March 6, 2002 Pueblo man charged in kiddie-porn case A Pueblo man was charged Monday with distributing child pornography on the Internet. The FBI filed a criminal complaint against Mark A. Janos in U.S. District Court. An FBI affidavit alleged that on Feb. 8 Janos sent three child pornography images on the Internet to a woman on the East Coast. After authorities there learned of the incident, FBI agents began an undercover investigation. Last Thursday, Janos allegedly sent three more child pornography images on the Internet to an undercover agent in Baltimore and allegedly told the agent that he could help build a collection of little girls in sex scenes. http://www.chieftain.com/tuesday/news/index/article/15 - - - - - - - - Deputy LA City Attorney arrested in sting. "Deputy Los Angeles City Attorney Arrested By LAPD During Internet Predator Sting". On Sunday, March 3, 2002, Richard Bruce Coplen, a 49 year-old resident of Los Angeles, was arrested and booked for Attempted Oral Copulation With a Minor, by Los Angeles Police Department detectives. Richard Bruce Coplen is a Deputy City Attorney with the Los Angeles City Attorney's Office. http://www.lapd.org/press_releases/2002/03/pr02134.htm - - - - - - - - Inmate charged with directing child porn from jail cell A 28-year-old inmate has been arrested on child pornography charges stemming from a scheme he ran from his jail cell, state police said. Christopher Coleman was charged Tuesday with possession of child pornography, promoting a minor in an obscene performance, sexual assault and cruelty to persons. State police were tipped off Sept. 5, 2001 to Coleman's activities by the Department of Correction's phone monitoring unit at the Bridgeport Correctional Center. http://www.newsday.com/news/local/wire/ny-bc-ct-brf--jailporn0305mar05.story - - - - - - - - Klez worm fizzles; 2nd virus hits UBS PaineWebber Klez.E, an Internet worm programmed to destroy computer files on infected machines on the six day of every other month, failed on Wednesday to wreak much damage, while another computer virus struck retail brokerage UBS PaineWebber. That virus, which was not identified, hit the broker on Tuesday and proved to be a temporary inconvenience to employees, but not clients, said David Walker, a spokesman for UBS PaineWebber in New York, which has 20,000 brokers in the United States and more than 2 million customers. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/2805283.htm http://news.com.com/2100-1001-853532.html http://www.vnunet.com/News/1129751 http://www.newsfactor.com/perl/story/16641.html http://www.theregister.co.uk/content/56/24310.html http://www.newsbytes.com/news/02/175011.html http://www.cnn.com/2002/TECH/internet/03/06/worm.reut/index.html http://www.techtv.com/news/security/story/0,24195,3374917,00.html - - - - - - - - Virus writer denies 'girl power' claim Sharp written for 'the love of coding', says Gigabyte. The teenaged female virus writer who recently made headlines with a virus that targeted the .Net platform has hit back at claims that 'girl power' was the motivation. Seventeen year-old Gigabyte, who coded Sharp, the second ever proof of concept virus to affect the .Net platform, has denied claims that she was using her virus writing ability to fight against sexism in IT. "Writing Sharp to fight against sexism? Girl power? Heh. As if I'd bother," she wrote in an email to vnunet.com. "It's not on me to stand up for females in the computer world; that's something everyone's gotta do for themselves." http://www.vnunet.com/News/1129793 - - - - - - - - Virus Borrows Internet Pioneer's Server To Spread A server operated by Internet pioneer John Gilmore s being used by a new Internet worm to perform its mass-mailing routine, according to virus researchers. The address of the server, Toad.com, is one of 25 open mail relays hard-coded by its unidentified author into the W32.Yaha worm, according to analyses by anti-virus firms Symantec and Sophos. While most of the open servers are located in China and Korea, oad.com is a system installed in Gilmore's home in San Francisco. http://www.newsbytes.com/news/02/175003.html - - - - - - - - Top 20 viruses in February A pretty cool month, despite Valentine's Day. February is usually a hot month for viruses. The promise of a virtual Valentine's Day card often proves too much for unwary end users who suddenly finds themselves on the end of a rather different gift. "Somebody loves you" and "Are you my valentine?" were just a couple of deceitful subject lines used by Valentine's Day worms. But last month also saw social engineering in other areas. The Yarner worm appeared, masquerading as a virus information newsletter from a legitimate German security firm, and MSN Messenger users were plagued by the Cool worm purporting to be a homepage link. http://www.vnunet.com/News/1129798 - - - - - - - - Stolen card data surfaces on Web site A year after cards are canceled, victims face privacy concerns. On a lark last Friday, Donna entered her name into the Google search engine. Only one hit came back, a link to a Russian Web site. But when she clicked on it, she found her name address, phone number, and Citibank credit card listed there, along with about 200 others. An MSNBC.com investigation unveiled hundreds of others, apparently all canceled Citibank cards, with the account numbers listed in nearly sequential order and as of late Wednesday time, the information was still posted on the Internet. http://www.msnbc.com/news/720306.asp - - - - - - - - 'Idiot-friendly' virus generator shut down Clueless web vandals need to look elsewhere. Following vnunet's exposure of the online virus generator this week its hosting provider has shut the site down. The site, which once boasted, "no download, no wasted time, no programming skill needed," allowed technically clueless web vandals to create a Word macro virus with only a few mouse clicks. The viruses constructed were pretty much harmless but brought the idiot-friendly virus generators, such as that used to build the Anna Kournikova code, to a new level of accessibility. The site was hosted by free service provider, Freeservers.com, but yesterday Mihai Radu from anti virus firm Bitdefender informed vnunet: "We already got in touch with the people responsible and now the site is no longer available on Freeservers." http://www.vnunet.com/News/1129778 - - - - - - - - Zombie comes back from the dead The most complex and dangerous virus ever written? Users on the Focus Virus mailing list yesterday raised suspicions that a one year-old virus may now be posing a new and very real threat. ZombieMist, or Zmist, which was created by Russian virus writer Zombie, one of the underground's prominent virus authors, is described by experts as "one of the most complex binary viruses ever written". Reports of infection are only just coming in. At least two companies admitted to detecting the virus earlier this week and struggled to get rid of it. http://www.vnunet.com/News/1129775 - - - - - - - - Al Qaeda Seen Using Web to Regroup Officials fear that al Qaeda could use Net to launch new attacks against US. Newly detected Internet traffic among al Qaeda followers, including intercepted email messages, indicates that elements of the organization may be trying to regroup in remote parts of Pakistan near the Afghan border, the New York Times reported Wednesday. US government officials say they have found new websites and Internet communications that appear to be part of an effort to reconstitute al Qaeda and reestablish communications after the war in Afghanistan, the Times said. http://www.techtv.com/news/culture/story/0,24195,3374991,00.html http://news.zdnet.co.uk/story/0,,t269-s2106052,00.html http://zdnet.com.com/2100-1105-853923.html http://www.newsfactor.com/perl/story/16655.html http://www.nytimes.com/2002/03/06/international/asia/06INQU.html - - - - - - - - Davis introduces security, IT work force exchange bills Rep. Tom Davis (R-Va.) has introduced legislation to set mandatory computer security standards for federal agencies. The chair of the Government Reform Committee's Subcommittee on Technology and Procurement Policy introduced the Federal Information Security Management Act, HR 3844, today to permanently reauthorize the Government Information Security Reform Act of 2000 and add more teeth to it. GISRA is set to expire Nov. 29. http://www.gcn.com/vol1_no1/daily-updates/18120-1.html http://www.govexec.com/dailyfed/0302/030602j1.htm - - - - - - - - Jail time is not the answer to cybercrime Patriot Act of 2001, a sweeping law which, among other things, said those who break into other peoples' computers could be considered terrorists, and prosecuted as such. In the months since the act was signed, several lower-profile bills have been proposed in Congress--all of which are either overreaching in scope or simply flawed. One of these is H.R. 3482, the Cyber Security Enhancement Act of 2002 (CSEA). http://zdnet.com.com/2100-1107-852767.html - - - - - - - - Girls Harassed on Net, Study Says For a 13 year old, Liz Lawner is a pretty sophisticated Internet user. For the past five years, she's been writing an Internet advice column on the Girl Scouts' website with her mother, child psychologist Harriet Mosatche. But even as an experienced Web user, Lawner couldn't avoid the seamier side of the Net. The trouble began when her brother borrowed her screen name and went into a public chat room using her profile. "Since anyone in a public chat room knows your screen name, they can just send you emails," Lawner said. Via those emails, "I got things that -- I am assuming because I never opened them -- were links to Web porn sites and other things like that." http://www.techtv.com/news/security/story/0,24195,3374902,00.html - - - - - - - - Bush administration creates computer security panel The Bush administration's Critical Infrastructure Protection Board is assembling a committee to focus on information-systems security in the executive branch and formalizing the panel's responsibilities. The move is aimed at helping the board and the White House Office of Homeland Security focus on steps necessary to protect the government's computer systems. http://www.govexec.com/dailyfed/0302/030602td2.htm - - - - - - - - DOD advancing high-tech projects The Defense Department has approved funding for 15 new technology projects, ranging from miniscule unmanned aerial vehicles to homeland security coordination among the nation's first responders, as part of a program designed to rapidly field these advanced concepts. Sue Payton, deputy undersecretary of Defense for advanced systems and concepts, announced the Advanced Concept Technology Demonstration (ACTD) projects for fiscal 2002, and said about 30 past ACTD products are supporting the nation's counterterrorism initiatives. http://www.fcw.com/fcw/articles/2002/0304/web-actd-03-06-02.asp - - - - - - - - Government and industry should work together on security. What keeps an academic such as the chief technology officer of Hewlett-Packard Co. up at night? For one thing, the thought of the government building, in the name of security, its own network infrastructure. "I have a recurring nightmare of a federal infrastructure over here, the public infrastructure over there and no trusted connections between them," Richard A. DeMillo said during the Information Processing Interagency Council 2002 conference in Orlando, Fla., earlier today. http://www.gcn.com/vol1_no1/daily-updates/18119-1.html - - - - - - - - Software exec praises government backup efforts Which sector is better prepared for systems disaster recovery, government or commercial? In the opinion of one software executive, it's government. "In reality, the commercial sector is where backup has descended to almost a discretionary level" of priority, said Gary Bloom, president of Veritas Software Corp. of Mountain View, Calif., a maker of backup, recovery and storage management software. By contrast, "government is well prepared for true disaster," he said. http://www.gcn.com/vol1_no1/daily-updates/18118-1.html - - - - - - - - New CD protection won't play on PCs In the next stage of the battle to prevent illegal CD copying, digitally protected discs are being released with songs that won't play on PCs. Israeli security company Midbar Tech is releasing one million copy-protected CDs in Japan as part of an aggressive push by record labels to curtail digital piracy. http://news.zdnet.co.uk/story/0,,t269-s2106086,00.html Consumers in crossfire of labels' war on piracy When Karen DeLise bought a compact disc by country singer Charley Pride last year, she was unhappy to discover that the CD wouldn't play in the CD drive in her computer. That meant that the songs on the album couldn't be converted into computer files to listen to on her portable MP3 music player, either. http://www.csmonitor.com/2002/0304/p18s01-wmcn.html - - - - - - - - Judge to record labels: Show me the copyrights A federal judge has given the record labels suing Napster until Thursday to produce documents proving they own the copyrights to 213 songs that once traded for free over the song-swapping service. U.S. District Judge Marilyn Hall Patel ordered the labels to provide certificates of copyright registration, or applications for such proof, for top-selling artists such as the Beatles and Elvis Presley. http://www.nandotimes.com/technology/story/288237p-2569206c.html - - - - - - - - China Sweet, Sour on Spam Delegates at the annual meeting of China's National People's Congress roundly criticized Western systems administrators that are blocking all e-mail from China as a means to stop spam, but they also called for new laws to make sending spam illegal in China. The National People's Congress is considered the primary political power in China. Its 2,989 delegates meet every March to debate legislation, policy and politics. This year spam had a central place on the agenda, according to reports from China's official news service Xinhua. http://www.wired.com/news/politics/0,1283,50856,00.html - - - - - - - - $100,000 prize in 'unbreakable' crypto challenge A company called Bodacion Technologies is offering $100,000 to anyone who can crack their biomorphic number generator and predict the final, one- thousandth, number in a sequence of 999. The company is doing this to promote its Hydra server, which uses biomorphic computation for crypto routines. Additional security enhancements come from using an embedded OS and not having anything but a Web and Java applet server running. So there's basically a lot less to attack, which is of course inherently more secure than running hundreds of services. http://www.theregister.co.uk/content/55/24312.html - - - - - - - - Comdex Chicago faces up to security Biometrics and security came together at Comdex Chicago 2002 on Wednesday. Representatives from the airline and biometrics industries met for daylong discussions about working together to develop measures that could help prevent tragedies such as those on Sept. 11. Biometrics, the field of using biological determinants such as fingerprints and facial features for identification and access, has long been the next big thing in computing. Heightened security concerns and efforts by IBM and others to integrate fingerprint log-in buttons on notebooks are pushing the field toward center stage. http://zdnet.com.com/2100-1105-854050.html http://news.zdnet.co.uk/story/0,,t269-s2106071,00.html - - - - - - - - Vendors team on security suite Four vendors launched the National Integrated Security Suite March 5 in anticipation of federal transportation needs. EDS, PwC Consulting, Sun Microsystems Inc. and Oracle Corp. collaborated on an end-to-end system that relies on biometric and risk-assessment technologies. "We're getting ahead of what we think the requirements are going to be in this field so we can provide some solutions," said Grady Means, managing partner of PwC Consulting's federal government practice. http://www.fcw.com/fcw/articles/2002/0304/web-air-03-06-02.asp - - - - - - - - Government advised to allow radio spectrum trading A government adviser has suggested that the radio spectrum should be auctioned, and companies allowed to trade ownership of bands. The government has been advised to bring in radical changes in the way it manages the radio spectrum. If implemented, this could mean that companies would be able to trade the ownership of spectrum bands. http://news.zdnet.co.uk/story/0,,t269-s2106101,00.html - - - - - - - - He Hacks by Day, Squats by Night Last January, Adrian Lamo awoke in the abandoned building near Philadelphia's Ben Franklin Bridge where he'd been squatting, went to a public computer with an Internet connection, and found a leak in the Excite@Home's supposedly airtight company network. Just another day in the life of a young man who may be the world's most famous homeless hacker. More than a year later, Lamo is becoming widely known in hacker circles for tiptoeing into the networks of companies like Yahoo and WorldCom -- and then telling the corporate guys how he got there. http://www.wired.com/news/culture/0,1284,50811,00.html - - - - - - - - Guesswork Plagues Web Hole Reporting A good Samaritan has trouble getting the attention of a fashion retailer leaking customer credit card numbers. Should reporting security holes in e-commerce sites be easier? The Web retail site for fashion label Guess was leaking customer credit card numbers like so many cotton-poly five-pocket jeans, and 19-year-old Jeremiah Jacks wasn't sure how to get it fixed. Jacks discovered last month that Guess.com was open to an "SQL injection attack," permitting anyone able to construct a properly-crafted URL to pull down every name, credit card number and expiration date in the site's customer database -- over 200,000 in all, by Jacks' count. http://online.securityfocus.com/news/346 - - - - - - - - Undefended e-mail gateway no bargain When I saw the results of the new ICSA Labs virus survey released yesterday, one fact just blew me away. Last year, 83 percent of all viruses that arrived at corporate sites got there through e-mail. In 2000, it was 87 percent. Worse, the average cost of each virus attack--counting the loss of time, productivity, and data --was over $60,000, with one company reporting an average loss of over a million dollars. And guess what-- few companies are doing anything truly effective to bolster their first line of virus defense, leaving themselves open to many repercussions. http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2852468,00.html - - - - - - - - Former employees: A security menace? A fact of current economic life is that employee turnover rates are on the rise. Many retailers, for example, have turnover rates approaching 100 percent, which means employees are coming and going at a rapid clip. What many companies don't realize is that when employees leave the business, they often take with them the firm's most precious assets -- the mission critical data that runs the business -- everything from customer account data to sales and inventory data, to confidential business intelligence, and everything else stored in the company's internal systems. http://zdnet.com.com/2100-1107-851631.html - - - - - - - - Dumpster-diving the global village Media coverage of privacy has become boring and predictable, with most of the debate focusing on corporate uses and abuses of customer information. In fact, the direct-marketing practice of using form-based information (like warranty registration cards) to segment customer lists into demographic, geographic or financial groups is decades old. Because of the limited nature of available consumer information in the past, that was all that was computationally feasible at the time. http://zdnet.com.com/2100-1107-850205.html - - - - - - - - Abortion Foes Stage Cyber Sit-In Students looking for information on Oregon's Reed College may have mistakenly landed on anti-abortion websites not associated with the school. Since Feb. 14, the reedcollege.com domain name has been redirected to a series of pro-life websites, including abortionismurder.org, StandUpGirl.com and Abortionfacts.com. "We weren't able to resolve the issue initially with the cybersquatter, so we are going to seek legal remedy under the Uniform Dispute Resolution Policy," said Harriet Watson, director of public affairs for Reed College. http://www.wired.com/news/school/0,1383,50749,00.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.