The download site for Firefox is performing well following the release of a widely-anticipated update of the open source web browser. Firefox version 1.5, which was released Tuesday night, features "dozens of enhancements," according to the Mozilla Corporation, including improvements in popup blocking, RSS integration and updating.

A distributed network of mirror sites in more than 30 countries appears to be handling current download demand with few difficulties. The download.mozilla.org site, which redirects traffic to the mirrors, has had good response time today and fared well during a Slashdotting Tuesday night. That's a contrast with last year, when the mozilla.org web site was slowed by heavy demand after Firefox 1.0 was released. The browser has since been downloaded more than 112 million times. While that number reflects multiple downloads by some enthusiasts, the growth of Firefox places a premium on efficient handling of new releases.

A dynamically updating chart of the site performance for download.mozilla.org is available here.

Microsoft has launched the beta version of its Windows Live Custom Domains service, which offers e-mail and instant messaging service for existing domains. The free service offers up to 20 e-mail accounts per domain, with each mailbox featuring scanning for junk mail and viruses, as well as 250 megabytes of storage space - adding up to a storage limit of 5 gigabytes of e-mail for each domain.

With Windows Live Custom Domains, Microsoft can offer e-mail services to business users who want a free solution but are reluctant to use its existing Hotmail service. Tying the new offering to an existing domain makes it easier to address any abuse of the service for spamming, which historically has been a major issue for free e-mail services.

Online brokerage Scottrade says a server compromise at a service provider may have exposed the financial details of its customers, including banking account information and Social Security numbers. The security breach follows warnings from U.S. securities regulators that hackers and phishing fraudsters have stepped up their targeting of online investors, prompting enhanced education efforts by brokerage firms and the U.S. government.

Scottrade, which has 1.4 million customers, said it was notified Oct. 25 that a hacker had compromised a server at eCheck Secure, an electronic payment service provided by The Troy Group Inc. "As a result, some of your personal information, including your name, driver's license or state ID number, date of birth, phone number, bank name, bank code, bank number, bank routing number, bank account number and Scottrade account number may have been compromised," read the message to investors.

Web hosting provider iPowerWeb has slashed its domain name pricing to $2.95 a year, following the lead of Yahoo, which is offering limited-time domain pricing of $2.99 a year. iPowerWeb's promotional offer undercuts the lowest prices seen among current market leaders, and is a sign that Yahoo's continuing promotions are pressuring competitors to respond, planting the seeds for further domain price cutting.

Netfirms ($4.95 a year) and 1&1 Internet ($5.99 a year) are currently offering the lowest non-promotional pricing on domain names, which are viewed as an important "gateway" purchase by small business customers who are likely to be shopping for web hosting and e-commerce services as well. Yahoo has been particularly aggressive in using domain pricing to attract new users, with "permanent" pricing of $9.98 supplemented by limited-time offers of $4.98 and now $2.99 a year.

Google has fixed a security hole in Google Base that would have exposed sensitive information stored by users of Google's services. The cross site scripting vulnerabilities discovered by British Computer Scientist Jim Ley would allow an attacker to steal cookies and other information from users, while providing fraudsters with the facility to publish their own forms and receive input using an apparently reassuring Google Base URL.

Google Base will spearhead the search giant's entry into classified advertising and payment processing, where it will compete with established offerings from eBay and CraigsList. If it succeeds, Google Base will likely accelerate a trend which has seen a growing percentage of advertising dollars shift to the web and away from television, magazines and especially newspapers, which rely heavily on classified ads for revenue. Strong application security is important to gain user confidence in the service, as Google Base is eventually expected to integrate a micropayment system (presumably Google Payments).

Google's move towards a single Google Account for multiple services exacerbates the problem, as the same account used by the Google Base site can also be used to access financially sensitive services such as AdWords and AdSense, and Google's GMail webmail service.

Ley, who also recently found a similar security vulnerability in Yahoo Maps, says that there is a pervasive problem with companies releasing new applications on to the Web with easy-to-find vulnerabilities still present. Too little thought is given to the consequences of such action, which in the case of an identity or data theft scenario on a very widely used service could be severe for a correspondingly large number of people.

The nature of the problems discovered by Ley provides fraudsters with the tools to create phishing sites with a good level of plausibility because the base URL would be that of a well-known brand - in this case Google or Yahoo. This is the same in principle to that scenario whereby fraudsters try to find open redirects or cross site scripting vulnerabilities on bank sites to improve the authenticity of their frauds. The importance of testing to remove application vulnerabilities is proportional to the level of trust the public places in the service and the impact of this trust being broken.

Netcraft provides a range of services for companies to eliminate these kinds of errors from their systems, including comprehensive application testing, training for developers and designers of web based applications, and an service aimed specifically at detecting and reporting Open Redirects.

In October we received and reviewed more than 8,700 unique URLs reported to us as phishing sites; by far the busiest month to date.

To further incentivise people reporting phishing sites, each accepted report is now treated as a ticket in a monthly draw for a top of the range iPod.

The October draw was won by Alan. Alan has been one of the largest and most accurate reporters of phishing sites, with several hundred reports accepted to date.

“Every day I feel that I'm doing my small bit to make the Internet a safer place.” said Alan."It's good that there are still people on the Internet who try hard to make it better. Some of them are well known companies like Netcraft, some of us are just anonymous individuals trying to do our bit. As well as the satisfaction of a job well done, it's a lot of fun to have a shiny new toy to play with."

Including the toolbar community itself and customers of ISPs using our Phishing site feed, well over a million people are now protected from phishing by the Netcraft Toolbar.

The Netcraft Toolbar is available for both Internet Explorer and Firefox, and serves as a giant neighborhood watch scheme for the Internet, in which members who encounter a phishing fraud can act to defend the larger community of users against the attack. Once the first recipients of a phishing mail have reported the target URL, it is blocked for toolbar users who subsequently access the URL and widely disseminated attacks simply mean that the phishing attack will be reported and blocked sooner.

Reporting a Suspicious URL

When you visit a page that you believe to be a phishing site, or contains fraudulent or deceptive content, we ask that you report it so that other toolbar users will benefit from your vigilance. The more sites that are reported, the more useful the toolbar will become for everyone.

You can report a URL by clicking on "Report a Phishing Site" in the toolbar menu, accessed by clicking on the Netcraft logo:



After you report a URL, Netcraft will review the report and block the page if we confirm it as part of a phishing attack.

Substantial parts of Cogent Communications' network are offline, with the company attributing the outages to a pair of fiber cuts. Cogent says the outage is regional and focused on the Southeast United States, but the company's home page is not responding from any of our seven monitoring stations around the globe. One of the fiber cuts is between Philadelphia and Washington, D.C. and the other is between Houston and Tampa, according to updates on a network operators mail list. Here is a performance chart for the Cogent home page at www.cogentco.com.

A dynamically updating chart of the site performance for www.cogentco.com is available here.

The web site for Paypal is experiencing sporadic outages and sluggish response time tonight, with similar performance issues seen from multiple monitoring points. Performance problems for Paypal can have broad impact because the service processes payments for thousands of online businesses. The service, which enables any individual or business with an email address to send and receive payments online, has 86 million users worldwide. This chart shows the recent site performance for www.paypal.com.

A dynamically updating chart of the site performance for www.paypal.com is available here.

A patch for Sony's controversial digital rights management (DRM) software opens a serious security hole when installed on a Windows machine, according to security researchers from Princeton University. The revelation deepens a public relations nightmare for Sony, which has said it will stop selling music CDs which install the DRM monitoring program when the CD is played, and will replace disks that have already been sold.

"The consequences of the flaw are severe," Ed Felten and Alex Halderman write in their weblog. "It allows any web page you visit to download, install, and run any code it likes on your computer. Any web page can seize control of your computer; then it can do anything it likes. That’s about as serious as a security flaw can get."

Security researcher Dan Kaminsky has surveyed Internet nameservers, and found that at least 568,000 DNS servers have received queries unique to the operation of the Sony DRM software, meaning at least that many computers (and probably more) have the problematic rootkit installed. A subset of those will also have the security hole installed by Sony's attempted fix.

As podcasts and video blogs consume disk space and bandwidth, will these large media files reside with major web hosting providers, niche startups spawned by the Blogosphere, or perhaps Yahoo or Google? As Internet traffic shifts from text and images to video and audio, old hosting business models are being reworked and new ones imagined in anticipation of huge growth for user-generated data.

There's good news for podcasters and video bloggers: storage and bandwidth yearn to be cheap. That's especially true at the world's largest web hosting companies, which have dramatically pumped up the specs on their discount hosting accounts in recent weeks. The massive upgrades, which feature 5 gigabytes of disk space and 250-300 gigs of data transfer for under $5 a month, are partly due to competitive pressures. Prices for shared hosting accounts can't get much lower, forcing providers to compete on disk space and bandwidth as they battle for small business customers.

But the shift also prepares the web hosting industry for high-volume media hosting challenges from Yahoo and Google. At a podcasting trade show Friday, Yahoo confirmed that it is developing a service to publish and host podcasts. The show was also awash with rumors that a similar project is in development at Google, and it seems logical that Microsoft's new push into web-based services will eventually include a podcasting component.

A gaming "virtual world" has been knocked offline for the second time in a month by malware distributed by players within the game. Second Life, an innovative online game with more than 80,000 users, took its entire system down for more than five hours Thursday after an instant messaging bot overwhelmed the game grid with a huge volume of messages. A similar incident on Oct. 23 also caused a lengthy system outage when a user program automatically generated more than 5 billion spheres inside the game.

A user-designed multiplayer world, Second Life encourages programmers and graphic artists to create virtual goods and services to sell, and allows players to convert game currency into real-world cash via an online exchange.

Upcoming releases of Microsoft's spyware removal tools will uninstall Sony copy-protection software that functions as a rootkit. "We have analyzed this software, and have determined that in order to help protect our customers we will add a detection and removal signature for the rootkit component of the XCP (Extended Copy Protection) software," Jason Garms of Microsoft announced on the Anti-Malware Engineering Team blog. "Rootkits have a clearly negative impact on not only the security, but also the reliability and performance of their systems." The detection of the Sony tool will be included in upcoming releases of the Malicious Software Removal Tool, which is updated through Windows Update, as well as the beta of Windows Antispyware.

Sony uses XCP software to restrict unauthorized copying of music CDs. The software's controversial operations were detailed by Mark Russinovich of SysInternals two weeks ago, prompting alarm among many security experts. "Although the software isn't itself malicious, the hiding techniques used are exactly the same that malicious software known as rootkits use to hide themselves," noted F-Secure, which soon discovered a trojan attempting to use the Sony XCP software to disguise its presence. Fortunately, the trojan had coding errors that prevented it from spreading widely.

In the November 2005 survey we received responses from 74,572,794 sites, an increase of 181K hostnames from the October survey. This was the smallest increase in sites since January 2004 and was attributable to a decrease of 810K hostnames at the domain registrar enom, nearly all of which were parked .info domains that expired without being renewed.

The drop marks the first fallout from a move by Afilias (the operator of .info) to offer its names to registrars at no cost. In September 2004, an enom affiliate registered 1 million .info domains in a week, and offered them to customers owning similar names in .com. As the renewal date arrived last month, enom allowed the unclaimed domains to expire. Hostway, which offered free .info domains to customers last fall, had a decline of 215K sites last month, including 175K expiring domains.

The .info expirations impacted web server market share, since the expiring domains at enom were hosted on Windows Server 2003. That creates a 0.5% shift in market share in Apache's favor in hostnames. Among active sites, the trend is reversed, as Windows gains 0.85% while Apache has gains 0.12%.

Familiar names occupy the top positions in this month's survey of the most reliable hosting company sites, as Datapipe, Rackspace and Interland share the top slot for October. This is the sixth time this year that Rackspace has won or shared the top slot, while Datapipe (four times) and Interland (twice) have also made multiple appearances atop the list. There's one new face in this month's top 10, HostingZoom, a Houston-based mixed hosting company that hosts its company site on a server at The Planet.

Five Linux sites are found in the top 10 this month, along with two sites running on Windows 2000, two on Windows Server 2003 and one on FreeBSD. This continues the strong performance by hosters running their web sites on Linux. Of the 12 providers who have appeared atop the reliability survey for at least one month, six are hosted on Linux, while three use Windows 2000, two host on FreeBSD, and Windows Server 2003 and Solaris 8 are each used by one provider.

The hosting marketing wars are heating up, with leading providers rolling out dirt-cheap shared hosting accounts with massive allowances of disk space, bandwidth and e-mail. Hosting behemoths 1&1 Internet and Go Daddy are competing for small business customers, while also raising the bar for Microsoft, which will begin offering free web hosting and free domain names early next year.

The intense competition for small business customers is further commoditizing the shared hosting space, as plans with monthly fees under $5 now offer more resources than most prospects can imagine, much less use. That's good news for hosting customers, but a challenge for smaller hosting providers, who are pursuing new services and strategies to capture profitable niches.

The latest salvo came Wednesday from Go Daddy, which announced a tenfold increase in the disk space and bandwidth specs on its entry level shared hosting plans. For $3.95 a month, web site operators get 5 gigabytes of hard disk space and 250 gigabytes of data transfer. The company also lowered its domain registration fee to $6.95 per year, good through Nov. 30. "Customers won't find a better hosting price, product or service on the Internet, period," said Go Daddy President and Founder Bob Parsons.

When Go Daddy introduced its hosting plans in 2003, a $3.95 a month account featured 25 megabytes of disk space and 1 gigabyte of data transfer, levels equivalent to less than 0.5 percent of the new specs. A customer using all of the allotted 250 gigabytes of monthly data transfer would pay 1.6 cents per gigabyte. By comparison, many hosting providers charge $2.50 to $4.95 per gigabyte when a customer exceeds their monthly allotment.

Hackers are launching attacks on popular PHP-based blogging, wiki and content management program that failed to patch a serious security hole discovered in July. The attacks exploit flaws in the way PHP libraries handle XML-RPC commands, and appear to be targeting installations of WordPress and Drupal.

If left unpatched, an attacker could compromise a web server through vulnerable programs including WordPress, Drupal, PostNuke, Serendipity, phpAdsNew and phpWiki, among others. These projects all issued fixes six months ago, as did the authors of the affected PHP libraries.