A little while after the first exploit was patched, an interview with Mikeyy Mooney stated that the 17-year-old owner of the StalkDaily site was responsible. The StalkDaily site was then updated to show the following message:

I have came clean and have accepted the responsibility for the worm, read the interview here, http://www.bnonews.com/news/242.html.

Twitter thought it had sorted the issue and so they went to bed – well that's what it seemed, as it took them ages to notice the next wave. However, that wasn't it and as soon as Mikeyy got his newest script hosted, he activated wave 2, utilising an even bigger hole in the system. It enabled him to spam messages, as before, follow the user @onedegrees – who has now been suspended – change your name, your URL and your Twitter design's link colour.

This time, tweets were being sent out with the word Mikeyy in them and they included warnings to Twitter to fix the issue, such as:

Dude, Mikeyy is the shit! :)
Man, Twitter can't fix shit. Mikeyy owns. :)
Mikeyy. Woooo!
Wow…Mikeyy.
Dude! Mikeyy! Seriously? Haha. ;)
Twitter should really fix this… Mikeyy
Twitter please fix this, regards Mikeyy
damn mikeyy. haha.
Mikeyy is done..
Mikeyy I am done…

All you had to do was visit an infected user page and you too would become infected. It uses a simple XSS injection that, when executed, infects your own user page and spams your timeline with the above messages. Many people thought it was a virus that they had downloaded or that someone had logged into their account. This is not true, in fact, the script itself is completely harmless and does not compromise your Twitter password. It simply uses your web browser's cookies and JavaScript to tweet one of the random messages. No-one has actually logged into your account.

Once you had visited an infected user page, your name would be changed to "Mikeyy Owns", you would automatically follow @onedegrees, your link colour will have changed to a fluorescent blue and your URL changed to one of the many obfuscated JavaScript injections. This meant that every time someone else visited your page, they too would become infected. Truthfully, it was an extremely effective worm; it spread like wildfire.

Clearly, Twitter had a major problem on their hands. However, the biggest problem is the viral nature of social networking itself. The code sent out tweets under your name, but instead of users just ignoring it, they hit the panic button and re-tweeted anything they saw, which just compounded the problem. Twitter is aware of the problem and is apparently working on it. Any re-tweets are just adding to this guys notoriety and ensuring his name won't be forgotten in a hurry.

I saw a lot of tweets claiming you needed to change your password. This made the matter worse and gave people something more to panic about. Changing your password stops the script from running because the cookie made by Twitter gets destroyed (changing passwords means you would have to log out and back in, which resets your session). The session is what the script relies on to post the tweets. So even after changing your password, if you visited an infected user page, your account could still be reinfected. If your profile was infected, all you had to do was delete any tweets on your account that were not written by you and check all of your settings fields – most importantly name and URL. The coder never actually got to see any passwords, e-mails or names.

Twitter claim to have fixed the loopholes. Their blog post regarding the attacks gives us the low-down on what they did, are doing and going to do. According to that post, there were actually 3 waves of attacks, that began yesterday. The first and second waves compromised roughly 100 accounts each, while the third wave today, mangaged to rack up nearly 10,000 tweets. However, this whole experience is not over yet and there will likely be variations of this worm released over the next few days, so just be careful what you click.

Launched in December 2001, FileFront was a popular destination for gamers looking for patches, mods, demos, videos and other game-related content. They also took the initiative and hosted a wide range of other software, including drivers, internet software and audio-video. However, the site's future became uncertain when UGO acquired 1Up from Ziff-Davis; FileFront was not part of the sale and while Ziff said it would continue to operate FileFront as part of the PC Magazine digital network, the company's struggles cast doubt on how long it could afford to keep things going.

Many have linked this closure to the current economic situation and others have wondered if it's all just an April Fools joke. However, one thing is clear; all indications are that the post is legitimate and the site is indeed going under. For instance, the forums have been completely deleted and you are now greeted with an Apache welcome page instead.

FileFront has long been a reliable download mirror for many games, including MMOs, in the past. It's high download speeds, free uploading and great reputation will be sorely missed by all of it's fans. We have been made aware of the Ziff-Davis financial troubles for quite a while now and earlier in 2008 we were notified of the closure of the popular EGM gaming magazine. After the closing of FileFront the only remaining properties of Ziff-Davis will be ExtremeTech and PC Magazine.

The official statement from the FileFront website is short and sweet:

Dear FileFront User:

We regret to inform you that we are forced to indefinitely suspend the FileFront site operations on March 30, 2009. If you have uploaded files, images or posted blogs, or if you would like to download some of your favorite files, please take this opportunity to download them before March 30th when the site will be suspended.

We would like to give a warm thank you to all of you who have been part of the FileFront communities we have built together. Your support has had a meaningful impact for all of us here at FileFront. Again, we want to give you a sincere “thank you” for your support over the years and wish you all the very best.

Keep gaming alive,
FileFront Management and Team.

I wonder what is going to become of the near-50 terabytes of data and whether or not FileFront will ever be able to make a return.

March 10, 2009 (17:26):The Register now has an article on this. Law enforcement backdoors and hoaxes gone wrong are amongst the main conspiracy theories. All we really want is an official report from Symantec to clear up the issue; it doesn't seem so strange anymore, just a little bewildering.

March 10, 2009 (16:15):SANS Internet Storm Center says they had a phone conversation with a Symantec employee confirming that the program is theirs; they said it is part of the update process which is not intended to do harm. However, Norton still hasn't explained why they are seemingly covering their tracks.

March 10, 2009 (15:41):According to Encyclopaedia Dramatica, this could be part of a the so-called "Magic Lantern" software by the FBI – though Encyclopaedia Dramatica is by no means a trustworthy source, whatsoever. This is a little far-fetched because the executable was not directed at the States, just Norton users in general. However, Wikipedia's Norton entry also supplies evidence to this theory.

March 10, 2009 (15:22):Norton forums are now officially in maintenance mode. There is still no word from Norton as to what pifts.exe is.

March 10, 2009 (15:04):It's now hit the press. The Washington Post and The Inquirer both report it.

March 10, 2009 (14:35):Norton's community forums kept going down and were taken offline for maintenance at one point. They seem to be back now though.

March 10, 2009 (13:59):I'm getting a lot of traffic directly from the Norton forums; apparently their is a spam raid in progress and a load of threads are linking to this post! The moderator's don't seem to be able to keep on top of the deleting anymore. I've got 174 active visitors just staring at this post as we speak.

March 10, 2009 (11:40):Digg is now fully available again. This article has been submitted. Digg it, we need something on the front page!

March 10, 2009 (10:42):There were a load of articles about this on Digg and the whole site (yes, Digg) seems to have gone down. It's disappeared. However, using a proxy server to access Digg works fine; are we being blocked from accessing it? This is getting weird.

Apparently something big is happening. A mysterious program known as pifts.exe is attempting to contact a server in Washington DC and seems to be associated with Symantec's anti-virus system, Norton. There is virtually no information on the internet regarding pifts.exe, aside from this blog and threads such as these. Symantec are supposedly deleting any mention of pifts.exe from their community forums and so users have moved on to community blogs and forums, such as ZoneAlarm.

On ZoneAlarm's forums, one person reports talking with various representatives of Symantec for two hours without receiving any answer as to why inquiries posted on the Symantec forums were being deleted. The caller was told that pifts.exe is part of Symantec's update installation process, was denied any further information regarding the purpose of the file and was repeatedly transferred to a new representative when asking why inquiries about pifts.exe were being deleted from Symantec's forums.

1. Escalate any potential e-mails from banks you have accounts with by phone
   In the hundreds of potential spam emails you get, if you do get an e-mail from an institution that you have an account with, avoid clicking on the links. Especially if the e-mail suggests a problem of need for verification, you're best to call up a banker at the company directly: they will be able to tell you if the inquiry is legitimate, and, if so, can help you resolve the problem. Make sure the phone number you use is the one you know is genuine and a direct connection to the bank – safely ignore all numbers and information in the email itself.
2. Never click on links in e-mail messages
   Even if a link seems benign, promising to take you to destination you want to go to, resist the temptation to click it. Instead, you can right-click and select "copy link location" to review the link and see where it will take you: if the link is legitimate, then you can just type it in directly and if it's not, then you can discard it. Be aware of similar but different URL string, such as substitutions of "zeros" for "Os". By avoiding direct links entirely, you'll make sure you're always on a real site.
3. Make sure that you're on a real site if you are using a shopping coupon
   On-line retailers distribute coupons to a large number of sites and via e-mail. If you absolutely must take advantage of one of these offers, then you'll want to pay extra attention to the security of the checkout process. You can verify the security by looking for a  secure URL that starts with "https" as well as a SSL certificate (Secure Socket Layer) which ensures that you're on the right site. In fact, any time you use a credit card on-line, you should follow these steps.
4. Keep your computer's anti-virus and security applications updated
   While there's no sure-fire way to protect yourself after-the-fact from potentially harmful downloads, you'll want to make sure you're well protected in case a malicious file falls through your radar. Although prevention is the best policy, having a solid firewall and anti-virus system will act as an insurance policy. To ensure you're protected, use the latest software packages and keep them updated on a regular basis (ideally, with automatic updating.)
5. Disable pop-ups and clear your browser cookies
   A lot of times, phishing scams work by collecting data on your browsing activities, allowing them to target you with certain ads. This is a violation of privacy and can open potential further security loopholes. By clearing your cookies and setting your browser security settings high, you can ensure you don't fall victim to a spy ware scam.

This article is contributed by Maya Richard, who regularly writes on dial up internet. She invites your questions and feedback at her personal email address: mayarichard at gmail dot com.

If we were to divide online criminals into categories, we get all sorts:

• Employees who use the Internet for their own purposes on company time are seen as engaging in illegal activities by their employers, even though they are only surfing the net, chatting or sending email.
• Those who share and use intellectual property without prior permission.
• Those who send fraudulent emails purporting to represent banks and other financial institutions and ask for sensitive information either to gain access to your account or to steal your identity.
• Those who abuse wireless networks to sniff sensitive information as it’s being sent over the Internet.
• Those who use software to track passwords and usernames as they’re being typed on keyboards.
• Those who use bots to send huge amounts of spam email.
• Those who release viruses and other malware into a network to cause mayhem and shut down the system.
• Those who do business in child pornography.
• Those who operate illegal gambling sites.
• Those who use the net to sell banned drugs.
• Those who use the web for terrorist activities.

Online criminals are getting bolder and more daring in their attempts to steal data and money because there are no concrete laws that govern cyber crime. Some countries are more ambiguous than others in defining what constitutes illegal activities, which means that jurisdiction issues raise their head when it comes to prosecuting criminals who are in those countries. Since the Internet spans countries and their borders, a conman in Ukraine can steal from people in the United States. Even if the crime is discovered and the criminal traced, extradition and cyber crime laws that vary from country to country make it hard for law enforcement officials to bring the crooks to book. The best way to battle cyber crime as of now is to understand that there are people out there who are waiting to catch you unaware, avoid giving out sensitive information online and clicking on links that come from strangers, and use secure sites when conducting online money transactions.

This article is contributed by Heather Johnson, who regularly writes on dial up Internet service. She invites your questions and writing job opportunities at her personal email address: heatherjohnson2323 at gmail dot com.

Why don't we start auto-truncating the "www." from all websites, so the 95% of society who never knew what it stood for in the first place can chill out and stop typing it. We should adopt a new practice: shred the "www." prefix.

I really don't think it is a good idea to truncate the whole of the "www." prefix from every single website, even if no-one seems to understand what it means, this will cause people to become even more confused than they were before. It has begun to happen though; most television advertisements you see that include text containing their website's URL do not include the "www." prefix. Yet more than half of the people who then navigate to the website (after seeing the advertisement) type the "www." and about a quarter of those people go all the way and type "http://www." as well.

In my opinion, I think that we should keep the prefix for any URL that does not have a sub-domain; for instance if you were to navigate to the Google homepage you should append the "www." prefix to the front of the URL to make it look tidier, but if you wanted to navigate to the Google Image Search page you would lose the prefix because the sub-domain in "http://images.google.co.uk/" is "images", thus making "images." the replacement of "www.".

Uniform Resource Locators are funny things though.

I have been tweaking a few things on my blog even though I have not posted. For example the 'Random' button above randomly selects a post from my blog so that you can discover old posts and read up on older subjects. Hopefully a few of my other tweaks (such as the date and mini-navigation at the top of the page) will be added to a K2 Explained article in the near future.

Anyway, we all know that Internet Explorer has a tendency to mess up a web page by not showing it as many other browsers do, but this just takes the piss. When you first arrive on my blog with Internet Explorer, all seems well, but already it has thrown an error about one or more of the object's on my page not supporting some sort of property or method (shown in the status bar). The Recent Readers section on the sidebar (from MyBlogLog) doesn't want to be shown properly, it just has a block of white space with no user images. Internet Explorer also insists that my blog have some sort of pointless white space padding at the very bottom of the page, not an eyesore but still annoying. The text on the page seems to be a lot smaller than it should be and can be hard to read in some places. Lastly, any image that is transparent will show up as grey instead.

Currently I am in the process of creating a website and am having some unexpected issues in Internet Explorer. I am coding it by hand and using Flock to preview the pages and all looks good in Flock, yet Internet Explorer has some weird issues that just aren't acceptable. To start with, the header menu has some unintended white space padding on it's left hand side, making it overlap the sidebar but sits perfectly in Flock. The sidebar itself doesn't stretch the full page in Internet Explorer, but does it Flock. I have a tiling effect for the gallery that I am adding to it, these are div tags, enclosed in a link. These should float next to each other on the same line then automatically drop a line when they cannot fit on the same line anymore, works well until you view it in Internet Explorer; they then seem to overflow into the sidebar, drop down 25% of a line and the link can only be clicked from the text inside the div.

Rather annoying things like this makes you wonder whether making a website in CSS and div tags is really worth all the hassle. You may as well use tables and images.

It doesn't end there either, the sleek design of the website makes it even easier to view your statistics, take screenshots without having to make edits and it also gives you something to look forward to. I really hope that this service stays free when it comes out of beta so that you can use it without limitation with all of the features that are currently available. I wouldn't even mind if they added advertisments to their website so that they can boost a bit of money to pay for some of the expenses.

I can't wait to get some statistics running through it so that I can start using them to make my website more browser/user-friendly. I would recommend Reinvigorate for anyone who likes to make use of statistics or even just simply to find out who visits your website at what times.

They are very much like Google Analytics but more advanced, have slicker designs and the data is displayed as simply or as complex as you like. Both of them are currently in a closed beta phase, so I cannot test them as of yet, but I would love to see what they are like. I have submitted my email to them both and when they open for subscriptions again I will be one of the first to know.

I will let you know if I get a subscription and then post a review or two on them after that time. That is about all I can write on this matter at the moment as I have not seen what they can do or how powerful they are. Watch this space.

When you find a colour scheme you like you can then download it as a Adobe Photoshop swatch and use it straight away, or you can copy the HEX code straight from the web page. Even if you don't find a palette you like, you can press create, enter a base colour, select a rule and the application will automatically select 4 other colours that it thinks will complement all of the colours it has chosen, according to the rule.

There is even a favourites bar at the bottom of the page whereby you can drag palettes from the lists to it to add them to your favourites so that you can easily access them whenever you wish. When you select one of the palettes all 5 colours will load at the top of the page, showing how they look together. If you click this they will be stretched over the whole flash document so that you can see them in a larger view.

That's not all. You may have thought that because the website is made in flash that you cannot rate or comment on each palette, but this is not the case. Each and every palette can be rated out of 5 and can be commented on just as if it was coded in PHP. There are 3 lists that you can choose from: popular, showing the palettes with the most downloads, highest rated, showing only the palettes with the top ratings and newest, showing the palettes that have recently been added to the collection. Each of these have their own RSS feed so that you can add them to an RSS reader. How cool is that?

If you are ever stuck for colour inspiration for digital art or images then I would strongly suggest visiting Kuler before anywhere else.