NewsBits for June 29, 2004 ************************************************************ Justices Leave Online Porn Case Unresolved The Supreme Court today said that a law aimed at protecting children from Internet pornography probably violates free-speech rights, but for the second time the justices sent the case back to a lower court for a new trial. The court ruled 5 to 4 that a lower court was correct to block the Child Online Protection Act (COPA). But today's ruling said the lower court should consider whether technological advances have made it possible to keep children from looking at "harmful" material online without compromising the free-speech rights of adults. http://www.washingtonpost.com/wp-dyn/articles/A14419-2004Jun29.html http://zdnet.com.com/2100-1104_2-5251475.html http://www.msnbc.msn.com/id/5324463/ http://www.cnn.com/2004/LAW/06/29/scotus.web.indecency/index.html http://www.wired.com/news/business/0,1367,64028,00.html - - - - - - - - - - Playboy 'hacker' just a shelf-stacker slacker A Southampton man has been jailed for convincing legendary 'jazz-mag' Playboy that he'd hacked its servers. He managed to extort a whole $100 yes, that's $100 from the company, claiming paying up would stop him selling confidential customer data. Simon Jones, 25, carried out the attack from his bedroom at his parents' house in Hampshire, where he decided to take the billion-dollar company for the princely sum of around PS55. Playboy coughed up rather than have the crime overlord sell the details of two of its internet subscribers. http://hardware.silicon.com/storage/0,39024649,39121759,00.htm http://www.theregister.co.uk/2004/06/29/playboy_hacked_jailed/ - - - - - - - - - - A Russian Hacker Stole $15 Thousand A hacker of Leninogorsk, Russia managed to illegally withdraw 15,000 of American dollars from accounts of foreigners and co-citizens. All victims visited a webpage, submitted by a 16-year-old L. on the Internet. The page offered visitors web-design, website creation and support services. Having completed orders, a young man using a specialized computer software read all data from credit cards used to pay him. After that he had access to these accounts and paid for his orders in other virtual shops including foreign e-shops. He acted on a large scale, having visited 82 of such stores. http://www.crime-research.org/news/29.06.2004/460/ - - - - - - - - - - Malicious server halted in wake of mysterious hack A Russian Web site that had been downloading code to steal financial information from users has apparently been shut down, security officials reported Monday. No one has figures on how many government or other users may have been affected by the widely publicized network attack. "Since Friday, this thing was stopped in its tracks," said Oliver Friedrich, senior manager of Symantec Corp.'s Security Response Group. http://www.usatoday.com/tech/news/computersecurity/2004-06-29-hacking-mystery-redux_x.htm Authors of the last viruses are Russians http://www.crime-research.org/news/29.06.2004/454/ - - - - - - - - - - Pop-up program reads keystrokes, steals passwords Security researchers have discovered a malicious program that installs itself through a pop-up ad and can read keystrokes and steal passwords when victims visit any of nearly 50 targeted banking sites. The targeted sites include major financial institutions, such as Citibank, Barclays Bank and Deutsche Bank, researcher Marcus Sachs said Tuesday. http://zdnet.com.com/2100-1105_2-5251981.html http://news.com.com/Pop-up+program+reads+keystrokes%2C+steals+passwords/2100-7349_3-5251981.html - - - - - - - - - - Serious Fraud Office under fire over electronic eavesdropping rules Home Secretary David Blunkett should consider stripping the Special Fraud Office (SFO) of its powers to engage in electronic eavesdropping, according to the Chief Surveillance Commissioner. The proposals are contained in the annual report to the Prime Minister from the Commissioner, Sir Andrew Leggatt, who is responsible for overseeing the controversial Regulation of Investigatory Powers Act (RIPA). http://www.vnunet.com/news/1156292 - - - - - - - - - - Sevenfold increase in phishing attacks Online fraud watchers reported nearly 1,200 new phishing attacks in May, and warned that the number is rising. The Anti-Phishing Working Group (APWG), which monitors the internet scams, said that nearly 40 new attacks were seen every day in May, representing a 700 per cent increase since January this year. http://www.vnunet.com/news/1156285 http://www.newsfactor.com/story.xhtml?story_title=Phishing-Attacks-Increase-Sevenfold&story_id=25637 Anti-phishing group backs email authentication http://www.theregister.co.uk/2004/06/29/anti-phishing_authentication/ - - - - - - - - - - Adobe targets piracy in Asia Adobe Systems has stepped up its efforts to curb piracy in Southeast Asia, including cracking down on businesses that misuse software licenses. Raymond Lee, Adobe's group manager for Southeast Asia, said the company will be driving more Adobe-centric initiatives to halt the unauthorized duplication of its software. In the past, he said, the company relied primarily on the activities of the Business Software Alliance, or BSA, an antipiracy organization with members such as Hewlett-Packard, IBM, Microsoft and Symantec. http://zdnet.com.com/2100-1104_2-5251301.html - - - - - - - - - - Another big Apache hole found Linux and Unix vendors are releasing fixes for a critical bug in the popular Web server Apache that could allow attackers to crash the system or execute malicious code. The bug affects Apache 1.3.x installations configured to act as proxy servers, which relay requests between a Web browser and the Internet. When a vulnerable server connects to a malicious site, a specially crafted packet can be used to exploit the vulnerability, according to security researcher Georgi Guninski, who has publicly released exploit code. http://computerworld.com/securitytopics/security/story/0,10801,94191,00.html - - - - - - - - - - TI teams to hang up cell phone crackers Chipmaker Texas Instruments and chip designer ARM are working together to beef up security for handhelds following the emergence of the first virus to target cell phones. The two companies, both dominant suppliers and designers of cell phonechips, are "burying the security into the hardware" where it's tougher to get at, Dave Steer, ARM director of segment marketing, said in an interview Tuesday. http://news.com.com/TI+teams+to+hang+up+cell+phone+crackers/2100-7355_3-5252194.html - - - - - - - - - - Comcast reports 35 percent decline in spam Cable giant Comcast on Thursday said the volume of spam originating from its network has dropped 35 percent since it blocked an e-mail loophole weeks ago. The new data comes after Comcast, the nation's largest broadband service, earlier this month began blocking a gateway that spammers commonly use to send mass volumes of unsolicited e-mail. Called "port 25," the gateway lets PCs send and receive e-mail based on SMTP (Simple Mail Transfer Protocol), the most common technology for exchanging messages. http://zdnet.com.com/2100-1105_2-5251909.html VeriSign launches spam-blocking service http://news.zdnet.co.uk/internet/security/0,39020375,39159065,00.htm America has dirty little secret about spam http://www.usatoday.com/tech/webguide/internetlife/2004-06-29-spam-secret_x.htm - - - - - - - - - - In Wild West of data mining, a new sheriff? Even as the government increasingly relies on of data mining -- scouring databases in search of clues about terrorism and everyday waste and fraud -- there aren't clear rules about the practice. Privacy activists say it's like the wild West, dangerously unregulated. When the head of the Transportation Security Administration recently disclosed that four airlines and two reservation systems shared personal data on passengers without their consent, privacy activists predictably cried foul. http://www.msnbc.msn.com/id/5319360/ - - - - - - - - - - NIST aims to ease XP security setup Officials at the National Institute of Standards and Technology hope their new publication will help simplify the process of setting security controls on Microsoft Corp.'s Windows XP Professional operating system. NIST officials, who released the draft of Special Publication 800-68 this week, said the recommendations and security configuration checklists will help federal agencies fulfill their responsibilities for computer and information security under the Federal Information Security Management Act of 2002. http://www.fcw.com/fcw/articles/2004/0628/web-nist-06-29-04.asp Windows XP Service Pack 2: "A victory for the security guys" http://software.silicon.com/os/0,39024651,39121762,00.htm - - - - - - - - - - Voting software company submits code to NIST An electronic voting software company has released source code for a balloting security module to the National Institute of Standards and Technology. VoteHere Inc. of Bellevue, Wash., sent the reference code implementation for VoteHere Technology inside, or VHTi, to NISTs National Software Reference Library. http://www.gcn.com/vol1_no1/daily-updates/26430-1.html Commission proposes options for e-voting http://www.usatoday.com/tech/news/techpolicy/2004-06-29-e-voting-opinion_x.htm - - - - - - - - - - What's the New IE Flaw All About? Here are answers to that and other questions arising from the latest vulnerability to hit Microsoft's Web browser. Security experts had been waiting for a couple of weeks for the shoe to fall. On June 11, US-CERT, the government-funded computer-security watchdog at Carnegie Mellon University warned that a flaw in Microsoft Internet Explorer could allow a Web site to dump malicious programs onto Windows computers. The alert was highly unusual because CERT normally avoids public warnings about vulnerabilities until patches to fix them are available. http://www.businessweek.com/technology/content/jun2004/tc20040629_7343_tc119.htm - - - - - - - - - - Copy This Article & Win Quick Cash! Is Bill Gates offering big bucks to track your email? On the trail of the most forwarded hoax in Internet history. A few months ago, I received an email that promised to make me rich. It came from an acquaintance, Kim Chernin, bearing the suspect subject line "Fwd: quick cash?" Normally I'd send such spam straight to the trash, but Chernin - a psychotherapist and writer - is no fool; so I opened the message and began to scroll. http://www.wired.com/wired/archive/12.07/hoax.html - - - - - - - - - - Cyber-loafing boss sacks office spyware detective A man who became so frustrated at the extent of his boss's 'cyber-loafing' has been sacked after he installed spyware on his employer's computer to prove it was used for little more than game playing on a daily basis. And while the aggrieved employee, Vernon Blake, did indeed prove that his boss, George Dobbs, spent, on average, 70 per cent of his time playing Solitaire, amazingly the only person seriously disciplined in the whole affair was Blake. He was sacked by the Alabama Department of Transport while Dobbs received little more than a written warning. http://networks.silicon.com/lans/0,39024663,39121768,00.htm - - - - - - - - - - Government denies request for lobbyist list, citing fragile database The Bush administration is offering a novel reason for denying a request seeking the Justice Department's database on foreign lobbyists: Copying the information would bring down the computer system. ``Implementing such a request risks a crash that cannot be fixed and could result in a major loss of data, which would be devastating,'' wrote Thomas J. McIntyre, chief in the Justice Department's office for information requests. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9040525.htm http://www.wired.com/news/politics/0,1283,64032,00.html - - - - - - - - - - 419ers score football lottery winner As demoralised England fans look towards the 2006 World Cup in consolation after their exit from Euro 2004 last week 419ers are looking even further ahead. The Boys from Lagos have cooked up a footballing variant of the familiar lottery ruse in preparation for World Cup 2010, in South Africa. Not even the beautiful game is safe from exploitation by these shameless scammers: http://www.theregister.co.uk/2004/06/29/wc2010_419_scam/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.