High Tech "NewsBits" for 03/29/05

NewsBits for March 29, 2005 ************************************************************ UC Berkeley Looks Into Laptop Theft The computer's files held Social Security numbers, addresses and other personal data. Authorities say there's no evidence of misuse. Campus police at UC Berkeley are investigating the theft of a laptop computer with files containing Social Security numbers, addresses and other personal information on more than 98,000 people. (LA Times article, free registration required) http://www.latimes.com/technology/la-me-computer29mar29,1,5279833.story http://news.zdnet.com/2100-1009_22-5645362.html http://www.cnn.com/2005/TECH/03/29/stolen.laptop/index.html U.S. senator seeks identity theft safeguards U.S. Sen. Dianne Feinstein on Tuesday called for more government protection against identity theft after a laptop storing nearly 100,000 Social Security numbers was purloined from a California university. "The incident at Berkeley was the latest in a series of recent compromises of Social Security numbers or other personal financial information that could be used by identity thieves," Feinstein said in Riverside, Calif. http://news.zdnet.com/2100-1009_22-5645845.html - - - - - - - - - - NY Teen Pleads Guilty to Making Extortion Threats A New York state teen-ager arrested last month for threatening to tell other spammers how to send waves of unsolicited messages to an online instant messaging service has pleaded guilty to making extortionate threats against the company. http://www.crime-research.org/news/29.03.2005/1095/ - - - - - - - - - - U.S. charges four under 'spam' law Federal authorities say they managed to pierce the murky underworld of Internet spam e-mails, filing the first criminal charges under the government's new "can spam" legislation. Court documents in the landmark case in Detroit describe a nearly inscrutable puzzle of corporate identities, bank accounts and electronic storefronts in one alleged spam operation. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8543317.htm http://www.wired.com/news/digiwood/0,1412,67060,00.html - - - - - - - - - - Scots police warn of eBay scam Bidders urged to watch out for 'Second Chance Offer' fraud. Police in Fife have warned internet users to be on their guard against a new eBay scam that has caught out several locals. The fraud centres around eBay users who are unsuccessful in bidding for the item they want and are offered a 'Second Chance Offer' as the original bidder has pulled out. When money is sent the items fail to arrive. http://www.vnunet.com/news/1162195 http://www.theregister.co.uk/2005/03/29/police_warn_punters/ - - - - - - - - - - Camping Out for the Grokster Case Forget Star Wars premieres. A seat at the MGM Studios v. Grokster Supreme Court hearing Tuesday morning was the hottest ticket in town. Gray skies, with intermittent rain and cold, didn't deter a group of staunch file-sharing supporters -- as well as a number of hired line-standers -- from queuing up starting at around 2:30 p.m. Monday to secure a seat in court for the landmark copyright case. http://www.wired.com/news/digiwood/0,1412,67061,00.html - - - - - - - - - - Mytob e-mail worm proliferating quickly With eight new variants surfacing in the last week alone, and over a dozen reported since the beginning of March, the Mytob mass-mailing worm appears to be evolving rapidly. On Monday, security software maker Symantec reported two new versions of the virus, labeled as W32.Mytob.R and W32.Mytob.S. Both worms achieved a low or moderate threat rating from Symantec, as have earlier variants of Mytob, but the company is still recommending that people update their security software immediately to protect against the emerging threat. http://news.zdnet.com/2100-1009_22-5644978.html - - - - - - - - - - Trillian flaw highlights IM security threat A legacy flaw in the latest version of the multi- protocol IM client is said by the company to be of 'extremely low risk', but could be part of a worrying trend. Researchers have reported a vulnerability in the Trillian instant-messaging application, adding to the rapid development of IM-related security threats. http://news.zdnet.co.uk/internet/0,39020369,39193126,00.htm - - - - - - - - - - Gartner: Beware of Mac OS spyware Just a week after Symantec caused uproar in the Mac community by warning the OS X operating system was quickly becoming a target for hackers and viruses, Gartner has warned businesses reliant on the Mac to guard against "spyware infestations." Martin Reynolds, vice president of Gartner's Dataquest organization, said last week although the overall Mac user base is relatively small, just one vulnerability exploit could cause trouble. http://news.zdnet.com/2100-1009_22-5644762.html - - - - - - - - - - Justices question chilling effect of anti-P2P efforts The Supreme Court expressed concerns Tuesday over allowing entertainment companies to sue makers of software that allows Internet users to illegally download music and movies, questioning whether the threat of such legal action might stifle Web innovation. During a lively argument, justices wondered aloud whether such lawsuits might have discouraged past inventions like copy machines, videocassette recorders and iPod portable music players -- all of which can be used to make illegal duplications of copyrighted documents, movies and songs. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/11258543.htm Supreme Court may redefine file swapping http://news.zdnet.com/2100-9588_22-5644861.html - - - - - - - - - - Cybersecurity standardization moves forward The Office of Management and Budget launched a task force on cybersecurity consolidation last week with the goal of increasing computer security and cutting costs. Tim Young, OMB's associate administrator for e-government and information technology, said at a conference in Falls Church, Va., Tuesday that the consolidation effort has strong support among agencies. He said that the question of whether agencies can share common processes associated with information technology security is meant to spark a dialogue in the IT security community. http://www.govexec.com/dailyfed/0305/032905p1.htm - - - - - - - - - - China becoming haven for phishermen A report from China's official news agency shows a massive increase in the number of fradulent sites hosted in the country. China is playing host to a growing number of phishing scams, according to recent research that found a sharp rise in fraudulent Web sites hosted there. http://news.zdnet.co.uk/internet/security/0,39020375,39192963,00.htm - - - - - - - - - - Industry teams up to finger hackers Some of the world's biggest telecoms companies have banded together to share information about hacking attacks. The Fingerprint Sharing Alliance uses a custom database to examine the behaviour of attacks against IT systems, or so-called 'fingerprints'. http://www.vnunet.com/news/1162186 - - - - - - - - - - Net phone security committee formed Amid rising concerns about the implications of voice-over-IP services, an industry group is looking to define best practices for security and privacy. The Voice over IP Security Alliance, a recently formed industry group, has created a new committee to define security requirements for Internet telephony networks. http://news.zdnet.co.uk/communications/0,39020336,39192958,00.htm - - - - - - - - - - Microsoft to plug ID controls into Windows Microsoft will build software for managing identities into Windows in order to beef up security by giving users more control over their personal information, the world's largest software maker said on Tuesday. The ID technology, called "info-cards," will give users more control over their own personal information in order to shop and access services online, said Michael Stephenson, a director in Microsoft's Windows Server division. http://news.zdnet.com/2100-1009_22-5645815.html http://www.msnbc.msn.com/id/7327748/ - - - - - - - - - - Chip and PIN: A more secure waste of time? silicon.com readers are largely unimpressed with the introduction of chip and PIN, the new-to-the-UK way of paying by credit and debit cards at points of sale. Although 56.1 per cent or respondents to a recent survey believe the point of sale technology makes their transactions more secure, a third of respondents (32.4 per cent) branded the change a 'waste of time'. http://software.silicon.com/security/0,39024655,39129046,00.htm - - - - - - - - - - Quantum crypto comes to Blighty UK reseller NOW Wireless has signed a deal to distribute MagiQtech's quantum cryptography solution, MagiQ QPN Security Gateway, in the UK. Launched in the US in 2004, MagiqTech's two-box solution, provides secure quantum key exchange between two dedicated sites up to 120km apart. Once secure keys are exchanged, data can be encrypted using standard protocols, switching keys at up to 100 times per second. http://www.theregister.co.uk/2005/03/29/quantum_crypto/ - - - - - - - - - - Melissa's long gone, but lessons remain It's been six years since the Melissa macro virus first got loose, but security experts say network administrators and PC owners still have lessons to learn from it. The virus started spreading on March 26, 1999, and traveled quickly across the Internet, using the macro functions in Microsoft Word to burrow into the computers of victims who opened the document. Within three days, hundreds of thousands of PCs were infected. http://news.zdnet.com/2100-1009_22-5643900.html - - - - - - - - - - Hackers: Computer Outlaws People attacking computer systems are named as hackers in mass media (and accordingly in a society). However many representatives of a computer underground think that according to the history, the word "hacker" concerns the person who increases functionalities of computers. Hence, hackers are the "good" people acting with noble aims: they train a computer in performance of new functions. The use of a word "hacker" in describing the computer vandals or thieves deforms not only sense of the term, but also the historical concept of "hacking". http://www.crime-research.org/news/29.03.2005/1094/ - - - - - - - - - - Online dating fraud Have you met anyone online? Do you have any online girlfriends or pals? Have you exchanged photos with them? Do they look like 1 million dollar? Where do they live? Eastern Europe? Did you tell her/him that you want to meet her/him? Did they ask you for some money to come to you? Did you give them money? DO YOU TRUST THEM? http://www.crime-research.org/news/29.03.2005/1084/ - - - - - - - - - - Cop 'downloaded nude snaps' from suspect's mobile phone A Houston police officer has been taken off the streets for allegedly downloading sexually explicit pictures from a female suspect's confiscated mobe to his PDA and sharing them with colleagues, the Houston Chronicle reports. Christopher Green arrested the unnamed 24-year- old Chinese student on 24 November 2004 on suspicion of drunken driving. http://www.theregister.co.uk/2005/03/29/mobile_pic_download/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.