NewsBits for June 11, 2004 ************************************************************ Arrests made in 'Half-Life' game hacking case Arrests have been made in the theft last year of source code for Valve Software's highly anticipated PC game Half-Life 2, an FBI spokesman in Seattle said Thursday. Details about the arrests, which were made in several countries, were not made public because they are part of an ongoing investigation, FBI spokesman Ray Lauer said. Valve officials said the online gaming community tracked down the purported hackers within days of the company's announcement last fall that the release of Half-Life 2 would be delayed because of the Internet break-in. http://www.usatoday.com/tech/webguide/internetlife/2004-06-11-halflife-arrests_x.htm http://www.crime-research.org/news/11.06.2004/426/ FBI-Led Task Force Makes Arrests in Theft of Game Code Arrests have been made in the theft of computer code behind Half-Life 2, which is expected to be one of this year's best-selling titles, the game's manufacturer announced yesterday. The theft last year had a role in the delayed delivery of the game, originally scheduled for release in September 2003, as Valve Corp., based in Bellevue, Wash., rewrote parts of its programming and assisted in an FBI-led investigation. http://www.washingtonpost.com/wp-dyn/articles/A33214-2004Jun10.html http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8901827.htm http://www.theregister.co.uk/2004/06/11/halflife_2_arrests/ - - - - - - - - - - Saudi Acquitted of Internet Terror An Idaho jury yesterday rejected the federal government's case against a Saudi doctoral student accused of aiding terrorists by running an Internet network that sought to raise money and recruit fighters for holy war abroad. The jury acquitted Sami Omar Hussayen on three counts of providing material support to terrorism, a blow to the government in its first effort to use language in the USA Patriot Act that makes it illegal to provide "expert advice" to terrorists. http://www.washingtonpost.com/wp-dyn/articles/A31491-2004Jun10.html http://www.latimes.com/technology/la-na-boise11jun11,1,3323946.story - - - - - - - - - - Racist spam attack hits Germany Spam emails with racist messages flooded computers in Germany on Thursday. German residents have been targeted by a flood of racist emails. The emails, sent by computers infected with the Sober.G virus, contained racist messages and links to right-wing Web sites, according to German press reports. http://news.zdnet.co.uk/internet/security/0,39020375,39157444,00.htm http://www.wired.com/news/technology/0,1282,63806,00.html http://www.theregister.co.uk/2004/06/11/german_hate_mail_virus/ - - - - - - - - - - RIAA seeks digital radio copying limits Digital radio broadcasts that bring CD-quality sound to the airwaves could lead to unfettered song copying if protections are not put in place, a recording-industry trade group warned on Friday. Without copy protections, music fans could cherry- pick songs off the air and redistribute them over the Internet, further deepening the copyright woes of record labels, the Recording Industry Association of America said. http://news.com.com/RIAA+seeks+digital+radio+copying+limits/2100-1027_3-5232048.html http://www.wired.com/news/digiwood/0,1412,63819,00.html - - - - - - - - - - Privacy group sues TSA, Justice over airline passenger data A public interest organization has filed a lawsuit in federal court against the Transportation Security Administration and the Justice Department, seeking the immediate release of information about government efforts to collect airline passenger data since the Sept. 11 terrorist attacks. The Electronic Privacy Information Center charges in a complaint filed Wednesday with the U.S. District Court for the District of Columbia that TSA and the FBI have failed to adequately respond to Freedom of Information Act requests. EPIC is asking the court to compel the agencies to immediately disclose all records related to the use of airline passenger information. http://www.govexec.com/dailyfed/0604/061104c1.htm - - - - - - - - - - N.Y. company wants Utah's Spyware Control Act blocked A New York company that makes Internet pop-up ads has asked a judge to block enforcement of Utah's new Spyware Control Act pending resolution of the firm's challenge to the law's constitutionality. WhenU.com Inc. claims the law that took effect last month is "arbitrary and Draconian" and violates its free-speech rights. http://www.usatoday.com/tech/news/techpolicy/2004-06-11-spyware-control-challenge_x.htm http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8898893.htm - - - - - - - - - - Law turns tables on antispam group Pioneering antispam organization The Spamhaus Project has begun receiving threats from spammers, many of whom appear to have moved into the U.K. following the establishment of controversial U.K. laws that ostensibly outlaw the spamming of personal e-mail addresses. Spamhaus founder Steve Linford revealed told the Openwave messaging anti-abuse conference in London this week that this legislation has had a counterproductive effect. "For the first time we have very tenacious spamming gangs setting up in the U.K.," said Linford. "And, for the first time, we have spammers threatening us with legal action." http://zdnet.com.com/2100-1105_2-5231434.html - - - - - - - - - - Microsoft sues spammers for deceiving consumers The software giant has filed eight lawsuits against spammers as part of its attempts to curb unsolicited email. Microsoft has filed eight lawsuits against spammers, saying they deceived consumers and used false information to hide their tracks. The lawsuits are the latest salvo in the company's war to eradicate unsolicited emails, which have clogged countless inboxes on personal computers running the Windows operating system. http://news.zdnet.co.uk/internet/security/0,39020375,39157419,00.htm http://www.theregister.co.uk/2004/06/11/200_spammers/ - - - - - - - - - - New Internet Explorer holes causing alarm Four new holes have been discovered in the Internet Explorer (IE) Web browser that could allow malicious hackers to run attack code on Windows systems, even if those systems have installed the latest software patches from Microsoft Corp., security experts warned. Some of the flaws are already being used to attack Windows users and include a glitch that allows attackers to fake or "spoof" the address of a Web page, as well as vulnerabilities that enable malicious pages from the Internet to be handled by IE with very little scrutiny or security precautions. http://computerworld.com/securitytopics/security/story/0,10801,93803,00.html - - - - - - - - - - NTL builds bigger worm trap Cable telco NTL is blocking more Internet ports to stop worms from spreading across its network. Last month it blocked port 135. Now it is blocking (inbound only): 137 (UDP), 138 (UDP), 139 (TCP), 445 (UDP & TCP), 593 (TCP), 1433 (TCP), 1434 (UDP) and 27374 (TCP). "This 'port-blocking' should have little or no effect on your use of the Internet but it will significantly reduce the vulnerability to infection from variants of the Welchia and MSBlast worms," NTL explains in a notice to subscribers. Welchia and MSBlast are also known as Nachi and Blaster, respectively. http://www.theregister.co.uk/2004/06/11/ntl_port_blocking_plan/ - - - - - - - - - - Antivirus vendors await first Linux worm Although some Linux antivirus software is now available, vendors are waiting for a major attack before pushing their wares. Many have developed Unix antivirus products, but are only now moving to Linux to deal with potential threats to businesses running both Windows and open source software. http://www.vnunet.com/news/1155836 Microsoft: Linux threat is rising http://zdnet.com.com/2100-1104_2-5231561.html - - - - - - - - - - Defense Department drafts stronger software security rules Stiffer requirements for the security of software purchased by the Defense Department should be in place by the end of next year, according to a department official. Defense, the Homeland Security Department and other federal entities are working actively this summer to develop a way to extend current software certification procedures to be able to exclude products and services or companies deemed too risky. http://www.govexec.com/dailyfed/0604/061104tdpm1.htm - - - - - - - - - - Smut Sites Fear Credit Crackdown This month is going to be a big pain in the harness for Bondage.com. The company that processes its credit card payments is pulling out of the adult online business, leaving the site to scramble for alternative ways to accept money. Under the worst- case scenario, the memberships of Bondage.com patrons will expire on June 27, and they'll all have to sign up again. This is not exactly the kind of torment its customers are looking for. http://www.wired.com/news/business/0,1367,63799,00.html - - - - - - - - - - Tightening up McAfee defenses Security company Network Associates plans to introduce on Monday new versions of its intrusion protection products for host computers and networks. The updates are specifically for McAfee IntruShield, a device for protecting networks, and McAfee Entercept, security software for PCs and server computers. The latest IntruShield, version 2.1, uses encryption keys to inspect encrypted traffic, such as data to an online stock trading site. IntruShield's upgrade also includes the ability to set up firewalls within a corporate network. http://zdnet.com.com/2100-1105-5231447.html - - - - - - - - - - Survey: Security measures pay off Companies working to harden their security have found that the efforts have resulted in fewer incidents of unauthorised computer use and a decline in damages from security incidents, a computer security group said in a report released on Thursday. The Computer Security Institute's survey of security professionals at nearly 500 companies found that damages related to cyberattacks declined, reaching about $290,000 (PS159,549) per company versus $400,000 per company a year ago. http://news.zdnet.co.uk/internet/0,39020369,39157441,00.htm http://www.crime-research.org/news/11.06.2004/423/ - - - - - - - - - - Official: Technology won't stand in way of transfer of threat analysis Whether the federal responsibility for synthesizing information on terrorist threats will continue to reside with an interagency office or be moved under the Homeland Security Department will not be a matter of technology, a Bush administration official said Friday. http://www.govexec.com/dailyfed/0604/061104tdpm2.htm - - - - - - - - - - MasterCard: Risk is in the cards Instead of a jargon-filled dissertation, MasterCard's new regional head of security, Tim Morris, gave a cheerful and low-tech answer when asked how he tackles security in his line of work. "Consultation, consultation, consultation," said the burly Australian, who is four months into his tenure as MasterCard's Asia-Pacific vice president and regional head for security and risk management. "It's like location, location, location in real estate," he said. "There's just no substitute for sitting down and talking to your client, because the better you understand them, the better your solutions will be." http://news.com.com/MasterCard%3A+Risk+is+in+the+cards/2008-1029_3-5231474.html - - - - - - - - - - Third Voice slammed for defacing websites It was five years ago today... For those readers who enjoy collecting "bright ideas that never caught on", here's a really, really popular innovation from long-gone, completely unlamented Third Voice: Third Voice slammed for defacing Web sites US software developer Third Voice has provoked the ire of Internet users and Webmasters by releasing software that allows Web surfers to share comments about Web sites. http://www.theregister.co.uk/2004/06/11/five_years_ago/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.