Netcraft has observed a surge in popularity of the Lynx browser, particularly since the recent Pwn2Own competition, which was held at the CanSecWest conference in Vancouver last month. During the course of the competition, security researchers once again exposed fresh vulnerabilities in Internet Explorer, Firefox and Safari.

Financial institutions have noted that the Lynx browser is particularly suitable for online banking, as it supports the latest cryptographic ciphers used in ecommerce, and is immune to attacks via JavaScript, Flash and other multimedia content. Lynx's algorithms for dealing with such threats are so comprehensive, it is just as safe as if the multimedia content was not there.

User Agent share at FNB Oki Koki

April Erste, Public Relations Manager at the First National Bank of Oki Koki, told Netcraft that users are migrating to Lynx because of its speed and advanced security features. She added: "Lynx has not once suffered a buffer overflow in its image processing, and indeed has suffered no security vulnerabilities at all in the last 2 years." By comparison, the most recent Firefox security update was only 4 days ago.

The bank also notes that Telnet remains popular with a small group of its customers. Although it lacks the sophisticated user interface of Lynx, many security experts argue that Telnet is significantly more secure and has the largest installed base of any browser.

Erste said that while the bank is dedicated to providing an accessible online banking experience, some customers still report difficulties when trying to make HTTPS requests through Telnet without the aid of an extended keyboard layout.

A customer navigates the bank's online portal using Telnet

One factor that has held back wider adoption of Lynx is its lack of protection against phishing. As with other web browsers, it can be difficult to tell a genuine bank website from a well-constructed lookalike. To bolster Lynx's growing footprint in the browser market, Netcraft has released the Netcraft Toolbar for Lynx. This free add-on blends in at the top of every web page, and not only protects Lynx users against phishing attacks, but the beautiful text-based rendition of the Netcraft logo is sure to brighten anyone's day.

Microsoft is now running Microsoft-IIS/7.5 on its main website www.microsoft.com. IIS 7.5 is part of Windows Server 2008 R2, which is currently in beta testing.

The changeover appears to have started around the 8th January, when www.microsoft.com began responding sometimes with Microsoft-IIS/7.5, but with many requests still being served by 7.0. Now the transition appears to be complete, with all requests now being handled by version 7.5.

Microsoft has consistently upgraded www.microsoft.com to new versions of its web server platform ahead of their actual release, as a demonstration of confidence in new versions. It upgraded to the original Windows Server 2008 in June 2007, 8 months before that operating system's finished release in February 2008. www.microsoft.com is one of the very first sites to use Microsoft-IIS/7.5; Netcraft sees only 28 websites running Microsoft-IIS/7.5 in the February web server survey, of which the only significant sites were at Microsoft.

A vulnerability in the TRUSTe seal verification service was demonstrated last week, showing how the service could have been exploited to make it look as though an unauthorised site had a valid TRUSTe seal.

A security researcher using the pseudonym "Antani Tapioco" discovered the problem, which stemmed from insufficient input validation on the TRUSTe seal validation page. Netcraft has reported the problem to TRUSTe and it has since been fixed.

Tapioco demonstrated how JavaScript could be injected into the page, causing a popup dialog box to display the message "Verified by haxors, LOL". Tapioco was further critical of the ease at which the flaw was found, saying that companies should spend money on code reviews and penetration tests to discover such problems before they become an issue.

Tapioco was able to execute JavaScript on the page by injecting an img tag with an invalid src parameter. The JavaScript payload, specified in the onerror handler, was then subsequently executed. This kind of vulnerability on a page like this has the potential to be very harmful - being able to inject arbitrary JavaScript can allow attackers to remove all existing content from the page and replace it with their own content.

The explosion of spam blogs on Google's Blogspot hosting service is drawing a chorus of condemnation from prominent bloggers, and has led at least one blog search service to stop indexing posts on Blogspot. The growth of spam blogs has accelerated in recent months, fueled by automated tools that can create blogs on Blogspot and some similar services and populate them with keyword-optimized posts and Google AdSense advertisements.

About 39,000 fake blogs have been created on the web in the past two weeks, according to an analysis by Technorati, or about 4.6 percent of the 805,000 new weblogs created in that period. FightSplog, which has been monitoring new blogs at Blogspot, recently documented 2,763 porn splogs created by a single "splogger." Blogspot-based spam blogs recently began featuring names of prominent bloggers in posts, boosting the splogs' visibility in searches at web-based RSS aggregators like Feedster, PubSub and Bloglines.

The move prompted IceRocket to stop indexing new posts from Blogspot.com, according to a blunt post from Mark Cuban, a major investor in IceRocket. Cuban says Blogspot indexing will resume once filters are adjusted, but warned Google to fix the problem or face a permanent ban. Bloggers are also focusing their fire on Google, which has stepped up its splog-squashing efforts in recent weeks but still can't keep pace with the automated instasplogs. "If your motto truly is to do no evil, then you need to start putting some resources behind an effort to curb this train wreck," LockerGnome's Chris Pirillo advised Google.

www.georgewbush.com switches to a self-hosted FreeBSD server, www.sun.com upgrades to Solaris 9, not 10.

If you can't be at the Moscone Center, you can read the latest Linux news at the LinuxWorld Expo web site which naturally is powered by ... Windows Server 2003

The author of the MyDoom virus has delegated control of directing the most enormous volume of http traffic that the Internet has yet seen to hostmaster@sco.com. On a whim, SCO can direct that Tsunami at an object of their choosing, simply by changing an A record in named.conf in time for the change to propagate by Sunday.

www.americanexpress.com migrated from AIX to Linux last week, mirroring a similar move by another financial giant, Schwab.com in June.

Several more sun.com sites now run Linux.

One of the more eyecatching uptime graphs is at Nortel Networks, where over the last two years www.nortelnetworks.com has been...