|
Web Hosting
News
PayPal Suffering Service Disruption
October 13, 2004
Internet payment service provider PayPal (paypal.com) has
experienced severe disruptions in service over the last five days. The
problem, which began last Friday, has caused "intermittent errors and
availability for members attempting to use the PayPal site," the company
said. Users were not able to pay for eBay (ebay.com) auctions and PayPal
shipping functionality was also disrupted. PayPal debit cards were
reportedly rejected all across the United States.
After days of repair efforts, the company announced on Wednesday that
customers should once again be able to use the service as normal.
The company said that the service outages were the result of problems
associated with a new code upgrade.
"These PayPal issues are the result of unforeseen problems that resulted
when a new code base to upgrade the site architecture was introduced to
the PayPal platform on Friday morning," the company said in a posting on
its Web site. "The code worked well when tested and during the first hours
of launch. Unfortunately, problems handling peak levels of traffic
developed later in the day that created intermittent availability and
errors for members. These problems have continued in varying degrees since
Friday."
By Tuesday evening, PayPal reported that things had almost returned to
normal.
"We have made good progress in our efforts to restore the PayPal site
functionality. The PayPal site performed well during peak traffic levels
this evening, and the overall member experience has improved
significantly. Most members are now able to log in to the PayPal site to
access account information, use shipping functions, use PayPal debit
cards, and pay for items online with no difficulty."
PayPal, an eBay company, is one of the world's largest Internet payment
service providers, with over 50 million users accounts worldwide.
Ruling
Rejects Expanding ISP Disclosure
October 13, 2004
US Justices have reportedly rejected an appeal that would force Internet
service providers to turn over the names of possible copyright violators,
upholding a lower court ruling that rejected a proposed subpoena process
recording industry representatives have been using to try and gain access
to customer information at ISPs.
The ruling dealt with the question of whether a subpoena that is not
attached to any legal proceedings can be used to attempt to access
information about suspected copyright violators.
The Recording Industry Association of America has argued that the law is
necessary to help it identify those who are illegally downloading music
files. The RIAA won a favorable ruling when a trial judge said the
subpoenas were allowed under the Digital Millennium Copyright Act of 1998.
However, the US Court of Appeals for the District of Columbia Circuit
overruled that judge, deciding that subpoenas could not be issued against
an ISP that doesn't store the copyrighted material on its computer
servers.
The Digital Millennium Copyright Act was intended to give copyright
holders tools they could use to stop the pirating of digital property. It
also includes stipulations that compel Internet service providers to
remove accounts belonging to copyright violators
SANS
Releases Top 20 Vulnerability List
October 13, 2004
The SANS Institute (sans.org), a computer security training organization,
recently released its fifth annual list of the top 20 Internet security
vulnerabilities. The vulnerabilities, compiled by security experts from
government, education and industry, were listed in two separate tables of
ten – one for Windows and one for Unix.
According to the SANS Institute, the majority of successful attacks
exploit one or more of these 20 vulnerabilities.
The top 10 vulnerabilities for Windows were, in order, Web servers and
services, workstation service, Windows remote access services, Microsoft
SQL Server, Windows authentication, Web browsers, file-sharing
applications, LSAS exposures, mail client and instant messaging.
The top 10 list for Unix were, in order, BIND domain name system, Web
server, authentication, version control systems, mail transport service,
simple network management protocol, open secure sockets layer, mis-configuration
of enterprise services, databases and kernel.
|
