June 12, 2002 Atherton's cyber cop helps bust fake ID ring in town In just six months on the county's high-tech crime task force, Atherton police officer Jeff Hunter helped investigate 40 identity theft cases, worked on an FBI sting targeting a counterfeit Microsoft software ring, and helped shut down an operation run by two local teens making sophisticated fake IDs on their home computers. "Hopefully, it's keeping kids from drinking and driving," says Officer Hunter, 29, referring to the fake-ID bust. As the Atherton Police Department's in-house computer guru, he was a natural choice for assignment to the task force -- known as the San Mateo County Rapid Enforcement Allied computer team (REACT). The town's police department is reaping benefits of Officer Hunter's work, says Chief Bob Brennan. http://www.almanacnews.com/PAW/paonline/almanac/morgue/2002/2002_06_12.ahunter.html - - - - - - - - Govt targets prominent child porn users The government will soon strike at senior public and private figures who are indulging in child pornography on the Internet, Deputy Home Affairs Minister Nosiviwe Mapisa-Nqakula said yesterday. "Our warning to them is that they have now been unmasked and it is only a matter of time before we reach them. "Society cannot tolerate their kind anymore and serious action will be taken against them in accordance with the law," she told the National Assembly. http://www.dispatch.co.za/2002/06/12/southafrica/CCHILD.HTM - - - - - - - - Hoaxer strikes online news service again An unidentified hoaxer got the Internet Wire online press-release service to publish a bogus news release about a tiny drug company this week, in what may have been an attempt to manipulate the stock. The phony release Monday caused a short- lived jump in shares of Cel-Sci. Internet Wire and Cel-Sci both said they didn't know who was behind the false release, which has since been retracted. The companies have referred the matter to the Securities and Exchange Commission, which has declined to comment. http://www.usatoday.com/life/cyber/invest/2002/06/12/phony-release.htm http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3448378.htm http://www.washingtonpost.com/wp-dyn/articles/A34168-2002Jun11.html - - - - - - - - New Shakira Worm Wriggles Into Computers Latina Pop Singer Is Latest Socially Engineered E-Mail Virus. Anna Kournikova had one. So did Jennifer Lopez and even Britney Spears. Now, South American pop star Shakira has a turn at starring in her own e-mail virus. Like other socially engineered e-mail bugs, the Shakira worm promises unsuspecting receivers that an attached file contains pictures of the Latina singer. But open the file and the bug instantly spreads itself to everyone listed in a user's Microsoft Outlook e-mail program. http://abcnews.go.com/sections/scitech/TechTV/techtv_shakiraworm020612.html - - - - - - - - Homeland formula for failure ID'd The ultimate success or failure of the Homeland Security Department will be determined by the intelligence and information technology plan that's proposed and the person selected to lead that effort, according to a congressional fellow who advises the Executive Office of the President on technology. Speaking June 11 at the Armed Forces Communications and Electronics Association's TechNet International 2002 in Washington, D.C., Eileen Preisser, also director of the Defense Department's Homeland Defense Technology Center, said the key will be getting the new department to organize and share information horizontally, instead of vertically in the usual stovepipes. http://www.fcw.com/fcw/articles/2002/0610/web-fail-06-12-02.asp Homeland cybersecurity plans hailed http://www.fcw.com/fcw/articles/2002/0610/web-nipc-06-12-02.asp Info urged to fill military gaps http://www.fcw.com/fcw/articles/2002/0610/web-dod-06-12-02.asp - - - - - - - - New powers put privacy laws to the test The government's move to give more agencies access to personal Internet and telecoms information will put a strain on the Data Protection Act and other institutions, say critics. Privacy advocates said that upcoming moves to broaden the government's electronic surveillance powers will put a strain on existing consumer-protection legislation such as the Data Protection Act (1998). http://news.zdnet.co.uk/story/0,,t269-s2111748,00.html - - - - - - - - Music industry burned by CD piracy CD burning contributed to a surge in music piracy across the globe in 2001, with sales of pirated discs jumping an estimated 50 percent from the previous year, according to an industry report released Tuesday. The International Federation of the Phonographic Industry (IFPI), a lobbying group, said pirated disc sales jumped from 640 million units in 2000 to 950 million units in 2001. http://zdnet.com.com/2100-1106-935243.html Will Cable Unplug the File Swappers? http://www.businessweek.com/technology/content/jun2002/tc20020612_1108.htm - - - - - - - - Feds, industry battle the biggest network bug Four months after a public advisory warned of security vulnerabilities in a ubiquitous Internet remote management protocol, there have been no widespread attacks exploiting the holes. But technology companies and a special U.S. government panel are quietly evaluating the threat of related vulnerabilities in some of America's most critical electronic infrastructures, including the telephone network, the power grid, and the next generation of air traffic control systems. http://www.theregister.co.uk/content/55/25693.html - - - - - - - - Microsoft warns of 'critical' browser flaw Microsoft Corp. issued two bulletins Tuesday, disclosing "critical" flaws in its popular Internet Explorer Web browser, as well as in MSN Chat, MSN Messenger and Exchange Messenger. The Chat and Messenger flaws were to have been corrected by an earlier patch. The first bulletin involved Internet Explorer versions 5.01, 5.5, 6.0 and Proxy Server 2.0 and ISA Server 2000. The flaw involves a piece of faulty code that can let an attacker access a user's computer to run various programs. http://www.nandotimes.com/technology/story/431500p-3450240c.html http://www.usatoday.com/life/cyber/tech/2002/06/12/microsoft-security.htm http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3456800.htm http://www.cnn.com/2002/TECH/internet/06/12/microsoft.security.flaw.ap/index.html Microsoft's Gopher hole deepens Microsoft issued a "critical" security alert about a hole in its Internet Explorer browser that could allow hackers to use an outdated Internet protocol to seize control of people's computers. As previously reported, the exploit uses Gopher, an all-but-obsolete Internet protocol for fetching data from remote computers. Finnish security company Online Solutions uncovered the vulnerability May 20 and alerted the public last week. http://zdnet.com.com/2100-1105-935363.html http://news.com.com/2100-1001-935348.html Security holes: The danger within http://news.zdnet.co.uk/story/0,,t269-s2111703,00.html - - - - - - - - X-windows remote DoS with big fonts X-windows, with or without the font server (XFS) running can be crashed remotely via Mozilla when fonts are set to an unnaturally large size with CSS (Cascading Style Sheets), Tom Vogt of Lemuira.org has reported. An X bug allows all available memory to be consumed, which causes the system to freeze. The behavior can be duplicated with applications like the Gimp, we're told, but these aren't remotely exploitable. But with Mozilla, a pest can easily set up a malicious Web site which will crash unsuspecting Tuxers' boxen and cause any unsaved data in open apps to go away. http://www.theregus.com/content/55/25215.html - - - - - - - - Baltimore updates PKI software Baltimore Technologies Plc has released a new version of its security infrastructure software designed to enable the deployment of public-key enabled applications. The financially troubled security software company has added "cloning" and XKMS (XML Key Management Specification) support to version 5.0 of its UniCert PKI product. http://www.theregus.com/content/55/25212.html - - - - - - - - Pentagon on track to add biometrics to access card The Defense Department is pursuing an aggressive timetable for incorporating biometric identifiers in its Common Access smart card. We've got a road map, we?re moving along it, and we're moving fast, Army CIO Lt. Gen. Peter Cuviello said June 12 at the AFCEA TechNet International Conference in Washington. The Army is the lead service for the department's Biometrics Management Office. The Common Access Card is the government's largest public-key infrastructure deployment. Cards containing digital certificates are to be issued to all active-duty civilian and military personnel by the end of next year. http://online.securityfocus.com/news/477 - - - - - - - - Security firms tout savings, not safety At a recent publicity event here, two security companies and accounting giant PricewaterhouseCoopers showed off their latest tool for selling software: a calculator that lets clients estimate how much money they can save by using the companies' offerings. The tool highlights an ongoing change in the market. Despite the terror of Sept. 11 and cries of imminent cyber-attack, companies aren't interested in security for its sake alone; they want to be able to cut their bottom line as well. http://zdnet.com.com/2100-1104-935512.html http://news.com.com/2100-1001-935484.html - - - - - - - - U.S. Gov't Still Penguin Shy Open-source enthusiasts sometimes predict that Linux and other free software could revolutionize not merely the business world, but also government. U.S. government agencies, the thinking goes, could save taxpayers perhaps $1 billion a year in licensing fees by dumping proprietary products sold by Microsoft and Oracle in favor of more reliable, free software alternatives. http://www.wired.com/news/linux/0,1411,53005,00.html - - - - - - - - Your identity reduced to a 3-inch strip of ink A small technology company nestled in a suburban office park outside Philadelphia has patented technology that can cram a digital photograph, a fingerprint, and lots of other identification data in a very tiny space. In the post-Sept. 11 world, that means the company, Datastrip Inc., can be a major player in the rush to develop tamperproof passports and visas, driver's licenses and health-insurance cards. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3454566.htm - - - - - - - - Credit-card hackers stung with bogus IIS' sploit What happens when you float a counterfeit IIS hole in a carder chatroom on IRC, tantalizing its young denizens with a quick, easy score? Do they proxy up, patiently enumerate the site, grab banners, analyze what they're up against and carefully plot an attack? Or do they rush into the trap like so many elite lemmings? http://www.theregister.co.uk/content/55/25692.html - - - - - - - - Developing an Effective Incident Cost Analysis Mechanism When it comes to calculating damages from computer security incidents, some in the media will tell you that it is impossible to come up with a value. At the same time, others will tell you that the Melissa Virus caused $80 million in damages to US businesses. Who is right? Can these damages be calculated, and if so, how? A project by representatives of the Big Ten Universities (plus a few others) in the late 90's undertook to systematically examine the real costs of security incidents. The results of this project were an incident cost model and examples of costs for typical security incidents at these institutions. http://online.securityfocus.com/infocus/1592 - - - - - - - - Virus Girl Finds Hacker Boyfriend Meet hacking's hottest couple: Gigabyte, the feisty teen who recently gained celebrity for her computer viruses and feminist views, says she has found a soul mate in Nostalg1c, a former member of a hacking group that defaced the White House site. The duo, a kind of Bonnie and Clyde of cyberspace, claim their shared love of malicious code gives them a strong bond. Then again, it may also make the lovebirds a one-stone shot for the federal computer crime unit in their native Belgium. http://www.wired.com/news/culture/0,1284,53121,00.html http://www.vnunet.com/News/1132552 - - - - - - - - Senators decry spectrum policy, name defense as top priority Senators leveled criticism at the nation's spectrum- management process during a Tuesday hearing, calling the process everything from inefficient and piecemeal to a tool used to fatten the treasury, but they agreed that any changes must meet Defense Department needs. http://www.govexec.com/dailyfed/0602/061202td1.htm - - - - - - - - Stalker tech Students at the University of California at San Diego are tracking their friends' locations with PDAs. It's 11 p.m. Do you know where your boyfriend is? If he attends the University of California at San Diego, finding him may be as easy as turning on a PDA. The universitys equipping hundreds of students with personal digital assistants that allow them to track each other's location from parking lot to lecture hall to cafeteria. The technology is sophisticated enough to pinpoint where a person is in a building -- say, a dorm -- within a margin of error of one floor. http://salon.com/tech/feature/2002/06/11/stalker_tech/index.html - - - - - - - - Defense bill would create tech center for 'first responders' A House-passed bill to reauthorize Defense Department programs contains various technology provisions, including a proposal to create a center for the transfer of military technology to emergency "first responders." Pennsylvania Republican Curt Weldon, chairman of the House Armed Services Military Readiness Subcommittee, made the proposal. The House passed the authorization bill, H.R. 4546, by a 359-58 vote on May 9. http://www.govexec.com/dailyfed/0602/061202td2.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.