NewsBits for September 30, 2004 ************************************************************ 'Wardriving' conviction is first under Can-Spam A Southern California man pleaded guilty to spamming people through unprotected hot spots, the first-ever conviction under the Can-Spam Act, and a case that again raises concerns about the risks of open-access Wi-Fi service. Nicholas Tombros admitted driving around Venice, Calif., last year, searching for unprotected hot spots --an activity called "wardriving" --and exploiting them to distribute unsolicited e-mail that advertised pornographic Web sites. http://news.zdnet.com/2100-1035_22-5390722.html http://www.theregister.co.uk/2004/09/30/warspammer_guilty/ - - - - - - - - - - Hundreds of Australian homes raided in child pornography crackdown Police in Australia have raided hundreds of homes across the country in the largest-ever crackdown on internet child pornography. More than 150 people have already been charged with 2,000 offences, including child sex tourism, sexual abuse and downloading or distributing pornographic images. Hundreds more are expected to be summonsed to appear before court where they are expected to be formally charged. http://www.abc.net.au/ra/newstories/RANewsStories_1210440.htm http://www.abc.net.au/act/news/200409/s1210355.htm http://www.theregister.co.uk/2004/09/30/oz_paedo_crackdown/ Australian police say child porn arrests 'the tip of the iceberg' http://www.abc.net.au/ra/newstories/RANewsStories_1210721.htm More arrests expected in massive Australian internet porn crackdown http://www.abc.net.au/ra/newstories/RANewsStories_1210861.htm - - - - - - - - - - Confidential child records were online Updated:In another black eye for Florida's child-welfare agency, officials acknowledged that confidential records for nearly 4,000 abused and neglected children were available on the Internet until this week. The files were accessible on the Web site of Kids Central, a privately run child welfare agency. They included the names of foster children, birth dates, Social Security numbers, photographs and case histories. They even provided directions and maps to children's foster homes. http://www.msnbc.msn.com/id/6142224/ - - - - - - - - - - Arnold Vetoes Privacy Bill A California bill protecting the privacy of internet and e-mail usage at work met the red veto pen of Gov. Arnold Schwarzenegger on Wednesday. The would-be law, SB 1841, would have required the state's employers to provide "clear and conspicuous" notice before electronically monitoring the e-mail or internet usage of employees. Not doing so would have become a misdemeanor in the California penal code. http://www.wired.com/news/privacy/0,1848,65152,00.html http://www.msnbc.msn.com/id/6139705/ - - - - - - - - - - Music industry rolls out 762 more song-swapping suits The music industry filed copyright infringement lawsuits Thursday against 762 computer users, including defendants at 26 universities around the country. The lawsuits were the latest filed by recording companies against suspected online music file-swappers. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9802911.htm http://www.usatoday.com/tech/news/techpolicy/2004-09-30-riaa-suit_x.htm http://www.wired.com/news/digiwood/0,1412,65162,00.html http://www.msnbc.msn.com/id/6143337/ - - - - - - - - - - Iceland's net traffic plummets, following P2P raids Brief Police in Iceland raided the homes of 12 people and confiscated computer equipment and CDs this week as the global war on file sharing reached the volcanic homeland of elves and trolls. Police targeted individuals using the popular DC++ file sharing application to share movie files. One suspect was found with approximately 2.5TB of allegedly illicit material. http://www.theregister.co.uk/2004/09/30/p2p_raids_iceland/ - - - - - - - - - - IM Worm Crawls Through JPEG Hole Security experts have spotted the first attempts to create an Internet worm that propagates using instant messages and exploits a recently disclosed flaw in Microsoft software. Researchers at The SANS Institute's Internet Storm Center (ISC) have had two reports of users receiving messages on America Online's AOL Instant Messenger service that lured them to Web sites containing malicious code, says Johannes Ullrich, chief technology officer at SANS ISC. http://www.pcworld.com/news/article/0,aid,117998,00.asp http://www.gcn.com/vol1_no1/daily-updates/27491-1.html Image virus spreads via chat http://news.zdnet.com/2100-1009_22-5390463.html JPEG worm found on Instant Messenger http://news.zdnet.co.uk/internet/security/0,39020375,39168531,00.htm - - - - - - - - - - Old viruses and "hoaxes" still litter PCs AV FIRM Sophos released figures for September that show the top 10 viruses it has recorded worldwide, and the top ten "hoaxes" this month. Carole Theriault, a security consultant at the firm, said: "It's disheartening that the same old viruses are continuing to cause trouble for computer users the world over. Keeping your defences up to date to prevent infections is the only way we will see the back of these nasties". http://www.theinquirer.net/?article=18781 - - - - - - - - - - FBI warns residents of Internet scams FBI agents in Bay City are urging residents to watch out for telephone or mail scams that have bilked local people out of thousands of dollars. The FBI's Mid-Michigan Area Computer Crimes Task Force issued a warning about a "work-at-home scam, an employment scam and a reshipping scam all rolled into one." http://www.mlive.com/news/bctimes/index.ssf?/base/news-4/1096472724254740.xml - - - - - - - - - - DOE hacked 199 times last year Weaknesses in the Energy Departments cybersecurity allowed hackers to successfully penetrate its systems 199 times last year in intrusions that affected 3,531 systems, the departments inspector general said. Energy continues to have difficulty finding, tracking and fixing previously reported cybersecurity weaknesses quickly, the IG said in a report, The Departments Unclassified Cyber Security Program2004. http://www.gcn.com/vol1_no1/daily-updates/27489-1.htmls - - - - - - - - - - Sophos in porn dialler row with UK developer Anti-virus firm Sophos yesterday suspended detection of a "porn dialler application", following complaints from its UK-based developer. A Sophos spokeswoman confirmed that it had removed detection of the Coulomb dialler yesterday afternoon on legal advice, following representations from Coulomb Ltd. Sophos is investigating if its AV software is wrongly detecting a legitimate dialler application developed by Coulomb Ltd as a Trojan. http://www.theregister.co.uk/2004/09/30/sophos_porn_dialler_row/ - - - - - - - - - - Zombie networks behind seasonal cybercrime Botnet-related crime is beginning to indicate to the experts what they might expect next. Security experts are beginning to see a pattern in cybercrimes. According to communications firm Energis, online crime appears to be occurring in cyclical patterns related to the creation of botnets -- zombie armies of PCs that have been taken control of without the owners' knowledge. http://news.zdnet.co.uk/internet/security/0,39020375,39168639,00.htm - - - - - - - - - - 'Fake file' firm moves into Europe Anti-piracy firm Overpeer, which seeds file-sharing networks with files designed to prevent illegal downloading, is expanding into the European market. Overpeer, an anti-piracy technology firm best known for flooding Internet file-sharing networks with bogus music and movie files, is expanding into Europe. http://news.zdnet.co.uk/business/legal/0,39020651,39168640,00.htm - - - - - - - - - - Spam servers in China named and shamed The Internet Society of China has fingered over one hundred Web servers that it claims are bombarding Web users with spam. The Internet Society of China (ISC) has published the IP addresses of over one hundred servers that it says are being used to send unsolicited junk mail across the Internet. This is the sixth time that the ISC has publicly identified alleged spam servers, and it is part of its ongoing attempts to clamp down on problem of spam. http://news.zdnet.co.uk/internet/security/0,39020375,39168404,00.htm - - - - - - - - - - Feds fund secure ID project The federal government has signed a deal with security company Digimarc for a pilot program to study hacker-resistant digital authentication for state driver's licenses. The National Highway Traffic Safety Administration, part of the U.S. Department of Transportation, will give Digimarc a $1 million grant to collaborate on the study with states, the company said on Thursday. The program will examine the possibility of creating licenses with embedded digital watermarks that can be read by machines operated by police officers, retailers and other people. http://news.zdnet.com/2100-1009_22-5390619.html - - - - - - - - - - Government, privacy advocates debate data techniques The tension between privacy advocates and government officials over the collection of data for homeland security was on full display at a privacy forum Thursday, where critics raised concerns about some of the latest measures for screening out terrorists. http://www.govexec.com/dailyfed/0904/093004tdpm1.htm - - - - - - - - - - Privacy questions arise as RFID hits stores Proponents of radio frequency identification used to have a quick and easy response to consumer advocates charging that the technology posed an alarming threat to privacy. http://news.zdnet.com/2100-3513_22-5390446.html Tracking RFID--it's everywhere http://news.com.com/Tracking+RFID--its+everywhere/2009-1039_3-5390291.html RFID promoter can't stand being tracked http://www.theregister.co.uk/2004/09/30/rfid_tag_pulldown/ - - - - - - - - - - Akamai Strives For a Safer, Speedier Net It was dark and eerily quiet here Monday in the network command center of Akamai Technologies Inc., an unusual company whose mission of easing Internet traffic jams gives it a clear view of what's happening on the Internet. http://www.washingtonpost.com/wp-dyn/articles/A59806-2004Sep29.html - - - - - - - - - - Phishing once more In a recent report, Gartner estimated that 57 million U.S. adults received a "phishing" attack e-mail within the past year, and half of those who responded became victims of identity theft. Phishing is a tactic used to get credit card information from consumers who believe they are visiting legitimate bank and credit card sites. Usually accomplished through use of pop-up windows that piggyback on real sites, phishing has been on the scene for some time, but recent attacks have underscored how easily attackers can get hold of personal information . http://www.crime-research.org/news/30.09.2004/phish/ - - - - - - - - - - Quantum cryptography gets practical In theory and in labs, quantum cryptography -- cryptography based on the laws of physics rather than traditional, computational difficulty -- has been around for years. Advancements in science and in the world's telecommunications infrastructure, however, have led to the commercialization of this technology and its practical application in industries where high-value assets must be secure. http://computerworld.com/securitytopics/security/story/0,,96111,00.html - - - - - - - - - - Study: Consumers take cyberattacks lightly Consumers have a casual approach toward cybersecurity and fail to grasp the pervasiveness of online threats, according to a study released Thursday. More than a third of the 493 PC users surveyed by the nonprofit National Cyber Security Alliance said they had a greater chance of winning the lottery or being struck by lightning than of being hit by malicious code. http://news.zdnet.com/2100-1009_22-5390749.html - - - - - - - - - - Twelve mistakes security managers make There's a quote by 19th century American theologian Tyron Edwards that goes, "Some of the best lessons we ever learn we learn from our mistakes and failures. The error of the past is the wisdom and success of the future." http://computerworld.com/securitytopics/security/story/0,,96236,00.html - - - - - - - - - - Sticky security problems Each week vnunet.com asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week Jackie Groves, managing director of Utimaco Safeware, warns of the potential harm the latest must-have memory devices can cause to corporate data and networks. http://www.vnunet.com/news/1158478 - - - - - - - - - - The future of security? Hardware The security market is to be flooded with hardware appliances, says IDC analyst. Eighty-five percent of IT security solutions will be catered for by hardware appliances by 2008. The popularity of hardware appliances is set to soar by 23 percent because they are easy to install and are ideal for understaffed security departments, according to IDC analyst Thomas Raschke. http://news.zdnet.co.uk/hardware/0,39020351,39168408,00.htm - - - - - - - - - - Live testing soon for Virtual Case File Live operational testing of the FBI's Virtual Case File application will begin in New Orleans and Washington, D.C., field offices starting in January 2005, said Zalmai Azmi, FBI chief information officer. New Orleans has "been very active in the [VCF] from the get go," Azmi told Federal Computer Week today. VCF, the software application that completes the Trilogy modernization effort, will allow agents to search, analyze and compile case information. http://www.fcw.com/fcw/articles/2004/0927/web-vcf-09-30-04.asp *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.