August 12, 2022 Police arrest 20 in Internet child-porn swoop European and US customs uncover online paedophile ring involving 45 children. European and US law enforcement officials have cracked a ring of pedophile parents who sexually abused their children and traded photographs over the Internet, the US customs service said on Friday. The cross- border sweep resulted in 20 arrests and removed 45 children aged 2 to 14 from abusive parents, customs officials said. More arrests were likely, they added. http://news.zdnet.co.uk/story/0,,t269-s2120683,00.html Fresno man indicted in pornography ring Clovis chiropractor Lloyd Alan Emmerson, indicted in February on federal charges that he sent photos over the Internet of children engaged in sexually explicit acts, is part of an international child pornography ring that U.S. officials cracked down on today. Ten Americans, including Emmerson, 45, and six foreigners were charged today with taking sexually explicit photographs of their own children or children in their care and sending them over the Internet to an international child pornography ring, the U.S. Customs Service said. http://www.fresnobee.com/local/story/3910336p-4935904c.html - - - - - - - - Pentagon gets its laptops back Top brass breathe collective sigh of relief. Military investigators have found two missing laptop computers that were taken from the headquarters of the US Army Central Command in Florida. The theft, which was right under the nose of some of the tightest security in the US, sparked a nationwide security alert involving a team of 50 investigators. Classified data on one of the laptops is understood to have been on military operations in Afghanistan. http://www.vnunet.com/News/1134271 http://www.af.mil/news/Aug2002/8120292.shtml - - - - - - - - Hacker steals Nasa shuttle plans Design data lifted from 'closed' server. Officials at Nasa were left red-faced last week after it emerged that a hacker had snuck onto the organisation's network and made off with design data about future space vehicles. Some 43MB of of data, including a 15-page PowerPoint presentation for a shuttle design that featured detailed engineering drawings, were copied from one of Nasa's 'closed' servers. http://www.vnunet.com/News/1134290 http://www.newsfactor.com/perl/story/18972.html - - - - - - - - State will promote cybersecurity guidelines The State Department is endorsing the development of a culture of security as described in the Organization for Economic Cooperation and Developments new guidelines for protecting systems. OECD, an economic analysis agency in Paris, was founded after World War II to coordinate international development. Its support comes from Western European countries, Australia, Canada, Japan and the United States. http://www.gcn.com/vol1_no1/daily-updates/19599-1.html - - - - - - - - Government to crack down on chat rooms Home Office looks to make the "grooming" of children by paedophiles illegal. New laws aimed at targeting paedophiles who seek to entrap their victims over the Internet may be introduced, the Home Office has said. The move to criminalise "grooming" -- the term used by paedophiles to describe befriending children over the Internet -- has been given an extra sense of urgency by the disappearance a week ago of two ten-year-old schoolgirls who went missing shortly after using a computer. http://news.zdnet.co.uk/story/0,,t269-s2120671,00.html - - - - - - - - Internet fleecing scams thrive in Nigeria It begins innocently enough. A letter or an e-mail comes addressed to you from a Nigerian claiming to be the son of a former military head of state, and heir to millions of dollars stashed in secret accounts across the world. They say you're one of the lucky few selected to receive a certain percentage of it. But there's a catch. http://www.cnn.com/2002/TECH/internet/08/11/nigeria.scam/index.html - - - - - - - - Stakes are higher for hackers since Sept. 11, experts say In 1997, a teenager who hacked into a Bell Atlantic network inadvertently crashed the computer, leaving 600 homes, a regional airport and emergency services without phone service and disabling communications to the air traffic control tower for 6 hours. The teen pleaded guilty and received a sentence of 2 years probation, a $5,000 fine and community service. But in the near future, that scenario could land someone in jail for life if a death were to result from a plane crash or a delay in reaching medics on the phone. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3845088.htm http://zdnet.com.com/2100-1105-949330.html http://www.cnn.com/2002/TECH/internet/08/12/hackers.reut/index.html http://www.usatoday.com/tech/news/computersecurity/2002-08-12-hacker-world_x.htm - - - - - - - - 'Sweeping' Up After Identity Theft Recent cases indicate that federal courts are emphasizing the severity of identity theft by imposing significant prison sentences. In a recent osOpinion column about identity theft, the writer intimated that cops and legislators are "deaf to the cries of [identity theft] victims," and pointedly asked, "When will we begin to see the identity thieves behind bars?" Recent events show that law enforcement's and legislatures' hearing has gotten a lot sharper, and that law enforcement is already getting good at catching and putting identity thieves in prison. http://www.newsfactor.com/perl/story/18967.html - - - - - - - - PGP flaw could let unauthorized people decode sensitive e-mail Snoopers on the Internet could decode sensitive e-mail messages simply by tricking recipients into hitting the reply button, computer security researchers warned Monday. The flaw affects software using Pretty Good Privacy, the most popular tool for scrambling e-mail. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3845811.htm http://zdnet.com.com/2100-1105-949368.html http://news.zdnet.co.uk/story/0,,t269-s2120724,00.html http://news.com.com/2100-1001-949368.html http://www.cnn.com/2002/TECH/internet/08/12/encryption.flaw.ap/index.html http://www.washingtonpost.com/wp-dyn/articles/A6879-2002Aug12.html http://www.nandotimes.com/technology/story/496086p-3955692c.html - - - - - - - - Flash flooded by security flaws Macromedia has warned that its Flash Player, a ubiquitous application for playing multimedia files, has a vulnerability that could allow attackers to run malicious code on Windows and Unix-based operating systems. Separately, researchers discovered a flaw in the player that could allow an attacker to read files on a user's local hard drive. The software flaws are serious because the Flash Player is so widespread. Macromedia estimates that more than 90 percent of PCs are capable of playing Flash content. http://zdnet.com.com/2100-1104-949344.html http://news.zdnet.co.uk/story/0,,t269-s2120688,00.html http://news.com.com/2100-1040-949364.html - - - - - - - - Unix GUI in heap big security trouble The Common Desktop Environment (CDE) ToolTalk RPC database server contains a vulnerability that could allow a remote attacker to execute arbitrary code on target systems or cause a denial of service. That's the gist of a warning issued today by security clearing house CERT which lists a variety of *Nix and Linux systems (including those from Caldera, Compaq, HP, IBM, SGI and Sun) as vulnerable. http://www.theregister.co.uk/content/55/26641.html - - - - - - - - Lethal vulnerability in PHP requires an upgrade PHP, a server-side scripting language popular with Apache Web server administrators, has a serious flaw that could give an attacker complete access to the server. Intel platform servers are less vulnerable to this potential attack but should also be attended to. Risk levelcritical Although there are no reports of actual attacks based on this vulnerability yet, it is a critical threat because it can allow the attacker to run any arbitrary code on the server. The PHP Group describes this vulnerability as "serious." It can be exploited by both local and remote users. http://www.techrepublic.com/article.jhtml?id=r00220020812mco01.htm - - - - - - - - SSL defeated in IE and Konqueror A colossal stuff-up in Microsoft's and KDE's implementation of SSL certificate handling makes it possible for anyone with a valid VeriSign SSL site certificate to forge any other VeriSign SSL site certificate, and abuse hapless Konqueror and Internet Explorer users with impunity. http://online.securityfocus.com/news/573 - - - - - - - - Spamming the World In a popularity contest, bulk e-mailers would rank just above child pornographers. But the scourge of the Internet is defending its vocation. Al Ralsky would like you to have thick, lustrous hair. He also wants to help you buy a cheap car, get a loan regardless of your credit history and earn a six-figure income from the comfort of your home. But according to his critics, Ralskys not a do-gooder, but a bane of the Interneta spammer, responsible for deluging e-mail accounts and choking the Internet service providers (ISPs) that administer them. http://www.msnbc.com/news/792491.asp - - - - - - - - Lessons learned from the 'Great TechRepublic Laptop Theft' We was robbed! Actually, we was burgledbut it doesnt have the same ring to it, does it? A couple of weeks ago, the TechRepublic offices were among several in our area that were hit by the classic person or persons unknown. The thieves got away with a bunch of stuffincluding my laptop. http://www.techrepublic.com/article.jhtml?id=r00620020808bob01.htm - - - - - - - - One is not enough Most press releases are self-serving, hype-ridden, mistargeted, and just plain useless. So when one arrives that's actually useful, it's a pleasant surprise, to say the least. This happened last week when GFI Software in Valetta, Malta, sent a note stressing the importance of using multiple antivirus engines to screen e-mail that enters your enterprise from the outside world. http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2876822,00.html Undefended e-mail gateway no bargain http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2852468,00.html - - - - - - - - New computer security dilemma: a lack of viruses The first half of 2002 has been an eerily quiet period for the computer experts on watch for worms and viruses, leaving some to trumpet their effectiveness even as their predictions of doom are now looking overblown. Nobody has a bullet- proof explanation, but theories range from the introduction of enhanced anti-virus software to stiffer anti-hacker laws to more vigilant computer users. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3848828.htm http://zdnet.com.com/2100-1105-949411.html Teenage virus-creators disappear http://news.zdnet.co.uk/story/0,,t269-s2120728,00.html http://www.usatoday.com/tech/news/computersecurity/2002-08-12-virus-creators_x.htm - - - - - - - - BBC impartiality not hit by 'hacking' The BBC has insisted its coverage is always impartial despite claims that Downing Street hacked into its computer system in efforts to influence journalists. The Conservatives are calling on the BBC to outline what it did to investigate the allegations. http://news.bbc.co.uk/2/hi/uk_news/politics/2188079.stm http://www.vnunet.com/News/1134277 - - - - - - - - The hacker's worst enemy? Another hacker By far the most entertaining - and controversial - speech of this year's DNSCON, the UK hacker conference, was delivered by Scotsman Gus (something of the Irvine Welsh of the UK's h4xOr scene) who lambasted the Hollywood image of hacking. Gus, who doesn't admit to being a hacker himself ('that would be criminal') but clearly knows a thing or two, fired his opening shot by saying anybody who thought hacking was glamorous or a "way to get chicks" was hopelessly wrong http://online.securityfocus.com/news/574 - - - - - - - - The Original Anti-Piracy Hack The entertainment industry's plan to use malicious cyber attacks to enforce its copyrights has precedent in a strange British case from a decade past. Hey, all Peer-to-Peer Piracy Prevention Act purveyors! I have a can't-miss technology development plan for you. Buried deep in the stacks of ancient cyber-history, it is called the tale of the AIDS Information Trojan horse. http://online.securityfocus.com/columnists/102 - - - - - - - - We must engage in copyright debate If you can set the rules, you can win the contest. That's the major reason the entertainment cartel is winning the debate over copyright in the Digital Age. http://www.siliconvalley.com/mld/siliconvalley/business/columnists/gmsv/3842508.htm - - - - - - - - Conduct an internal and external security audit Conducting a thorough network security audit has never been more critical. Almost every organization is connected to the Internet in some way, the number of interconnections between organizations is growing, and the ranks of telecommuters are increasing. Of course, for an audit to be effective, you need to know where and how to look for vulnerabilities. (TechRepublic article, free registration required) http://www.techrepublic.com/article.jhtml?id=r00220020814low01.htm - - - - - - - - TalkBack: You Missed A Facet As I read this, I agree with Mr. Farber about there being no "be all, end all" solution to system security. For example, most people with some amount of computer expertise know that antivirus software alone is not adequate in securing a system against viruses. Unfortunately, I'd say that a fair number of computer users do not necessarily have this expertise. http://forums.zdnet.com/group/zd.Tech.Update/it/itupdatetb.tpt/@thread@7799@forward@1@D-,D@ALL/@article@7799?EXP=ALL&VWM=hr&ROS=1& Miracle cure for security woes? http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2876552,00.html - - - - - - - - British schools watch for text-message bullying When students return to England's school in September, teachers plan to crack down on the latest method of bullying: sending threatening text messages over mobile phones. Students caught doing that face being expelled in an effort to stop the growing problem, the government said Monday. An updated guidance to teachers on bullying will explicitly recognize the phenomenon for the first time, the Department for Education and Skills said. Victims will be encouraged to keep the threatening messages they receive, or a record of them, officials said. Students who prove their case also could have their mobile phone operators change their phone number for free. http://www.nandotimes.com/technology/story/496502p-3960011c.html - - - - - - - - Protesters tear up Japan ID numbers Protesters tore up government notices assigning them ID numbers at Japan's Public Management Ministry in downtown Tokyo on Monday, the latest civil disobedience against the new nationwide resident registry system. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3847177.htm http://www.nandotimes.com/technology/story/496142p-3957612c.html http://www.usatoday.com/tech/news/internetprivacy/2002-08-12-japan-id-system_x.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.