High Tech "NewsBits" for 04/01/02

April 1, 2002 Teen charged with scamming AOL users A 16-year-old boy stole credit card information from 200 people over the Internet and used it to buy items worth more than $1,600, authorities said. The boy, who was not identified, was charged with two felony counts of misappropriation of personal identification. He was placed in a juvenile facility and ordered to avoid computers while his case is pending. He told police he acquired an "underground program" capable of obtaining the e-mail addresses of people who visit America Online chat rooms, a juvenile delinquency petition said. The program would then send e-mails on AOL letterhead telling customers their billing information had been deleted. http://www.usatoday.com/life/cyber/tech/2002/04/01/online-theft.htm - - - - - - - - Court Reverses Computer, Net Ban For Child-Porn Convict A federal appeals court Friday overturned a lower court's ruling that a man convicted of receiving child pornography online must seek permission from his probation officer before using a computer or the Internet. A U.S. 2nd Circuit Court of Appeals panel said that Gregory Sofsky, who received a 10-year-and-one-month prison sentence after pleading guilty to receiving child pornography, can surf the Internet and use a computer, though it rejected his challenge to the prison sentence. http://www.newsbytes.com/news/02/175575.html - - - - - - - - Adobe-Hack Lawyers: Toss the Case A Russian company accused of criminal copyright violations argued in federal court on Monday that the law it's accused of breaching, the Digital Millennium Copyright Act, is both unconstitutionally vague and restricts free speech. Attorneys for Elcomsoft asked U.S. District Court Judge Ronald Whyte to dismiss U.S. v. Elcomsoft, the case that began last July with the arrest of the Russian programmer Dmitri Sklyarov. The attorneys claim the company's software enables "fair use" rights of copyrighted materials -- rights that the Constitution protects. http://www.wired.com/news/politics/0,1283,51460,00.html http://www.newsbytes.com/news/02/175581.html - - - - - - - - Cyber school sued An online publishing company Friday sued a charter school that offers classes only over the Internet, claiming the school illegally copied course materials without paying for them. The federal lawsuit was filed by New Forum Publishers, which offers online textbooks and curriculum guidelines to schools that pay a fee based on how many students they allow to access the material. http://www.usatoday.com/life/cyber/tech/2002/04/01/cyber-school.htm - - - - - - - - Repeating unspeakable words in battle over Internet smut. Inside the stately courtroom of U.S. District Judge Harvey Bartle III, there's language coming from the bench and the witness stand that renders George Carlin's ``seven words you can't say on television'' tame by comparison. And then there's the nudity. In the first week of a trial debating the constitutionality of a requirement that public libraries install porn-blocking software on their computers, gray-haired librarians uttered words that could make a longshoreman blush, soft-spoken computer analysts described bizarre sexual proclivities and federal judges mulled the definition of ``fetish.'' http://www.siliconvalley.com/mld/siliconvalley/news/editorial/2977240.htm http://www.newsbytes.com/news/02/175560.html - - - - - - - - DoubleClick Privacy Settlement Hearing Set For May Online advertising giant DoubleClick will go before a federal judge next month to seal an agreement that would resolve several outstanding class-action suits against the company over its handling of personally identifiable consumer data. Late last week, DoubleClick published the terms of the settlement agreement, which - if consummated - would resolve class actions pending against the company in California, New York and Texas. http://www.newsbytes.com/news/02/175579.html http://www.theregister.co.uk/content/6/24650.html - - - - - - - - A Mickey Mouse Bill The Hollings copyright bill would shoehorn absurd copy-blocking technology into everything from your Palm Pilot to your digital camera. Is this progress? In the name of protecting copyrights, a new bill introduced in the U.S. Senate threatens to grind to a halt all advancements in electronics, computing and networking, decimating the consumer's ability to choose how they wish to listen, watch, and read. The motion picture industry is back on the Hill. http://online.securityfocus.com/columnists/71 Warner Japan adding CD copy protection http://news.com.com/2100-1023-872475.html - - - - - - - - Help To Combat The Next Big Blended Threat No one knows when it will happen, but most security experts expect that the day is coming-- and soon--when a sophisticated "blended threat" attack will again wreak havoc on businesses' networks. Last year, Nimda and Code Red were the first to combine virus and worm propagation techniques with automated hacking capabilities in separate deadly programs, causing billions of dollars in damage to companies. Now, antivirus vendors areenhancing their security monitoring and management consoles to make it easier and more affordable for IT managers to thwart future attacks. http://www.informationweek.com/story/IWK20020329S0042 - - - - - - - - Old worms make like spring chickens Two computer worms found last summer topped the charts in March, highlighting the difficulty of eliminating the more successful digital pests from the Internet. Data furnished by e-mail service provider MessageLabs placed the SirCam virus, which hit the Internet last August, at the top of its list of hostile attachments. MessageLabs intercepts such attachments for its clients. Antivirus company Trend Micro's virus-tracking center placed SirCam at No. 3, right after Nimda and a variant of that 6-month-old worm. http://news.com.com/2100-1001-872822.html - - - - - - - - Hackers, Viruses Fuel Security Market, Not 9-11 Businesses beefing up network-security measures these days still worry more about viruses and the antics of renegade hackers than international terrorists, according to a new report from In-Stat/MDR. A survey by the technology market research firm suggests that attacks on the U.S. by terrorists last fall had little impact on the network security concerns of most businesses. http://www.newsbytes.com/news/02/175566.html http://www.washtech.com/news/netarch/15935-1.html - - - - - - - - Air Force pinged on Web data The Air Force is posting potentially inappropriate information on many of its Web sites because it is not reviewing or maintaining those sites as it should, according to a Defense Department inspector general's report released last month. The Air Force had 140 publicly accessible Web sites that contained "potentially inappropriate" information, the IG found. These sites contained warnings such as "For Official Use Only" and "Secret," yet were still accessible by the general public. http://www.fcw.com/fcw/articles/2002/0401/web-af-04-01-02.asp - - - - - - - - Privacy comes under attack The right to privacy of correspondence received a disproportionate shake-up in the aftermath of the terrorist attacks on New York. The events of 11 September provoked a new urgency in the need for powers that would allow law enforcement officers to retain traffic data for anti-terrorist investigations. Within a matter of weeks, the privacy rights of British citizens had been hugely compromised by emergency legislation, which allowed the automated surveillance of all electronic communications. http://news.zdnet.co.uk/story/0,,t269-s2107547,00.html - - - - - - - - Yahoo! sneaks in yet more spam Tired of spam youre getting at your free Yahoo! e-mail account? Get ready for more. Tucked inside a privacy policy change the company made this week was notice that more Yahoo! e-mail marketing offers were coming even if users had formerly indicated they were unwanted. http://www.msnbc.com/news/731517.asp - - - - - - - - Cumulative IE patch for malicious cookies A fairly serious flaw in Internet Explorer which would enable a malicious Web page or e-mail to drop a cookie containing an HTML script on a victim's machine and run it in the 'Local Computer' zone rather than the Internet zone to avoid restrictions has just been patched. The script would run with the user's level of permission, and could therefore do considerable damage depending on its design. http://www.theregister.co.uk/content/4/24653.html - - - - - - - - Whatever Happened to Carnivore? Sobel said EPIC and other organizations are keeping pressure on the U.S. Department of Justice and FBI to disclose exactly what law enforcement officials are doing with Carnivore. Its name may have changed from Carnivore to DCS-1000, but the controversial cybersnooping software used by the Federal Bureau of Investigation is still on the hunt for information, and likely is scouring vast amounts of Internet communication. http://www.newsfactor.com/perl/story/17009.html - - - - - - - - DISA seeks detection system The Defense Information Systems Agency last week announced plans to work with GRC International Inc. to develop a system to help detect, analyze and defend against cyberattacks across Defense Department networks. In a March 27 notice, DISA officials said the department needed a system to "monitor and analyze the immense amounts of computer traffic and detect the missions of hacker attacks and denial-of-service attacks launched against DISA's Global Information Grid daily." The grid includes unclassified and classified DOD networks worldwide. http://www.fcw.com/fcw/articles/2002/0401/news-disa-04-01-02.asp - - - - - - - - Arizona test-drives PKI Arizona's Motor Vehicle Division is testing use of public key infrastructure to secure online transactions with commercial firms, potentially setting the stage for broader use, including, one day, smart driver's licenses, a state official said. In the pilot program, which started in January, MVD provided three private investigative companies with digital certificates so they can obtain certain motor vehicle records, bypassing the manual process, said Jamie Rybarczyk, a systems architect with the state Department of Transportation. http://www.fcw.com/geb/articles/2002/0401/web-ariz-04-01-02.asp - - - - - - - - Defense weighs digital signature switch to match other agencies The Defense Department is considering a switch in its program to secure digital signatures for external transactions in order to align itself with the rest of the federal government. The department is examining whether it should adopt or at least recognize the Access Certificates for Electronic Services (ACES) public key infrastructure (PKI) program established in 1999 by the General Services Administration to provide trusted transactions for citizens and businesses. http://www.govexec.com/dailyfed/0402/040102td3.htm - - - - - - - - Tech firms look for best places to pitch security products The opportunities are flourishing for the information technology industry to help protect the United States from threats. But as thousands of American tech companies answer the government's call for new ideas in the fight against terrorism, how many are getting their message to the right place? Many in industry, and some in government, think Tom Ridge's Office of Homeland Security is the place. Others see the Defense Department as Security Central, with increasingly deep pockets. http://www.govexec.com/dailyfed/0402/040102td1.htm http://www.newsbytes.com/news/02/175563.html - - - - - - - - CVE dictionary contains more than 2,000 entries The Common Vulnerabilities and Exposures lexicon, developed by Mitre Corp. of Bedford, Mass., to bring order to IT security, has grown to include more than 2,000 entries. The lexicon, found at cve.mitre.org, standardizes names and descriptions of known information security problems, making it easier for organizations to share data and for security tools to interoperate. Development began three years ago when there was no common way to identify or define the security exposures known at that time. http://www.gcn.com/vol1_no1/daily-updates/18320-1.html - - - - - - - - IBM Buys Biometric Laptop Security The company said its silicon-based technology has been integrated into IBM's embedded security architecture, eliminating the need to manage multiple passwords. A Florida semiconductor company Monday announced that it has integrated its fingerprint security technology into the latest IBM laptops. AuthenTec announced that IBM ThinkPad portable computer users now have a "touch-and-go" security option via a PC card fingerprint authenticator made by Targus, which is known to many consumers as a maker of notebook carrying cases. http://www.newsfactor.com/perl/story/17042.html - - - - - - - - Data to the Rescue When theres a major catastrophe, whether its a terrorist attack or an earthquake, reliable information can be as vital as blood supplies. To aid emergency workers, a team from the State University of New York at Buffalo is developing software tools that should make getting that informationand making sense out of itmuch easier. If you begin to look at current crisis management infrastructures, theyre messy. Its helter-skelter, says James Llinas, director of the universitys Center for Multisource Information Fusion. http://www.techreview.com/articles/innovation70402.asp - - - - - - - - Past its Prime: Is Anti-Virus Scanning Obsolete? The title and topic of this article is clearly controversial. It is guaranteed to get a strong reaction from the anti-virus industry, which is firmly convinced it sees clear sailing ahead. So, is anti-virus scanning obsolete? In a word, yes - but dont throw out your scanner. Its replacement hasnt been created yet. In this article we will examine the weaknesses of virus scanning that will cause its eventual downfall. http://online.securityfocus.com/infocus/1562 - - - - - - - - High-tech companies gear up to oppose contracting bill As more high-tech companies turn to the federal government for business after the Sept. 11 attacks, many of them are joining with a broad business coalition to oppose legislation that they say would slow down the government's ability to outsource information technology projects. http://www.govexec.com/dailyfed/0402/040102td2.htm - - - - - - - - Travel security firms send wireless warnings For people from the United States who travel abroad, the world looks like a more menacing place. Since September 11, a swarm of travel intelligence services and executive tracking programs have emerged, capitalizing on the fear of things foreign. Most aim to inform business junketeers about the potential for disease, delays and danger. http://www.cnn.com/2002/TECH/ptech/04/01/travel.threats.ap/index.html - - - - - - - - Web searches for business sites outpace those for porn. People using Internet search engines are less interested in sex sites and more interested in business, travel and jobs than they were five years ago, according to a study led by a Penn State University researcher. In May 1997, 16.8 percent of searches on the Excite search engine were for sex-related or pornographic Web sites. By May 2001, that percentage had dropped almost in half to 8.5 percent, according to an article in the March edition of IEEE Computer, a journal of the Institute of Electrical and Electronics Engineers. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/2975319.htm http://www.msnbc.com/news/732351.asp http://www.cnn.com/2002/TECH/internet/04/01/internet.surfing.habits.ap/index.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.