May 15, 2002 Deceptive Duo Suspects Netted In FBI Raids Teenager Robert Lyttle, notorious more than a year ago as the pro-Napster hacker Pimpshiz, has been linked to another round of high-profile Web-site defacements following FBI raids targeting a pair known as the Deceptive Duo. Lyttle, now 18, told Newsbytes today that he "can't confirm or deny" that he and another hacker known as "The-Rev" were the Deceptive Duo who recently slipped in to a host of poorly secured servers operated by the U.S. military, Sandia National Laboratories and an assortment of government agencies and banks. http://www.newsbytes.com/news/02/176601.html http://news.com.com/2100-1001-914848.html http://zdnet.com.com/2100-1105-914280.html http://online.securityfocus.com/news/414 - - - - - - - - Man sentenced to 7 yrs for fraud involving fake high-tech companies A man was sentenced to seven years in federal prison Tuesday for an investment scam that defrauded about 350 people out of nearly $8.7 million, authorities said. Steven Hevell, 38, of Corona Del Mar, who pleaded guilty in February to three counts of mail fraud, was sentenced by U.S. District Judge Alicemarie H. Stotler. http://www.siliconvalley.com/mld/siliconvalley/3268331.htm - - - - - - - - Teen accused of IM harassment A Boston-area teen has had his instant messaging wings clipped following charges that he used the medium to harass girls and their families. Under the terms of a pretrial probation agreement signed Monday by the unidentified teen and others involved in the case, the resident of North Reading, Mass., risks criminal prosecution if he engages in "unsupervised" use of IM and other computing applications, according to the North Reading Police Department. http://news.com.com/2100-1023-914471.html http://zdnet.com.com/2100-1105-914657.html - - - - - - - - Hoax virus alert could cripple Windows Java Antivirus experts are warning of a hoax virus alert which might trick users into deleting an important file on their Windows machines. The fake warning tells users to search their hard drives and delete a file called jdbgmgr.exe, a filename used by Microsoft's Debugger Registrar for Java, which may be present quite legitimately on many computers. http://www.theregister.co.uk/content/55/25294.html - - - - - - - - SONICblue gets stay on tracking Judge puts hold on order in ReplayTV copyright case. Consumer electronics device maker SONICblue Inc. said on Wednesday it has received a stay of a court order that would have forced it to track the television viewing behavior of users of its ReplayTV digital video recorder. http://www.msnbc.com/news/752656.asp http://www.newsbytes.com/news/02/176603.html http://news.com.com/2100-1040-914370.html http://zdnet.com.com/2100-1105-914445.html - - - - - - - - Bush signs tech-heavy border bill President Bush signed a border security bill May 14 to require foreign visitors to carry high-tech visas and passports, mandate computer tracking of visiting students and improve access to electronic databases in U.S. consular offices overseas. The Enhanced Border Security and Visa Entry Reform Act would make $150 million available to the Immigration and Naturalization Service to improve technology for protecting U.S. borders. http://www.fcw.com/fcw/articles/2002/0513/web-border-05-15-02.asp - - - - - - - - Businesses Seek Death For Senate Privacy Bill The Senate Commerce Committee is expected to pass a controversial Internet privacy bill on Thursday, despite heavy resistance from high-tech and other businesses. Committee Chairman Ernest "Fritz" Hollings (D-S.C.) has enough Republican votes for his privacy bill after promising to support legislation designed to curb junk e-mail, sponsored by Republican Sen. Conrad Burns (R-Mont.). http://www.newsbytes.com/news/02/176609.html - - - - - - - - E-mails reveal companies' effort to hide details In a startling revelation about how Oracle and another firm worked last year to sell state officials on an unprecedented software deal, e-mails released Tuesday indicate the two companies sought to hide critical information about the deal. http://www.siliconvalley.com/mld/siliconvalley/3265253.htm - - - - - - - - Hackers Use Skills To Promote Politically Motivated Mischief Politically motivated hacker attacks are just part of the beginning of what computer-security experts have been predicting for nearly 20 years. The image on the computer monitor gives a glimpse of how some conflicts of the future will be waged. It is a poor caricature of Osama bin Laden wearing his sickly smile. But the bad art does not hinder the image's ultimate message: The sketch is decorated with two revolver-like pistols -- a barrel at each temple makes the sentiment clear. http://www.newsfactor.com/perl/story/17763.html - - - - - - - - Senators Hear War Of Words Over Webcast Royalties The fight over online radio royalties spilled into the halls of Congress today when the Senate Judiciary Committee met to consider the fairness of a sound-recording royalty plan that would force Webcasters to pay out for every tune streamed to each listener. It is a plan that many online-only radio stations insist will, if enacted, kill off their businesses. http://www.newsbytes.com/news/02/176607.html http://www.newsbytes.com/news/02/176590.html - - - - - - - - Clearinghouse at Stanford aims to loosen copyright barriers An Internet clearinghouse being launched Thursday seeks to counteract the barriers to creativity that its founders believe current copyright protection law fosters. The Creative Commons, a nonprofit organization based at Stanford University and formed by legal scholars and Web publishers, will encourage authors and other creative people to donate selected writings, music, video and other works for free exchange. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3270447.htm Copyright License Fee Would Ease File-Swap Problems http://www.newsbytes.com/news/02/176579.html - - - - - - - - Museum's Hack Art Piece Pulled An art-hacking project at the New Museum of Contemporary Art was pulled offline last Friday in response to security concerns raised by the art. Curators had described the museum's Open Source Art Hack show as a display of "hacking as an extreme art practice," but evidently one piece in the exhibit was a tad too extreme for the museum's Internet service provider. http://www.wired.com/news/culture/0,1284,52546,00.html - - - - - - - - Flash flaw turns PCs into zombies Most Windows installations at risk, says security expert. Corporate websites using Flash animation could allow hackers to control users' computers, according to a security expert. The flaw allows malicious code to be executed on a user's PC that runs the Flash software used by 98 per cent of web users. The exploit was found by security firm eEye, which discovered and named the Code Red virus last year. The vulnerability in Flash Version 6, revision 23 was confirmed by eEye, which said that it would "include most installations on Windows". http://www.vnunet.com/News/1131773 - - - - - - - - Catholic ISP exorcises porn But hackers already have service in their sights. The Roman Catholic church in the Philippines is striking back against "sinful" internet service providers and is becoming one itself. The CBCP World service claims to filter out violence, porno- graphy and gambling, leaving only family friendly content. It assures its users of "fast access to wholesome, clean and educational materials". http://www.vnunet.com/News/1131786 - - - - - - - - Microsoft releases monster IE patch Microsoft urged Windows users to download a fix for Internet Explorer on Wednesday, following the company's announcement that six new flaws had been found in its Web browser. The software giant called three of the flaws critical, but only one of them-- a cross-site scripting error that affects only Internet Explorer 6.0--would allow an attacker or a worm to run a program on the victim's computer. http://news.com.com/2100-1001-914805.html Microsoft stomps on new IE bugs http://zdnet.com.com/2100-1104-914836.html - - - - - - - - Utah uses digital signatures to secure business deals Utah Incentive Funds, a division of the states department of business and economic development, is using online services secured with digital certificates to lure more businesses to the state. The division opened a Web gateway this month that lets businesses complete applications for funding and create legal business agreements securely over the Internet using digital certificates. http://www.gcn.com/vol1_no1/daily-updates/18666-1.html - - - - - - - - Clothier Helps Fashions Own Defeat In Domain Dispute Internet addresses packing the famous labels of Ralph Lauren and Polo fashions and an alleged cybersquatter who didn't even bother to respond to the accusation would normally add up to a slam-dunk decision for a trademark holder under a fast- track system to resolve disputes over domain names. http://www.newsbytes.com/news/02/176608.html - - - - - - - - BT denies encouraging love cheats A new service that allows telephone users to erase the details of the last caller is for data protection not adulterers, says BT. The introduction of a new service that allows subscribers to erase details of their last caller has British Telecom denying it is encouraging love cheats. http://news.zdnet.co.uk/story/0,,t269-s2110243,00.html - - - - - - - - Internet Pornography: Are Children at Risk? Are your children exposed to pornography on the Internet? In a recent survey, one in four kids reported having at least one unwanted exposure to sexually explicit pictures during the past year, and one out of five reported receiving a sexual solicitation. From the classroom to the courtroom, there is much debate about how best to safeguard children from online predators and sexually explicit material on the Web. Unfortunately, there is no panacea for protecting youth from Internet pornography, says a new National Academies report. http://www4.nationalacademies.org/onpi/webextra.nsf/web/porn?OpenDocument - - - - - - - - White-Hat Hackers: Pros Or Cons? White-hat hackers like to call themselves the good guys in the fight to secure networks and Web sites. Unlike black hats or crackers, theyre not looking to slap porn on Web pages or bring sites crashing down. They just want to help: By finding the holes and publicly announcing their discoveries, they say, they teach their enterprise victims what they need to know. The U.S. government and some security firms agree. Witness recent competitions that challenged contestants to break into networks and crack encryption codeswith hot cars and pots of cash as prizes. http://content.techweb.com/tech/security/20020515_security - - - - - - - - Can we really stop script kiddies? Young virus writers and script kiddies troll the Internet every day. Most are not malicious, just bored. Like street gangs, they have created a way to tag the Internet (viral code), have invented their own form of graffiti (Web site defacements), and have even fought gang wars online (using thousands of remote PCs controlled by IRC bots). Unlike their flesh-and-blood counter-parts, these virus writers and script kiddies are separated by vast stretches of geography. But they have forged an underground community, known as VX, by using Internet chat tools like IRC (Internet Relay Chat). http://zdnet.com.com/2100-1107-913887.html - - - - - - - - The Supreme Court And the Wild, Wild Web Cyber-rights activists who cheered when the U.S. Supreme Court issued its first opinion concerning the Internet five years ago should be cringing now that the same court has ruled on Congress' second attempt to regulate cyberspace. Although the court on Monday refused to lift a ban on enforcement of the Child Online Protection Act (COPA) - at least for now - a majority of the justices for the first time indicated that even the First Amendment has its limits online, an unexpected ruling that could be the beginning of the end of the untamed Web. http://www.newsbytes.com/news/02/176583.html - - - - - - - - Memo to Microsoft: Stay Secretive, Please Unix and Linux security owes much to openness and public disclosure, but Microsoft is too far gone for sunshine to do any good. Last week Microsoft VP Jim Allchin raised a fascinating new argument in the company's ongoing anti-trust drama when he claimed that Redmond needs to keep some security-related protocols and APIs secret from the public because disclosing them would make Microsoft's products vulnerable to hackers and virus-writers. Of course, even with these details kept secret today, there's no shortage of attacks against Microsoft operating systems containing these features. But this "security through obscurity" argument is as natural to Microsoft as it is anathema to open source types like me. http://online.securityfocus.com/columnists/82 - - - - - - - - Open source review would aid Windows security: Microsoft should dump security via obscurity, and submit its software to open source review, according to Gartner. The open source review bit is something so utterly alien, communist and horrible to the mind of Bill Gates that it's almost worth us running a competition to find what he'd rather do (Sacrifice of firstborn? Auction mother on eBay? Tell Steve Jobs he was right?) - but actually, Gartner is perpetrating a small piece of sensationalism by saying it agrees with Gates about security, "and believes that open source review of Microsoft's code is necessary to meet security goals." http://www.theregister.co.uk/content/4/25291.html Sustainable Computing Consortium attacked http://www.vnunet.com/News/1131788 Hackers turn on open source http://www.vnunet.com/News/1131782 - - - - - - - - PortSentry for Attack Detection, Part One The basic theory behind PortSentry operation revolves around the detection of scans on a host and the response that should be implemented in response to those scans. This is one reason why PortSentry should be classified as an "attack detection" tool. A network or system scan serves as a precursor to an attack and possible intrusion. Unless the attacker knows beforehand which ports are open or available on a system, they will initiate a scan to determine what services the host is running. This is where PortSentry comes into play. This tool monitors the TCP and UDP ports on a system and, depending on how the system is configured, will respond appropriately to an identified scan. http://online.securityfocus.com/infocus/1580 - - - - - - - - Pentagon hires anti-terror sniffer bees Tiny wireless transmitters connect to army laptop PCs. The Pentagon is all a-buzz about recruiting networked bees to sniff out bombs. The US government is hoping to use the wired up insects to sniff out minute residues of explosives and lead them to bomb factories and landmines. Each bee will carry a tiny wireless transmitter which can be tracked using a wireless connection to an army laptop computer. The bees are trained to think that TNT contains sugar so that they make a beeline for it. http://www.vnunet.com/News/1131790 - - - - - - - - Project seeks to put sensors on cell towers to thwart terrorism The tens of thousands of cell phone base stations across the country could host a network of sensors to detect and track airborne chemical, biological or radiological attacks, Oak Ridge National Laboratory researchers said Tuesday. http://www.nandotimes.com/technology/story/402058p-3200951c.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.