Internet providers

EMC on Monday announced its first cloud-infrastructure offering. Dubbed EMC Atmos, the offering is a multi-petabyte information-management solution that aims to help customers automatically manage and optimize the distribution of rich, unstructured information across global, cloud-storage environments.

You've been browsing the Internet lately for information about carbon emissions to help your daughter with her climate change project at school.

You've also done a little shopping in advance of the holidays, buying that more-than-you-really-wanted-to-pay-for digital camera for your spouse.

Now, instead of that usual Staples banner ad on the online site of your local newspaper, you are getting ads about hybrid cars and high-definition TVs.

In the Citizen Lab at the University of Toronto, a new breed of hackers is conducting digital espionage.

They are among a growing number of investigators monitoring how traffic is routed through various countries, where Web sites are blocked and why it's happening. Now they are turning their scrutiny to a new weapon of warfare: cyber attacks.

Tracking wars isn't what many of the researchers set out to do. Many began intending to help people in countries that censor online content. But as the Internet has evolved, so has their mission.

A newly discovered flaw in the Internet's core infrastructure not only permits hackers to force people to visit Web sites they didn't want to, it also allows them to intercept e-mail messages, the researcher who discovered the bug said Wednesday.

Considering the silent nature of the attack and the sensitive nature of a lot of electronic correspondence, the potential for damage from this second security flaw is high. But there's no evidence yet that this method of targeting e-mail has been used in a successful attack.

When Internet providers hire third-party companies to serve up advertisements on unused Web pages, that creative attempt to make money can open major security vulnerabilities they can't control, a researcher has found.

One such vulnerability -- described last weekend at a security conference by Dan Kaminsky, director of penetration testing for Seattle-based computer security consultant IOActive Inc. -- works like this: