NewsBits for June 14, 2004 ************************************************************ Survey: 2 million bank accounts robbed Nearly 2 million Americans have had their checking accounts raided by criminals in the past 12 months, according to a soon-to-be released survey by market research group Gartner. Consumers reported an average loss per incident of $1,200, pushing total losses higher than $2 billion for the year. Gartner researcher Avivah Litan blamed online banking for most of the problem. http://www.msnbc.msn.com/id/5184077/ - - - - - - - - - - Chinese Web Activist Gets Suspended Sentence High-profile Chinese Internet essayist Du Daobin, who was convicted of "subverting state power," received a suspended sentence from a Chinese court Friday and was allowed to return home for the first time since he was arrested eight months ago. "I'm so excited to see him again," Du's wife, Xia Chunrong, said in a telephone interview. "He has lost some weight but is in quite good spirits. Our son was so happy to see his father. They're glued together now." http://www.theregister.co.uk/2004/06/14/china_house_arrest/ http://www.latimes.com/technology/la-fg-net12jun12,1,1638324.story - - - - - - - - - - Kid porn suspect held on $50K bail Cory Pero, the 22-year-old city man charged with three counts of distributing child pornography to someone he believed to be a 14-year-old boy in Keene, N.H., was ordered held on $50,000 surety bail yesterday. Pero, of 19 Chester St., thought hed met a young teenager in a Yahoo chat room in early May, according to Special Assistant Attorney General Marcy Coleman. But Pero was really communicating with a Keene police detective, who was on cyber patrol looking for possible sex offenders over the Internet. http://www.zwire.com/site/news.cfm?BRD=1712&dept_id=478996&newsid=11938738&PAG=461&rfi=9 - - - - - - - - - - PRIEST QUIZZED IN PORN PROBE A PRIEST working in Annan has been interviewed by detectives probing a child porn ring. Father Stuart Cambell was one of three people quizzed by detectives from Dumfries and Galloway last week during an inquiry into a foreign child porn website. Police seized computer equipment from the priests house. He was not arrested and no charges have been made. http://www.newsandstar.co.uk/news/viewarticle.asp?id=105217 - - - - - - - - - - Sex case pits library against cops When three teenagers in Naperville's Nichols Library reported seeing a man fondling himself while looking at Internet pornography, library workers called police. The man left before officers arrived, so police asked to see who was logged on at the computer. To the surprise of police, the library refused, opening another chapter in the controversy over how much access law enforcement should have to library records. http://www.chicagotribune.com/news/local/chi-0406110160jun11,1,3755970.story - - - - - - - - - - Multilingual worm spreads throughout Europe A new multilingual worm from Hungary hit networks over the weekend and is spreading steadily. Zafi.B, also known as Erkez.b or Hazafi, spreads via peer- to-peer software and as a 12,800 byte .pif attachment within emails. It has the potential to spread widely as it mails itself out in Hungarian, English, Italian, Spanish, Russian and Swedish. http://www.vnunet.com/news/1155879 Antivirus firm says it has detected first mobile-phone worm http://computerworld.com/securitytopics/security/story/0,10801,93825,00.html Is your antivirus app working? Are you sure? http://reviews-zdnet.com.com/AnchorDesk/4520-7297_16-5138927.html - - - - - - - - - - The Son of Patriot Act Also Rises While activists and politicians work to repeal or change parts of the Patriot Act that they say violate constitutional rights, Patriot Act II legislation -- which caused a stir when it came to light last year -- is rearing its head again in a new bill making its way through Congress. The bill would strengthen laws that let the FBI demand that businesses hand over confidential records about patrons by assigning stiff penalties (up to five years in prison) to anyone who discloses that the FBI made the demand. http://www.wired.com/news/privacy/0,1848,63800,00.html - - - - - - - - - - CERT: IE bug is bait for phishers The U.S. Computer Emergency Readiness Team (US-CERT), the Internet security watchdog, released a security alert on Friday warning of a flaw in Microsoft's Internet Explorer which allows attackers to run programs on a user's computer. The flaw is in IE's cross-domain security model, which keeps frame content from different sources separate. This means that attackers could run programs and view files using the privileges of the user running IE. http://zdnet.com.com/2100-1105_2-5232993.html http://news.zdnet.co.uk/internet/security/0,39020375,39157632,00.htm http://www.vnunet.com/news/1155868 - - - - - - - - - - Hackers target government holes Global threats such as the Blaster and SQL Slammer worms batter government network defenses as much as those in the commercial arena, but attacks that actually penetrate the network are focused on perceived weaknesses in Web-based applications, according to a Symantec Corp. report. Based on an analysis of data produced in the last six months of 2003, Symantec officials believe the problem could be due to a greater use of file-sharing applications within government, as opposed to industry. http://www.fcw.com/fcw/articles/2004/0614/web-holes-06-14-04.asp WLANs Vulnerable to Hacking http://www.newsfactor.com/story.xhtml?story_title=WLANs-Vulnerable-to-Hacking&story_id=25380 - - - - - - - - - - Europe to fight child porn Communication Ministers assigned a 45 million euro budget to fight child porn. This budget is timed for a 3-year program which will be carried out from 2005 till 2008. This program is a second version of "protecting children plan" and will get to times bigger financing than it was assigned for the first program accepted two years ago. The aim of the program is to create the safe Internet using new technologies. Another financing is assigned for fighting illegal network content. http://www.crime-research.org/news/14.06.2004/424/ - - - - - - - - - - Hacker offers to shut Putin's website In the spirit of the free market computer hackers in Russia have put their services up for sale, offering to "take out" any website for a price. Several hackers have posted a menu of services on the internet. The most popular is a Direct Denial of Service (DDoS) attack, in which a website and server can be disabled by being bombarded with emails and other information. http://www.guardian.co.uk/online/news/0,12597,1237084,00.html - - - - - - - - - - Scammers earn on leaving examinations School leavers pass examinations, Internet scammers count up profits. Con men raised tens of thousands of dollars on leaving examinations. In 2003, "right answers" for leaving tests in schools were sold at more than ten websites on the Internet and more than fifty of such sites appeared this year. Formerly, one variant of solved maths test cost $42 and now actual price is $50. http://www.crime-research.org/news/14.06.2004/425/ - - - - - - - - - - NIST releases security guidance on mapping information The National Institute of Standards and Technology has released the final version of its guidelines for categorizing information housed in federal IT systems. The Federal Information Security Management Act requires agencies to identify categories of information they maintain and to assess the impact on the agencys mission of compromises to that information. NIST is charged with providing guidance on this and other FISMA requirements. http://www.gcn.com/vol1_no1/daily-updates/26209-1.html - - - - - - - - - - Selling 'Nemo' Online, Trying to Repel Pirates As on the Starz cable service, which is owned by Liberty Media, the movies available will include recent Hollywood films, usually about a year after they were released, and some older titles. The movies available this month include "Finding Nemo," "Pirates of the Caribbean: The Curse of the Black Pearl" and "The Poseidon Adventure." http://www.nytimes.com/2004/06/14/technology/14real.html?th http://www.latimes.com/technology/la-fi-starz14jun14,1,2327143.story http://www.msnbc.msn.com/id/5207240/ Swap blockers graduate to high schools http://news.com.com/Swap+blockers+graduate+to+high+schools/2100-1027_3-5233272.html - - - - - - - - - - Web Services Are Biggest Security Challenge Web services are the major challenge for network security in the 21st Century, because they require users to routinely run code and data on machines that the users don't control, said Whitfield Diffie, chief security officer for Sun Microsystems. "Now, I do most of my computing on a chip a couple of feet in front of me, or if I do it elsewhere, I know it," said Diffie, delivering a keynote at the NetSec 2004 computer security conference here. http://nwc.securitypipeline.com/showArticle.jhtml?articleID=21800144 Apple Makes Its Case for Security http://www.wired.com/news/mac/0,2125,63805,00.html - - - - - - - - - - Latest Strategy Against Spam: Identify Bulk E-Mailers and Make Them Pay As I was threshing through my e-mail in-box the other day, searching for the 0.0024% of new messages that might carry information I needed to know, I cursed for the umpteenth time whatever person or process produced the one feature of the Internet most responsible for the scourge of spam: the convention by which e-mail is paid for by the recipient, not the sender. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-golden14jun14,1,4094327.column Spam is still growing--and costing http://zdnet.com.com/2100-1105_2-5233017.html Netscape takes aim at pop-ups, spam http://zdnet.com.com/2100-1104_2-5233040.html Gmail Spam Test http://www.webpronews.com/insiderreports/searchinsider/wpn-49-20040514GmailSpamTest.html Italian gov text spams entire country http://www.theregister.co.uk/2004/06/14/italy_sms_spam/ - - - - - - - - - - Switches taking on new security roles Security innovations being built into switches are attracting attention from buyers who not long ago focused primarily on feeds and speeds. Network executives say they need all the help they can get to cope with today's threats. They are eager to use new switch-based security schemes - such as the ability to quarantine viruses and enforce policies - being touted by Alcatel, Cisco and Enterasys Networks, among others. In the forefront: http://www.nwfusion.com/news/2004/0614switchsecurity.html - - - - - - - - - - Backdoor program gets backdoored The author of a free Trojan horse program favored by amateur computer intruders found himself with some explaining to do to the underground last month, after his users discovered he'd slipped a secret backdoor password into his popular malware, potentially allowing him to re-hack compromised hosts. The program in question is Optix Pro, (Backdoor.OptixPro.12) a full-featured backdoor that allows an intruder to easily control a compromised Windows machine remotely, from accessing or changing files, to capturing a user's keystrokes or spying on a victim through their webcam. http://www.securityfocus.com/news/8893 - - - - - - - - - - Wireless Attacks and Penetration Testing (part 2 of 3) There are several techniques to performing penetration testing on your wireless network, the objective of all of them being to improve the security and integrity of the network itself. What wireless lacks in the security of the physical layer and medium must be compensated for in protections on other layers of the stack. As you'll recall from Part I of this article, there are many different attacks that a nefarious individual can carry out on your wireless network. http://www.securityfocus.com/infocus/1785 - - - - - - - - - - The Trouble with Gmail Google's plans to run targeted advertising with the mail that you see through its new Gmail service represents a potential break for government agencies that want to use autobots to monitor the contents of electronic communications traveling across networks. Even though the configuration of the Gmail service minimizes the intrusion into privacy, it represents a disturbing conceptual paradigm -- the idea that computer analysis of communications is not a search. This is a dangerous legal precedent which both law enforcement and intelligence agencies will undoubtedly seize upon and extend, to the detriment of our privacy. http://www.securityfocus.com/columnists/248 - - - - - - - - - - Homeland Department seeks technology to detect suicide bombers The Homeland Security Department within the "next few weeks" plans to solicit companies for technology designed to detect suicide bombers near railways, buildings and other critical infrastructure, a top official said Monday. http://www.govexec.com/dailyfed/0604/061404tdpm1.htm - - - - - - - - - - Web sites feature calls to arms, video of attacks Web sites featuring videos of the beheading of Americans or captives pleading for their lives have become part of an electronic war of incitement, humiliation and terrorist outreach, experts say, providing a window into the minds of militant Muslims who hate the West. The latest dramatic Web posting came Saturday, a short video that showed no faces but included a voice yelling in English: "No, no, please!" http://www.usatoday.com/tech/webguide/internetlife/2004-06-14-electronic-jihad_x.htm - - - - - - - - - - Virtual City of Smut Now Online What would you get if you crossed The Sims, Match.com and Amsterdam's red-light district? One adult entertainment company says the answer is the Red Light World, a 3-D adult-oriented virtual environment that offers the sex-starved a chance to visit the Dutch city's infamous quarter and take in its XXX movie theaters, Viagra outlets, sex toy stores and adult DVD shops. Players get to meet sexy singles and more, all without springing for a plane ticket or worrying about getting mugged. http://www.wired.com/news/games/0,2101,63821,00.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.