November 21, 2002 Court keeps Ericsson spy in custody A Stockholm court on Thursday remanded in custody of one of three Swedes suspected of spying for Russia on telecoms equipment maker Telefon AB LM Ericsson after the prosecutor asked for more time to prepare charges. Sweden expelled two Russian diplomats in connection with the spying scandal. The Russian foreign ministry has said it was considering a response, but made no expulsions so far. http://zdnet.com.com/2110-1106-966730.html - - - - - - - - CD counterfeiters now targets of violent robbers Recent gunfire in offices at the center of the nation's pirate compact disc and DVD trade indicates that soaring profits are drawing violent criminals to the illegal, but once-placid business, authorities say. An armed robber shot Guinean immigrant Ablia Diallo to death Tuesday in a midtown Manhattan office stuffed with counterfeit CDs and DVDs, including recent releases ``8 Mile'' and ``Harry Potter and the Chamber of Secrets,'' police said. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/4572409.htm http://www.usatoday.com/tech/news/2002-11-21-pirate-violence_x.htm - - - - - - - - US homeland security to police the Net A new bill has been passed in the US which A massive new bureaucracy will play a major role in securing software, hardware and the Net. The overwhelming vote by the Senate on Tuesday approving a Homeland Security Department has cleared the way for massive reorganisation of the federal government that will have a dramatic impact on computer and network security in the US. http://news.zdnet.co.uk/story/0,,t269-s2126311,00.html - - - - - - - - Officials aim to send Bush cybersecurity plan by year's end The White House Office of Cyberspace Security expects to complete work on the national cybersecurity strategy and send it to President Bush for his signature by the end of the year, according to a top White House official. Marcus Sachs, director of communication and infrastructure protection at the office, also said on Thursday that the office received more than 1,000 responses to the draft plan unveiled in September by the Nov. 18 deadline for comments. http://www.govexec.com/dailyfed/1102/112102td1.htm http://www.gcn.com/vol1_no1/daily-updates/20562-1.html - - - - - - - - U.S. spy project raising alarm Its name is Orwellian, its head has a notorious past, and its goal has civil libertarians and computer privacy advocates in a frenzy: Let the government troll vast databases of credit-card transactions, medical records and other personal information for signs of terrorist activity. As more is becoming known about the Total Information Awareness System, a Pentagon research project headed by former Iran-Contra figure John Poindexter, more people are becoming alarmed about the implications. http://www.bayarea.com/mld/mercurynews/4568574.htm - - - - - - - - Privacy czar plays homeland role After a two-year absence, a privacy czar of sorts is returning to the federal government. The Homeland Security Department will have a privacy officer whose job will be to ensure that activities of the new department do not erode the privacy of ordinary Americans. http://www.fcw.com/fcw/articles/2002/1118/web-private-11-21-02.asp http://www.govexec.com/dailyfed/1102/112002ti.htm - - - - - - - - Mishandled patch trips security alarms The questionable handling of a fix for a recent widespread software vulnerability has some administrators worried that developers can't be trusted to make security a top priority. Last week, the Internet Software Consortium withheld the patch for a critical flaw in the domain name system (DNS) software from a large number of researchers, asking instead that each person send the organization an e-mail request in order to get the fix. http://zdnet.com.com/2100-1105-966666.html - - - - - - - - CipherTrust wants your spam E-mail security company CipherTrust wants your spam. The company is calling on surfers of all stripes to help it wage a fight against spam by sending their unsolicited mass e-mail to its new Web site, Spamarchive.org. The idea is to create a vast public repository of spam, so makers of antispam tools can test their algorithms on the latest mass-messaging trends. http://news.com.com/2100-1023-966768.html - - - - - - - - Japan mulls Windows replacement Vulnerabilities of its Windows operating system may cost Microsoft dearly as the Japanese government is set to evaluate open-source alternatives to beef up computer security. The authorities are contemplating the move for its e-government projects because problems in open platforms such as Linux are thought to be easier to fix, Kyodo News reported. http://zdnet.com.com/2100-1104-966700.html - - - - - - - - Another Microsoft Windows security flaw disclosed Microsoft on Wednesday disclosed a security flaw of "critical" severity in most versions of its popular Windows operating system. In its 65th security bulletin of the year, Microsoft urged users of Windows 2000, Millennium, 98 and NT 4.0 to download a software patch from the company's security Web site. Microsoft's newest version, Windows XP, does not have the problem. http://www.usatoday.com/tech/news/computersecurity/2002-11-21-windows-security_x.htm http://www.newsfactor.com/perl/story/20050.html http://www.cnn.com/2002/TECH/biztech/11/21/microsoft.security.ap/index.html http://www.msnbc.com/news/838272.asp - - - - - - - - The Cult of Hackers Gartner research director Richard Stiennon told NewsFactor that those who are seen as taking on the establishment often win the admiration of onlookers. Hackers are typically portrayed as one of two stereotypes: digital Robin Hoods taking on the Internet's wired establishment or sinister masterminds who can upend everyday users' lives with their technical exploits. In reality, hackers -- who tend to resist that blanket term in favor of more specialized designations, such as cracker, white hat or black hat -- are usually tech-savvy individuals experimenting with their skill sets by probing applications and Web sites for vulnerabilities, security expert Ryan Russell told NewsFactor. http://www.newsfactor.com/perl/story/20047.html - - - - - - - - Lawyers Fear Misuse of Cyber Murder Law Defense attorneys say the new threat of life imprisonment for hackers who try to "cause death" by computer will be used to squeeze quick guilty pleas from even non-lethal cyberpunks. A genuine cyber murder may never happen outside the pages of tabloid newspapers and Tom Clancy novels, but defense attorneys say that won't keep federal prosecutors from getting some mileage out of a provision in the newly-passed Homeland Security bill that dictates a maximum sentence of life imprisonment without parole for computer hackers with homicide in their hearts. http://online.securityfocus.com/news/1702 - - - - - - - - Sex, Text, Revenge, Hacking and Friends Reunited Sometimes, you come across a court case that is simply perfect. And this one, a tale of two-timing, intercepted text messages, computer hacking, and publication of sex pictures on Friends Reunited, scores a big fat nine out of 10. A 21-year old student who took revenge on his cheating girlfriend was jailed for five months at Guildford Crown Court on Tuesday. http://online.securityfocus.com/news/1700 - - - - - - - - Stop wasting money on security Our network and Internet security programs are generally failing. While viruses, worms and hacking attacks continue to evolve, the costs of security failure have about doubled for each of the last five years. It has been standard practice for too long for companies to counter this trend by investing in additional security technology. In the end, however, they still lag the hackers and the malefactors of malicious code. http://zdnet.com.com/2100-1107-966520.html Is IT overspending on security? http://news.com.com/2010-1071-966448.html - - - - - - - - SQL Injection and Oracle SQL injection techniques are an increasingly dangerous threat to the security of information stored upon Oracle Databases. These techniques are being discussed with greater regularity on security mailing lists, forums, and at conferences. There have been many good papers written about SQL Injection and a few about the security of Oracle databases and software but not many that focus on SQL injection and Oracle software. http://online.securityfocus.com/infocus/1644 - - - - - - - - Quantum encryption to make life more difficult for Internet spies. A new method of scrambling data manipulates light to create more complex patterns than just "on" or "off," as with typical encryption. As a result, the information in an e-mail message or file is indecipherable because it contains too much "noise." Horace Yuen, one of the project's founders and a professor of electrical and computer engineering at Northwestern University, said it's an especially timely tech development in light of the global focus on terrorism. http://www.wired.com/news/infostructure/0,1377,56453,00.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.