High Tech "NewsBits" for 06/03/04

NewsBits for June 3, 2004 ************************************************************ Girl: Satomi was `nasty' to me An 11-year-old girl held in Tuesday's gruesome slaying of a classmate told police it was in revenge for ``nasty'' messages posted in an Internet chat room by the girl she once considered a good friend. The girl gave police a blood-curdling account of how she spent several days plotting the death of Satomi Mitarai, 12. ``She says she was sick of (Satomi) writing nasty things on the Internet,'' said the head of the child consultation office in Sasebo who met with the girl. http://www.asahi.com/english/nation/TKY200406040142.html - - - - - - - - - - Former producer sentenced to 15 years for child porn A former Christian radio producer who pleaded guilty in February to child pornography charges must serve 15 years in prison. Kerry Dwayne Stevens received the sentence yesterday in federal court. U-S District Judge Glen Davidson sentenced the 47-year-old Tupelo man on two counts of producing child pornography. Stevens is a former children's show producer for American Family Radio. He admitted photographing the genitalia of his daughter and one of her friends while they slept. Stevens was arrested in August after two men renting his home found computer discs with the photographs of the girls in the house. http://www.wmcstations.com/Global/story.asp?S=1914918 - - - - - - - - - - Baltimore Sex Sentence An Aberdeen man will serve two years in prison for child pornography. A US District Court judge handed down the sentence Thursday. Forty-three-year-old William Dale Piper pleaded guilty to charges of transporting and shipping child pornography in interstate and foreign commerce. According to court documents, an F-B-I special agent in New York downloaded several images from Piper on an American Online chat room. http://wjz.com/localstories/local_story_155181950.html - - - - - - - - - - Scottish police question dozens over child porn Scottish police say they are questioning dozens of suspects over Internet child pornography after raids across Scotland triggered by a tip-off from U.S. authorities. The Scottish Drug Enforcement Agency was also involved in the sweep. "After information was passed on from the United States ...Scottish police launched coordinated raids," a spokesman for the Association of Chief Police Officers in Scotland said on Thursday. More than 1,300 Britons have been convicted in a wider British crackdown against child pornography since 2002, dubbed "Operation Ore" and based partly on information from U.S. authorities. http://www.reuters.co.uk/newsPackageArticle.jhtml?type=topNews&storyID=522988SSion;=news - - - - - - - - - - Grove Computer Porn Two computers used by city employees are seized after allegations that one was used to access child pornography. According to Grove Oklahoma Police Chief Mark Wall, the computers were sent last week to the Oklahoma Bureau of Investigation. The computers were used in the Emergency Management Services Department and Grove Civic Center. One of the computers was allegdly used to view child pornography and the other had also accessed pornographic web sites. http://www.ksntv.com/news/default.asp?mode=shownews&id=2410 - - - - - - - - - - Child porn investigation Child pornography allegations brought against a 55-year-old Brookfield man Tuesday represent the "tip of the iceberg" of possible charges once investigators search his computer, a state prosecutor said. Richard S. Kusch appeared in Waukesha County Circuit Court on Wednesday where Assistant District Attorney Brad Schimel described some of the alleged child pornography, weapons and marijuana police seized Friday. "These images involved here ... were very vulgar," Schimel said. "These images are children being sexually exploited." http://www.gmtoday.com/news/local_stories/2004/June_04/06032004_02.asp - - - - - - - - - - Three Spanish arrested for selling child porn In Deya, Mayorka, Spanish police detained three men allegedly selling child porn, reports "El Pais" newspaper Monday. Two of the detainees are Russians 30 and 37 years old, the third is Briton. Besides trading child porn they offered minors' sexual services through the Internet. They are also suspected in laundering their criminal revenues. It is known that detainees, names are not revealed, were previously prosecuted. http://www.crime-research.org/news/03.06.2004/314 - - - - - - - - - - Police slap cuffs on Punk SMSer A tech worker was arrested yesterday after a text message he sent was intercepted and traced back to his phone. In a scene reminiscent of Neo's first escape from Agent Smith, Special Branch officers slapped the cuffs on Mike Devine at his office in Bristol yesterday, and took him away for questioning. Devine, who plays in a Clash tribute band in his spare time, had sent a message containing lyrics from The Clash's Tommy Gun to his lead singer who had forgotten the words to the song. http://www.theregister.co.uk/2004/06/03/text_punk/ - - - - - - - - - - Mutant son of MyDoom plans three-pronged attack Virus writers have used code from the infamous Mydoom worm to create a potentially dangerous new Internet worm which uses multiple methods to spread. Plexus-A spreads using three different methods: infected email attachments, file-sharing networks and Windows vulnerabilities (the LSASS vulnerability used by Sasser and the RPC DCOM flaw used by Blaster). The as yet unknown virus authors used MyDoom source code as the basis for creating Plexus, according to an analysis of the worm by Russian AV firm Kaspersky Labs. http://www.theregister.co.uk/2004/06/03/plexus_worm/ Harry Potter and the worm of doom http://zdnet.com.com/2100-1105_2-5225792.html - - - - - - - - - - Korgo raises zombie PC army Anti-virus firms have raised the peril index of the Korgo worm up a notch following the spread of several new variants this week. Korgo (aka Padobot) exploits the Microsoft Windows Local Security Authority Subsystem Service (LSASS) vulnerability to spread across vulnerable machines. The same flaw was infamously exploited by the Sasser worm and by a number of less prolific worms since. Kordo has some nasty tricks up its sleeve but the worm is far less prolific than Sasser. http://www.theregister.co.uk/2004/06/03/korgo_worm/ Korgo worm targets bank accounts http://www.theinquirer.net/?article=16341 Zombie PCs generate 80 per cent of spam http://www.vnunet.com/news/1155583 - - - - - - - - - - Security cert body gives lesson in insecurity Security certification and training body (ISC)2 has apologised for a serious security breach which saw the personal details of thousands of respondents to a survey posted onto an insecure server. Phone numbers, email and contact addresses for many of the estimated 20,000 respondents to (ISC)2 Constituent Survey were easily available on the site because of lax security for a short time towards the end of last week. http://www.theregister.co.uk/2004/06/03/isc2_survey_snafu/ - - - - - - - - - - Former senators offer harsh assessment of nation's security The next terrorist attack is coming and the United States is far from prepared, two former senators who are experts in the homeland security movement, said Thursday. "Myself, my hair is on fire," said former Sen. Gary Hart, borrowing a phrase recently popularized by former White House counter-terrorism chief Richard Clarke. http://www.govexec.com/dailyfed/0604/060304td1.htm OMB tweaks info security rules http://www.fcw.com/fcw/articles/2004/0531/web-omb-06-03-04.asp Expert calls for better security http://www.fcw.com/fcw/articles/2004/0531/web-secure-06-03-04.asp - - - - - - - - - - Can Utah's new anti-spyware law work? In March of this year, Utah became the first state to enact new legislation addressing certain types of "spyware" -- with its Spyware Control Act. (Spyware is software that tracks a consumer's online activities, and uses the data it collects to choose targeted pop-up advertisements and other promotional messages, which are then displayed to the user.) http://www.cnn.com/2004/LAW/06/03/ramasastry.spyware/index.html - - - - - - - - - - IT leaders warned of data scams The Office of the Information Commissioner has issued an urgent warning to alert IT managers to registration scams concerning compliance with data protection law. http://www.vnunet.com/news/1155599 - - - - - - - - - - Eastern mob hires hackers AUSTRALIANS are being targeted by Eastern European organised crime families using the internet to extort and steal far from home. Delegates at the annual AusCERT Asia Pacific Internet Security Conference on the Gold Coast were warned today that mobsters were hiring computer programmers to take their brand of criminal activity online. The deputy head of Britain's National Hi-Tech Crime Unit, Superintendent Mick Deats, said one Eastern European syndicate with interests in prostitution, drugs and gun smuggling was also earning money all over the world from internet credit card fraud, software piracy, child pornography and online extortion. http://news.com.au/common/story_page/0,4057,9667719%255E15306,00.html - - - - - - - - - - Internet Crimes Against Children Exploding Crime against children on the internet is growing fast; and yet, the problem is going largely unnoticed and underreported. Current statistics show that one in five children who use the Internet receive unwanted sexual solicitations. This might not seem like much stated that way, but, its more than five million children. While it is easy to dismiss this as a simple reality of the Internet it fails to knock home the more important reality that if a child is exposed to behavior they are not ready to handle it could have an overall negative impact on their entire life. This is the real issue. http://www.crime-research.org/news/03.06.2004/319 - - - - - - - - - - Nigeria may use software to nab 419 scammers Nigeria plans to launch software that would help catch fraudsters who send scam letters via email, known as the 419 advance fee fraud, a meeting on the sidelines of Africa's World Economic Forum has heard. The new technology, which would identify key words used in such letters, is likely to be made available to Internet service providers and government departments, Mustafa Bello, executive secretary of the Nigerian Investment Promotion Commission said. http://www.smh.com.au/articles/2004/06/04/1086203598788.html - - - - - - - - - - Police to become masters of cybercrime The police are to get new training, including a Masters degree, to help them tackle crimes involving computers. UK police forces are developing new training to help officers tackle crimes that either directly or indirectly involve a computer, including a Masters degree in cybercrime. The police force is often criticised for not being savvy enough to handle even unsophisticated computer related crimes. http://news.zdnet.co.uk/internet/security/0,39020375,39156636,00.htm - - - - - - - - - - Tests to uproot Windows passwords begin Microsoft and RSA Security on Wednesday started beta testing a product designed to phase out the use of traditional passwords and replace them with automatically generated passwords from a SecurID token. SecurID is one of the most popular two- factor authentication systems and is already used by many large enterprises. The token is about the size of a matchbox and generates a new six-digit code every minute. http://zdnet.com.com/2100-1105-5225434.html http://news.zdnet.co.uk/internet/security/0,39020375,39156548,00.htm Recognition keys access http://www.trnmag.com/Stories/2004/060204/Recognition_keys_access_060204.html - - - - - - - - - - Back to central patching? In a new study, officials at the General Accounting Office say the federal government must deal more aggressively with the growing volume of software security patches that overwhelms the ability of agencies to manage. A report on the study released this week describes uneven patch-management practices across the federal government and recommends two changes in the status quo. http://www.fcw.com/fcw/articles/2004/0531/web-patch-06-03-04.asp - - - - - - - - - - For Mac security, communication is key When it comes to security, Apple Computer's report card reads like that of a gifted child: high marks for achievement, but needs to communicate better with others. In general, the Mac operating system has seen far fewer bugs than its Windows counterpart. But some say a recent vulnerability demonstrates that the notoriously tight-lipped company must communicate more openly on security issues and move more quickly when it comes to plugging holes. http://zdnet.com.com/2100-1105_2-5225115.html - - - - - - - - - - In the virtual stacks, pirated books find readers Early in his undergraduate years at Indiana University, Joseph Ruesewald said, he had trouble finding the required titles for a couple of his classes at the local bookstores. When he tried ordering the books online, he learned it would take too long for delivery. Having come of age in the era of Napster, Kazaa and other file-sharing networks infamous as bazaars for pirated music, he knew exactly how to obtain the books--if not in his hands, at least for his computer's hard drive. http://news.com.com/In+the+virtual+stacks%2C+pirated+books+find+readers/2100-1030_3-5226077.html - - - - - - - - - - Open source: Prepare for attack Do you need open-source legal protection any more than you need meteor insurance? Don't dismiss the idea. Most legal observers discount the legal claims by SCO as illegitimate. But there are bigger challenges to contemplate than those from SCO. In fact, users face a convergence of issues that may ultimately lead to other claims being brought against Linux and open-source software. http://zdnet.com.com/2100-1107_2-5225405.html - - - - - - - - - - Are developers stealing code? Many software developers regard 'code-borrowing'-- reusing existing software in their own work--as an acceptable practice, despite the legal minefield it could create for their employers, says research due to be published later this week. The anonymous online survey of more than 3,000 developers found that almost 70 percent of respondents keep a personal library of code that they freely carry between employers. Such code is generally used without the lawful owner's knowledge or permission, according to IT legal experts from out-law.com. http://zdnet.com.com/2100-1105-5225468.html Security starts with developers http://www.vnunet.com/news/1155593 Careless coders tempting legal troubles? http://news.com.com/Careless+coders+tempting+legal+troubles%3F/2100-1008_3-5226035.html - - - - - - - - - - Wireless Attacks and Penetration Testing (part 1 of 3) The very idea of a wireless network introduces multiple venues for attack and penetration that are either much more difficult or completely impossible to execute with a standard, wired network. Wireless networks only know the boundaries of their own signal: streets, parks, nearby buildings, and carsall offer a virtual "port" into your wireless network. This is the first of a three part series on penetration testing for wireless networks. http://www.securityfocus.com/infocus/1783 - - - - - - - - - - Fury at terror suspect's bail Australian police have objected to bail for suspected terrorist Bilal Khazal, 34, a former baggage handler for Qantas, on the grounds that he helped another accused terrorist, Saleh Jamal, escape to Beirut, Lebanon, after he posted bail. Mr. Khazal is charged with collecting or making documents likely to facilitate terrorism after he published an Arabic book online entitled "Provision in the Rules of Jihad - Short Wise Rules and Organisational Structures that Concern every Fighter and Mujahid Fighting against the Infidels". http://www.crime-research.org/news/03.06.2004/322 - - - - - - - - - - Software crash grounds UK air traffic Overnight testing of software management procedures has caused massive disruption to the UK National Air Traffic Control system and led to widespread delays at most of Britain's airports. A spokesman for the UK's National Air Traffic Services, the company that controls UK airspace, told ZDNet UK that the Flight Data Processing System (FDPS) at the West Drayton control centre crashed after overnight testing. http://zdnet.com.com/2100-1105_2-5225412.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.