"[Microsoft] is trying to use every lever they have to try to encourage customers to move," he said. "But customers are going to make their own decisions based on [their own needs]." Some customers may find they can stay on XP indefinitely as long as they can continue to patch and support their applications on it. Microsoft ends extended support for XP in April 2014.

One company that has already migrated to Windows Vista, and plans to upgrade to Windows 7 as well, is computer reseller Heartland Technology Solutions in Harlan, Iowa. Heartland is a Microsoft partner that participated in the Vista beta-testing program.

Arlin Sorensen, CEO and president of Heartland, said that Vista increased worker productivity, particularly because of its the improved desktop search functionality.

Heartland serviced about 1,900 individual small-business customers last year, each with its own set of unique IT needs, he said. However, one of the most common problems customers needed help with was finding documents or files they couldn't locate.

"This is where the ability to search more quickly and efficiently for files immensely improved productivity," Sorensen said.

"The whole Vista experience has helped in simple but very productive ways," he said. "There's a significant amount of time people waste looking for documents."

Heartland is a small company with about 75 desktops, so it was far easier for the company to migrate to Vista from XP than it would be for a large enterprise, Sorensen acknowledged. "We're definitely more nimble than an enterprise company would be," he said.

Zombie Massacre Game Enlists DMX

1988 Games' Ben Krotin revealed Friday morning to GamePro in an e-mail message that well-known hip hop artist and actor DMX will be appearing in Zombie Massacre as a playable character in the game.

DMX will be one of the four main characters in Zombie Massacre, which is best described as a cross between Crazy Taxi and House of the Dead where one player drives a vehicle while the other three players aim their Wii Remotes at the screen blowing away hordes of flesh-eating zombies (you can read all about Zombie Massacre in our interview from last month).

From Krotin's e-mail:

Players will be able to control 'X' as he helps the team battle their way into the city and drop off the bomb. Of course, that's no easy matter, especially when he's joined by the unlikely assistance of the police. -Ben Krotin

The entertainer's voice is being provided for his character in addition to his likeness.

Microsoft aims to 'Elevate America'

Microsoft is announcing on Sunday a job training effort aimed at giving technical skills to as many as 2 million Americans over the next three years.

The most significant part of the program, in which Microsoft is offering free certification and other technical training, is being done in a phased approach, starting with Washington state. The second component of "Elevate America," available online immediately, is a Web site designed to help people with the basics such as creating a resume and send e-mail.


Passman

(Credit: Microsoft)"Millions of individuals don't have the technology skills needed in today's economy. Through Elevate America, we want to help workers get the skills they need to succeed," Pamela Passman, Microsoft's VP for corporate affairs, said in a statement.

Microsoft's move comes as the United States has shed millions of jobs, a small number of which came from Microsoft itself as the company announced its first companywide layoffs last month.

As part of the Elevate America program, Microsoft is working with state and local governments and hopes to offer 1 million vouchers for e-learning and certification classes.

"At the federal, state and local level, leaders are working together to help start the engine of economic growth. The private sector provides much of the spark needed to jump-start that engine," Washington Gov. Chris Gregoire said in a statement. "Washington state is pleased to be the first state to partner with Microsoft to provide Elevate America to our residents."

It is not clear just how much the program will cost Microsoft. "The total value of the investments will depend on the number of vouchers that will be utilized, and the mix of courses and certifications taken," a company representative said in an e-mail. "The investment also includes cash grant and software donations to community-based organizations to enhance their technology capacity to deliver these programs."

Rewriting Facebook's Terms of Service

Facebook launched on Thursday a campaign polling users over its new draft Terms of Service (TOS). Applauded by advocates and seen as a revolutionary move toward democratic social networking, Facebook's new campaign is making its way on the Internet. But what are the new TOS all about?

Facebook created virtual Town Halls where users can comment and vote for 30 days (closing March 29) on the proposed draft Terms of Service. Two groups have been created: the Proposed Facebook Principles group, which highlights the rights and responsibilities of Facebook and its community and the Proposed Statement of Rights & Responsibilities group, which looks into the highly debated problem over who actually owns your content.

To refresh your memory, Facebook updated its terms of service (those long pages of small text that too many of us almost never read) on February 4. The changes went unnoticed, only until a consumer-oriented blog attacked them, sparkling an Internet-wide debate over why should the social network own your content. Shortly after, Facebook reverted to its old TOS, hence now polling users on what changes should be made.

Last-minute Conficker survival guide

Tomorrow -- April 1 -- is D-Day for Conficker, as whatever nasty payload it's packing is currently set to activate. What happens come midnight is a mystery: Will it turn the millions of infected computers into spam-sending zombie robots? Or will it start capturing everything you type -- passwords, credit card numbers, etc. -- and send that information back to its masters?

No one knows, but we'll probably find out soon.

Or not. As Slate notes, Conficker is scheduled to go "live" on April 1, but whoever's controlling it could choose not to wreak havoc but instead do absolutely nothing, waiting for a time when there's less heat. They can do this because the way Conficker is designed is extremely clever: Rather than containing a list of specific, static instructions, Conficker reaches out to the web to receive updated marching orders via a huge list of websites it creates. Conficker.C -- the latest bad boy -- will start checking 50,000 different semi-randomly-generated sites a day looking for instructions, so there's no way to shut down all of them. If just one of those sites goes live with legitimate instructions, Conficker keeps on trucking.

Conficker's a nasty little worm that takes serious efforts to bypass your security defenses, but you aren't without some tools in your arsenal to protect yourself.

Your first step should be the tools you already have: Windows Update, to make sure your computer is fully patched, and your current antivirus software, to make sure anything that slips through the cracks is caught.

But if Conficker's already on your machine, it may bypass certain subsystems and updating Windows and your antivirus at this point may not work. If you are worried about anything being amiss -- try booting into Safe Mode, which Conficker prevents, to check -- you should run a specialized tool to get rid of Conficker.

Microsoft offers a web-based scanner (note that some users have reported it crashed their machines; I had no trouble with it), so you might try one of these downloadable options instead: Symantec's Conficker (aka Downadup) tool, Trend Micro's Cleanup Engine, or Malwarebytes. Conficker may prevent your machine from accessing any of these websites, so you may have to download these tools from a known non-infected computer if you need them. Follow the instructions given on each site to run them successfully. (Also note: None of these tools should harm your computer if you don't have Conficker.)

As a final safety note, all users -- whether they're worried about an infection or know for sure they're clean -- are also wise to make a full data backup today.

What won't work? Turning your PC off tonight and back on on April 2 will not protect you from the worm (sorry to the dozens of people who wrote me asking if this would do the trick). Temporarily disconnecting your computer from the web won't help if the malware is already on your machine -- it will simply activate once you connect again. Changing the date on your PC will likely have no helpful effect, either. And yes, Macs are immune this time out. Follow the above instructions to detect and remove the worm.

Skype for iPhone: Beyond the Hype, It's Still Just

The new Skype iPhone app is more interesting as a political statement than as an application. Not that there is anything wrong with the app, except, of course for the large number of people who can't get it running properly. For them I have good news: You aren't missing much.

About half the early users, based on App Store feedback, love Skype for iPhone. The other half can't get it to run properly. I am one of the lucky ones, as Skype works fine on my iPhone.

However, once I started playing with it I realized that for all the hype, it's still just Skype. Not that it's a problem, it's just that Skype does what most other instant messaging clients can do these days--make voice calls.

Skype is much more impressive as a tool for desktop video conferencing than as a way to make phone calls on an iPhone connected to a Wi-Fi network, which is all AT&T and Apple will allow it to do, at least for now.

On Monday, I wrote that Skype over wireless data would be the end of cellular as we know it. That post generated a great deal of e-mail, including some additional information provided by readers. Here are a few highlights:

One reader pointed out that I wrote that Skype over wireless has "been tested in the UK with some success (and no carrier bankruptcies)."

According to this reader:

"It's more than a test: In many European countries (namely Austria, Denmark, Ireland, Italy, Sweden, and UK) and also in Australia and Hong Kong, you just walk in a shop, buy the phone and start making free Skype calls (only voice, no video, for now, at least in Italy). There is a flat monthly fee but it's ridiculously low, compared to the US monthly fees they ask just for voice.

"It's a product, it's ready, there isn't any cap on usage. And the carrier is making money on it, probably not a bunch, but a fair amount. When I moved in the USA I was surprised NOT to find it in stores here."

It is no secret that the FCC long-ago sold-out American wireless customers to the carriers. The reader offered yet another example of what a third-rate cellular system we have in the U.S.

Here's another response:

"I don't understand what is the big deal. I have a 3-year-old PPC6700SP PDA (from Sprint) and I've been running Skype on it for 2 years. Run it on the Sprint "Vision" data network. Works fine, but takes longer to "dial" a call. It's useful for certain things, however, such as international calls."

And another response, this one contradictory:

"While I agree wholeheartedly that "nanny Apple" should not be controlling the apps on an iPhone and as a result have been a Windows Mobile user for YEARS. The real issue for Skype on a 3G network is that it doesn't work. The 'bursting' nature of the 3G data stream which creates a simulation of continuous speed just doesn't work for VOIP. We in Windows Mobile land have known this for years! (Same on EDGE)"One reader proposed a whole new model for selling wireless:

"You're right that this is a shift, but big picture, the whole model we're using is silly. DSL, Cable, 3G, etc, etc - it's all so clunky and fragmented. Here's what I think ought to happen: Meld all these into a big network, and simply charge users annually by the (Ethernet hardware) address to allow access. Want your laptop to have internet access *anywhere* there's a signal? That'll be $100 a year, please. Want your handset to have a signal? That'll be another $100 a year. Wherever you are, grab the nearest network and go."

I like the model and especially like the pricing. There were many other comments, of course, many from people who don't like AT&T, don't like Apple, or don't like both companies.

Conficker Worm: Not Finished Yet

April 1 has come and gone, and the Internet has not disintegrated and no major cyber-attacks were reported. But Conficker still remains a threat. Now don't panic, this doesn't mean cyber-Armageddon could strike at any minute, it just means you need to make sure your computer is fully updated if it isn't already. Feel better? Good, then let's take a look at what's going on.

Why It Ain't Over Yet

The Conficker Working Group -- which is made up of 27 tech companies and agencies including AOL, F-Secure, Facebook, ICANN, Kaspersky, McAffee, Microsoft, Symantec -- says that Conficker, also known as Downup, Downadup, and Kido, is the largest worldwide computer infection since the SQL Slammer in 2003. The CWG estimates anywhere from 3 to 15 million computers are infected worldwide, and says 30 percent of Windows computers across the globe are not updated with the latest patches to protect against Conficker. The virus authors are also still at large and able to communicate with Conficker, although that capability has been significantly reduced.

Problem Spots


As you can see from this map provided by the CWG, Conficker infections in the United States are happening pretty much everywhere you can find an Internet connection. However, despite all that ominous-looking red, only 6 percent of Conficker infections are in North America. The biggest problem areas are actually concentrated in Asia and South America including Vietnam, Brazil, the Philippines, and Indonesia, as well as Algeria.

The hardest hit areas may also have a correlation to the number of unpatched Windows computers since Asia, Eastern Europe, and South America are areas known to have widespread use of pirated Windows software.

Since most Windows users with pirated software have automatic updates turned off to avoid Microsoft's piracy detection, those users typically remain vulnerable to Conficker. So the risk from Conficker continues, even though Microsoft allows critical updates for pirated copies of Windows.


What Conficker is Doing

Yesterday, Conficker began its daily exercise of contacting 500 Web sites from a randomly generated list of 50,000 sites. Conficker will continue to do this every day until it receives instructions to do something else. Further instructions could be a simple software update or the infected computers could work as a botnet to commit theft or attack other computer networks. The problem is that while security and IT professionals are working to block Conficker from getting further instructions, they haven't been able to block all Conficker traffic. So some infected machines have gotten through, but luckily further instructions haven't been issued, yet. Conficker's authors may be laying low until publicity surrounding Conficker dies down before contacting their creation.

If Conficker is updated or receives further instructions, that capability could pass between infected machines without further need of a server or Web site, because Conficker uses a peer-to-peer (p2p) protocol to communicate with other infected machines. That's right, Conficker is file-sharing. With p2p, the worm can distribute software updates much faster than if every infected machine had to communicate with a main server.

The Final Countdown?

Does this mean the world could still end? Probably not, and that was never the concern with Conficker despite the doomsday scenarios you may have read. The fact is that most security experts believe that Conficker is just a typical botnet worm that can be used for identity theft or to commit other forms of cybercrime. Conficker is most likely controlled by an organized crime syndicate in Asia, Eastern Europe, or South America, and the group may even rent out Conficker's capabilities if the botnet every becomes active.

Conficker is a threat only if your computer does not have the latest security patches from Microsoft and an up-to-date antivirus program.

Can Yahoo Out-Google Google in Image Search?

Yahoo has quietly updated its Yahoo Image Search preview page with a friendlier interface that displays larger images, and makes it easier to browse related thumbnails. Is it easier to use than Google Image Search? My first impression is yes. Let's take a closer look.


The image search home pages for Google and Yahoo are essentially the same: A query window with a few sample images below. However, Yahoo's images are culled from current events.

Okay, not a lot of difference above. But Yahoo's new preview page is superior to Google's. Let's search for "beaches" and click the first image result.

Yahoo's preview screen on the top of the next pair of screens displays a larger thumbnail of the image, as well as related images. By comparison, Google makes you click back to the results page to view more pictures. Both pages display an image search window at the top of the screen.

Bottom line: Yahoo offers a better user experience, and its revamped Image Search may persuade some users to give it a try. If nothing else, it'll force Google to pick up its game a little.

Conficker Eye Chart: How it works

Many readers have been wondering what the easiest way is to determine whether their computer has been infected with the Conficker worm. Previously I've pointed them to this Conficker Eye Chart -- and that recommendation still holds -- but now I want to respond to further questions about how it works.

First, some have looked at the spartan Eye Chart and have worried that it might be, at best, a sham designed to lull you into a false sense of security and, at worst, yet another delivery mechanism for the Conficker worm. It is neither. The Conficker Eye Chart is in reality a very clever way to determine if your computer is compromised, and it doesn't require you to do anything but click one link.

Here's how it works, in brief: Visit the web page linked above and you'll see six images: The three on top are for security software websites, and the three on the bottom are the logos of various open source operating system distributions. The clever part of all this is that the logos aren't actually being served from the web page linked above, but are rather drawn directly from the six different websites to which each logo belongs.

Conficker (as many other pieces of malware) blocks your web browser from reaching many security websites, so if you don't see some of the security logos on the page, you probably have a problem. Why include the open source logos below it? Because if they don't show up, you are probably simply experiencing an internet connectivity problem instead of being the victim of a malware attack.

Whatever you see on the Eye Chart page, just scroll down a bit to determine how to interpret the images in question. Different strains of Conficker will cause a different set of logos to appear (since Conficker.B doesn't block the SecureWorks logo). Of course, you should also remember that many other viruses and worms block access to security software websites, so not seeing some or all of the images could also be a symptom of a different infestation. If you see all the logos, you're probably in the clear.

One point to remember is that Conficker's creators -- or someone -- have been attempting to attack the Eye Chart page directly, so the page may not load at all. If that's the case, don't assume you have Conficker; it's probably just a temporary site outage.

Instead, try one of these other sites, which are also hosting the exact same Eye Chart and which will work exactly the same way. > joestewart.org > baylor.edu > talkbiz.com

Microsoft has launched a trial product to connect users to the people and places they care about especially when crisis hits.

The company said the main inspiration for Vine came from Hurricane Katrina.

The product is designed to keep family and friends in touch when other communications fail or falter.

The Seattle Times has described this hyper local, personalised message and alert system as "Twitter + Facebook on steroids".

In a slick video, Microsoft demonstrates a number of ways the service could be used.

In one example, "Doug" is planning a trip to the mountains but a constant deluge of rain means schools in his local area are forced to close and the community is put on high alert.

Using Vine, Doug keeps in touch with friends and family and with what is going on locally to make sure everyone stays safe.

Another example includes "Dave" whose wife goes into early labour and uses Vine to make sure the neighbours keep an eye on his house, take the dog out for a walk and cancel baseball practice.

Microsoft said the aim is to keep people connected. Brier Dudley of the Seattle Times said the critical audience are those involved in emergencies.

"Microsoft's main emphasis now is providing Vine to emergency management officials, who are intrigued by a new tool that could be used to broadcast and receive information during a disaster or other major event."

"Superhero software"

Vine works by downloading a "dashboard" application using Windows Live ID. Users say where they live or where they are at any given moment and information from 20,000 local and national news sources links to that location.


The hurricane crippled the city and communication networks
Information is also provided by the National Oceanic and Atmospheric Administration and the National Centre for Missing and Exploited Children.

Users can also view and post alerts in a variety of forms from quick messages to longer reports.

"Microsoft Vine aims to create an inclusive network so that ultimately anyone can participate, though a social networking application such as Twitter or Facebook or using e-mail, any computer connected to the internet, or a mobile phone, kitchen phone or special needs device," said the software giant.

Initial reaction to the service, which has been described as "societal networking" has been positive.

CNET's Caroline McCarthy has dubbed it "superhero software".

But she said "all joking aside, the web's biggest players are gunning for a way to appropriately harness social media for emergency preparedness.

"Google's non profit Google.org arm has launched a project called Innovative Support to Emergencies, Diseases and Disaster (inSTEDD) with similar goals, and Google has invested $5 million in it."

The service is currently in beta which means Microsoft is looking for people to sign up to try it out and give feedback.

The company, which is testing Vine initially in Seattle, is hoping to recruit 10,000 people to put it through its paces.