NewsBits for April 2, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Navy Pilot Sentenced for Soliciting Sex With Minor A decorated Navy commander and pilot who repeatedly used his computer at the Pentagon to solicit sex on the Internet from an undercover Maryland State Police detective posing as a 12-year-old girl was sentenced today to three years and one month in prison and fined $2,500. Wayne David Sharer, 43, of Alexandria admitted soliciting sex on the Internet and arranging to meet the purported 12-year-old at the Mall in Columbia, where he was arrested July 12. The officer referred the case to the FBI for prosecution. http://www.washingtonpost.com/wp-dyn/articles/A63439-2003Mar31.html - - - - - - - - - - Man sentenced in child pornography case A West Columbia man has been sentenced to more than two years in prison on federal child pornography charges, U.S. Attorney Strom Thurmond Jr. said Wednesday. Darren Todd McCutcheon, 22, ordered a videotape of 10- and-11-year-old boys and girls engaging in sex acts after responding to an Internet ad that was placed by an undercover police officer. McCutcheon will have two years of supervised release after his jail time. http://www.thestate.com/mld/thestate/news/local/5543671.htm - - - - - - - - - - Former OSU Extension Specialist Wanted On Porn Charges A former Oklahoma State University extension specialist is accused of downloading child pornography to an O-S-U computer. David Wayne Pace is charged is charged with possession of child pornography and using a university computer to download pornographic images of minors. Authorities say Pace has not been arrested. Officials say an O-S-U faculty member found obscene material stored in computer information used for animal science analysis. A computer specialist determined the images were stored there by Pace in May 2001. http://www.ktul.com/news/stories/0403/81373.html - - - - - - - - - - State lawmakers vote to repel pirates The California State Assembly passed a nonbinding resolution Tuesday condemning the Internet piracy of music, movies and software. The state legislature, which numbers technology and entertainment companies among its most well-heeled constituents, has increasingly been focusing on digital media issues in recent months, but has passed no enforceable legislation addressing piracy. http://zdnet.com.com/2110-1105-995020.html http://www.usatoday.com/tech/news/techpolicy/2003-04-02-calif-piracy_x.htm - - - - - - - - - - Bill aims at information privacy To stem the growing tide of identity theft and fraud, Sen. Dianne Feinstein (D-Calif.) introduced a bill March 31 that would establish a comprehensive national system for privacy protection. The Privacy Act of 2003, as S. 745 is called, would create a federal standard regulating the use of sensitive information such as financial and health data, driver's license records and Social Security numbers. It would supersede a "jumbled patchwork" of state privacy laws, she said in introducing the bill. http://www.fcw.com/fcw/articles/2003/0331/web-privacy-04-02-03.asp State bill would restrict display of autopsy photos online http://www.usatoday.com/tech/news/techpolicy/2003-04-02-autopsy-bill_x.htm - - - - - - - - - - DHS takes new tack on security The Homeland Security Department is starting a new effort to look at information security needs across business lines, said Steve Cooper, chief information officer at the department. The department already has two separate groups working on infrastructure security and applications security issues. But Cooper said officials are now forming task forces that stretch across each of the department's directorates Border and Transportation Security, Information Analysis and Infrastructure Protection, Emergency Preparedness and Response, Science and Technology, and Management. http://www.fcw.com/fcw/articles/2003/0331/web-cooper-04-02-03.asp - - - - - - - - - - Infrastructure guardian working on its own The Information Analysis and Infrastructure Protection Directorate is just getting started on its own information technology infrastructure. The directorate is the last of the five Homeland Security Department directorates to have an assistant secretary named, and it is only starting to develop a business process. But according to Keith Herrington, who is on detail as its acting chief information officer, that's "perfect timing" to develop the basic IT infrastructure. http://www.fcw.com/fcw/articles/2003/0331/web-iaip-04-02-03.asp - - - - - - - - - - NIST security division expands role The National Institute of Standards and Technology's (NIST) Computer Security Division will be playing a significant role in the Bush administration's cybersecurity strategy, according to Howard Schmidt, acting chairman of the President's Cybersecurity Board. The NIST division did not move to the new Information Analysis and Infrastructure Protection (IAIP) Directorate at the Homeland Security Department (DHS), as originally set out in the White House's plan. http://www.fcw.com/fcw/articles/2003/0331/web-schmidt-04-02-03.asp - - - - - - - - - - When to make the cybersecurity call Government and industry leaders are working on formal practices and guidelines for when the private sector should call the government to report a cybersecurity incident, said Howard Schmidt, acting chairman of the President's Cybersecurity Board. Despite advances in information sharing, many security incidents that should have prompted immediate notification such as the compromise of the Internet's root servers have not been reported simply because the private sector was not aware of exactly what the government wanted, Schmidt said. http://www.fcw.com/fcw/articles/2003/0331/web-cyber-04-02-03.asp President's cybersecurity chief defends agenda http://www.idg.net/ic_1275278_9720_1-5072.html - - - - - - - - - - Inquiry into cybercrime takes paedophilia focus The exponential growth rate of cybercrime has prompted a parliamentary inquiry into child pornography, fraud and national security threats associated with the internet. The parliamentary committee on the Australian Crime Commission today called for submissions into cybercrime with public hearings to be held later in the year. MPs will specifically focus on child pornography and associated paedophile activity; banking, including credit card fraud and money laundering; and threats to national critical infrastructure. http://www.smh.com.au/articles/2003/03/31/1048962691620.html - - - - - - - - - - Piracy falling, survey reports STUDY: NATIONS THAT POLICE COPYING SEE TECH GROWTH Software piracy rates have dropped in nearly every nation since 1996, and the countries doing the most to stamp out copied or unauthorized software are seeing economic rewards for their efforts, according to a study released today by the Business Software Alliance. From Egypt to Ireland to Colombia, the countries experiencing the best growth in technology spending -- sometimes far outstripping their neighbors are those where governments are better policing software piracy and corporations are cracking down on copying, the trade group says. http://www.siliconvalley.com/mld/siliconvalley/5540543.htm http://zdnet.com.com/2100-1105-995011.html http://news.zdnet.co.uk/story/0,,t269-s2132853,00.html - - - - - - - - - - New e-gov plan due this month The Bush administration soon will release its plans for implementing the E-Government Act of 2002, said Mark Forman, associate director of information technology and e-government at the Office of Management and Budget. The April 17 release will be the latest version of the E-Government Strategy, Forman said, noting that it will move beyond the 24 e-government initiatives to examine how e-government plans in the fiscal 2004 budget request will align with the act, signed in December 2002. http://www.fcw.com/fcw/articles/2003/0331/web-forman-04-02-03.asp - - - - - - - - - - WLANs Vulnerable to Abuse by Spammers In the honeypot test, the first unauthorised connection to the WLANs was made in just over two-and-a-half hours. Nearly three-quarters of malicious connections to wireless networks are used for sending spam, according to new research. Security consultant Z/Yen set up two wireless LANs (WLANs) on behalf of RSA Security in an attempt to monitor unauthorised connections -- a so- called "honeypot" trap. The survey found that almost a quarter of unauthorised connections to the WLANs were intentional, with 71 percent used to send emails. http://www.newsfactor.com/perl/story/21168.html - - - - - - - - - - RealPlayer and QuickTime flaws could let hackers in Two unrelated vulnerabilities have showed up in the popular digital media players, and experts are concerned about the potential for exploitation by hackers. Just as streaming video and audio is hitting the mainstream, researchers have sounded the alarm of serious security holes in two popular digital media players. http://news.zdnet.co.uk/story/0,,t269-s2132886,00.html http://news.com.com/2100-1025-995085.html http://www.msnbc.com/news/894398.asp http://www.internetnews.com/dev-news/article.php/2173361 - - - - - - - - - - Brocade adds SAN security Brocade has added a clutch of new firmware features to its Fibre Channel switches, including SAN security and scripting tools to automate repetitive tasks. Its director-class SilkWorm 12000 switch also gains high- availability features and FICON support for mainframe connectivity. The security features are built into a new release of the SilkWorm firmware but require a licence key to activate, said Jay Kidd, Brocade's product management veep. He added that it uses digital certificates, encryption and strong authentication to prevent unauthorised changes or access to the SAN fabric. http://www.theregister.co.uk/content/63/30057.html - - - - - - - - - - Wireless security: The case for VPNs If you talk with any one of the growing multitudes of people using Wi-Fi technology today, you'd think you were listening to an infomercial. The response and adoption has been that good. The technology is being liberally embraced everywhere from the traditional enterprise to universities, airports and malls. Despite the positive response, the Achilles' heel of the technology, either real or imagined, has always been the notion of security. http://www.computerworld.com/securitytopics/security/story/0,10801,79922,00.html - - - - - - - - - - Enlisting Employees For Enterprise Security IT managers know the biggest security threat comes from inside the corporate firewall: employees. What's the use of all that patching and perimeter protection when security-challenged staff mindlessly download infected programs, open virus-stuffed e-mail attachments, swap files with black hats, and choose easy-to-guess passwords? The problem boils down to this: Workers just don't have the basic knowledge they need. "Most individuals have not been properly trained on how to effectively identify and deal with Internet threats that pose significant risks to the enterprise," says Allan Carey, a security expert at Information Security Services. http://www.techweb.com/tech/security/20030402_security - - - - - - - - - - Homeland Security official defends student tracking system A top Homeland Department Security official on Wednesday defended the government's implementation of a system to track the whereabouts of foreign students studying at U.S colleges and universities. Despite glitches in the system, the Student and Exchange Visitor and Information System (SEVIS) is fully deployed and working well, Johnny Williams told the House Judiciary Immigration, Border Security and Claims Subcommittee. http://www.govexec.com/dailyfed/0403/040203td1.htm - - - - - - - - - - RAINS showcases secure info Officials from the Oregon Regional Alliance for Infrastructure and Network Security (RAINS) say the group is making big strides in its campaign to become a major player in the nation's homeland security agenda. Its secure communications initiative, called RAINS-NET, will be a central feature of the Defense Department's anti-terrorism Homeland Security Command and Control Advanced Concept Technology Demonstration scheduled for May. http://www.fcw.com/geb/articles/2003/0331/web-oregon-04-02-03.asp *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.