August 9, 2002 45 children removed in Web porn ring bust U.S. and European law-enforcement officials have arrested 20 people who sexually abused their own children and traded photographs and tips over the Internet, the U.S. Customs Service said on Friday. The cross-border sweep removed 45 children from their abusive parents, 37 of them in the United States, Customs said. Authorities say the parents traded photos of themselves sexually abusing their own children and shared tips in online chat rooms. http://www.cnn.com/2002/US/08/09/internet.porn.reut/index.html http://zdnet.com.com/2110-1106-949119.html http://www.msnbc.com/news/792052.asp http://www.usatoday.com/tech/news/techpolicy/2002-08-09-net-pornography_x.htm - - - - - - - - Arrest was connected to federal sting Teen pleads no contest to child-porn charges Eric Alan Rinehart posted illegal images on an Internet e-circle and downloaded video and audio images, said a prosecutor. Eric Alan Rinehart, of the 100 block of Avendale Avenue Northeast, was 17 when Roanoke police arrested him last year, Assistant Commonwealth's Attorney Ann Gardner said. He has since turned 18, but a Juvenile and Domestic Relations judge heard his case. http://www.roanoke.com/roatimes/news/story134725.html - - - - - - - - NASA Investigating Computer Data Breach The information breach reportedly revealed detailed drawings and design data on a relaunchable space vehicle. These details are restricted for military reasons. NASA investigators are looking into how sensitive information on next-generation launch vehicles was disclosed. Officials would not confirm whether the space agency's computer systems had actually been penetrated, but did tell NewsFactor that the materials -- which reportedly included contractor data on a next-generation, reusable space vehicle -- were stored on a closed database. http://www.newsfactor.com/perl/story/18972.html - - - - - - - - Man cleared of running terrorist-training web site A chef who promoted ``The Ultimate Jihad Challenge'' on an Internet site, inviting people to take weapons training in the United States, was found innocent of terrorist charges Friday. A jury at London's Old Bailey criminal court found Sulayman Balal Zainulabidin, 44, innocent of violating the Terrorism Act. Zainulabidin, a convert to Islam, was arrested three weeks after the Sept. 11 attacks on the Pentagon and World Trade Center, and two weeks after going to a London police station to complain that he did not feel safe after a newspaper article published details of his Web site. It has since been dismantled by British authorities. http://www.bayarea.com/mld/mercurynews/3831255.htm http://www.wired.com/news/politics/0,1283,54440,00.html - - - - - - - - US military laptops stolen Top secret data goes walkabout. Two laptops have disappeared from the headquarters of the Central Command of the US Armed Forces in Tampa, Florida, one of which contained top secret information. Russian daily Pravda reported that General Richard Myers, chairman of the US Joint Chiefs of Staff, had to acknowledge that the computers vanished from the office despite high-level security. http://www.vnunet.com/News/1134230 - - - - - - - - "E-bomb" may see first combat use in Iraq Weapons designed to attack electronic systems and not people could see their first combat use in any military attack on Iraq. It is widely believed that the US is planning for an attack that could overthrow Iraq's leader, Saddam Hussein, who it believes is developing weapons of mass destruction. The Iraqi president responded publicly for the first time on Thursday, exhorting Iraqis to be prepared "with all the force you can to face your enemies". http://www.newscientist.com/news/print.jsp?id=ns99992654 - - - - - - - - Cybercafe ordinance put on hold A California judge issued a temporary restraining order this week preventing the city of Garden Grove from enforcing a new ordinance that restricts cybercafes. Orange County Superior Court Judge Dennis S. Choate on Wednesday delayed implementation of the ordinance amid concerns it might violate free-speech rights and harm the cafes financially. He also set a hearing for Aug. 29 so both sides could try to arrive at a compromise. http://news.com.com/2100-1023-949190.html - - - - - - - - FTC, Microsoft settle case over security requirements Microsoft Corp. must put its Passport Internet service through regular security checks for the next two decades after the federal government determined the company deceived consumers about how well it protects their personal information. From public shaming to appealing to the industry's patriotism, government officials have tried several methods over the past year to encourage tech firms to take computer security more seriously. The Federal Trade Commission deal announced Thursday is the first that puts measurable security requirements on a company. http://www.nandotimes.com/technology/story/493769p-3938859c.html - - - - - - - - Lawmakers sic Ashcroft on file swappers lawmakers have asked Attorney General John Ashcroft to go after Internet users who download unauthorized songs and other copyrighted material, raising the possibility of jail time for digital- music fans. In a July 25 letter released late Thursday, 19 lawmakers from both sides of the aisle asked Ashcroft to prosecute "peer-to-peer" networks like Kazaa and Morpheus and the users who swap digital songs, video clips and other files without permission from artists or their record labels. http://news.com.com/2100-1023-949229.html http://www.usatoday.com/tech/news/techpolicy/2002-08-09-law-music-swap_x.htm - - - - - - - - EFF pimps X-Box cracker 'victory' "The Electronic Frontier Foundation (EFF) is pleased to announce that former MIT doctoral student Andrew 'Bunnie' Huang will present a paper explaining a security flaw in the Microsoft Xbox (TM) videogame system," a recent press release begins. Of course the paper has been available from Huang's account at MIT since April, so any danger from his appearance at a conference is largely imaginary. Huang long ago notified MS of his paper with EFF supervision, presumably appealing to the Digital Millennium Copyright Act (DMCA) exclusion for cryprographic research. http://online.securityfocus.com/news/568 - - - - - - - - Boy, Have You Got Mail: Spam Attacks on Rise Experts have no concrete answer for why junk e-mail has proliferated so much. Some note that spam is more appealing to marketers in a weak economy because it's relatively inexpensive. If you think your mailbox is filling ever faster with junk e-mail, you're right. More than 4.8 million "spam attacks" were counted last month by Brightmail Inc., a software maker that monitors junk mail on the Internet, compared with just over 879,000 attacks in June 2001. As recently as December, the monthly figures were under 2 million. http://www.newsfactor.com/perl/story/18939.html - - - - - - - - Boffins hide passport details in pictures Digitally altered photos could tackle ID fraud Israeli security experts have developed a way of digitally encrypting passport pictures or signatures so that they can be viewed only by customs officers. Developed by a team at Ben Gurion University, the system works by converting fingerprints or signatures into numbers that slightly alter the position of the millions of different coloured dots that make up a normal colour photo. http://www.vnunet.com/News/1134231 - - - - - - - - Actel pushes for better FPGA security safeguards With so much intellectual property being crammed into fewer and fewer ICs, the threat of hackers or rogue rivals tinkering with or stealing the code is prompting more companies to ponder possible security holes in their designs and how to sew them up. Experts say there's no way to stop a chip's security wall from being breached given the right expertise and equipment. Indeed, Chipworks, which specializes in reverse-engineering analysis of ICs, has yet to come across a device or coding scheme that has stumped its engineers. http://www.eetimes.com/semi/news/OEG20020808S0038 - - - - - - - - Old game machine turned into Linux hacker tool Security researchers at the Defcon hacker conference turn Dreamcast consoles and other innocuous gadgets into stealthy network monitoring devices Sega's defunct Dreamcast gaming console, which has long since stopped rolling off the manufacturing lines, has gained a surprising new lease on life. http://news.zdnet.co.uk/story/0,,t269-s2120283,00.html - - - - - - - - Dangers of the Google tool bar exposed A series of attacks based on a flaw in the way the Google tool bar uses URLs to alter browser settings has been described by Israeli security outfit GreyMagic Software. In its mildest forms, exploiting the bug will allow an attacker to irritate a user with such stunts as clearing his toolbar history or uninstalling the Google feature. In its worst forms, it can tap keyboard input, re-route searches and allow files to be read and programs to execute in the "My Computer" security zone. http://online.securityfocus.com/news/570 http://news.zdnet.co.uk/story/0,,t269-s2120613,00.html - - - - - - - - Trio of bugs bite MS Content Management Server A trio of vulnerabilities in Microsoft's Content Management Server (MCMS) has come to light, the most serious of which potentially allows attackers to gain control of victim's machines. Microsoft has issued a patch - which Redmond characterises as of "critical importance" - designed to fix the problem with Content Management Server 2001 software, Redmond's product for the development and management of e-business Web sites. http://online.securityfocus.com/news/569 - - - - - - - - 'Safe' web still wide open - Windows sleuth Professor David Martin and Andrew Schulman - the latter best known for his Windows forensics - have updated their analysis of SafeWeb's privacy browsing system, and say it still leaves users "sitting ducks". SafeWeb licensed the architecture to PrivaSec, which says its suspended its entire product line - including the public demo of the browsing systems - "due to a series of developments." It doesn't say what those developments might be. http://www.theregister.co.uk/content/55/26608.html - - - - - - - - Creative Attacks' Beat Crypto -- Expert Professional encryption breaker says Moore's Law increases security risks as fast as it boosts chip storage. In 1998 cryptographer Paul Kocher developed a method for deducing the secret key embedded in a cryptographic smart card by monitoring tiny fluctuations in power consumption. Three years earlier, at the tender age of 22, he made headlines with a technique to compromise implementations of the RSA algorithm -- not with a direct frontal assault, but by watching the amount of time a system took to perform certain functions. http://online.securityfocus.com/news/572 http://zdnet.com.com/2100-1104-949170.html http://news.com.com/2100-1001-949170.html http://www.msnbc.com/news/792126.asp - - - - - - - - Filtering Internet traffic: ASP or in-house? Increasingly more enterprises are using Internet monitoring and filtering software to track their employees' online destinations. The big question is whether to monitor your employees with in-house staff. According to an American Management Association survey, 63 percent of companies monitored their employees' Internet use in 2001-- an increase from 2000, when 54 percent of companies kept tabs on their employees' Internet use. IDC's latest numbers show similar results. Of the companies surveyed by the research firm in 2000, 51 percent said they had Internet monitoring in place. http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2876253,00.html - - - - - - - - Bug Finders: Should They Be Paid? A security company's offer to pay for information on bugs discovered in software has once again stirred discussions over a long-simmering issue -- whether independent researchers should receive compensation for the flaws they find and how information about security vulnerabilities should be disclosed. http://www.wired.com/news/technology/0,1282,54450,00.html - - - - - - - - Open source's new weapon: The law? Open-source software advocates will unfurl a legislative proposal next week to prohibit the state of California from buying software from Microsoft or any other company that doesn't open its source code and licensing policies. Named the "Digital Software Security Act," the proposal essentially would make California the "Live Free or Die" state when it comes to software. If enacted as written, state agencies would be able to buy software only from companies that do not place restrictions on use or access to source code. The agencies would also be given the freedom to "make and distribute copies of the software." http://news.com.com/2100-1001-949241.html - - - - - - - - New biometric technology may soon lead to safer handguns Researchers at Lumidigm may have discovered that identity, like beauty, is only skin deep. The Albuquerque, NM-based company claims that it can validate a persons ID with fingerprint-like accuracy by shining an infrared light into a small section of skin and measuring the reflection a finding that may add innovative security features to portable devices, including an accurate trigger lock for a new electronic gun. http://www.msnbc.com/news/792043.asp *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.