April 17, 2002 Ashcroft Calls For New Laws, Resources To Fight Child Porn Reacting to a U.S. Supreme Court decision overturning portions of a law designed to curtail child pornography, U.S. Attorney General John Ashcroft said today he is committed to working with Congress to craft new anti-porn laws. The announcement came shortly after the high court struck down the bulk of the Child Pornography Prevention Act, which made it illegal to possess or distribute computer-generated or enhanced images that appear to show children engaged in sex acts. The Supreme Court ruled 6-3 that the law was overly broad and unconstitutional. http://www.newsbytes.com/news/02/175921.html Justices Preserve Dirty Thoughts http://www.wired.com/news/politics/0,1283,51877,00.html US Supremes affirm virtual kiddie porn http://www.theregister.co.uk/content/6/24901.html - - - - - - - - Taiwan government ordered to ditch illegal software Taiwan Premier Yu Shyi-kun ordered his government on Wednesday to stop using illegal computer software after the United States said the island was likely to remain on its list of copyright violators. State-funded Central News Agency quoted Yu as telling a cabinet meeting the government was determined to do ``whatever it takes'' to protect copyright after local media reported illegal software was used by most government agencies. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3081237.htm http://www.wired.com/news/business/0,1367,51890,00.html - - - - - - - - Middle East conflict spills over into cyberspace The political crisis in the Middle East has spawned an increase in defacement attacks on Israeli Web servers. Israel was the victim of 10 of 15 significant web defacements in the Middle East over the last two weeks, according to security consultancy mi2g. The most active anti-Israel hacker group, which claims to be Egyptian, started its activities just weeks after 11th September. Other Middle Eastern countries - Saudi Arabia, Egypt and Jordan - have also been hit in April by politically motivated hack attacks, many international in origin. http://www.theregister.co.uk/content/55/24891.html - - - - - - - - Klez virus back with a vengence Mass mailing worm has a new sting in the tail. MyLife isn't the only virus to make a come back. Antivirus researchers are now warning about the eighth return of the notorious Klez worm. There is some dispute over whether the latest outbreak is known as Klez.g or Klez.h, but the culprit is a mass mailing worm that purports to offer an antidote to all the other Klez variants. http://www.vnunet.com/News/1131004 http://zdnet.com.com/2100-1105-885087.html http://news.com.com/2100-1001-885030.html http://www.newsbytes.com/news/02/175949.html - - - - - - - - Software pirates face 10 years in chokey New legislation will not be a deterrent, say experts Experts have attacked the decision to increase jail sentences for software piracy, arguing that it targets the wrong groups. A Private Member's Bill covering copyright infringements has just been passed by the Commons, and will now go to the Lords. It could become law by the autumn, and would see maxi- mum jail sentences raised from two years to 10. Despite receiving a warm welcome in some quarters, the move has been criticised by legal experts. http://www.vnunet.com/News/1131005 - - - - - - - - Sen. Wyden Intros Version Of House Cybersecurity Bill Senator Ron Wyden, D-Ore., today introduced a Senate version of a cybersecurity measure approved earlier this year by the House of Representatives. "In addition to the damage that cyber-attacks could cause directly, the mere threat of security breaches can cripple the ongoing development of e-commerce, " Wyden said in a press release. "If the Internet is to reach its full potential, security must be improved." http://www.newsbytes.com/news/02/175951.html - - - - - - - - Hidden bedroom cameras inspire video privacy bill Hidden video cameras in bedrooms, bathrooms and other private places would be outlawed under a bill introduced in Congress Tuesday that would also limit pornographic Web sites to an online red-light district. Television star Angie Harmon and privacy activist Susan Wilson joined Louisiana Democratic Sen. Mary Landrieu to announce a bill that would make it illegal to film someone for a ``lewd or lascivious purpose'' without that person's consent. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3077573.htm http://www.newsbytes.com/news/02/175948.html http://www.cnn.com/2002/TECH/internet/04/17/surveillance.reut/index.html - - - - - - - - Deal reached to combat digital piracy A group of electronics makers and movie studios moved the rollout of digital TV a step ahead Tuesday with a preliminary agreement on copy protection for high-definition broadcasts and digital TV sets. The format, called High Definition Multimedia Interface (HDMI), is a single, high-speed connection that would carry full-bandwidth digital video and audio from set-top boxes to TV sets. http://www.usatoday.com/life/cyber/tech/2002/04/17/digitaltv-usat.htm - - - - - - - - More States Loosening Wiretap Restrictions - Study Proposed changes to state wiretap laws triggered by the terrorist attacks on Sept. 11 would give states added surveillance power that could erode civil liberties, said a review of state-level legislation released today. The review, conducted by a Washington-based non-profit that tracks legal and constitutional issues, examined how states approve and implement wiretaps. The Constitution Project seeks to determine whether laws compromise individual liberties. http://www.newsbytes.com/news/02/175952.html - - - - - - - - International rulings cloud file swapping Legal rulings on file-swapping are beginning to trickle out of courts across the globe, creating a patchwork of local laws that seek to control a technology with international reach. The Tokyo District Court last week ruled that Tokyo-based MMO Japan is prohibited from offering users its online file-swapping service, dubbed File Rogue. That decision, which marks the first court ruling in Japan on the issue, comes just weeks after a Dutch appeals court essentially rejected liability against file-swapping software maker Kazaa for distributing its code. http://news.com.com/2100-1023-885233.html - - - - - - - - Consumer Group Joins Tiff Over PC Maker's Piracy Campaign A consumer advocacy group has rebuked the Recording Industry Association of America (RIAA) for its criticism of a PC maker's TV and Web campaigns to counter digital piracy legislation. Palo Alto, Calif.-based Digital Consumer late Tuesday condemned RIAA comments directed at Gateway. A Gateway TV commercial shows a truck-driving Tedd Waitt - the company's chief executive - and a bovine companion lip-synching to a hip-hop version of the Gordon Lightfoot tune "Sundown." http://www.newsbytes.com/news/02/175936.html - - - - - - - - IBM drops patent bombshell Tech Update: A recent IBM patent claim could threaten royalty-free access to a key Internet standard protocol backed by the United Nations. The standard--called ebXML--is an XML-based set of definitions for electronic transactions and business collaboration. IBM's patent claim was made in an intellectual property disclosure filed in late March with the Organization for the Advancement of Structured Information Standards (OASIS). http://zdnet.com.com/2100-1106-884681.html - - - - - - - - Critical flaw found in MS Office for Mac Microsoft acknowledged on Tuesday that its popular Office applications for the Macintosh have a critical security flaw that leaves users' systems open to attack by worms and online vandals. The software slip-up happens because the Microsoft applications incorrectly handle the input to a certain HTML feature. By formatting a link in a particular manner, an attacker can cause a program to crash a Macintosh or run arbitrary commands. The link could appear on a Web page or in an HTML-enabled e-mail. http://zdnet.com.com/2100-1104-884577.html http://news.zdnet.co.uk/story/0,,t269-s2108516,00.html http://news.com.com/2100-1001-884364.html - - - - - - - - The IE back-button attack Swedish security researcher Andreas Sandblad has discovered that the MS Internet Explorer history list allows JavaScript in the URLs. The code will execute in the same zone as the last URL visited. The error page generated by IE functions in the local computer zone. Thus when an error page is generated, JavaScript can be injected in the history and executed by using the back button. http://www.theregister.co.uk/content/4/24902.html - - - - - - - - Perplexing Argentine Hack Law A recent legal ruling that defacing Web pages is not a crime isn't turning Argentina into a prosecution- free playground for script kiddies. Argentinean sources said they are upset over several stories on Argentine federal judge Sergio Torres' ruling, which they believe erroneously indicated that Torres' decision gives the green light to all malicious hacking activities in Argentina. But the same sources also expressed concern that the ruling might embolden Argentine virus writers, who could see the ruling as an indication that releasing viruses on the Internet is not prosecutable under Argentina's laws. http://www.wired.com/news/politics/0,1283,51860,00.html - - - - - - - - Peddling Snake Oil as Security Wireless security vendors are trying to create a market where none exists. As always, the key to better wireless security is better practice, not new products. Recently, I received an invitation to speak at a plenary session for an upcoming conference on wireless security. While the conference venue was first-rate and they were covering all my expenses, I had to be honest with the conference coordinators and decline the invitation. The reason? If I went on-stage and delivered my views on wireless networking and its security implications, the vendors exhibiting at the event would have chased me from the dais and lynched me. http://online.securityfocus.com/columnists/75 - - - - - - - - Why one virus alert system won't fit all When Homeland Security chief Tom Ridge unveiled the new Homeland Security Advisory System, he added five new levels of alert--each distinguished by its own color--to our already crowded color- coded vocabulary. Ridge's plan is only the latest effort aimed at standardizing warning systems in the security community these days. There's even a semi-serious proposal afoot to have antivirus companies conform to a standard warning scale. http://zdnet.com.com/2100-1107-884599.html - - - - - - - - Openwall: Improving Security with the Openwall Patch This article will examine the Openwall Linux kernel Patch, one of the best-known kernel hardening patches. It will explain how to install the patch and will examine its main features. Using the patch will require a basic understanding of how to recompile the kernel. Some of the explanations will assume a basic knowledge of the C programming language, but it is not essential to the usage of the patch. http://online.securityfocus.com/infocus/1570 - - - - - - - - Identity services starting to harmonize I always thought the "HailStorm" code name for Microsoft's .Net My Services was a little harsh-- after all, no one wants to be caught in an icy downpour. Apparently, enterprises felt the same way and ran for cover when Microsoft suggested it would be happy to maintain their customers' identities for them. According to .Net Product Manager Adam Sohn, the message Microsoft got from enterprises was loud and clear: "We don't want this dependency. Ever." http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2861536,00.html - - - - - - - - Proposal Sets National Guidelines For State IDs Sen. Richard J. Durbin (D-Ill.) outlined legislation yesterday that would set national standards for state-issued driver's licenses, permitting rapid data-sharing among certain government agencies. The measure marks Congress's first attempt at a comprehensive overhaul of state identification systems since last year's terrorist attacks. It would set federal rules for granting licenses, build in high-tech anti-counterfeiting measures and provide funding for states to make changes within three to five years. http://www.newsbytes.com/news/02/175932.html - - - - - - - - INS crime lab not meeting case deadlines The Immigration and Naturalization Service is taking longer to process important forensic cases involving document fraud despite increases in its staff and a new case priority system, according to a report from the General Accounting Office. The INS Forensic Document Laboratory (FDL) is divided into forensic and intelligence sections. It focuses on detecting document fraud involving suspected terrorists, criminal aliens and illegal immigrants. http://www.govexec.com/dailyfed/0402/041602m1.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.