NewsBits for June 17, 2004 ************************************************************ Akamai: Internet attack had little impact A purported Internet attack that affected some of the world's most popular Web sites was "large scale" and "sophisticated" yet had only minimal impact, according to the targeted company. Akamai Technologies Inc., which aims to make Internet browsing more reliable, said Wednesday that no more than a dozen of its 1,100 customers suffered a significant impact. Akamai defined "significant" as traffic being slowed for more than 20 percent of a site's users. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8940036.htm http://www.vnunet.com/news/1155955 http://www.usatoday.com/tech/news/computersecurity/2004-06-17-assessing-attack_x.htm Web outage blamed on zombies http://news.zdnet.co.uk/internet/security/0,39020375,39157876,00.htm - - - - - - - - - - Thieves steal laptops, cell phone at crime prevention fair Thieves snatched two computers from a Hong Kong trade fair, a particularly brazen act considering that the victims were security companies showing off the latest crime-stopping technology. The thieves stole two laptop computers worth $2,500 from the Asia Securitex 2004 trade show on Wednesday, police spokeswoman Carrie So said. http://www.usatoday.com/tech/news/computersecurity/2004-06-17-crime-fair-crime_x.htm http://www.theregister.co.uk/2004/06/17/blaggers_lift_pcs/ - - - - - - - - - - Fraud, abuse found in school Internet program Beset by poor design and oversight, the federal program that connects schools and libraries to the Internet is a target for fraud and abuse, an independent review shows. Financed through phone charges, the $2.25 billion-a-year program, known as E-rate, provides discounted Internet access and internal connection gear such as wiring and adaptors. http://www.msnbc.msn.com/id/5234858/ http://www.usatoday.com/tech/news/techpolicy/2004-06-17-erate-examined_x.htm - - - - - - - - - - U.S. House subcommittee approves spyware bill A U.S. House subcommittee has approved a spyware bill that would allow fines up to $3 million for collecting personal information, diverting browsers and delivering some pop-up advertisements to computer users without their consent. The Securely Protect Yourself Against Cyber Trespass Act (SPY ACT), which bears little resemblance to the bill it replaced, would also require software that collects the personal information of computer users to notify the users of its installation, get the users' consent before installation and provide users with easy uninstall options. http://computerworld.com/securitytopics/security/privacy/story/0,10801,93901,00.html http://www.msnbc.msn.com/id/5234854/ - - - - - - - - - - Antipiracy bill targets technology A forthcoming bill in the U.S. Senate would, if passed, dramatically reshape copyright law by prohibiting file-trading networks and some consumer electronics devices on the grounds that they could be used for unlawful purposes. The proposal, called the Induce Act, says "whoever intentionally induces any violation" of copyright law would be legally liable for those violations, a prohibition that would effectively ban file-swapping networks like Kazaa and Morpheus. In the draft bill seen by CNET News.com, inducement is defined as "aids, abets, induces, counsels, or procures" and can be punished with civil fines and, in some circumstances, lengthy prison terms. http://zdnet.com.com/2100-1104_2-5238140.html - - - - - - - - - - Feds, Private Groups to Educate Consumers About Phishing Scams The federal government and some of the nation's leading consumer organizations and financial institutions today kicked off a campaign to educate consumers about the growing threat posed by "phishing," a sophisticated form of identity theft conducted via e-mail and conterfeit Web sites. Visa USA, the Federal Trade Commission, the Better Business Bureau and the other coalition members said they plan to work together to teach consumers how to avoid phishing scams and to report suspicious e-mail to authorities. http://www.securityfocus.com/news/8936 - - - - - - - - - - Cabir Highlights 'Proof of Concept' Worm Threat The first virus designed to attack mobile phones has not seen much action outside of security experts' labs. But "Cabir," as the proof-of-concept worm is called, is not completely benign. It could portend more damaging forays by virus writers who might take their cue from Cabir and go one better. http://www.newsfactor.com/story.xhtml?story_title=Cabir-Highlights--Proof-of-Concept--Worm-Threat&story_id=25456 - - - - - - - - - - Conference on Internet Hate, Racism Opens European neo-Nazis post online pictures of paint- smeared mosques. Web sites of Islamic radicals call for holy war on the West. Aliases like "Jew Killer" pop up on Internet game sites. International experts met Wednesday in Paris to tackle the tricky task of fighting anti-Semitic, racist and xenophobic propaganda on the Internet - seen as a chief factor ina rise in hate crime. http://www.washingtonpost.com/wp-dyn/articles/A48147-2004Jun16.html - - - - - - - - - - VA cybersecurity chief departs to Energy Veterans Affairs Department cybersecurity chief Bruce Brody is leaving to take a position as associate CIO for cybersecurity at the Energy Department, VA said today. Brody formed the Office of Cyber Security when he joined VA in 2001 to centralize and correct the many security weaknesses at the department. He has established a comprehensive security regime, including the automated Security Configuration and Management Program, which follows installation of antivirus software and the upgrade of the departmentwide Central Incident Response Capability. Under his leadership, VA has also reduced the number of IP addresses and gateways to the Internet it uses. http://www.gcn.com/vol1_no1/daily-updates/26250-1.html - - - - - - - - - - Wardriving for WLAN security The 4th Annual Worldwide Wardrive (WWWD) is under way this week, with volunteers scanning the airwaves in a neighborhood near you for wireless LAN access points. This year's WLAN discovery effort began June 12 and runs through June 19. The WWWD is organized by a mixed group of security professionals and hobbyists who cruise areas to document the location of access points and how many of them have even minimal security. The goal is to boost awareness of the need to secure residential and corporate WLANs. http://computerworld.com/securitytopics/security/story/0,10801,93887,00.html - - - - - - - - - - Net visionary urges e-mail ID standard Making mass e-mailers identifiable is the first step toward curing the epidemic of spam, said Vint Cerf, one of the architects of the Internet. Cerf, who co-created the TCP/IP (Transmission Control Protocol/Internet Protocol) of the Internet and now works as chief corporate strategist for MCI, delivered opening remarks Thursday here at the first inaugural Email Technology Conference. The chief topic of debate at the conference was spam. http://zdnet.com.com/2100-1104_2-5238202.html - - - - - - - - - - Cendant portal to deliver security, business benefits The hotel division of Cendant Corp. is investing in Web-based identity and access management technology that it expects will yield not just security benefits, but business gains as well. http://computerworld.com/securitytopics/security/story/0,10801,93789,00.html - - - - - - - - - - Secure outsourcing: An impossibility or a necessity? This political season has seen the term offshore outsourcing create as much controversy as WMD. Concerns over the outflow of U.S. jobs to countries such as India, China, Malaysia, Israel and Ireland have made news in both the business and general press. Underlying the threat to U.S. jobs has been an increasing drumbeat of concern about the outflow of sensitive data and business process information that has followed those jobs. http://computerworld.com/securitytopics/security/story/0,,93866,00.html - - - - - - - - - - Logging and archiving: Where storage and security needs intersect When IT managers consider logging and archiving, they are faced with a dilemma: Keep enough data, and audit and regulatory needs are met, business continuity is maintained, and recovery after disaster goes off smoothly. Keep too much data, though, and the cost associated with storing that data and the resources needed to maintain the archives could skyrocket, outweighing many of the benefits. http://computerworld.com/securitytopics/security/story/0,,93878,00.html - - - - - - - - - - Is Microsoft that scary? Each week vnunet.com asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week vnunet.com's Iain Thomson wonders how concerned antivirus software vendors should be at the prospect of Microsoft releasing its own antivirus product. http://www.vnunet.com/news/1155957 - - - - - - - - - - Information sharing seen as key to homeland defense The CIO of the military command charged with domestic security said yesterday that information security must help the many homeland security stakeholders quickly share information. "The goal is not to protect the information or the network; the goal is to use the information," said U.S. Air Force Maj. Gen. Dale Meyerrose, director of architectures and integration for the U.S. Northern Command and for command and control systems at the North American Aerospace Defense Command (NORAD). http://computerworld.com/securitytopics/security/story/0,10801,93898,00.html - - - - - - - - - - Spam poetry reaches new artistic heights It hasn't escaped our notice that spam tsunamists are in the habit of finishing their missives with random collections of (often highly esoteric) words as part of their ongoing battle against the spam filter. But although these assemblages are designed purely to serve their dark masters' will, they occasionally transcend their mundane purpose and reach hitherto unprobed heights of poetic invention. http://www.theregister.co.uk/2004/06/17/spam_poetry/ - - - - - - - - - - Judge rules inmate has right to computer access for Ph.D. An inmate at a south Georgia prison has the right to access to a computer to complete his dissertation for his Ph.D., a Superior Court judge has ruled. Christopher Scott Heftler of Cobb County, who is serving a 10-year sentence for child molestation, said he was told he could have access to a word processor if he bought it himself. http://www.usatoday.com/tech/news/techpolicy/2004-06-17-prisoner-pc-access_x.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.