November 26, 2002 DDOS attack 'really, really tested' UltraDNS A major provider of domain name system infrastructure services was hit by a distributed denial of service attack last Thursday morning described as bigger and more sophisticated than anything else it has previously seen, writes Kevin Murphy. UltraDNS Corp, which provides DNS services for the likes of oracle.com and top-level domains including .info and, from January 1 2003 .org, was hit by a DDoS attack unprecedented in its scale. http://www.theregister.co.uk/content/55/28291.html http://www.msnbc.com/news/839842.asp http://zdnet.com.com/2100-1105-971178.html http://www.vnunet.com/News/1137117 - - - - - - - - More arrests in Sonera snooping probe Finnish police have withdrawn a request to arrest former Sonera boss Kaj-Erik Relander on suspicion of complicity in an escalating phone tracing scandal involving the telecoms carrier. Finland's National Bureau of Investigation (NBI) yesterday withdrew court proceedings at Helsinki District Court that would have led to the arrest of Relander for suspicion of gross violation of customer secrecy between 2000 and 2001. http://www.theregister.co.uk/content/6/28295.html - - - - - - - - Helpdesk staff arrested for huge ID theft A computer helpdesk employee with access to sensitive passwords from banks and credit companies has been charged with stealing financial information from more than 30,000 people. Philip Cummings, 33, has been charged with wire fraud and conspiracy in what is believed to be the biggest case of identity theft in US history. http://www.vnunet.com/News/1137125 http://www.cnn.com/2002/LAW/11/26/ID.theft.ap/index.html http://zdnet.com.com/2100-1106-971196.html Why were all at risk of ID theft http://www.msnbc.com/news/758896.asp Watching Your Identity http://www.washingtonpost.com/wp-dyn/articles/A40713-2002Nov26.html - - - - - - - - RIAA punishing Navy cadets 'because it can' The RIAA may be "I demand the story be taken down immediately" - RIAA shocked (shocked!) by our satirical treatment of the US Navy Academy's confiscation of PCs containing MP3s, but Register readers are just as shocked that the RIAA has gone for a soft target. Many military staff past and present have written to us. The difference between the Navy academy and other colleges is clear: the academy is obliged to investigate and punish miscreants. http://www.theregister.co.uk/content/6/28293.html http://www.usatoday.com/tech/news/2002-11-25-academy-probe_x.htm http://www.cnn.com/2002/TECH/internet/11/25/music.navy.reut/index.html http://news.zdnet.co.uk/story/0,,t269-s2126527,00.html Naval Academy Eyes Computer Misuse Associated Press The Naval Academy has seized more than 90 computers in an investigation into whether midshipmen illegally downloaded music, movies and software from the Internet. Cmdr. Bill Spann, an academy spokesman, confirmed Monday that an investigation into what material is on the computers was under way. He would not give any other details. Punishment for illegally possessing copyrighted material ranges from restrictions such as loss of leave to expulsion from the academy, Spann said. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/4603710.htm File-swappers will win, says research http://www.vnunet.com/News/1137096 - - - - - - - - Anti-pirates hit Danish P2P users with huge bills The Danish Anti Pirat Gruppen (Anti Piracy Group) has issued invoices of up to $14,000 apiece to approximately 150 users of KaZaA and eDonkey for illegally downloading copyright material. APG monitored the file sharing networks for available files with Danish IP addresses - and went to court to get the users' personal details from their ISPs, armed with screen shots of, for example, the KaZaA window showing the files on the user's hard-drive. The courts obliged and ordered the ISPs to deliver the personal details of the incriminated users. Then the bills were in the post ... landing on the mats of the unfortunate downloaders over the last few days. http://www.theregister.co.uk/content/6/28286.html - - - - - - - - Digital copyright trial set to begin next week in San Jose A federal judge has ruled that the trial of a Russian software company will proceed as scheduled next week, if the defendant and the government's key witness are allowed to enter the country in time. U.S. District Judge Ronald M. Whyte was told during a pre-trial hearing Monday that the Immigration and Naturalization Service has approved special visas for Alex Katalov, the CEO of Elcomsoft Co. Ltd., a Moscow-based software company, and Dmitry Sklyarov, one of the company's programmers. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/4605011.htm http://www.usatoday.com/tech/news/2002-11-26-russian-trial_x.htm - - - - - - - - Court finds limits to California jurisdiction in cyberspace The California Supreme Court on Monday set some fresh legal boundaries in cyberspace, ruling that the vastness of the Internet doesn't give companies carte blanche to use the California courts as a forum to sue defendants in other states. In a closely watched case involving the DVD industry's efforts to prevent illegal copying, a divided state Supreme Court found that DVD makers cannot pursue claims against a Texas man because they have failed to establish any connection between his conduct and California. The justices determined that simply posting material on the Internet was not in itself enough to meet the law's basic demands for suing in California. http://www.siliconvalley.com/mld/siliconvalley/4608355.htm http://www.usatoday.com/tech/news/2002-11-26-dvd-encryption_x.htm - - - - - - - - Judge to decide if file-swapping copyright suit can proceed A federal judge considering an Internet copyright case said Monday he was inclined to allow U.S. record companies and movie studios to sue the Australia-based parent company of Kazaa, a popular online file-swapping service. U.S. District Court Judge Stephen Wilson heard arguments on whether Sharman Networks, which is headquartered in Australia and incorporated in the Pacific Island nation of Vanuatu, is subject to U.S. copyright laws. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/4605055.htm - - - - - - - - Online Predators: High Tech Detection One out of every five kids has been sexually solicited on the Internet, NEWS4 reports. A new computer game teaches them how to protect themselves. The game is called "Missing," and the idea is to solve the kidnapping of a 14-year old boy named Zack. By tracking down Zack, the kids are supposed to learn how to defend against sexual predators lurking online. A total of 60 sexual predators have been arrested in less than four years by a special task force in southern Colorado. They were caught by detectives posing as innocent kids online. http://news4colorado.com/topstories/local_story_326173311.html - - - - - - - - Disaster, terrorism in hub city could paralyze Internet, study says A terrorist attack or other disaster could disrupt the Internet like severe storms at airport hubs tie up air traffic, according to a study released Tuesday. The study by Ohio State University researchers showed that major cities that serve as Internet nodes would continue to have access in most scenarios, although it would probably be less functional. http://www.nandotimes.com/technology/story/646788p-4876777c.html http://news.bbc.co.uk/2/hi/technology/2514651.stm - - - - - - - - E-Commerce in the Shadow of the Hackers Because shopping, unlike e-mail, can easily take place offline, shoppers might be the last to return after an extended outage, especially since buying online means disclosing personal information. What if, one day, every person who tried to shop at Amazon.com eBay or any other online store were turned away by an attack on the Internet's core? http://www.ecommercetimes.com/perl/story/20087.html - - - - - - - - Voluntary guidelines drafted to limit Web tracking tool Internet users could have a better idea of how they are tracked online under a set of voluntary guidelines issued by an industry group Monday. The guidelines are the first to specifically address invisible tracking devices called "Web bugs" that can be used to monitor traffic on a Web site, collect names for "spamming" campaigns, or allow advertising agencies to build up a detailed profile of a computer user's habits. http://www.usatoday.com/tech/news/techpolicy/2002-11-25-web-bug_x.htm - - - - - - - - Wireless LAN vendors attack security issues When the Pentagonno small potential customer cracked down recently on the installation of wireless LANs, the industry sat up and took notice. Why? The inherent vulnerabilities of the technology. If you simply go to the nearest computer dealer and buy a $99 access point and plug it in, your wireless link will be insecure. http://www.gcn.com/vol1_no1/daily-updates/20572-1.html - - - - - - - - Firms to splash cash on IT security Analysts predict that identity management solutions are the next hot security technologies. Concerns over the security of their computer systems will force many companies to invest in identity management technologies, according to new research. Analyst firm IDC predicted on Tuesday that, despite the tech recession, the amount of money spent on IT security will grow over the coming years. http://news.zdnet.co.uk/story/0,,t269-s2126572,00.html - - - - - - - - AOL blocks Messenger spam Online service AOL has changed its network to block pop-up spam from reaching its customers, the company said on Monday. In a move quickly discovered by spammers, the AOL Time Warner subsidiary made a few technical changes last week to stop a relatively new type of annoying message that uses the Windows Messenger service to cause unsolicited marketing to appear on a person's screen. http://news.zdnet.co.uk/story/0,,t269-s2126516,00.html - - - - - - - - Public access to FTC hurt by spam lists When Josh Tinnin tried to send e-mail to the U.S. Federal Trade Commission this month, he received an unwelcome surprise: He couldn't. Tinnin's message to the FTC bounced back because the agency subscribes to a blacklisting service designed to limit the amount of spam making its way into the agency's in-boxes. SBC Pacific Bell, Tinnin's Internet service provider, appeared on the blacklist as a haven for senders of junk e-mail. "I didn't know that the government was using blacklists," said Tinnin, who lives in Fremont, Calif. "That was surprising." http://www.gcn.com/vol1_no1/daily-updates/20572-1.html - - - - - - - - Cyber-Rights Activists Log a Win A small group of Spanish cyberpunks may have saved their country's Internet cafes from being branded as gambling dens. The cyberpunks, who gather at the site Ciberpunk, organized protests after discovering that that Alberto Ruiz Gallardon, president of the Community of Madrid, had proposed a law that would classify Madrid's cybercafes as casinos. If the law had passed, minors would not have been allowed in cybercafes, from which roughly 20 percent of Spain's young Internet users connect to the Internet. http://www.wired.com/news/politics/0,1283,56577,00.html - - - - - - - - Amnesty demands China release dissidents accused of online subversion Warning of tightening government controls over the Internet, Amnesty International is demanding the release of 33 people imprisoned for online subversion and says such detainees are emerging as a new category of Chinese "prisoners of conscience." In a sweeping report released Wednesday, the London-based human rights group also said American companies are helping China monitor the Internet through sales of software and other equipment - boosting China's ability to muzzle discussion online. http://www.nandotimes.com/technology/story/646811p-4876883c.html - - - - - - - - AKO offers secure portal lessons In developing its own secure portal, the Air Force might be able to take some lessons learned from the Army Knowledge Online portal, which has more than 1 million accounts, including about 6,000 with SIPRNET access, said Robert Coxe, the Army's former chief technology officer who managed AKO. http://www.fcw.com/fcw/articles/2002/1125/web-ako-11-26-02.asp - - - - - - - - Experts warn of buffer overflow flaw in Solaris A vulnerability in Solaris puts systems running the Sun Microsystems Inc. operating system at risk of being taken over by an attacker, experts warned late Monday. A buffer overflow flaw lies in Sun's implementation of the X Windows Font Service (XFS), which serves font files to clients and runs by default on all versions of Solaris, according to advisories issued by Internet Security Systems Inc. (ISS) and the Computer Emergency Response Team/Coordination Center (CERT/CC). http://www.idg.net/ic_967019_5055_1-2793.html http://zdnet.com.com/2100-1104-975405.html - - - - - - - - 'Hacking Challenge' Winners Allege $43,000 Contest Rip-Off Eighteen months after Argus Systems challenged the hacker world to crack its PitBull security product in a much-ballyhooed global contest, the winners say they're still waiting for their prize money. It must have seemed a masterstroke of marketing genius at the time. A formerly-obscure security software company organizes a series of high-profile contests aimed at showing that even with a sizable cash prize dangling as a reward, the world's best hackers can't crack a Web server protected by the company's flagship product. http://online.securityfocus.com/news/1717 - - - - - - - - Intelligence experts pan call for domestic spying agency A new domestic spying agency would neither serve the interests of police or spying agencies nor ameliorate Americans' fears about enhanced electronic surveillance by the government, a panel of intelligence experts largely agreed, for different reasons, on Friday. The proposal, reportedly discussed in the White House, is one of the recommendations of the Gilmore Commission, an advisory panel on terrorism and weapons of mass destruction. http://www.govexec.com/dailyfed/1102/112602td1.htm - - - - - - - - U.S. to Release Documents to ACLU The government agreed to tell the American Civil Liberties Union by Jan. 15 which documents it would release about increased surveillance in the United States under a law passed in response to the terrorist attacks. In response to a suit brought by the ACLU and other groups, the Justice Department also said it would supply a list of documents that it would keep confidential, citing national security concerns. The ACLU could challenge the decision to withhold any documents. http://www.wired.com/news/business/0,1367,56601,00.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.