Even the experts disagree about who among the top botnets is actually top - Kraken, Bobax, Storm or some other.

No matter though, the fact is that these botnets are not run by kids - they're run by criminals - cybercriminal organizations from across the world. They're making money easier than they did robbing banks and stealing cars - or running drugs and scamming shippers; and they're making the money off of YOU!

Well, hopefully not off you, my readers - hopefully you've been listening to me and have not opened anything sent to you unannounced or visiting questionable web sites. You've been running recent firewall software and anti-virus.

But no matter whether you've been doing all the right things or not, today you're vulnerable to having your computer taken over and used by the bad-uglies for their own purposes - and you may not even know that they've done it.

Today's bot-ware is so sophisticated that some of it even eliminates other bot-net software, keeping your system for itself. In some ways this might even be a not too bad situation; "hey - my computer's infected with the new xyzzy botnet and it got rid of all the other crap on my system that was slowing it down something awful - and it guarantees that it will only use 5% of the CPU and my outbound bandwidth on average, and only runs when I'm not at the keyboard, so what the heck - not bad!"

Not only are they sophisticated in their creation of software, they're sophisticated in hiding from the anti-virus vendors and in bypassing firewalls.

But the problem is they're not just targeting "other people" - they're targeting you too. These guys are sly enough to grab your keystrokes and snoop on your passwords, putting the information away for another day so you don't suspect they're going to do anything.

When you have tens or hundreds of thousands of computers, you can send literally billions of spam messages a day without breaking a sweat - and if only a miniscule number of recipients act on them, the bad-uglies are still ahead of the game. And they've gone through your whole computer looking for stuff they can use to social-engineer entry into your bank, your employer, your tennis club, your Boy Scout troup, Air Cadet league, or any other organization you belong to and converse with online. They're looking for anything they can use - and in today's world, the more personal, the better.

Social Engineering is what it's all about:

Finding out your boss' e-mail address so they can send them a "document" that purports to come from you - and actually contains an exploit that will let them suck the payroll account of the business dry - no pay for you!

Finding the address of any children you correspond with so they can sell it to a pedophile or use it themselves to get access to their computers  - and find even more children.

Finding the way into any and every aspect of your life - if not for use today, then for use tomorrow as they get more and more specific in their targeting.

Yes, we're no longer dealing just with wholesale spam and non-specific targets, we're dealing with crooks that target specific businesses, organizations and even individuals; currently mostly the largest, but they're working their way down the list towards the rest of us and it won't be long. Couple some of the computer industry's efforts in Artificial Intelligence (AI) and the incredible amount of computing power available in today's "cloud" computing (use of massive numbers of computers as if they were one big computer facility) and add in the fact that the crooks are either becoming smarter or paying the smart people to become more crooked, and you have an epidemic of nasty badness happening.

What does all this mean to you, the general computer user?

What it means is that your continued use of the internet is down to you;

The latest SANS @RISK newsletter highlights some fairly nasty problems that have come to light - including one that potentially affects anyone with a laptop with Intel's WIFI "Centrino 2200BG" wireless chip in it - and that's a lot of machines as this is a popular chip.

Google's blog today has an excellent entry about the types of attacks the bad guys are using these days - and what they're doing about it in their search engine.

"Google works closely with the security community to identify malware on the web and then share that information more broadly. We've set up a number of automated systems to scour our index for potentially dangerous sites, and we add a label to those that appear to be a vehicle for malware. If you're searching on Google and click on a link that we've flagged, a warning page will appear before you move forward."

They also point to an excellent web site that tells you a lot of what you might need to know about how to tell if your system is infected and how to get rid of the infection, as well as hints and tips on identifying problem sites and how to report them too.

Well worth the reading - StopBADware.org

At the Voice/Video on the Net (VON) show last year (2007 March) we met with a group of people from Neokast, the reason we were at the show at all. I had read an article by Robert X. Cringley of PBS a columnist I read fairly religiously.

We were up against the typical problem of video on the internet - bandwidth costs. Streaming the live cameras from the various eagle and other wildlife sites had cost well in excess of $50,000/month the previous season, and we were no longer able to take advantage of the largess of the streaming provider we had previously partnered with, so we were shopping for alternatives.

Neokast at that point was just launching the beta of their streaming server and player, and they were delighted to have us as one of their key providers of content for testing and evaluation of their service. The members of Hancock Wildlife Foundation were given direct access to the beta and feedback from their engineers - and we streamed our cameras live via their site as well as via both our own minimal Windows Media server, and our pay-for-view partner, Insinc.

Neokast has since proven to be endlessly inventive in getting their products ready for prime time - to the point now where they have launched. Their new stream server has been running as many as 10 concurrent, full-time streams from our server for several months now. Recent updates to it have made it very stable and easy to work with - allowing me to add new streams easier than I can add them to our regular web site.

The one fault I have with it at this point is that it only works with Windows Media streams, but I understand that they are working on adding other types.

I had to pass this on - from my friend Ingram

My parents told me about Mr. Common Sense early in my life and told me I would do well to call on him when making decisions. It seems he was always around in my early years but less and less as time passed by.  Today I read his obituary. Please join me in a moment of silence in remembrance, for Common Sense had served us all so well for so many generations.

I've been following a number of stories of various digital devices arriving from the store with viruses on them - viruses that infect the computer you use to load/unload them.

The include everything including MP3 players, Disk backup systems, digital cameras and the new "digital picture frame" that shows a series of pictures you load from your computer.

The initial reports seemed sporadic, and SANS put many of them down to devices that had been returned to the store after initial purchase, where the initial purchaser's system had infected the device either inadvertently or purposely, and the store had simply put the device back on the shelf without checking it.

I've replaced my original Office 2007 Compatibility Mode Confusion paper on slideshare.net with an updated version.  I had to delete and re-create the existing one, so the link to it from your blog is  now broken.  Here is the correct link: http://www.slideshare.net/funnybroad/office2007-basic-compatibility-issues   Feel free to correct your blog posting, or even to create a new one announcing this new updated version.... everything has been re-tested with Service Pack 1, and sadly, compatibility still sucks.

Back in February 2007 I wrote about how Microsoft's Vista OS could "bit-rot" your files if you did something they (Microsoft) thought you should not do. http://blog.pacdat.net/article.php/20070204201516220

Well, here we have evidence that this is exactly what is happening - and it is even worse than I predicted!!!

The original article  was unfortunately not available when I first read this because the guy who posted it has "exceeded his CPU limit" at his ISP - something that won't happen on my site as I own the whole server :)

This http://yro.slashdot.org/article.pl?sid=08/01/03/2339248 article from Slashdot points out that when the original author purchased a new HDMI monitor for his PC, the Netflix Digital Rights Management software (which uses Microsoft's DRM base in Vista) would have (if he'd allowed it to run) removed movies he'd purchased from Amazon's Unbox video facility - a completely unrelated product - just because they didn't conform to Microsoft's DRM scheme.

So in this case the files he had from Netflix would not play at all - even in downgraded resolution (they're less resolution than the new monitor could show) but the fix would have removed other content that he legally had paid for!!!

If you run Vista, you don't control the use you can put your machine to - Microsoft does - and that's just WRONG!

So if you received a new HDMI monitor for Christmas and are having problems with it hooked to your Windows Vista box this may be part of the problem.

If you purchase an new monitor in the future and things stop working until you "put in the correct fix" - make sure you read the messages that come up when you are about to install whatever the tech people tell you do - as the Gotcha's in it can be significant. In this case the guy did read the messages and didn't run the fix - but now he can't use Netflix and view those movies unless he "downgrades" to his older VGA (analog) monitor instead of using his new (and expensive) digital one.

Beware!!!

Proposed New Year's Resolution...

"I resolve to get myself out from under the thumb of Microsoft in as many ways as I can, starting with downloading and installing Open Office"

Many of you, my audience, have been hooked on Microsoft's products for long enough that you probably have old files around that were created with early versions of Microsoft Office; Word, Excel, etc.

Microsoft in their infinite wisdom have decided not only to disable support for these old formats in their latest update, but also those of Lotus-1-2-3, Quattro, Corel  Draw and some others.

They do document a very convoluted way of working around this in their bulletin (where you can also see a list of the versions and files they are now blocking) but I have a better idea:

Download and install Open Office for backwards compatibility. Not only will it read an astounding list of file formats, it also is good enough now that many governments and large corporations around the world are standardizing on it, rather than Microsoft's products.

More information here: http://support.microsoft.com/kb/938810/en-us
Open Office may be found here: http://download.openoffice.org/2.3.1/index.html