NewsBits for October 25, 2004 ************************************************************ Plague carriers: Most users unaware of PC infections A study of home PCs released Monday found that about 80 percent had been infected with spyware almost entirely unbeknownst to their users. The study, funded by America Online and the National Cyber Security Alliance, found home users mostly unprotected from online threats and largely ignorant of the dangers. AOL and the NCSA sent technicians to 329 homes to inspect computers. http://news.zdnet.com/2100-1009_22-5423306.html http://www.washingtonpost.com/wp-dyn/articles/A60881-2004Oct25.html http://www.newsfactor.com/story.xhtml?story_title=Home-Computer-Users-Highly-Vulnerable&story_id=27844 http://www.siliconvalley.com/mld/siliconvalley/news/editorial/10007411.htm http://www.globetechnology.com/servlet/story/RTGAM.20041025.gtsafeoct25/BNStory/Technology/ 3 measures aim to curb spyware http://www.mercurynews.com/mld/mercurynews/business/technology/10003156.htm - - - - - - - - - - 'Spam King' Ordered to Disable Spyware A federal judge has ordered a man known as the "Spam King" to disable so-called spyware programs that infiltrate people's computers, track their Internet use and flood them with pop-up advertising. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/10010269.htm http://www.usatoday.com/tech/news/computersecurity/2004-10-24-spam-king_x.htm - - - - - - - - - - Ofcom accused of helping premium-rate scammers Ofcom has been accused of issuing telephone numbers to rogue operators that rip off punters with premium-rate phone scams. The damaging accusation was made by George Kidd, the head of premium-rate telephone regulator ICSTIS, who claims that Ofcom is undermining its work to protect consumers from fraudsters. http://www.theregister.co.uk/2004/10/25/icstis_ofcom/ - - - - - - - - - - Nuke agency takes Web site offline The Nuclear Regulatory Commission removed its massive public reading room from the Internet Monday after nuclear safety activists and media organizations found several documents on it containing sensitive information they said could help terrorists. http://www.cnn.com/2004/US/10/25/terror.nrc/index.html - - - - - - - - - - California data leak raises questions A California state agency and a prestigious state university admitted last week that they had put hundreds of thousands of Californians at risk of identity theft -- but did it have to happen? A computer operated by a University of California at Berkeley researcher was accessed by a hacker, who may have swiped a database including a whopping 1.4 million records containing residents' personal information, including their Social Security numbers. http://www.msnbc.msn.com/id/6328575/ - - - - - - - - - - Internet grooming case makes legal history IN the first internet grooming case in Britain under new sex offence laws, a man has pleaded guilty in a case involving a 14-year-old girl from the Newmarket area. John Mansfield, 42, of Bury, Lancashire, appeared before Judge John Devaux at Ipswich Crown Court on Friday, where he also admitted a child porn offence. http://w3.cambridge-news.co.uk/news/newmarket/story.asp?StoryID=63726 - - - - - - - - - - Children's department worker charged with porn offences A 47-year-old man working for the New South Wales Department of Community Services (DOCS) has been charged with possessing child pornography. The department says the man worked in community services for 28 years. His personnel file has been examined and it is understood he never worked in a child protection role. Police executed a search warrant at the man's home in Sydney's west yesterday and charged him after images were allegedly found on his computer. http://www.abc.net.au/nsw/news/200410/s1225078.htm - - - - - - - - - - City worker charged in child porn sting A Missoula city employee was charged in federal court Thursday with possession, distribution and production of child pornography. Robert Charles Baker, who has been suspended without pay from his job in the city's street department, was arrested Wednesday after an investigation by U.S. Immigration and Customs Enforcement. Court records indicate that there are at least 250 images of child pornography on Baker's home computer, and that Baker had accessed an Internet pay site featuring child pornography in December 2002. http://www.missoulian.com/articles/2004/10/15/news/top/news01.txt - - - - - - - - - - Internet probe nets seven in child sex case Seven people have been arrested across southern Idaho following a month-long investigation into alleged sexual enticement of children over the Internet. Jerome County Sheriff Jim Weaver says the probe was conducted by his department's Child Internet Crime Prevention Unit. Charged with Internet enticement were Joel Hall of Twin Falls, Kyle Jamieson of McCammon, Bobby Phillips of Boise, Levi Nall of Boise, Terry Draper of Paul, Michael Flameling of Boise and Courtney Cantrell of Boise. The maximum punishment for enticement is 15 years in prison. http://www.dailyrecord.co.uk/news/tm_objectid=14797247&method=full&siteid=89488&headline=we-can-t-stop-the-net-pervs-name_page.html - - - - - - - - - - Miami weatherman faces sex charges A prominent Miami-based television weatherman was behind bars Monday, charged with trying to meet a 14-year-old boy for a sexual encounter, investigators said. William David Kamal, 47, of Miami Beach, faces state and federal charges of soliciting a child after he allegedly drove from Fort Lauderdale to a convenience store at Glades Cut-Off and Midway roads on Sunday to meet the "boy," who actually was St. Lucie County Sheriff's Detective Neil Spector. http://www.nbc-2.com/articles/readarticle.asp?articleid=1686&z=3&p= - - - - - - - - - - Mother wins fight against deportation A MOTHER who reported her husband for downloading child porn won her fight yesterday to keep her family in Scotland. Canadian-born Lynn Urquhart and her two daughters faced deportation shortly after her husband, Bruce, was convicted for storing hundreds of obscene images on his computer. He escaped a jail sentence, but renewed only his own visa. This allowed him to start a new life anywhere he wished, but his action plunged his family into a three-year nightmare. http://news.scotsman.com/scotland.cfm?id=1238822004 - - - - - - - - - - WE CAN'T STOP THE NET PERVS POLICE admitted yesterday they were powerless to stop child sex beasts who used the internet. They warned up to four in10 internet sex offenders who looked at child porn would go on to abuse youngsters. And they said the sex offenders' register was no guarantee the paedophiles wouldn't strike again. More than 3000 have been arrested in Scotland in four years in the war against internet child pornography. But figures have revealed as many as 95 per cent of those convicted would not go to jail or have treatment. http://www.dailyrecord.co.uk/news/tm_objectid=14797247&method=full&siteid=89488&headline=we-can-t-stop-the-net-pervs-name_page.html - - - - - - - - - - 'Unprecedented' music piracy case hits courts A man is in court accused of copyright infringement due to allegations that he was responsible for two terabytes of music files that were downloaded between November 2002 and October 2003. Lawyers for music industry players claimed Stephen Cooper received "hundreds of millions of hits" per year to his allegedly illegal music download site, "mp3s4free", as the long-awaited court case against the retired policeman kicked off at the Federal Court in Sydney on Monday. http://news.zdnet.co.uk/business/legal/0,39020651,39171266,00.htm - - - - - - - - - - Virus hits Scottish bean counters Company network hit with virus, ex-employee questioned... A Scottish National Party councillor is being investigated by the police after a computer virus was planted on the network of a former business partner. Angus Nicolson, SNP group leader on Western Isles Council, was sacked by Stornoway accountants Mann Judd Gordon after accusing business partner Roddy Cunningham of taking money from a PS300,000 trust fund, according to a report in the Glasgow Sunday Mail. http://software.silicon.com/security/0,39024655,39125248,00.htm - - - - - - - - - - EBay virus 'start of worrying trend' Malicious code uses previously undocumented packer. Security experts have intercepted a virus which claims to have been sent from eBay.com and uses a packer previously unseen in email virus distribution. The use of the uncommon packer in the W32/Myfip virus could make it more difficult for antivirus software vendors to identify and protect against the malicious code within, signalling "the start of a worrying trend", MessageLabs warned today. http://www.vnunet.com/news/1158981 - - - - - - - - - - Mac OS X rootkit surfaces One of the first pieces of malicious code targeting. Apple's Mac OS X operating system has been discovered. The Mac OS X malware, dubbed Opener, is a rootkit for Mac OS X machines that contains a variety of destructive functionality including a keylogger and backdoor components. http://www.theregister.co.uk/2004/10/25/mac_rootkit_opener/ http://www.macworld.co.uk/news/index.cfm?NewsID=9974 http://news.zdnet.com/2100-1009_22-5424883.html http://www.newsfactor.com/story.xhtml?story_title=Mac-Users-Face-Malware-Threat&story_id=27870 - - - - - - - - - - Linux kernel flaw allows DoS attack A bug in version 2.6 of the Linux kernel allows remote users to crash systems running SuSE's latest enterprise and consumer software. Linux distributor Novell SuSE released a security advisory with a severity rating of nine out of 10 last week warning of a flaw in Linux kernel 2.6.. http://news.zdnet.co.uk/0,39020330,39171340,00.htm - - - - - - - - - - Security Hoax Unleashes Virus on Linux Users E-mails that appear to come from Red Hat actually are phishing hoaxes. Official messages from the Red Hat Security Team are never sent unsolicited, says the company. The messages originate from a fake e-mail address and contain Trojan updates designed to compromise the security of the infected systems. http://www.newsfactor.com/story.xhtml?story_title=Security-Hoax-Unleashes-Virus-on-Linux-Users&story_id=27861 - - - - - - - - - - Mobile Java hit with security scare A security flaw has been revealed in Sun's Java platform for mobile phones, but no attempts to exploit it have yet been found. A Polish researcher has found two vulnerabilities in the cell phone version of Sun Microsystems' Java software that under unusual circumstances could let a malicious program read private information or render a phone unusable. http://news.zdnet.co.uk/communications/0,39020336,39171336,00.htm - - - - - - - - - - UK spam campaigner to help Europe fight back Anti-spam guru Steve Linford is to advise the European Commission on how to ban spam in Europe. A UK based anti-spam organisation is to advise legal officials at the European Commission on new legislation to block junk email. http://news.zdnet.co.uk/internet/security/0,39020375,39171338,00.htm - - - - - - - - - - Sprint Offering Wireless Tracking Devices Sprint Corp. said Monday it is coming out with a suite of services aimed at helping companies better manage cell phones and PDAs they issue to employees, including a feature to remotely erase sensitive information from devices that are lost or stolen. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/10007451.htm - - - - - - - - - - New technology would support both privacy and data sharing A maker of identity recognition software has come up with a scheme to allow organizations to share and compare data without compromising the privacy of individuals. Anonymous Entity Resolution software, dubbed ANNA, uses a standard hashing algorithm to create a unique identifier for each piece of data about a person in an organizations files. Identifiers from different lists can be compared to discover matches without revealing the identity of the individual. http://www.gcn.com/vol1_no1/daily-updates/27735-1.html - - - - - - - - - - Cisco adds scrambler to IP telephony Cisco is beefing up the security of IP telephony kit with an upgrade to its software available from today. A new version of the network giant's IP PBX software, Cisco CallManager 4.1, comes with new enhanced encryption facilities, including Voice over Virtual Private Network (V3PN) functionality. http://www.theregister.co.uk/2004/10/25/cisco_ip_phone_crypto/ - - - - - - - - - - CyberGuard polishes Webwasher appliance Network security vendor CyberGuard has launched its first Webwasher appliance following its acquisition of the German software vendor earlier this year. CyberGuard bought Webwasher for $40m in May in a bid to add functionality to its appliance range. http://www.vnunet.com/news/1158951j - - - - - - - - - - Identity and access management key security priority The vast majority of US enterprises view identity and access management (IAM) systems as a key component in future IT security infrastructures, newly released research has claimed. http://www.vnunet.com/news/1158977 - - - - - - - - - - Online fraud 101 Phishing and fraud make use of constantly evolving techniques: Yesterday's poorly written e-mail is today's polished con, often making use of unpatched vulnerabilities, Web site spoofing and other subtle techniques average users aren't likely to detect. This evolution has ramifications across the board for security, including planning strategy. http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1018782,00.html - - - - - - - - - - Deleting Online Extortion Shakedown artists are the scourge of Net firms, denying access to sites that don't pay up. A Sacramento man helped nab one ring's members. To an old-time bookie like Mickey Richardson, $500 in protection money was chump change.So when he got an e-mail from gangsters threatening to bring his online sports betting operation to its knees, he paid up. http://www.latimes.com/technology/la-fi-extort25oct25,1,405949.story - - - - - - - - - - The Latest Tool in Competition: Hacking A new federal case illustrates the role computer intrusion is taking in the high-stakes world of niche Internet commerce. Your competitor has a wildly successful Web-based tool which is being used by many of your customers. Do you (A) give up and get out of the business; (B) set up a team of product developers to make a competing product; or (C) hack into the competitor's website, steal the code, and for good measure hire their critical employees to develop an exact duplicate of their website. If you answered (C) then congratulations and welcome to the new world of competitive hacking. http://www.securityfocus.com/columnists/273 - - - - - - - - - - Issues Discovering Compromised Machines One of the latest security books I read had a fascinating example in the preface. The authors, well-known and trustworthy experts in the field http://wwwdev.securityfocus.com/cgi-bin/preview/infocus_preview.pl?id=1809 of security, made an outrageous claim that most of the Fortune 2000 companies have already been penetrated by hackers (and have been in that state for years!). http://www.securityfocus.com/infocus/1808 - - - - - - - - - - Would John Kerry defang the DMCA? John Kerry finally has hinted at a position that would mark one of the first real differences from his Republican rival. In a barely noticed remark on Thursday, the Democratic senator said he might support defanging the Digital Millennium Copyright Act (DMCA)--the unpopular law that has prompted take-to-the-street protests from the geek community. http://news.zdnet.com/2100-1009_22-5425019.html - - - - - - - - - - Fingerprints to become compulsory for all EU passports EU interior ministers are today likely to sign off regulations making fingerprinting a second compulsory biometric for passports. The latest proposed draft regulation will effectively overturn a decision made earlier this year to make only facial image compulsory, and fingerprint optional, and comes in the face of opposition from Sweden Finland, Estonia and Latvia, "could not accept this re-opening of discussions on the second biometric identifier to become mandatory." http://www.theregister.co.uk/2004/10/25/eu_adds_passport_fingerprints/ U.S. moves closer to e-passports http://news.com.com/U.S.+moves+closer+to+e-passports/2100-1012_3-5425314.html - - - - - - - - - - Cohen backs info sharing, police work in beating back terror threats The United States may have the most powerful military in the world, but that will not stop terrorists from attacking the country. Its not the military thats going to win the war against terror, said William Cohen, former secretary of Defense. The military will always be there in the last resort, but in my own opinion, well depend more on good police work, some Special Forces. http://www.gcn.com/vol1_no1/daily-updates/27736-1.html http://www.fcw.com/fcw/articles/2004/1025/web-cohen-10-25-04.asp - - - - - - - - - - Peeping Tom filter lets phones see through bikinis A phone that lets you see through clothes is the stuff of teenage boys' dreams - and now it's a reality in Japan. A third party developer in Tokyo, Yamada Denshi, has developed an add-on to Vodafone handsets, intended to be used as a night filter to allow Big Red's customers to take pictures with their phones in the dark. http://networks.silicon.com/mobile/0,39024665,39125257,00.htm - - - - - - - - - - Survey: Porn will boost wireless Web revenue Mobile phone users around the world will spend $1 billion a year on pornography sent to their handsets by 2008, which may boost the wireless services sector much as it fueled growth in the fixed-line Internet, a market research firm said. In the United States, consumers will be dishing out some $90 million for adult entertainment in four years' time, the Yankee group said in a survey released on Monday. http://news.com.com/Survey+Porn+will+boost+wireless+Web+revenue/2100-1039_3-5425948.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.