High Tech "NewsBits" for 06/16/05

NewsBits for June 16, 2005 ************************************************************ Police: Suspect may have molested thousands San Jose police said today that a 63-year-old man accused of molesting two youths could be one of the most active child molesters the country has ever known. Last month, after the parents of a possible victim came to police with a CD-ROM containing child pornography that the 12-year-old had allegedly gotten from Schwartzmiller, police searched the man's house and confiscated computers, printed pictures and seven hand-written notebooks filled with about 36,000 entries. http://www.mercurynews.com/mld/mercurynews/news/11912527.htm - - - - - - - - - - Calif. Man Arrested for Threats Against Tech Firm A California man was arrested on Tuesday for making threats against employees of UTStarcom Inc. (UTSI.O: Quote, Profile, Research) and posting messages on an Internet site intended to manipulate the stock price of the communications gear maker, the U.S. attorney's office said. The FBI arrested Jonathan Henry Wiegman, 41, on charges he sent several threats over the Internet starting in August 2004 to injure UTStarcom employees. http://www.reuters.com/newsArticle.jhtml?storyID=8792867 - - - - - - - - - - FDIC Alerts Employees of Data Breach Thousands of current and former employees at the Federal Deposit Insurance Corp. are being warned that their sensitive personal information was breached, leading to an unspecified number of fraud cases. In letters dated last Friday, the agency told roughly 6,000 people to be "vigilant over the next 12 to 24 months" in monitoring their financial accounts and credit reports. The data that may have been improperly accessed included names, birth dates, Social Security numbers and salary information on anyone employed at the agency as of July 2002. http://www.washingtonpost.com/wp-dyn/content/article/2005/06/15/AR2005061502414.html - - - - - - - - - - Hackers hit Canadian credit bureau Hackers have hit one of Canada's major credit bureaus. Equifax Canada says it has discovered what appears to be the improper use of a customer's access codes and security passwords. The agency says about 600 Equifax consumer credit files were accessed without authorization. Most of the people affected are in B.C. http://www.globetechnology.com/servlet/story/RTGAM.20050616.gtequifaxjun16/BNStory/Technology/ - - - - - - - - - - Intermix Settles Spyware Lawsuit Filed by Spitzer New York Atty. Gen. Eliot Spitzer has reached an agreement in principle with Web marketer Intermix Media Inc. in which the company has agreed to pay $7.5 million over three years to settle accusations that Intermix surreptitiously installed software on computers. Spitzer spokesman Brad Maione said a final agreement was two to three weeks away and must be approved by the court. http://news.zdnet.co.uk/software/0,39020381,39203967,00.htm http://www.latimes.com/technology/la-fi-rup16.1jun16,1,7676846.story Spyware and adware hide in BitTorrent downloads http://news.zdnet.com/2100-1009_22-5750601.html http://www.eweek.com/article2/0,1759,1828633,00.asp - - - - - - - - - - Microsoft Sues Retailers over Counterfeit Software The lawsuits are the latest salvo in Microsoft's antipiracy and anticounterfeit measures. In April, the company filed lawsuits against seven computer resellers for copyright and trademark violations, as well as an illegal COA label violation. http://www.newsfactor.com/story.xhtml?story_id=101000026Y10 - - - - - - - - - - EBay takes action against 'hoax' Live 8 bidders Internet auction site eBay has suspended some of the accounts of users who sabotaged online sales of free Live 8 concert tickets by making hoax bids of up to 10 million pounds. On Tuesday, eBay ended a sale of free Live 8 tickets after widespread protests. http://www.msnbc.msn.com/id/8241987/ http://www.theregister.co.uk/2005/06/16/ebay_live8/ - - - - - - - - - - UK Government Warns of Massive Trojan Attack A U.K. critical infrastructure monitoring group is warning public and private sector organizations about a wave of electronic attacks that have compromised critical networks in Britain with Trojan horse programs in recent months. The National Infrastructure Security Co-ordination Center, or NISCC, said on Thursday that it detected a series of e-mail attacks targeting U.K. companies and government agencies with Trojan programs that gather and transmit information to IP addresses in the Far East. http://www.eweek.com/article2/0,1759,1828863,00.asp http://www.msnbc.msn.com/id/8244700/ http://news.zdnet.com/2100-1009_22-5749594.html http://www.vnunet.com/vnunet/news/2138105/uk-infrastructure-trojan-attack UK under cyber blitz Hackers are targeting British workers with a series of specially crafted Trojan horse attacks. The attacks are delivered either through email attachments or through links to maliciously-constructed websites, the UK's National Infrastructure Security Co- ordination Centre (NISCC) warned on Thursday. http://www.theregister.co.uk/2005/06/16/uk_cyber-blitz/ - - - - - - - - - - House Votes to Limit Patriot Act In a slap at President Bush, lawmakers voted Wednesday to block the Justice Department and the FBI from using the Patriot Act to peek at library records and bookstore sales slips. Despite a veto threat from President Bush, lawmakers voted 238-187 to block the part of the antiterrorism law that allows the government to investigate the reading habits of terror suspects. http://www.wired.com/news/privacy/0,1848,67880,00.html http://www.theregister.co.uk/2005/06/16/patriot_act_climbdown/ - - - - - - - - - - Congress urged to boost identity theft safeguards It takes only a few seconds for your financial identity to be stolen, but months to get it back and clean up the credit mess. Aware of consumers' frustration and fear, the government wants Congress to consider more protections. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/11912853.htm http://www.msnbc.msn.com/id/8248103/ http://www.wired.com/news/privacy/0,1848,67845,00.html Poll: Most want Congress to make sure Internet safe http://www.cnn.com/2005/TECH/internet/06/15/internet.safety.ap/index.html - - - - - - - - - - Security advisory panel seeks solutions to data dilemmas The sharing, use and disposal of public data by government agencies in pursuit of national security is raising questions of oversight and privacy, and a Homeland Security Department advisory committee is working to answer them. http://www.govexec.com/story_page.cfm?articleid=31505 http://www.govexec.com/story_page.cfm?articleid=31504 Senators chide administration on missed security deadlines http://www.govexec.com/story_page.cfm?articleid=31499 - - - - - - - - - - The hottest celebrity ... viruses? Software company says Britney Spears is No. 1 name used by hackers to spread computer viruses. While Britney Spears' pregnancy may be popular with celebrity news junkies, her time in the public eye is also making it a whole lot easier to spread computer viruses. According to a computer software maker, Spears tops the list of famous people whose names are used in mass e-mail messages to entice readers to download damaging viruses. http://money.cnn.com/2005/06/16/technology/celebrity_viruses/index.htm - - - - - - - - - - Blue Law Makes Webmasters See Red An adult industry trade association plans to head to court this week to fight new federal enforcement efforts that could catch thousands of online porn sites with their pants down. Under penalty of federal prison terms, new interpretations of existing regulations would require sites that feature photographs or videos of sexual activity to keep records confirming that performers are of legal age. http://www.wired.com/news/culture/0,1284,67869,00.html - - - - - - - - - - Browser-based attacks increase as viruses dip As the threat to IT operations by viruses and worms dips, browser-based attacks are increasing, according to a technology trade organization. The Computing Technology Industry Association, or CompTIA, on Tuesday released its third annual report on IT security and the work force. The survey of nearly 500 organizations, found that 56.6 percent had been the victim of a browser- based attack, up from 36.8 percent a year ago and a quarter two years ago, CompTIA said. http://news.com.com/2100-7349_3-5747050.html - - - - - - - - - - Zombie army camped out on AOL, report says Internet 'zombie' attacks are more likely to come from AOL users, according to a new report. Internet 'zombie' attacks that attempt to knock computer systems offline are more likely to come from users of America Online than any other source, according to a new report. http://news.zdnet.co.uk/internet/security/0,39020375,39203969,00.htm AOL rebuts zombie network slur http://www.theregister.co.uk/2005/06/16/aol_rebuffs_prolexic_zombie_report/ - - - - - - - - - - Firms 'Ignoring Staff Who Download Child Porn' Most companies would not report employees caught downloading indecent images of children to police, one of Britains top ranking officers said today. Jim Gamble, deputy director general of the National Crime Squad, said a survey of 200 UK IT managers carried out by the Internet Watch Foundation found that 70% of firms would not report workers and that nearly 40% of companies would not even discipline or dismiss such an employee. http://news.scotsman.com/latest.cfm?id=4693662 - - - - - - - - - - Microsoft warns of critical flaws Windows is used in most of the world's home computers. Windows users are being urged to download the latest security updates from Microsoft to fix critical flaws. The software giant has warned that three loopholes affecting Windows and Internet Explorer allow an attacker to take control of a personal computer. Seven other updates have also been released to address less serious problems in its software. http://news.bbc.co.uk/2/hi/technology/4094856.stm Microsoft Issues Windows Security Patches For June http://blogs.washingtonpost.com/securityfix/2005/06/microsoft_issue.html 10 vulns - three critical - in MS patch batch http://www.securityfocus.com/news/11211 http://www.msnbc.msn.com/id/8218651/ http://www.newsfactor.com/story.xhtml?story_id=101000026T72 - - - - - - - - - - Java flaws open door to hackers Sun has fixed security bugs in Java that could be exploited by attackers. Sun Microsystems has fixed a pair of security bugs in Java that could be exploited by attackers to take over computers running Windows, Linux and Solaris. http://news.zdnet.co.uk/internet/0,39020369,39203733,00.htm - - - - - - - - - - Phishers look to net small fry Online fraudsters have started targeting smaller banks and credit unions in hopes of fooling a larger percentage of customers, according to groups that monitor phishing activity. This week, Internet security firm Netcraft published an advisory warning that the number of phishing attacks aimed at smaller financial institutions has jumped significantly over the past few weeks. http://www.securityfocus.com/news/11214 - - - - - - - - - - Microsoft admits to censoring 'list of words' Microsoft has hinted it is censoring certain words on its MSN website in China. When asked if it had banned the words 'freedom' and 'democracy' from the web portal, which was launched last month, the company said it had a list of words that kept content within the norms of the country. http://networks.silicon.com/webwatch/0,39024667,39131227,00.htm - - - - - - - - - - Your ISP as Net watchdog The U.S. Department of Justice is quietly shopping around the explosive idea of requiring Internet service providers to retain records of their customers' online activities. Data retention rules could permit police to obtain records of e-mail chatter, Web browsing or chat-room activity months after Internet providers ordinarily would have deleted the logs--that is, if logs were ever kept in the first place. No U.S. law currently mandates that such logs be kept. http://news.zdnet.com/2100-1009_22-5748649.html - - - - - - - - - - Encrypted Lockbox Aims to Clean Up Password Clutter Bruce Schneier's PasswordSafe lockbox, which provides a free utility for users to encrypt and manage multiple passwords on a computer, is ready for a new phase of open-source development. The celebrated cryptographer, who is credited with designing or co-designing several widely used encryption algorithms, announced the release of Version 2.1 of the database utility as a full- fledged open-source project at SourceForge. http://www.eweek.com/article2/0,1759,1828954,00.asp - - - - - - - - - - U.S. confirms delay in biometrics passport requirements Foreign travelers from friendly nations won't be immediately asked to show fingerprint and iris scan data when entering the United States, but could have to in upcoming years under Bush administration plans announced Wednesday. Twenty-seven allied nations -- mostly from Europe -- whose citizens enjoy visa-free travel rights to the U.S. have resisted the stricter biometrics passport standards that would incur additional costs and privacy concerns. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/11901826.htm http://www.newsfactor.com/story.xhtml?story_id=101000026VM1 http://www.theregister.co.uk/2005/06/16/_bio_delay/ - - - - - - - - - - BlowSearch Tackles Click Fraud When I first heard of BlowSearch I thought it might be a search engine for porn. My mistake. Instead of connecting XXX searchers with XXX content, Brooklyn, New York-based BlowSearch is a metasearch engine that pulls results from 27 search engines, sorts them for relevancy and discards duplicates. What makes it special is the niche it yearns to fill. It guarantees advertisers the traffic they receive will be legitimate or their money back. http://www.wired.com/news/culture/0,1284,67873,00.html - - - - - - - - - - Corporates focus on basics for IT security defences IT departments in large organizations still see firewalls, intrusion detection and prevention, and anti-virus software as priority security defences despite recent hype about newer more exotic security technologies and threats, according to a survey by analysts Gartner. http://www.securityfocus.com/news/11213 - - - - - - - - - - Internet Fraud at the DNS Level Ten years ago the IETF finally came up with a comprehensive security standard, DNSSEC (DNS security). But most feel that DNSSEC is too complex to be a practical solution. Meanwhile, DNS has grown from a small phone book to a massive directory spread across countless servers around the world. http://www.newsfactor.com/story.xhtml?story_id=1010000272GX - - - - - - - - - - Are Biometrics the Answer to the Password Problem? Opinion: Nobody uses passwords the way they should; who's got the patience and memory for it? But even biometrics, the holy grail of identification, could be problematic. Over the years I've tried to get better at my use of passwords, especially since I'm supposed to tell other people how to manage security. I have to confess: I'm not where I want to be, and I bet you aren't either. http://www.eweek.com/article2/0,1759,1828940,00.asp - - - - - - - - - - Your fingerprints are everywhere How much do you trust your government? That's a question that all of us have to ask, perhaps the more often the better. Thomas Jefferson, one of the founders of the United States and its third President, wrote to Abigail Adams in 1787 sentences that may seem incredible to many people today: http://www.theregister.co.uk/2005/06/16/secfocus_prints/ - - - - - - - - - - International child abuse database plans take shape The world's richest countries plan to create a worldwide register of paedophiles to help police stamp out child abuse. The proposed international child sexual exploitation database, which would store images of offenders and abused children, is expected to receive the green light at a meeting of G8 justice and home affairs ministers in Sheffield on Thursday. http://www.theregister.co.uk/2005/06/16/g8_child_abuse_dbase/ - - - - - - - - - - Porn Peddlers Won't Bare It All Aly Drummond remembers the early days of online porn, when webmasters spent their time partying and watching the money roll in. Everyone seemed to be in their early 20s, with energy and libido to burn. Then came the stock market crash, credit card hassles and legal crackdowns. "We had to become more responsible," recalled Drummond, a former porn website marketer who now works for Adult Video News, a porn industry journal. http://www.wired.com/news/culture/0,1284,67855,00.html - - - - - - - - - - Inventor launches longer-lasting security cam The Mailbox Cam extends the life of its three AA batteries by letting users control the device remotely, turning it off and on at will. An inventor says he has come up with a better way to keep tabs on children, homes and other property: a wireless security camera that can go months without a change of batteries. http://www.cnn.com/2005/TECH/ptech/06/16/wireless.cams.ap/index.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.