China's leading search engine Baidu has pinned the entire blame for the recent attack on its site on American domain registrar Register.com. The hackers, who identified themselves as the Iranian Cyber Army, had disrupted Baidu's services for hours on January 12. They diverted all traffic meant for Baidu.com – the Chinese site (Baidu.cn) wasn't affected – to a page maintained by them.

Baidu has wasted little time in slamming Register.com with a lawsuit for "gross negligence" on the latter's part. It said in a statement that the registrar's negligence abetted the attack on its site. But the domain registrar believes that Baidu has no case against it and its suit is without merit.

"Register.com takes cyber-terrorism very seriously and we are working closely with federal law enforcement officials who are investigating this crime as well as the recent similar attacks on Twitter and Google," a spokesperson for Register.com said. The same group that hacked Baidu had also attacked Twitter last month.

At one point in his life, Albert Gonzalez used to serve as a federal informant in Miami. And now? Gonzalez will serve anywhere between 17 and 25 years in prison under terms of separate plea agreements for his role in orchestrating the theft of millions of credit and debit card numbers by hacking into computers of prominent retailers, according to an AP report.

"This is a young kid who did some reckless things and he's going to pay a price for it," said Gonzalez's attorney, Martin Weinberg, after his 28-year-old client calmly answered guilty to charges of conspiracy and wire fraud.

According to authorities, Gonzalez worked as a computer security consultant and was the ringleader of a group that targeted large retailers. Gonzalez had a chance to set his life straight when, in 2003, he was arrested for hacking but not charged because he agreed to become an informant. But over the next five years, authorities say he still hacked into computer systems of retailers, collecting $2.8 million for his illegal efforts. As part of the plea deal, Gonzalez will forfeit more than $2.7 million in cash, plus several assets, including his condo, his car, a Tiffany ring, and several Rolex watches.

Following a $1.25 billion settlement with AMD, the FTC decided to move forward with an investigation into Intel's business practices. Be that as it may, at least one analyst is downplaying the situation, rejecting the notion that the courts will force Intel's hand at licensing modern x86 instruction sets to other firms, EETimes reports.

Doug Freedman, an analyst with Broadpoint AmTech, said the potential ramifications of the FTC's case against Intel are "overblown," and went on to emphasize a "buy" rating on the chip maker's stock.

"Our call is that INTC is the best value in semis is predicated on stronger than expected earnings driving in server and notebook markets, concurrent with concerns about FTC actions becoming better understood as the legal process enters the public domain," Freedman wrote in a note to his company's clients.

Freedman added that Intel has a "much stronger case than people realize" and expects a favorable ruling before the end of 2010.

In what's turning out to be a game of cat and mouse, Apple last week disabled support for Intel's Atom processor through a Snow Leopard update, a tactic the Hackintosh community insisted would present only a temporary setback. They were right, thanks to a Russian hacker known as "teateam," who says he has restored support for Atom-based Hackintoshes running Snow Leopard 10.6.2.

"The problem originates in a revision to the kernel in 10.6.2. The changes Apple made to the latest mach_kernel removes support for [Atom] processors, leaving updated netbooks in a useless state," InsanelyMac member "blkhockypro19" explained in a forum post.

TeaTeam's hack appears to address the issue, though Jeff Porten of MacWorld warned that performing the crack is not something to be taken lightly.

"You'll need to roll up your Terminal sleeves for a few simple steps here," said Porten. "And, of course, replace the kernel of your operating system -- the fundamental code that underlies everything else in Mac OS X -- with a file you've downloaded from the Internet."

Not only that, but it's only a matter of time until Apple releases another update that, in all likelihood, breaks support again. Apple hasn't been sympathetic to the Hackinstosh community, and even went so far as to serve Wired.com a cease and desist order after the tech site posted a video with instructions on how to hack a netbook to run Mac OS X. 

Image Credit: adisetiya.files.wordpress.com

There's a lot you can do with a jailbroken iPhone, and apparently, there's a lot others can do with your hacked smartphone as well. A hacker from the Netherlands made it his mission to alert modified iPhone owners via SMS that their security wasn't up to snuff.

The SMS contained a link to http://doiop.com/Hacked, which has since been eradicated from the Web. But before it was taken down, the site asked victims to send 5 euros (about $7.56 USD) to a Paypal account and then sit tight for email instructions on to secure the hacked phone.

"If you don't pay, it's fine by me," the hacker's page said. "But remember, the way I got access to your iPhone can be used by thousands of others -- they can send text messages from your number (like I did), use it to call or record your calls, and actually whatever they want, even use it for their hacking activities! I can assure you, I have no intentions of harming you or whatever, but some hackers do! It's just my advice to secure your phone."

According to ArsTechnica, the hacker used port scanning to identify jailbroken iPhones on the T-Mobile network in the Netherlands with SSH running. The hack also relied on unchanged root passwords to gain access, which is where the real security risk came from.

So what can you do to secure your phone? The same hacker who tried to make a quick buck has apologized for his actions, promised to return what money he's made, and posted steps to secure your jailbroken iPhone, which you can find here.

Image Credit: ArsTechnica

One surefire way to egg on the hacking community is to place ever increasing restrictions on your product, essentially daring black hat coders to find a back door. Nvidia is finding this out the hard way, after the GPU maker modified its latest PhysX drivers to prevent any non-Nvidia GPU from working, says news and rumor site The Inquirer.

And if that weren't enough, the latest version of PhysX also prevents physics processing unit (PPU) cards from working if it detects a non-Nvidia card in the system. That may have been the proverbial straw that broke the hacking community's back, and a hacker who goes by the handle GenL has put together some experimental code that stops Nvidia's drivers from shutting everything down when it detects a Radeon card.

We haven't tried it ourselves, but if you're feeling adventurous, rebellious, or both, you can grab the code here.

Good news today for Terry Childs, a former network administrator accused of hijacking San Francisco's computer network he designed and maintained. A judge has dropped three tampering charges against Childs, leaving just the sole charge of denying city authorities access to the network.

Childs, who has been in custody since July 2008, was working at San Francisco's Department of Telecommunication Information Services for five years before allegedly being disciplined for poor performance. Superiors also accused him of electronically spying on his supervisors and their attempt to fire him. Among the allegations, Childs is said to have refused to surrender secret codes that would allow access to the system, but ultimately coughed them up to San Francisco Mayer Gavin Newsom in a secret meeting after spending a week in jail.

According to Childs' attorney, his client was only trying to protect the network from incompetent city officials who were trying to force him out of a job and that there was no malice involved. Childs is currently being held on $5 million bail.

Jailbreak your game console and no one is likely to take notice. But make a home business out of jailbreaking consoles for others and you may draw the attention of Homeland Security.

At least that's the case for Matthew Crippen, a 27-year-old Cal State Fullerton liberal arts student who was arrested by Homeland Security authorities on Monday. Crippen was picked up for allegedly violating the Digital Millennium Copyright Act (DMCA).

"Defendant Matthew Crippen willfully and for purposes of commercial advantage and private financial gain, circumvented a technological measure that effectively controlled access to a copyrighted work, more particularly, used software to modify a Xbox machine's Optical Disc Drive so it would circumvent the anti-piracy measures contained on the original unmodified Optical Disc Drive," U.S. attorney Thomas P. O'Brien wrote in the indictment (PDF).

In a telephone interview with Wired.com's Threat Level, Crippen maintains the purpose of his jailbreaking business was to allow patrons to make "legally made backups," not for piracy.

The indictment charges Crippen with two counts, and if convicted, he could face up to 10 years in prison.

Image Credit: hackerstickers.com

Forget about sophisticated attacks and increasingly complex malware schemes, the biggest threat to a company's security might be social networks and the employees who use them.

So says security firm Sophos, who reports that 63 percent of sysadmins worry about employees sharing too much information on Facebook, MySpace, and other social networking portals, ultimately putting their corporate infrastructure -- and the sensitive date on it -- at risk.

"Evidence shows that their worry is justified," Sophos wrote in the July 2009 update to its Security Threat Report. "In June 2009, the personal information belonging to the incoming head of MI6 was exposed to the entire Facebook network, when his spouse allowed members of the 'London' network to view her profile."

Sophos listed several other examples to back the claim, including a MySpace user losing over $210,000 in an email scam after his "Nigerian cyber-pal started asking for money to help her ailing mother."

But Sophos was quick to warn that completely denying access to social networking sites isn't the answer. Doing so runs the risk of driving employees to find a way around the ban, creating an even bigger risk and less oversight by the IT staff.

Image Credit: Sophos

Last month, a hacker calling himself Hacker Croll infiltrated an administrator's email account who works for Twitter, gaining access to the employee's Google Apps account, where Twitter shares spreadsheets and documents outlining business ideas and various financial details, said Biz Stone, a Twitter co-founder.

After doing so, the hacker sent all sorts of confidential documents to a pair of news blogs: TechCrunch and Korben. While the breach and subsequent sharing of information might have been embarrassing for Twitter, analysts say the attack highlights the bigger problem of people using the same password for ever site they visit.

According to security firm Sophos, 40 percent of Internet users use the same password for every website. And with so many personal details floating around social networking sites, it makes it that much easier for hackers to breach someone's account.

"A lot of the Twitter users are much living their lives in public," said Chris King, director of product marketing at Palo Alto Networks, which creates firewalls. "If you broadcast all your details about what your dog's name is and what hour hometown is, it's not that hard to figure out a password."

This won't come as a surprise to power users, but to avoid being hacked, use strong passwords that combine letters and numbers, change your passwords often, and don't use the same password for every site you visit.

Image Credit: ecu.edu