NewsBits for August 19, 2004 ************************************************************ Retired judge pleads guilty to child porn charge A retired judge facing 14 felony child-pornography counts has pleaded guilty to a misdemeanor charge, and authorities say he will likely face three years' probation. Paul Miles, 80, of Medina, will probably have to register as a sex offender, said Orleans County District Attorney Joseph Cardone. Miles was accused of downloading and printing pornography from the Internet. The material was found in a trash bin near a business in the Medina area. http://www.democratandchronicle.com/apps/pbcs.dll/article?AID=/20040819/NEWS01/408190332 - - - - - - - - - - In child-porn sweep, hospital's pediatric chief pleads guilty A former chief of pediatric medicine caught in a sweeping Internet child-pornography crackdown pleaded guilty Tuesday to possessing dozens of sexually explicit images of children on his home computer. Dr. Julius Goepp, 46, who worked in Strong Memorial Hospital's emergency unit until his arrest on May 12, will be sentenced to 27 months to 33 months in prison under the plea deal, federal prosecutor Richard Resnick said. Sentencing was set for Nov. 3. http://www.newsday.com/news/local/wire/ny-bc-ny--pediatrician-chil0817aug17,0,1604133.story - - - - - - - - - - Man Arrested in Kentucky for Allegedly Raping a Child An Alabama man is facing charges of rape in Louisville, Kentucky. Barry Douglas Shutt of Hartselle is accused of raping a 12-year-old he met over the Internet. Shutt was arrested Saturday and charged with rape, sodomy, and tampering with physical evidence. The girl told police she had sex with an Alabama man she had been corresponding with over the Internet. She led them to the Louisville hotel where shutt was staying. http://www.waff.com/Global/story.asp?S=2188763 - - - - - - - - - - Milford man facing child pornography charges A Milford man who has been serving a child pornography conviction in Florida is back in the state to face similar charges. Bond was set at $1 million Wednesday for Lawrence Fulgieri, who police believe victimized children in Fairfield and New Haven counties. Fulgieri, 31, had a massive collection of child pornography on his home computer and admitted having sex with two teenage boys, one from Stratford and one from Wallingford, police said. http://www.newsday.com/news/local/wire/ny-bc-ct--pornarrest0819aug19,0,3155267,print.story?coll=ny-ap-regional-wire - - - - - - - - - - $50,000 Bond On Clay Teacher Charged With Child Porn A teacher at Clay County schools for the past 15 years is in federal custody, facing charges he possessed and distributed sexually-explicit pictures of children. John McIntyre John McIntyre, 40, appeared before a federal magistrate Tuesday afternoon on charges of possession and distribution of child pornography. McIntyre could be released on bond if he posts $50,000 and meets a list of other conditions. Agents said McIntyre sent images of children engaging in sexual activity to an undercover agent in an Internet chat room. After his arrest, agents found more than 1,000 sexually explicit images of minors, mostly young boys, on his computer. http://www.news4jax.com/news/3661067/detail.html - - - - - - - - - - Child sex abuse suspect released to father A Shaler man kept a Web camera underneath his computer in the room where his two young children played so he could send real time pornographic images of his 4-year-old daughter to his Internet buddies, according to testimony yesterday in federal court. After a detention hearing, a magistrate judge released the man on $100,000 bond but ordered him to stay at his father's house in Butler. He will not be allowed to leave there without a court order. http://www.post-gazette.com/pg/04218/356976.stm - - - - - - - - - - South Pole 'cyberterrorist' hack wasn't the first It's a tale Tom Clancy might have written. From their lair in distant Romania, shadowy cyber extortionists penetrate the computers controlling the life support systems at a Antarctic research station, confronting the 58 scientists and contractors wintering over at the remote post with the sudden prospect of an icy death. After some twists and turns, the researchers are saved in the fourth act by an international law enforcement effort led by FBI agents wielding a controversial, but misunderstood, federal surveillance law. http://www.securityfocus.com/news/9356 - - - - - - - - - - Judges rule file-sharing software legal A federal appeals court has upheld a controversial court decision that said file-sharing software programs such as Grokster or Morpheus are legal. Following the lead of a lower-court decision last year, the Ninth Circuit Court of Appeals in Los Angeles said on Thursday that peer-to-peer software developers were not liable for any copyright infringement committed by people using their products, as long as they had no direct ability to stop the acts. http://news.com.com/Judges+rule+file-sharing+software+legal/2100-1032_3-5316570.html http://www.wired.com/news/digiwood/0,1412,64640,00.html http://www.theregister.co.uk/2004/08/19/p2p_lives_on/ http://www.msnbc.msn.com/id/5762021/ - - - - - - - - - - Hackers revive iTunes music sharing A group of anonymous programmers has released new software that allows music to be swapped via Apple Computer's popular iTunes jukebox. Like an older piece of software called MyTunes, the newly released OurTunes allows a person to browse complete iTunes libraries on other computers and download songs, either in MP3 or the AAC format preferred by Apple. Songs purchased from the iTunes music store and wrapped in Apple's copy-protection technology cannot be traded. http://zdnet.com.com/2100-1105_2-5316700.html - - - - - - - - - - Phishermen release DIY con kits Do-it-yourself phishing kits are starting to appear online, making it easier for amateurs to try their hand at email fraud. Some Web sites are now offering surfers the chance to download free "phishing kits" containing all the graphics, Web code and text required to construct the kind of bogus Web sites used in Internet phishing scams. http://news.zdnet.co.uk/internet/security/0,39020375,39164115,00.htm http://www.theregister.co.uk/2004/08/19/diy_phishing/ - - - - - - - - - - NIST makes lists A program that experts have said is the missing piece in federal efforts to promote secure computing will be ready later this year. Officials at the National Institute of Standards and Technology announced that a security configuration checklists program for information technology products, including a logo that vendors can put on their wares, is on track for completion before the end of 2004. http://www.fcw.com/fcw/articles/2004/0816/web-nist-08-19-04.asp Report urges defense to help with domestic technologies http://www.govexec.com/dailyfed/0804/081904tdpm1.htm - - - - - - - - - - Cisco flaw opens networks to attacks Cisco has warned in a security advisory that some networks with its routers could be vulnerable to denial-of-service attacks. The problem is in the processing of packets sent to a Cisco router that has been configured for the Open Shortest Path First (OSPF) protocol, the company said in a security advisory released Wednesday. If the router receives a malformed packet, it will take a while to reset. Attackers could flood networks with packets that cause routers to constantly reboot. The flaw is limited to versions 12.0S, 12.2 and 12.3 of Cisco's Internetwork Operating System routing software. http://news.com.com/Cisco+flaw+opens+networks+to+attacks/2100-7355_3-5316500.html http://news.zdnet.co.uk/internet/security/0,39020375,39164110,00.htm - - - - - - - - - - HP to deliver vulnerability scanning service by year's end Hewlett-Packard Co. plans to deliver a new security vulnerability scanning and remediation service by the end of the year that is designed to help companies identify and fix weak spots on their corporate networks, a senior company executive said this week. http://computerworld.com/securitytopics/security/story/0,10801,95361,00.html - - - - - - - - - - Is Upgrading to Windows XP SP2 Worthwhile? Users of Microsoft Windows XP Home Edition are scheduled to begin receiving Service Pack 2 via automatic update starting today. But delivery of the Professional Edition has been delayed at least a week while Microsoft and its users grapple with compatibility problems. http://www.newsfactor.com/story.xhtml?story_title=Is-Upgrading-to-Windows-XP-SP--Worthwhile-&story_id=26391 Security Flaws Found in SP2 http://www.pcworld.com/news/article/0,aid,117452,00.asp Microsoft downplays XP SP2 flaw claims http://www.vnunet.com/news/1157459 - - - - - - - - - - Number crunching boffins unearth crypto flaws Cryptographic researchers have discovered weaknesses in the encryption algorithms that underpin the security and integrity of electronic signatures. The issue concerns hash functions - one way mathematical functions that produce a small fixed length string from a much longer message. This is sometimes called a message digest. When two different input values produce the same output value this is called a collision. http://www.securityfocus.com/news/9363 - - - - - - - - - - Punishment fails to fit the cybercrime Why does creating a virus carry lighter penalties than marijuana offences? Jeffrey Lee Parson pleaded guilty last week to unleashing part of the MSBlast worm attack that wreaked havoc on the Internet a year ago. He got off easy. Federal prosecutors predictably touted Parson's guilty plea as an example for other would-be vandals. John McKay, the US Attorney for Seattle, proclaimed: "The damage to individual computer users is very real, and the penalties are also very real." http://comment.zdnet.co.uk/declanmccullagh/0,39020670,39164002,00.htm - - - - - - - - - - Valuing Secure Access to Personal Information Securing data is not a simple endeavor; a multi- discipline, defense-in-depth approach is necessary, as information can leak at any point in the communication process, from receipt, through storage, retrieval, transmission, and so on. Furthermore, each information system element is vulnerable to loss, including hardware, software, and personnel. Add to this the exceptional efforts made by those who want to acquire information through illicit means, whether for espionage, criminal, political, mischievous, or other intent...someone is always trying gain access to information they shouldn't have. http://www.securityfocus.com/infocus/1797 - - - - - - - - - - Infected In Twenty Minutes What normally happens within twenty minutes? That's how long your average unprotected PC running Windows XP, fresh out of the box, will last once it's connected to the Internet. It's interesting to ponder just how much time - in hours, in minutes, sometimes in mere seconds - it takes for a disaster to occur. The space shuttle Challenger exploded 73 seconds after liftoff in 1986. http://www.securityfocus.com/columnists/262 http://www.vnunet.com/news/1157428 - - - - - - - - - - SMS spoofing -- How long has it existed? This kind of high tech felony exists for a relatively short time. It is a "new lingo in cybercrime". But it might have a horrifying future. How is the spoofing carried out? What does an individual need? SMS spoofing became possible after many mobile/cellular operators had integrated their network communications with/in the Internet. So anybody could send SMS from the Internet using forms at the websites of mobile operators or even through e-mail. Unfortunately, I won't break you in telling that there's no perfect security, it is only defined by the level of sophisticated technical arms of malefactors. http://www.crime-research.org/news/19.08.2004/572/ - - - - - - - - - - Who guards your company email? Unless IT and HR work together, the security gap will not close. Each week vnunet.com asks a different expert to give their views on recent security issues, with advice, warnings and information on the latest threats. This week Kevin Butler, technical manager at Allasso, stresses the importance of IT and HR working together to control the use of email at work. http://www.vnunet.com/news/1157458 - - - - - - - - - - Panel hears views on biometric passports, other ideas U.S. citizens should not be exempt from carrying biometric passports or other means of verifying their identities, former Rep. Lee Hamilton, D-Ind., said Thursday in his capacity as vice chairman of the panel that investigated the Sept. 11, 2001, terrorist attacks. http://www.govexec.com/dailyfed/0804/081904tdpm2.htm - - - - - - - - - - Database snafu puts US Senator on terror watch list US Senator Ted Kennedy (Democrat, Massachusetts) was prohibited from flying because his name sparked a terror alert, the Associated Press reports. Apparently, the Senator's name came up on a terrorist watch list, or no-fly list, while attempting to board a US Airways shuttle out of Washington. A vigilant airline clerk refused to allow Kennedy to board. After numerous phone calls, the Senator did manage to get home to Boston, but the same comedy ensued as he attempted to return to Washington, the wire service says. http://www.theregister.co.uk/2004/08/19/senator_on_terror_watch/ - - - - - - - - - - Being told to brush-off via email Attention, ladies: If that guy hitting on you just won't quit until you surrender your e-mail address, feel free to call upon Paper Napkin. Billed as an e-mail rejection service, Paper Napkin will tell your persistent suitor to buzz off when he comes calling electronically. http://www.msnbc.msn.com/id/5758726/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.