January 13, 2003 PS6m in PC chips stolen at Heathrow Two thieves are believed to have stolen a van containing a consignment of Pentium III chips from a commercial area near the London airport. British police on Sunday investigated the theft of computer chips worth an estimated $10m, or about PS6.5m, from a van near London's Heathrow airport. The thieves struck on Sunday morning when the van was left briefly unattended in a commercial area close to the airport, police said. Police stressed that there were no signs that the theft had security implications for Heathrow, the world's busiest international hub. http://news.zdnet.co.uk/story/0,,t269-s2128550,00.html http://www.theregister.co.uk/content/3/28825.html http://www.vnunet.com/News/1137973 - - - - - - - - 'UK rock star' in child porn probe A British rock star is at the centre of a police investigation into allegations that he downloaded child pornography from the Internet, it has been reported. Details of the internationally-famous musician, whose name has not been disclosed, are said to have been passed to detectives dealing with a US pay-per-view porn ring. The star is said to be married with children and lives in Britain. Scotland Yard officers are now investigating the case and deciding whether to make an arrest, according to newspaper reports. If he is taken in for questioning he will become the highest-profile person to be held under Operation Ore, the largest-ever investigation into online paedophilia in the UK, reports have said. http://www.itv.com/news/Britain2105431.html The Who's Townshend Says 'I'm Not a Pedophile' http://reuters.com/newsArticle.jhtml?type=internetNews&storyID=2028595 - - - - - - - - Lansing man charged in child porn case Prosecutor says 9-year-old boy was abused, videotaped. A former Sexton High School football announcer was charged with sexually abusing a 9-year-old boy and videotaping it, Ingham County Prosecutor Stuart Dunnings III said Friday. John Edward Bean is expected to be arraigned on the new charges next week. He will be sentenced on unrelated felony child pornography charges on Feb. 6 in Barry County. http://www.lsj.com/news/local/p_030111_childporn_1a-4a.html - - - - - - - - Carson man arrested on suspicion of child porn A 39-year-old Carson City man was arrested Thursday on suspicion of possessing child pornography, after he allowed deputies to confiscate a computer disk during a traffic stop five days earlier, authorities said. Timothy Zutter initially was stopped after deputies noticed he was driving erratically, authorities said. It was determined he was not under the influence of alcohol or a controlled substance but was taking anti- psychotic prescription drugs, according to the arrest report. http://www.rgj.com/news/printstory.php?id=31784 - - - - - - - - Teacher pleads guilty to having child porn A Kingston High School music teacher suspended since May 2001 faces up to six months in jail and 10 years probation after admitting to possessing child pornography. Todd O'Brien, 25, of 115 Arnold Drive, town of Ulster, entered the guilty plea in Ulster County Court Friday in a deal with prosecutors to avoid a trial. He could have faced seven years in state prison on the most serious charges, three felony counts of promoting an obscene sexual performance by a child. http://www.dailyfreeman.com/site/news.cfm?newsid=6667608&BRD=1769&PAG=461&dept_id=74969&rfi=8 - - - - - - - - Boasting drug dealer united with law Three-year jail sentence following Friends Reunited 'confession'. A drug dealer who bragged to former schoolmates on Friends Reunited about how much money he was making selling cocaine has been jailed after police saw his online boasting. Raymond Casling, 24, who had attended Rye Hills School in Redcar, Teesside said on the website: "I'm doing very well. I'm selling a lot of charlie in Redcar and I've got three sports cars." http://www.vnunet.com/News/1137970 - - - - - - - - Conspiracy charges dropped against Internet A judge has dismissed conspiracy charges against two owners of an Internet escort service and racketeering charges against four women linked to the site because they were denied their right to a speedy trial. Felony defendants have a right to trial within 175 days of arrest, and the charges thrown out Friday involved defendants arrested in June. Prosecutors said they would appeal. (NandoTimes article, free registration required) http://www.nandotimes.com/technology/story/714553p-5249878c.html - - - - - - - - Man blocked from selling family on eBay Writer Steve Young may be able to peddle his prose, but when it came to selling his family, the father of two couldn't cash in on the $5 million offer. After reading about the online sale of a struggling town in Humboldt County, Young decided to put his wife and kids on the auction block. "If a town could be sold online, then how much could you get for a family?" Young said. After consulting with wife Diana, and their two children, Kelly, 9, and Casey, 8, Young said he posted the ad Thursday on eBay and received more than 10,000 hits within minutes. http://www.nandotimes.com/technology/story/715592p-5256515c.html - - - - - - - - RIAA defaced -again! Reader reports are flooding in that the RIAA.org has been defaced - again. At time of writing, the site appears to be down, And several readers have been kind enough to include screen grabs, showing that the front page today carried the following message. RIAA - 0wn3d by.... ;poooh riaa want's to hack Filesharing Users / Servers ? - better lern to secure your own server...Sorry Admin - had to deactivate ur accounts - they'll be reactivated after 2 hours greetz : Rage_X, BRAiNBUG, SyzL0rd, BSJ, PsychoD + all the others who want to stay anonymous :] wanna contact ? mailto:h4x0r0815@mail.ru http://www.theregister.co.uk/content/55/28817.html - - - - - - - - Sobig worm stomps on PCs Antivirus experts are warning of a new virus, code-named W32/Sobig.A, which was discovered late last week and spread rapidly over the weekend. By Monday morning, Sobig was the second most prevalent virus on the Internet, according to e-mail security firm MessageLabs. Sobig is a mass-mailing worm incorporating its own SMTP engine, according to antivirus companies. It arrives from the e-mail address "big@boss.com" and bears a subject line such as "Re: here is that sample", "Re: Movies", "Re: Document" or "Re: Sample". The e-mail contains an attachment called "Document003.pif", "Sample.pif", "Untitled1.pif" or "Movie_0074.pif". http://zdnet.com.com/2100-1105-980338.html http://news.zdnet.co.uk/story/0,,t269-s2128567,00.html http://news.com.com/2100-1001-980415.html http://www.theregister.co.uk/content/56/28832.html - - - - - - - - Open-source group names 10 scariest Web vulnerabilities The Open Web Application Security Project today released a list of the top 10 vulnerabilities in Web applications and services. The group said it wants to focus government and private- sector attention on common weaknesses that require immediate remediation. Also, in the longer term, this list is intended to be used by development teams and their managers during project planning, the report noted. Ultimately, Web application developers must achieve a culture shift that integrates security into every aspect of their projects. http://www.gcn.com/vol1_no1/daily-updates/20862-1.html - - - - - - - - U.S. launches spam against Iraq The U.S. military has begun an e-mail campaign urging military and civilian leaders in Iraq to turn away from President Saddam Hussein as the Pentagon builds forces for a possible invasion of the country, defense officials said on Saturday. Visitors to the Iraqi capital, Baghdad, confirmed the electronic mail campaign, part of a psychological war mounted by elite U.S. Special Operations who also have been broadcasting messages from planes over the past month. http://zdnet.com.com/2110-1105-980316.html http://www.theregister.co.uk/content/6/28839.html - - - - - - - - Feds seek public input on hacker sentencing Sick and tired of a revolving door justice system that lets hackers skate with just a few measly years in prison? Or do you think that the courts are already too hard on online miscreants who sometimes go up the creek for longer than many killers? Either way, the U.S. government wants to hear from you. Last week the presidential- appointed commission responsible for setting federal sentencing rules formally asked the public's advice on the formula used to sentence hackers and virus writers to prison or probation, as part of a review ordered by lawmakers increasingly concerned that computer criminals are getting off easy. http://online.securityfocus.com/news/2028 - - - - - - - - Kazaa file-swapping lawsuit gets OK A federal judge has given record companies and movie studios the go-ahead to sue the parent company of Kazaa, a popular online file-swapping service. U.S. District Judge Stephen V. Wilson refused to dismiss a copyright infringement lawsuit against Sharman Networks Ltd., which had argued that it could not be sued in the United States because it is based in Australia and incorporated in the South Pacific nation of Vanuatu. http://www.cnn.com/2003/TECH/internet/01/13/music.trial.ap/index.html - - - - - - - - Head of anti-terrorism panel wary of data mining The Pentagon's proposed Total Information Awareness (TIA) project must be watched "very closely" to ensure that Americans' civil liberties do not fall victim to massive data-mining tools that could be used to identify the electronic transactions of potential terrorists, the chairman of a high-profile anti-terrorism commission said Monday. http://www.govexec.com/dailyfed/0103/011303td1.htm http://www.washingtonpost.com/wp-dyn/articles/A51844-2003Jan13.html - - - - - - - - Music, tech groups reach compromise on copyright protection The music and technology industries, which have battled over consumers downloading music on the Internet, have negotiated a compromise to protect copyrighted works such as movies and songs without new government requirements, people familiar with the plan said Monday. (NandoTimes article, free registration required) http://www.nandotimes.com/technology/story/716609p-5261452c.html http://www.washingtonpost.com/wp-dyn/articles/A51958-2003Jan13.html Studio copyright battles worthy of Hollywood script http://news.com.com/2009-1023-979754.html Digital Rights Reach Beyond Tech http://www.wired.com/news/digiwood/0,1412,57169,00.html - - - - - - - - Cartel's copyright control loosening For several days last week, the cavernous convention halls here became battlefields in the copyright wars. On balance, the entertainment cartel didn't seem to be doing very well. http://www.siliconvalley.com/mld/siliconvalley/4929834.htm Studio copyright battles worthy of Hollywood script http://news.com.com/2009-1023-979754.html - - - - - - - - AOL lifts Demon spam ban AOL lifted a block on email from ISP Demon this afternoon, after a sudden surge of spam messages provoked AOL into rejecting all email from Demon users last Friday. In a notice to its users on Friday, Demon admitted that its users were unable to send email to a "small number of other ISPs" because of measures introduced after spammers used open mail relays within its network to send bulk email. No-one for Demon was available for comment this afternoon, so we not sure which ISPs other than AOL were involved. http://www.theregister.co.uk/content/6/28840.html - - - - - - - - NMCI contractor gets help for data-sharing push The lead vendor on the $8.82 billion Navy-Marine Corps Intranet program has tapped Convera to provide search and retrieval functions to roughly 411,000 NMCI users. To bolster NMCIs enterprisewide data sharing, EDS chose Converas RetrievalWare. The application will let users categorize and search across petabytes of data, EDS officials said. The initial order to the Vienna, Va., company is worth $450,000. The Navy will begin using the software in the next few months, according to a Convera statement. http://www.gcn.com/vol1_no1/daily-updates/20860-1.html - - - - - - - - Is the RIAA "hacking you back"? The RIAA is preparing to infect MP3 files in order to audit and eventually disable file swapping, according to a startling claim by hacker group Gobbles. In a posting to the Bugtraq mailing list, Gobbles himself claims to have offered his code to the RIAA, creating a monitoring "hydra". "Several months ago, GOBBLES Security was recruited by the RIAA to invent, create, and finally deploy the future of antipiracy tools. We focused on creating virii/worm hybrids to infect and spread over p2p nets," writes Gobbles. http://www.theregister.co.uk/content/6/28842.html - - - - - - - - The Internet risk continues to rise. Or does it? Internet Security Systems, "a world leader in software and services that protect critical information assets from an ever-changing spectrum of threats and misuse", has released its Internet Risk Impact Summary report (IRIS - nice sounding acronym, that) for the fourth quarter and year-end of 2002. The company says: "As we study the threat spectrum and monitor attack activity on a global basis from day-to- day and year-to-year, we can determine that the Internet risk for 2003 will continue to rise." Surprised? I wasn't. http://www.smh.com.au/articles/2003/01/10/1041990090814.html - - - - - - - - The Enterprise Authentication Game Yankee Group analyst Eric Ogren estimated that the majority of large enterprises now use a token-password combination, representing a quantum leap forward for network security. The biggest vulnerability in most enterprise networks is the authentication system -- especially if it relies solely on passwords. Protecting a computer network using employee- created passwords is like protecting a jewelry store on a busy street with one small lock -- and hiding the key underneath the doormat. http://www.newsfactor.com/perl/story/20444.html - - - - - - - - Security spending, mobile data services key Aust growth areas Spending on security and the number of high-speed mobile data services are two areas Australians can expect to see steep growth in in 2003, according to tech research company International Data Corporation (IDC) According to the analyst company, the "settling" experienced in the past few years has resulted in a growth cycle that is shallower but more prolonged, with the relatively strong Australian economy providing opportunities for suppliers, enterprises and consumers to take advantage of technology. http://www.zdnet.com.au/newstech/enterprise/story/0,2000025001,20271199,00.htm - - - - - - - - Instant Insecurity: Security Issues of Instant Messaging Instant messaging is an increasingly popular method for communicating over the Internet. Instant messaging (IM) is a real-time supplement to and, in some regards, a replacement for e-mailing. Unlike e-mail, instant messaging allows users to see whether a chosen friend or co-worker is connected to the Internet. Typically, the instant messaging service will alert a user if somebody on the user's list of correspondents is on-line. Instant messaging also differs from e-mail in that messages are exchanged directly almost instantly, allowing for a two-way communication in real-time. http://online.securityfocus.com/infocus/1657 - - - - - - - - Are spy chips set to go commercial? Could we be constantly tracked through our clothes, shoes or even our cash in the future? I'm not talking about having a microchip surgically implanted beneath your skin, which is what Applied Digital Systems of Palm Beach, Fla., would like to do. Nor am I talking about John Poindexter's creepy Total Information Awareness spy-veillance system, which I wrote about last week. Instead, in the future, we could be tracked because we'll be wearing, eating and carrying objects that are carefully designed to do so. http://zdnet.com.com/2100-1107-980345.html - - - - - - - - Strikeback, Part Deux Why I should have the right to kill a malicious process on your machine. A lot has happened since my Right to Defend column last July, and the subsequent presentation I made at the Blackhat Security Briefings in Las Vegas. The idea has withstood a lot of criticism. To refresh, I believe you should have the right to neutralize a worm process running on someone else's infected system, if it's relentlessly attacking your network. http://online.securityfocus.com/columnists/134 - - - - - - - - Pornography: Hot and Bothered Free porn might mean more profits for pornographers They dont get a lot of sympathy, but pornographers are ripped off, too, when Internet users swap pirated files. Every day millions of photos and video clips are stolen off for-pay porn sites and traded through Napster successors. Yet as music-business officials sing dirges about lost profits, pornographers see an opportunity. http://www.msnbc.com/news/857720.asp - - - - - - - - City trials 'Minority Report' surveillance tech A US holiday resort is testing out face recognition software to find missing people and those wanted by the police - but some fear that its use could spread, raising questions about civil liberties. Police in the popular US resort city Virginia Beach recently began operating video surveillance cameras with controversial face-recognition technology that critics say brings the United States one step closer to becoming a society where "Big Brother is watching you." http://news.zdnet.co.uk/story/0,,t269-s2128564,00.html - - - - - - - - System detects gunshot details Synchros Technologies Inc./On Alert LP has constructed the On Alert Gunshot Detection System (GDS). The system can detect exact details of gunshots, including the type of gun used, the number of shots and the precise location from which they were fired. http://www.fcw.com/geb/articles/2003/0113/web-gun-01-13-03.asp - - - - - - - - Public overwhelmingly supports ID cards, claims UK.gov The British public is voting enthusiastically for ID cards, claims Home Office minister and long-standing Blair bagman Lord Falconer. Or at least, the "around 1,500 people and organisations [who] have sent in their comments" to the current consultation exercise have split two to one in favour, while "450 volunteers" who're apparently being experimented on are even more pro. http://www.theregister.co.uk/content/55/28833.html - - - - - - - - Wanted: What's His Name Again? Wanted by the FBI for questioning: Adil Pervez. Or is it Adel Pervaiz? Adil Pervaz, maybe? As it turns out, Adil Pervez wasn't wanted after all. On Jan. 7, the FBI called off a manhunt for Pervez and four other Middle Eastern men. But the fact that alternative name spellings for the five suspects were posted online immediately after the alert points to an increasing need for understanding complexities of foreign names. "This is something we have to deal with on a daily basis," says Justin Lindsey, the FBI's chief technology officer. "Names will be entered one way or another depending on the ports they enter, for example. It's very complex." http://www.wired.com/news/conflict/0,2100,57167,00.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.