Piffey

If you’ve been following the Google Hack by China at all you’ll know that the zero-day vulnerability codenamed Aurora (watch it in action on Praetorian Prefect) in Microsoft’s popular Internet Explorer web browser was the cause of the security breaches. After that information was brought out first Germany and now France has advised its citizens to quit using Internet Explorer for security reasons. It has been over a week since the attack and Microsoft has still failed to release a patch that fully resolves the security issue, instead stating that users should just disabled some of the browser’s functionality. This may be the reason why the browser has continued to see a decrease in market share as Mozilla’s Firefox steams to the forefront of browser preference with most users stating speed and security issues as their reasons for change.

In an interesting announcement however the British government has told its government employees to continue using the web browser and specifically the most vulnerable version: Internet Explorer 6. Blatantly ignoring the security flaw puts a lot of government information at risk since over 300,000 of its desktops use that specific version. Many UK citizens are wondering why the government is refusing to get their act together and is allowing all of their information to be so easily hacked.

Not surprisingly, Microsoft is capitalizing on this moment to tell users to upgrade to newer versions of Windows if they want the increased security. They have agreed and confirmed that security flaws exist, but as of yet have neglected to fix them citing that if users were running Windows Vista or Windows 7 that this attack would not have been possible. While this is true it is surprising that a company knowing 61.7% of the world is running Windows XP refuses to release a security update immediately. As always, Microsoft finds a way to profit from its own failure and we ask ourselves: “Wait? What? How’d they do that?”

While the world has been busy examining the hacks, China has implemented a new system of censorship by monitoring text messages nationwide and Google’s Chinese employees still find themselves without work and being investigated for the hacks. Google has yet to release another statement about pulling out of China or whether or not it is going to stop censoring search results in the country — no surprise there since they probably didn’t mean any of it to begin with.

Curiously, Google and the 33 other breached companies have remained relatively silent over the last few days, keeping investigations at a hushed level while the security world continues to find ways to further the exploit beyond the original Internet Explorer 6 proof-of-concept. If you are curious as to whether or not your computer can be affected, take a look at this blog over The Guardian for the scoop. As for me I’m taking a few days off to work on my book — maybe you’ll get a blog out of me, maybe you won’t.