NewsBits for April 27, 2005 ************************************************************ Bush signs law targeting P2P pirates File-swappers who distribute a single copy of a prerelease movie on the Internet can be imprisoned for up to three years, according to a bill that President Bush signed into law on Wednesday. The Family Entertainment and Copyright Act, approved by the House of Representatives last Tuesday, represents the entertainment industry's latest attempt to thwart rampant piracy on file-swapping networks. Movies such as "Star Wars: Episode II," "Tomb Raider" and "The Hulk," have been spotted online before their theatrical releases. http://news.zdnet.com/2100-9588_22-5687495.html Bush OKs Smut-Stripping Tech http://www.wired.com/news/politics/0,1283,67367,00.html - - - - - - - - - - Hong Kong authorities charge BitTorrent user with piracy Hong Kong customs officials on Wednesday filed copyright violation charges against a 38-year- old man who allegedly uploaded three movies onto the Internet using the popular file-sharing program BitTorrent. The suspect, who has only been identified by his surname, Chan, faces three charges of attempting to distribute copies of copyrighted material without authorization, the government said in a statement. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/11503343.htm - - - - - - - - - - Man Accused Of Stalking Girl In Custody On Federal Charge A Blue Springs man accused of stalking a teenage girl is now in federal custody. Brian Gnavi, 36, was arrested this week on a child pornography charge. KMBC's Dan Weinbaum reported that federal agents had been waiting for a grand jury and possible indictment against Gnavi since December, when he allegedly ordered child pornography through the mail. http://www.thekansascitychannel.com/news/4418330/detail.html - - - - - - - - - - Jupiter man downloads child porn with daughter's AOL account A Jupiter man who used his adult daughter's Internet account to download and transmit child pornography pleaded guilty to the crimes Tuesday. Jeffrey Salviola, 51, was sentenced to five years of sex-offender probation and six months in jail, which will be served on weekends. http://www.sun-sentinel.com/news/local/southflorida/sfl-pplea27apr27,0,7104745.story - - - - - - - - - - Hacker deletes own hard drive A CHAT CHANNEL spat ended when a wannabe hacker was duped into deleting his own hard drive. The 26 year-old German claimed he was the baddest hacker in town and threatened to attack a moderator on #stopHipHop's RC Channel because he thought he'd been thrown out. http://www.theinquirer.net/?article=22838 - - - - - - - - - - Students Accused of Piracy Won't Be ID'd A federal magistrate has ruled that two North Carolina universities do not have to reveal the identities of two students accused of sharing copyrighted music on the Internet. The music industry trade group, the Recording Industry Association of America, filed subpoenas in November 2003 asking for help identifying a North Carolina State University student who used the name "CadillacMan" and a University of North Carolina-Chapel Hill student who used the name "hulk." The students allegedly file-swapped songs using the universities' computer systems. http://www.washingtonpost.com/wp-dyn/content/article/2005/04/27/AR2005042700962.html - - - - - - - - - - Pirates: $1bn losses only to the US More than 1 million of pirated disks were seized during a raid in Moscow several days ago. This crackdown was not the first and not the last, though there were no results. Specialists are confident that it is pointless to carry on fight against illegal counterfeit audio and video industry while the price of licensed copies remains the same. Licensed goods cost 6-7 times more rather than their pirated copies. http://www.crime-research.org/news/04.27.2005/1185/ - - - - - - - - - - France Orders DVD Pulled A court rules copy prevention software on the David Lynch film violates privacy rights. A French court has ordered DVD vendors to pull copies of the David Lynch film "Mulholland Drive" off store shelves as part of an unprecedented ruling against copy prevention techniques. The appeals court ruled Friday that copy prevention software on the DVD violated privacy rights in the case of one consumer who had tried to transfer the film onto a videocassette for personal use. http://www.latimes.com/technology/la-fi-francedvd27apr27,1,7632229.story - - - - - - - - - - Group wants encryption bans overturned An international security consortium plans to push governments around the world to withdraw restrictions on the use of encryption. Countries including China, Israel, Russia and Saudi Arabia have strict rules governing the use of encryption tools, and in some cases they have banned these tools. http://news.zdnet.com/2100-1009_22-5687087.html - - - - - - - - - - Failing UK cyber defences need overhaul The UK's National Infrastructure Security Co-ordination Centre (NISCC) needs more powers to enforce security best practices in order to safeguard the nation's critical systems against cyber-attack, according to a former chairman of the Metropolitan Police Authority. Lord Toby Harris of Haringey called for the appointment of a government cyber security czar and legislation to change the role of the NISCC from providing information security advice to setting and enforcing information security standards. http://www.theregister.co.uk/2005/04/27/niscc_reform/ Cybercrime costs Europeans billions http://www.it-observer.com/news.php?id=4982 Mobility and security top European IT agenda http://www.vnunet.com/news/1162735 Labour peer bangs cyberterrorism drum http://news.zdnet.co.uk/internet/security/0,39020375,39196485,00.htm - - - - - - - - - - Sifting Clues to an Unsmiling Girl Toronto police analyze child porn images to find victims, offenders across the continent. She is perhaps 12 now, her hair still light blond, but she doesn't smile anymore. Over the last three years, she has appeared in 200 explicit photos that have become highly coveted collectibles for pedophiles trolling the Internet. They have watched her grow up online the hair getting longer, the look in her eyes growing more distant. (LA Times article, free registration required) http://www.latimes.com/news/nationworld/world/la-fg-photo27apr27,1,832786.story - - - - - - - - - - New Virus Count Nearly Triples The number of new viruses has almost tripled in the last six months, an anti-virus vendor said Tuesday, the spike fed by hackers releasing scads of variants to overwhelm defenses. According to Panda Software, which is headquartered in Spain but has U.S. offices in Glendale, Calif., the count of new viruses has increased 278 percent since the third quarter of 2004. http://www.internetweek.com/breakingNews/showArticle.jhtml?articleID=161600607 http://www.it-observer.com/news.php?id=4981 - - - - - - - - - - Web Server Cracks And Defacements Increase Crackers increasingly focus on web servers, and sites belonging to govenments or the military were not immune. Attacks on web servers increased by over a third from 2004, according to information gathered by a cybercrime tracking group. Nearly 400,000 attacks were tracked worldwide by Zone-H. Some attacks were intended to gain control of the server for the criminal's use, while others were "tagged," or defaced. http://www.securitypronews.com/news/securitynews/spn-45-20050426WebServerCracksAndDefacementsIncrease.html http://www.theregister.co.uk/2005/04/27/zone-h_defacement_survey/ McAfee AVERT Reports on the Top Threats and Potentially Unwanted Programs for Q1 2005 http://www.mcafeesecurity.com/us/about/press/corporate/2005/20050425_185320.htm - - - - - - - - - - Spyware, Phishers Play Off Google.com Misspelled domains have been used by the scabrous almost since URLs were created. Pornographers were among the first to adopt the tactic of registering domains that are slightly off legitimate sites' spelling, or play off confusion between. .com and .gov. Spyware authors and phishing scammers are using a technique almost as old as the Internet to draw unsuspecting users: Web sites purposefully designed to take advantage of typing errors. Finnish security firm F-Secure has discovered a site http://www.informationweek.com/story/showArticle.jhtml;j?articleID=161600745 http://news.zdnet.com/2100-1009_22-5686764.html - - - - - - - - - - Critical flaw reported in Netscape A "highly critical" unpatched vulnerability in the Netscape browser could potentially allow hackers to compromise Internet users' systems, according to an advisory from a Danish security firm. The buffer overflow vulnerability could cause the browser to crash. In addition, hackers could create Web sites to exploit the flaw, executing code of their choice on visitors' computers to gain access to users' systems, security company Secunia warned. http://www.computerworld.com/securitytopics/security/story/0,10801,101353,00.html http://www.eweek.com/article2/0,1759,1790314,00.asp?kc=EWRSS03129TX1K0000614 http://news.zdnet.com/2100-1009_22-5685688.html - - - - - - - - - - Child porn offenders shouldn't get house arrest, AG says Canadian law should be changed to prevent people convicted with child-pornography from serving their sentences under house arrest, Ontario Attorney General Michael Bryant said yesterday. "I do not believe that house arrest or conditional sentence for child porn crimes ought to be the law of Canada," Mr. Bryant told reporters at Queen's Park. "We need changes to the criminal code to do that." http://www.canada.com/ottawa/ottawacitizen/soundoff/story.html?id=a64f4e4b-6ead-45f8-be8c-37f70ca872b8 - - - - - - - - - - Banks weigh up biometrics Companies could soon have to use biometric technology to authorise major financial transactions, as part of banking industry measures to tackle internet fraud and money laundering. http://www.vnunet.com/news/1162738 - - - - - - - - - - Plastic Money: IRCTC still vulnerable There have been as many as four cases of credit card frauds in the last couple of years where cheats have booked railway tickets online using a genuine persons credit card number. But, sadly the Indian Railway Catering and Tourism Corporation (IRCTC) still does not have a system in place to prevent these frauds. As a result, fraudsters stealing credit card numbers are having a field day. http://timesofindia.indiatimes.com/articleshow/1089660.cms - - - - - - - - - - Security product outbreak hits InfoSec Europe Antispyware software, patch management tools and compliance monitors are just some of the new wares being shown off by vendors at the InfoSecurity Europe show in London this week, where an already crowded security market looked a little more crammed. http://www.computerworld.com/securitytopics/security/story/0,10801,101363,00.html - - - - - - - - - - 911 Rule Weighed for VOIP Providers Federal Communications Commission Chairman Kevin J. Martin said Tuesday that he would soon propose requiring Internet-based telephone providers to offer their customers emergency 911 dialing services. After hearing reports of consumers having trouble getting through to police when dialing from an Internet telephone which uses a technology known as voice over Internet protocol Martin said he wanted to address the problem quickly. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-help27apr27,1,648428.story http://www.redherring.com/Article.aspx?a=11923&hed=FCC+Boss+Wants+VoIP-911+Plan - - - - - - - - - - IT security perimeters 'limiting growth' Companies losing out by hiding behind firewalls Business needs to move away from the conventional IT security wisdom of trying to fortify perimeters as this approach harms long-term commercial success, delegates at InfoSec were told today. Adrian Secombe, IT director at US pharmaceuticals firm Eli Lily, and a member of the Jericho Forum, which aims for secure information flows across organisations, said that companies are losing out by hiding behind firewalls and other defences. http://www.vnunet.com/news/1162732 - - - - - - - - - - Busting 7 deadly security Hacker tools are growing more sophisticated and automated. Hackers can now quickly adapt to new security vulnerabilities as they are uncovered, and distribute the fruits of their exploits more widely with the help of automated toolkits. And they are using an ever-increasing range of methods to find individuals and companies private information and use it to their advantage. http://www.it-observer.com/news.php?id=4980 - - - - - - - - - - Book excerpt: File System Forensic Analysis This excerpt from Chapter 5 of File System Forensic Analysis is posted with permission from Addison-Wesley Professional. The last chapter provided an overview of volume analysis and why it's important. Now we're going to leave the abstract discussion of volumes and dive into the details of the partition systems used in personal computers. In this chapter, we will look at DOS partitions, Apple partitions, and removable media. For each system, we review how it works and look at its data structure. http://www.computerworld.com/securitytopics/security/holes/story/0,10801,101359,00.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.