Most-wanted spammer arrested

One of the world`s most notorious spammers appeared in a federal court yesterday after being arrested on arrival in the US.

Christopher Smith, who allegedly sent a billion junk e-mails to America Online subscribers, was arested at a Minniapolis airport after he stepped off a plane from the Dominican Republic, where he had allegedly been holed up running his illegal operation.

Earlier this year, US authorities seized assets from Smith and shut down one of his businesses which was illegally selling pharmaceuticals online.

According to Steve Linford from Spamhaus, who traces the movements of the world`s worst spammers, Smith then went on the run with a fake passport.

"He was well up in our top 10," Linford told Silicon.com.

Comodo-owned Linux developer Trustix has announced the arrival of Trustix Secure Linux (TSL) 3.0.

Several improvements have been implemented in this release. One of the added features includes Viper, which has the ability to poll the latest updates during the installation process.

This ensures servers deploying TSL will be up to date and secure from the first installation - effectively closing the insecurity window that exists between first installation and the time it takes to locate, download and implement upgrades.

Other additions to the system include X.org X11 libraries, FreeRadius support, easy PXE installs, Mini CD and Net CD versions of the operating system.

Trustix Secure Linux 3.0 can be freely downloaded from Trustix`s new community Web site at www.trustix.org.

Adobe has warned of a serious flaw affecting one of the most widely distributed client applications, Acrobat Reader.

The flaw leaves users open to attack via maliciously crafted PDF files, which can be spread via e-mail attachments or Web page links, and can be used to take control of a system, Techworld.com reports.

The flaw affects Acrobat Reader 5.x for Unix and Linux, which has a large installed base despite the availability of newer versions.

The last serious flaw to affect Acrobat Reader was in December 2004, when Acrobat Reader 5.x and 6.x were hit by several vulnerabilities allowing remote attackers to execute malicious code.

"Remote exploitation of a buffer overflow in Adobe Acrobat Reader for Unix could allow an attacker to execute arbitrary code," said security firm iDefense, which discovered the flaw.

Mobile phone manufacturer LG Electronics has agreed to use a version of the Palm operating system designed by Palmsource in a future smart phone, which might be the first phone to use a Linux-based version of Palm OS that is currently under development, PCWorld.com reports.

The announcement is a boost for beleaguered Palmsource, which has struggled to evolve from developing products for personal digital assistants to creating operating systems for mobile phones.

Palmsource interim CEO Patrick McVeigh had referred to a pending announcement of a new licensee last week during a conference call about Palmsource`s fourth-quarter earnings results, in which the company swung to a profit based on a one-time gain.

Wednesday`s announcement solves that mystery, but does not address which version of Palm will appear in the phone.

In the past, lone hackers defaced Web sites or launched global worm attacks, mainly to gain notoriety among their peers; now they have traded fame for the money, says Symantec.

"In the last year, we have seen a dramatic shift to hacking for financial gain," says Oliver Friedrichs, a senior manager at Symantec Security Response. "The benefit of creating a widespread worm on the Internet has really been superseded by the potential of monetary gain."

Though the shift could mean the end of big worms like last year`s Sasser, it still spells trouble, the anti-virus firm says. The targeted attacks crafted by businesslike hackers can hit individuals and organisations harder - and in the pocket, rather than just in the PC, News.com reports.