Global Language Monitor, "word" does not mean what you think it means. You are mangling the English language with your gratuitous classification of things as "words". Stop it, please.

It doesn't matter what Global Language Monitor says. "Web 2.0" is not a word. It is a phrase, at best. "Web" is a word. "2.0" is a number.

Why do I care, and why does this have to do with security?

There are a number of useful|interesting attack maps, dashboards, and intelligence sources available. A few have been around for years, some of relatively new players. The ones that I tend to refer to are:

• Talisker Computer Network Defence Operational Picture: http://www.securitywizardry.com/radar.htm
• ATLAS GLOBAL ACTIVITY MAPS: http://atlas.arbor.net/worldmap/index
• SANS ISC Packet Attack: http://isc.sans.org/packetattack.html
• F-Secure World Map: http://worldmap.f-secure.com
• Symantec DeepSight Threat Management System: https://tms.symantec.com
• TrustedSource Threats and Trends: http://www.trustedsource.org/en/threats

It is surprising rare to see someone break it down like this and cut through the goofy cloud and "oh my gosh, so complex!" mysticism of large networks with real live applications and users. Network security, and Internet security, isn't some magical unknowable thing.

Visibility, data collection, and intelligent use of the same provide the keys to actually being able to do something about network security. Sometimes it even takes effort, money, and having highly clued people working on the problem.

Several tweets today caught my attention, so I'm spending a little time checking out Samurai Web Testing Framework.

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

sctp_houdini.c - Linux 2.6 kernel SCTP FWD memory corruption remote exploit. [Packet Storm Security Exploits]

The original vulnerability report leads a shallow risk analysis to conclude that this isn't a very significant vulnerability. It requires access to the host so it can be exploited locally. sctp_houdini.c demonstrates otherwise.

Surprisingly, the founders of Pirate Bay were found guilty by a Swedish court and sentenced to both jail time and payment of damages. Each of the 4 were sentenced to a year in jail. Total damages are ~30,000 SEK or $4.5m USD(£3m) according to the BBC.

They plan to appeal, of course, and Peter Sunde isn't dancing around his refusal to pay damages:

Court jails Pirate Bay founders - "It's serious to actually be found guilty and get jail time. It's really serious. And that's a bit weird," Sunde said.

By now everybody should know that the April 1st Conficker non-event was overhyped by elements of popular media more concerned with selling newspapers and advertising spots than accuracy.

Of course, a backlash against some media hype-sources is occuring.

Conficker Scare: It’s the Media’s Fault - InfoSec News: Conficker Scare: It’s the Media’s Fault: http://blogs.wsj.com/digits/2009/04/01/conficker-scare-its-the-medias-fault/

By Ben Worthen
The Wall Street Journal
April 1, 2009

The Conficker postmortems are starting. The early word: Shoot the
messengers.

Conficker, in case you missed it, is the computer virus that many media [...] [InfoSec News Mailing List]

This might not read as a risk, but I think it is:

Call for a watch on the watchers - "Organisations tracking net use should themselves be monitored, say MEPs. The Euro-MPs overwhelmingly backed a statement which called on governments to list internet watching organisations and report on what they do. The reports would name and shame organisations carrying out illegal or disproportionate amounts of surveillance...." [Team Cymru Internet Security News]

Lenny Zeltser knows his malware and his psychology:

Three Laws of Behavior Dynamics for Information Security, (Fri, Apr 3rd) - Successful security initiatives are not only grounded in business objectives, but also account for b ...(more)... [SANS Internet Storm Center]

The responses from the field on Lenny's hypothesis may be enlightening, but I think this is some great thesis-fodder for graduate students with an interest in the intersection of human factors and information security. I would actually be highly surprised if this topic wasn't already fairly well examined within psychology, or maybe sociology.

I am doing a bit of research into how Conficker should behave in an enterprise environment. How it works out in the wild on the Internet is pretty clear, and there are a number of excellent resources available.

Firstly, here are the primary resources that I've found useful when understanding Conficker variants. The F-Secure Q&A is excellent, and is the only one you need to read if you've been concerned by the media FUD around the April 1st Domain Generation Algorithm activation. I agree with F-Secure on this one, and it is never too late to stop panicing.

• Microsoft: Protect yourself from the Conficker computer worm
• Microsoft Malware Protection Center: Centralized Information About The Conficker Worm
• SRI International: An Analysis of Conficker's Logic and Rendezvous Points
• SRI International: Conficker C Analysis
• F-Secure: Questions and Answers: Conficker and April 1st