The latest challenger to the market dominance of Microsoft Office was unveiled in India last week, and the irony is that Microsoft played a major role in funding the rival effort. The seed money for the new Live Documents platform launched by Bangalore-based Instacoll came from Hotmail’s cofounder, who received a substantial slice of the $400 million that Microsoft paid in 1997 to acquire the online email site.

Live Documents, the latest challenger to Microsoft Office, follows in the spirit of Google Apps in that it allows users to work on documents online. With Live Documents, any document changes made on the desktop or online are automatically synchronized to ensure that the online and offline versions of the same document are always identical.

Exploit code is out for an extremely critical Apple QuickTime flaw that affects Windows and Mac OS X systems, and researchers say attacks are likely soon to follow. The vulnerability, found in the way QuickTime processes RTSP (Real Time Streaming Protocol) replies, can lead to remote attackers hijacking vulnerable systems. This proof of concept code was posted on Nov. 23 by security researcher Krystian Kloskowski.

The flaw, caused by a boundary error when processing RTSP replies, can be exploited to cause a stack-based buffer overflow if an attacker sends a rigged audio-streaming file that contains an overly long Content Type header. Otherwise, an attacker can successfully exploit the vulnerability by modifying an existing program to listen for RTSP requests and to respond with malicious code.

Microsoft announced plans to build a 10,000 data server farm somewhere near Irkutsk, one of the largest cities in Siberia, according to news reports. No budget or timetable was announced at the joint press conference held last Friday by the head of Microsoft’s Russian business unit and a government representative. However, media reports are citing $500 million as a rough budget estimate.

Monster.com confirmed this week that it took down a portion of its online job search service after attackers hacked the site and used it to feed exploits to visitors. The company did not, however, explain how the hackers were able to hijack the site.

At the start of this week, researchers began reporting the attacks after detecting IFrame exploits on several Monster.com pages as well as attacks by a multi-exploit hacker tool kit originating from those pages. By Monday evening, the Monster Company Boulevard, a section of the site that lets job hunters research firms and search for positions by company, was dark. Among the major US companies represented on the Boulevard are Boeing, Dow, Microsoft, Starbucks and Wal-Mart.

Why, in 2007, is spam worse than ever? Let exasperated consumers count the ways: PDF spam. MP3 spam. Pump-and-dump spam. E-card spam. It may sound like a broken record, but spam continues to do just that–break records. This year marks the first time the total number of spam email messages sent worldwide, 10.8 trillion, will surpass the number of person-to-person emails sent, 10.5 trillion, according to market researcher IDC.

Microsoft’s next version of its instant messenger application will have a new security feature to report users who send unsolicited messages, known as SPIM (spam over IM). That’s one of several new features in Windows Live Messenger 9.0, which was released to some private beta testers on Tuesday, according to Liveside.net, a site that focuses on Microsoft’s Live brand of Web-based applications.

The problem with SPIM is that it’s annoying and, at worst, dangerous. The tricky part is that the hacker may have obtained someone’s IM account details, so it appears that a genuine contact is sending the messages.

Microsoft has confirmed that Windows XP contains the same encryption flaws that Israeli researchers recently disclosed in Windows 2000. The researchers, Benny Pinkas from the University of Haifa and two Hebrew University graduate students, Zvi Gutterman and Leo Dorrendorf, reverse-engineered the algorithm used by Windows 2000’s pseudo-random number generator (PRNG), then used that knowledge to pick apart the operating system’s encryption. Attackers could exploit a weakness in the PRNG, said Pinkas and his colleagues, to predict encryption keys that would be created in the future as well as reveal the keys that had been generated in the past.

As recently as last Friday, Microsoft hedged in answering questions about whether XP and Vista could be attacked in the same way, saying only that later versions of Windows "contain various changes and enhancements to the random number generator." This week however, Microsoft responded to further questions and acknowledged that Windows XP is vulnerable to the complex attack that Pinkas, Gutterman and Dorrendorf laid out in their paper, which was published earlier this month.

Rampant in the tech industry, most workers have no choice but to sign non-compete agreements–but are they even worth getting worked up over? The experts say no.

A technology professional working at a large company was recently asked to sign a noncompete contract and confidentiality agreement that gave the company a royalty-free license to any "invention" he created while working there and up to six months after leaving the company. The employee, who declined to offer his name or the company in question, was worried about signing his creative freedom and future competitiveness away and called out to the Slashdot community for advice.

Responses ranged from a sarcastic "good luck fighting it" to "don’t worry, it’s not enforceable" and, from the employee himself, "obviously, it’s time for a new job," each underscoring the hazy area noncompete clauses occupy in modern workplaces. Employees hate them, employers consider them necessary, and although they are almost never brought to court–and even when they are, are rarely enforceable–they strike enough fear in the heart of workers that many would rather stay put than risk being sued for violation of the contract’s term, say employment lawyers.

OK, let me be clear here. I feel for the operators of GAP cruises and the passengers. In fact, one of my life goals is to take a cruise to Antarctica. So now that you know we’re not evil, insensitive louts (actually, we are, but we’re trying to be on our best behavior), now I can tell you what amuses me in my truly sick way.

MS Explorer crashed.

Not like that’s a surprise. I mean, we’ve all had MS Explorer crash on us before. Oh, you mean thisMS Explorer doesn’t run on a computer? It’s a ship? Oh, sorry, nevermind

Yes, we’re making a pun at the expense of one of the greatest companies in the world and at the expense of some very terrified passengers in a very inhospitable part of the world. Yes, we’re so ashamed. Nope, couldn’t help it. Had to post it. Sorry.

I just have to wonder if all the TVs and computer screens on the ship turned blue first.

Couldn’t resist. Coulda left well enough alone, but I couldn’t resist. — DG

Thanksgiving is upon us here in the United States. While the true history of Thanksgiving is subject to some controversy (isn’t pretty much everything, these days?) there are certain elements of the modern Thanksgiving celebration we can all take to heart — even for those of you who don’t live in these United States. We discuss those in this article, and end with a must-read caution for anyone going out and buying stuff on Black Friday.

Read this OutlookPower article.