High Tech "NewsBits" for 12/02/02

December 2, 2002 Man caught in 'child sex sting' gets prison time A Shippensburg man caught last spring in an ongoing undercover Internet "child sex sting" has been sentenced to a two- to four-year sentence in state prison. Bradley Wolfe, 49, then will be on probation for five years, say state Attorney General Mike Fisher and Dauphin County District Attorney Edward Marsico Jr. in a press release. Wolfe was sentenced Monday by Dauphin County Judge Jeannine Turgeon. Wolfe was arrested March 7 at a hotel in Susquehanna Township on charges of criminal solicitation of rape, criminal solicitation of statutory sexual assault, criminal solicitation of involuntary deviant sexual intercourse, criminal solicitation of indecent assault, criminal solicitation of indecent exposure, criminal solicitation of corruption of minors and criminal use of a communication facility, Fisher says. http://www.cumberlink.com/articles/2002/12/01/shippensburg/news4.txt - - - - - - - - S Koreans launch cyber attack on US over schoolgirls' deaths South Korean activists have attacked the White House computer server with electronic mail bombs to protest the acquittal of two US soldiers accused of killing two schoolgirls in a road accident. Meanwhile, four people have been arrested breaking into a US army base and riot police have stopped 300 protesters from marching on the American embassy in Seoul. http://abc.net.au/news/newsitems/s738547.htm - - - - - - - - Fines for porn-surfing politicians Spanish MPs blasted for watching porn during parliamentary debate. Three Spanish MPs from the country's ruling Popular Party (PP) have been fined for watching porn on a government laptop during a parliamentary session. According to The Daily Telegraph the three were caught ogling the pictures during a debate on domestic violence in Madrid's regional parliament. http://www.vnunet.com/News/1137215 http://www.theregister.co.uk/content/6/28325.html - - - - - - - - Reseller piracy case thrown out Microsoft repeats call for resellers to buy from authorised distributors. Charges against directors of a former Microsoft reseller for selling counterfeit software have been thrown out of court by a judge. Hampshire-based reseller Protocol Solutions, which went into receivership in February 2001, supplied bespoke software based on Microsoft Office 97 to the Special Branch and other constabularies between June and December 1999. http://www.vnunet.com/News/1137239 - - - - - - - - Sklyarov gets US visa -DMCA trial to kick off The first criminal prosecution under the controversial Digital Millennium Copyright Act is to begin in San Jose next week after a visa was finally granted to Russian programmer Dmitry Sklyarov and Alex Katalov, the chief executive of his former employers ElcomSoft. US District Judge Ronald M. Whyte was informed during a pre-trial hearing on Monday that the Immigration and Naturalisation Service had granted special visas for that pair, clearing the way for the commencement of the keenly awaited trial, according to newswire reports. http://www.theregister.co.uk/content/6/28352.html http://www.siliconvalley.com/mld/siliconvalley/4631332.htm http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2002/12/02/BU206051.DTL http://www.theregister.co.uk/content/6/28352.html - - - - - - - - Argentina cracks down on CD pirates Argentina has cracked down on the nation's boot-leggers and pirates, making numerous arrests over the last several days and netting some 300,000 unauthorized CDs and the equipment used to illegally duplicate copyright-protected material, Argentina's DyN News Agency reported Thursday. According to authorities, the crackdown took the form of 23 separate sting operations in greater Buenos Aires, yielding a veritable cornucopia of bootlegged music, movies and computer software, as well as computers to facilitate the black market operation. http://www.nandotimes.com/technology/story/650479p-4897107c.html - - - - - - - - Islamic group urges followers to conduct electronic war on Jewish Websites The militant Islamic group Hamas is urging followers to conduct a three-day "electronic Jihad" on Jewish Websites, according to the Simon Wiesenthal Centre. Rabbi Abraham Cooper, an associate dean at the Los Angeles-based Jewish organisation, said that one of the centre's researchers had come across two Websites in Arabic referring to a campaign of hacking into Jewish sites starting on 29 November. The Simon Wiesenthal Centre monitors extremist anti-Semitic publications and Websites on a regular basis, but Cooper said the latest find this week was particularly alarming because one of the Websites gave "how to" tips to would-be hackers. http://news.zdnet.co.uk/story/0,,t269-s2126684,00.html http://www.vnunet.com/News/1137230 - - - - - - - - Militants warned of Kenya attack on Internet Islamic militant groups used Internet chatrooms and email to warn of a terrorist attack which took place in Kenya. A Muslim cleric who supports Osama bin Laden says that Islamic militant groups sympathetic to al Qaeda warned of an attack on Kenya one week ago on Internet chat rooms and in emails. "Militant groups who sympathise with al Qaeda warned one week ago that there would be an attack on Kenya and they mentioned Israelis," said Sheikh Omar Bakri Muhammad, leader of the radical London-based al Muhajiroun group. http://news.zdnet.co.uk/story/0,,t269-s2126712,00.html - - - - - - - - Anti-virus companies attack 'Friendly Greeting' The 'Friendly Greeting' e-card application may have asked users' permission to install, but it is still a worm, say security companies. The "Friend Greeting Application", which made headlines earlier this month by being the first Internet worm that actually asked the users of targeted systems for permission to install itself and propagate, has been officially reclassified by anti-virus companies as a worm. http://news.zdnet.co.uk/story/0,,t269-s2126754,00.html - - - - - - - - Bugbear remains top virus threat Bugbear has claimed a second month at the top of the virus charts. Bugbear accounted for almost 30 percent of all reports of viruses to antivirus Sophos in the last month--well ahead of former top spot incumbent Klez which now only accounts for around eight per cent of all reports in third place. Also making headlines, straight in at number two, is the Braid worm with 8.5 per cent of all reports. http://zdnet.com.com/2100-1105-975673.html http://news.zdnet.co.uk/story/0,,t269-s2126837,00.html - - - - - - - - Security firm warns of Chernobyl resurrection A new strain of the devastating Chernobyl virus has been detected, although it has not been seen 'in the wild' yet Panda Software, a European antivirus company, has detected a new strain of the devastating W95/CIH10XX virus -- commonly known as the Chernobyl virus -- which can be so damaging to some computers that it will render some BIOS chips and even entire motherboards, unusable. http://news.zdnet.co.uk/story/0,,t269-s2126870,00.html http://news.com.com/2100-1001-975695.html - - - - - - - - Marooned! Software pirates run aground in California. Swat teams rarely visit the McMansion-covered hills above Niles Canyon in Fremont, California. So locals were amazed in April to see a dozen unmarked cars careen into the neighborhood and unleash a posse of heavily armed federal agents encased in bulletproof vests to arrest Mirza and Sameena Ali. They had allegedly pirated more than $100 million in software as the core of what Microsoft is calling "the largest criminal conspiracy in the history of the software industry." The Alis are the key figures in a group of 27 people arrested as part of Operation Cyberstorm, a massive investigation involving half a dozen government agencies. http://www.redherring.com/insider/2002/12/marooned120202.html - - - - - - - - E-Terrorism: An online war? Few if any Internet-based attacks fall into the realms of terrorism according to leading security experts in Australia, however there are those who believe the threat of e-terrorism is real. How serious is the danger of Internet-based terrorism? How do we mitigate the risks involved, and how is the Internet contributing to a propaganda war on all sides of the debate? http://news.zdnet.co.uk/story/0,,t269-s2126759,00.html - - - - - - - - E-government bill wins praise from tech officials Privacy advocates and technology industry groups are hailing the passage of legislation aimed at boosting online government services. They see the measure, which President Bush is expected to sign before year's end, as a way to cement the government's commitment to modernization and as a boon to consumer privacy. http://www.govexec.com/dailyfed/1202/120202td2.htm E-gov agenda takes shape E-Government Act promotes Web standards, procurement reform, security policies. In one of the most dramatic changes in information technology policy since the passage of the Clinger-Cohen Act of 1996, President Bush is expected to sign into law this week the E-Government Act of 2002, which lays out the rules of engagement for agencies providing information and services online. http://www.fcw.com/fcw/articles/2002/1202/news-egov-12-02-02.asp New opportunities for NIST http://www.fcw.com/fcw/articles/2002/1202/news-home1-12-02-02.asp Total Info System Totally Touchy http://www.wired.com/news/politics/0,1283,56620,00.html Taking Liberties With Our Freedom http://www.wired.com/news/politics/0,1283,56600,00.html - - - - - - - - Black Market for Software Is Sidestepping Export Controls Digital piracy, often thought of as the illicit trade in music, office software and games, has moved into more dangerous territory. A black market has emerged for scientific and engineering software powerful enough to fall under United States export restrictions. Such software can be used in a wide range of tasks like designing rockets or nuclear reactors or predicting the path of a cloud of anthrax spores. Intellectual property "isn't just Napster," and it "isn't just copying Madonna's songs," one Justice Department official said, adding, "It's the software that allows you to model the fuel flow in a fighter jet." (NY Times article, free registration required) http://www.nytimes.com/2002/12/02/technology/02PIRA.html http://www.vnunet.com/News/1137256 - - - - - - - - Copyright cartel still winning most of the time As the war over ``intellectual property'' spreads to new legal fronts, the copyright cartel and its allies are winning most of the battles. Here and there, however, we can find glimmers of hope. The courts have not been supplying much help so far. Judges mostly continue to ignore free speech and customers' rights as they uphold laws giving copyright holders -- especially the entertainment industry -- absolute control over digital information and the devices that can display or copy it. http://www.siliconvalley.com/mld/siliconvalley/4641661.htm Hollywood tastes new copyright victory http://zdnet.com.com/2100-1107-975683.html File swappers take their last stand? http://zdnet.com.com/2100-1106-975618.html - - - - - - - - Anti-spam filters kill legitimate emails Heavy-handed anti-spam filtering can frequently lead to the loss of legitimate emails. That's the warning from email appliance vendor, Mirapoint, which has integrated improved anti-spam technology in its Message Server and Message Director products. Most anti-spam products available today employ brute-force comparison techniques or narrowly-focused filters which are easily out-manoeuvred by spammers. These products have a high risk of false positives, lost emails and compromised privacy, the company argues. http://www.theregister.co.uk/content/6/28359.html New strategies aimed at blocking spam e-mail http://www.nandotimes.com/technology/story/655215p-4921708c.html - - - - - - - - Throttled at birth A new way of thwarting viral epidemics on computers. EARLY in the morning of July 19th 2001, a variant of a computer virus known as Code Red started spreading across the Internet. Within 14 hours, some 350,000 machines were infected. Like most modern virus outbreaks, it happened too quickly for people to intervene. In the time that it takes a technician to swig a mouthful of cold coffee and clear the boxes of congealed pizza from his desk, 30 new machines around the world can be infected. http://www.economist.com/displayStory.cfm?Story_ID=1454331 - - - - - - - - 'Critical' MS server flaw may affect few sites A new flaw in IIS is unlikely to have a widespread impact, according to Internet survey firm Netcraft. The firm also found evidence that Web sites are fleeing the US. A recently-revealed security flaw in Microsoft's Internet Information Server may have been over-hyped, according to testing figures from a UK-based Internet research firm. Netcraft's figures also showed that the large Web-hosting businesses that gained prominence in the 1990s are continuing to lose out to smaller, customer-supported firms. http://news.zdnet.co.uk/story/0,,t269-s2126786,00.html Security firm: MS flaw over-hyped http://zdnet.com.com/2100-1105-975688.html http://news.com.com/2100-1001-975630.html - - - - - - - - BIND flaws not fixed after five years The most recent vulnerabilities identified in BIND and several other Domain Name Server implementations, including Microsoft and Apple variants, may not be fixable, and were identified in security vulnerabilities as long ago as 1997. Some security consultants are now saying that these DNS vulnerabilities represent a flaw in the DNS protocol itself, and cannot be eliminated entirely. http://www.zdnet.com.au/newstech/security/story/0,2000024985,20270349,00.htm - - - - - - - - Cisco backtracks on security functionality Having previously said that it had added firewall and intrusion-detection features to its IOS security software, Cisco Systems Inc has now clarified its position and said that those features will not actually be integrated into the product until the first quarter of 2003. Earlier this month, San Jose, California-based Cisco said that it had added the functionality to IOS as part of 12 platform and services enhancements that reinforced its leadership in the security market. http://www.theregister.co.uk/content/5/28377.html - - - - - - - - Software license protects privacy rights Move over, free software. Step aside, today's open-source licenses. Software distributed under an "enhanced source" license released this week will be legally prohibited from censoring or spying on users. Crafted by Hacktivismo, a hacking group organized by the Cult of the Dead Cow, the Hacktivismo enhanced-source software license agreement says that anyone using code released under it must respect privacy, free expression, due process and other human rights. http://zdnet.com.com/2100-1104-975638.html Software licence tied to human rights A new licence agreement says that anyone using code released under it must respect privacy, free expression, due process and other human rights. Move over, free software. Step aside, today's open-source licences. Software distributed under an "enhanced source" licence released this week will be legally prohibited from censoring or spying on users. http://news.zdnet.co.uk/story/0,,t269-s2126671,00.html - - - - - - - - Corporations eye up security threats Symantec has warned that companies need to keep up spending in order to stay secure, despite tough economic times. Cutting costs by freezing or reducing IT security budgets is a risky approach, even in tight economic times, warns a leading security expert. http://news.zdnet.co.uk/story/0,,t269-s2126751,00.html - - - - - - - - Firms team to win Homeland Security bid Two firms have joined hands to create systems for patching security flaws in software used by the US government. In a deal involving the new Department of Homeland Security, two companies teamed up to win a multimillion-dollar contract to create a system for patching security flaws in software used by US government agencies. http://news.zdnet.co.uk/story/0,,t269-s2126697,00.html http://news.com.com/2100-1001-975523.html - - - - - - - - Forging Terror How rapid advances in scanning, printing, and other technologies have made counterfeiting a potent new weapon of holy war. There wasn't much about Mark Madrane that would have tipped anyone off to what he was really up to. He was a devout Muslim but almost never talked about his religion, acquaintances say. He worked the lunch and dinner shift at Jameson's Charhouse, a steak joint in suburban Chicago, where "he pretty much kept to himself," says a former co-worker. He was from Morocco, and said he was a night-school engineering student trying to earn an honest living to support his American wife and keep up with the rent at their drab apartment near O'Hare Airport. http://www.business2.com/articles/mag/0,1640,45486,FF.html - - - - - - - - Lax Security: ID Theft Made Easy The people charged last week with stealing the identities of at least 30,000 Americans weren't criminal masterminds. They simply took advantage of sloppy security practices that allowed them easy and unrestricted access to sensitive data. Security experts worry that the slipshod safety measures haven't been corrected, and warn that unless companies get serious about security, identity thefts will continue to rise. Investigators in Manhattan said they have identified about 12,000 additional people whose credit reports may have fallen into criminal hands during the almost three years that the New York- based identity fraud ring was active. The scam was first detected eight months ago. http://www.wired.com/news/privacy/0,1848,56623,00.html - - - - - - - - Nation's infrastructure far from secure Ken Watson, who once piloted jets off aircraft carriers, now finds himself on the front lines again--this time helping to marshal the battle to secure the United States against future cyberattacks. The 23-year Marine veteran--and current Cisco Systems executive --is president and chairman of the Partnership for Critical Infrastructure Security, an 80-company organization that identifies vulnerabilities in the private sector's cyberinfrastructure. His conclusion so far: In this escalating arms race, the nation's critical services are far from secure. http://zdnet.com.com/2100-1105-975677.html Schneier: No "magic security dust" http://zdnet.com.com/2100-1105-975690.html - - - - - - - - Ready for smart-card IDs? Howard Schmidt faces one of the most daunting challenges in the United States: How do you protect the technology systems that support the country's critical infrastructure? Appointed one year ago by President George W. Bush to lead the President's Critical Infrastructure Protection Board, the former chief security officer at Microsoft is a recognized pioneer in the field of computer forensics and computer evidence collection. As coordinator of all federal activities related to the protection of the information systems and networks that underpin the nation's critical infrastructure, Schmidt is convinced that post- Sept. 11, cybersecurity will transform the information technology world--for better or for worse. http://zdnet.com.com/2100-1106-975719.html - - - - - - - - Net security: Steady as she goes Dorothy Denning has never been shy of sounding off about society's use of technology. This widely quoted Georgetown University professor of computer science was once dubbed the "Clipper Chick" because of her vocal support of the controversial Clipper encryption proposal. That policy measure, which was ultimately scuttled, would have allowed the U.S. government access to keys that could decipher any message encoded by the system. http://zdnet.com.com/2100-1105-975720.html - - - - - - - - SQL Injection and Oracle, Part Two This is the second part of a two-part article that will examine SQL injection attacks against Oracle databases. The first installment offered an overview of SQL injection and looked at how Oracle database applications are vulnerable to this attack, and looked at some examples. This segment will look at enumerating the privileges, detecting SQL injection attacks, and protecting against SQL injection. http://online.securityfocus.com/infocus/1646 - - - - - - - - What Would Dewey Do? Libraries Grapple With Internet In its six years of service, the central Phoenix library has become a favorite destination for thousands of residents who have no other access to computers and the Internet. On any given day, separate areas for children, teenagers and adults with 65 computers in all swarm with users, clicking away at research, games, music, e-mail messages and chat rooms. (NY Times article, free registration required) http://www.nytimes.com/2002/12/02/national/02LIBR.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.