August 31, 2000 23-year-old arrested in Emulex hoax Federal law enforcement authorities today arrested a 23-year-old Southern California student in the stock manipulation case of technology company Emulex, which saw its stock plunge more than 50 percent last week as investors reacted to a fake news announcement. Mark Simeon Jakob, a resident of El Segundo, Calif., and a student at El Camino Community College, is accused of wire fraud, acting with intent to defraud, participating in a scheme to defraud and securities fraud. Jakob worked at Internet Wire, the corporate news service that distributed the faux press release, until Aug. 18. He was known to openly talk about trading stocks, authorities said. According to U.S. Attorney Alejandro Mayorkas, Jakob sent an email from the library at El Camino Community College to Internet Wire with a phony Emulex press release that "reflected familiarity with the procedures used" by the service. Mayorkas said Jakob had been a student at the college and had been seen using the computers the night the email was sent to Internet Wire. http://news.cnet.com/news/0-1004-200-2660540.html - - - - - - - - - - - - Charges brought in Parametric extortion case A federal grand jury has indicted a 39-year-old Florida man for allegedly trying to extort more than $1 million from Parametric Technology, a maker of computer-aided-design software, the office of the U.S Attorney for Massachusetts said Thursday. Michael Pitelis, of Tarpon Springs, Florida, was indicted on charges of attempted computer extortion for allegedly threatening to release the "keys" to operate Parametric's flagship design software, Pro/Engineer, if he did not receive more than $1 million. The passwords and codes would have given users free access to all the functions of the 20th version of Pro/Engineer, which typically costs more than $100,000. Pitelis will be arraigned on charges Friday in the United States District Court in Boston. If he is found guilty, Pitelis could receive a maximum sentence of 20 years in prison and a $250,000 fine. http://idg.net/ic_236283_1773_1-483.html - - - - - - - - - - - - Security gaffe gores Bull's servers A security flaw at Bull on Thursday briefly allowed anyone access to the IT company's servers, offering up confidential information on both the company and its high-profile customers. Those customers include France Telecom, UK bank Barclays, the British Royal Air Force, the Italian Army and Aérospatiale's missile division, among others. The flaw was fixed about noon local time on Thursday. Bull -- IBM's main competitor in France -- told ZDNet France that the hole had appeared that morning. The breach allowed any surfer access to highly sensitive information -- including, for example: Which servers are installed in the missile branch of Aérospatial; Details on the type and location of servers used for the French national police database of stolen vehicles; Information on current Barclays projects; French bank Credit Agricole's security initiatives; The phone number of the billing supervisor at France Telecom; Information on the UK's Royal Air Force. Supposed to remain confidential The information was available on a Web site that contains an international database for Bull employees, with real-time customer information. http://www.zdnet.com/zdnn/stories/news/0,4586,2622664,00.html - - - - - - - - - - - - Justice Dept. Urges Cops To Keep Up With Cybercrime Criminals who perpetrate crimes using the latest gizmos and Internet technology could soon outfox authorities unless law enforcement agencies act quickly to control and contain cybercrime, the US Justice Department said today. A report issued today by the Justice Department's National Institute of Justice urges state, local and regional law enforcement agencies to increase and update training programs for officers and investigators to enable them to keep up with would-be cyber-criminals. The DOJ's report also calls for the creation of regional electronic crime task forces. "Computer and high-tech crime is one of the greatest challenges confronting the law enforcement community around the world," said US Attorney General Janet Reno. "Through the collaborative efforts of both the public and private sector, we can make significant progress toward developing the tools we need to fight cybercrime and reduce its occurrence in our country." http://www.newsbytes.com/pubNews/00/154530.html Copies of the report can be information on NIJ's Website at; http://www.ojp.usdoj.gov/nij - - - - - - - - - - - - Firm offers classes for hacker detectives Computer security consultancy company Foundstone announced Thursday classes designed to train IT professionals in the art of investigating incidents of malicious hacking. The new training will cover four major areas: "Incident Detection", "Tracking Backdoor and Privilege Escalation Attacks", "Incident Investigation", and "Evidence Collection". President of Foundstone Stuart McClure believes that the new classes will offer vital help to network administrators in tracking down even the most advanced malicious computer attackers. "Hackers and insiders have a growing number of tools for stealing information, performing unlawful and unauthorised activity, and covering their tracks," comments McClure. "Security professionals are often overwhelmed, causing attacks to be ignored or mistakenly diagnosed as network problems. Our class will teach how to identify even the most well hidden attacks." http://www.zdnet.co.uk/news/2000/34/ns-17600.html - - - - - - - - - - - - Widespread DVD Piracy in China a Blow to Hollywood Hollywood's hopes that the DVD format would prove harder to pirate than videos and CDs are being badly dashed in China and other parts of Asia, where DVD piracy has emerged on a major scale. China's experience shows that DVD piracy, once seen in the West as largely a hypothetical threat, is both possible and profitable. It also suggests that no video format, no matter how technologically advanced, is pirate-proof and that there's a limit to what the film industry can do to stop increasingly sophisticated bootleggers. "There is strong circumstantial evidence that organized crime is involved in copyright piracy," including DVD piracy, said Tarun Sawney, the Motion Picture Assn. of America's vice director of operations for the Asia-Pacific region. "The speed with which our member studios' product is copied and distributed around the world is a sad testament to this fact." http://www.latimes.com/business/cutting/20000831/t000081632.html - - - - - - - - - - - - Hollywood Flexes New Legal Muscle In DeCSS Roundup Stern warnings from the motion picture industry over Web sites that may be helping to spread software capable of unscrambling DVD movies are packing a bit more of a punch these days. The Motion Picture Association of America (MPAA), the industry's watchdog on piracy issues, has reworded its standard form letter to remind Internet service providers and university network administrators of the body blow it delivered to so-called hacker publication 2600 Magazine in a New York court this month. http://www.newsbytes.com/pubNews/00/154535.html - - - - - - - - - - - - Investors call for action to curb hacking It could almost be a film script. The Federal Bureau of Investigation (FBI) is attacked by hackers who wreck havoc by flooding its website with false requests and bring it to a standstill. Yet this is what happened earlier this year. Tricks such as these, known as denial-of-service attacks, have become a real threat to some of the world's biggest online names. Between February 8 and 22, Yahoo, the portal company, lost $ 17.2 billion in market value after it ground to a halt during such an attack. In one recent case, an 18-year-old hacker, Raphael Gray, used the alias Curador to down-load 26,000 credit-card numbers from financial companies. Then he posted 6,500 of them on the internet. He said he did this to highlight how weak information security is in Britain. http://www.timesofindia.com/today/30mbom24.htm - - - - - - - - - - - - ACLU To Defend Pedophile Web Site Wading into the thick of yet another unpopular cause, the American Civil Liberties Union (ACLU) today revealed that it is defending the rights of the wildly controversial North American Man/Boy Love Association (NAMBLA) to maintain its Web site. The site, which advocates lowering the legal age of sexual consent, does not promote illegal activity in any way, nor does it include any pornographic materials, John Roberts, executive director of the ACLU's Massachusetts office told Newsbytes today. As such, the materials contained on the site are clearly protected under the First Amendment, Roberts said. NAMBLA has taken down the site, apparently in response to a multi-million-dollar lawsuit filed by the family of Massachusetts murder victim Jeffrey Curley. The Curley family is alleging that the NAMBLA Web site incited the boy's murderers to attack and eventually kill Curley. http://www.newsbytes.com/pubNews/00/154509.html - - - - - - - - - - - - A new era for computer viruses? Will catching a computer virus one day be just like catching a cold? What if merely sitting next to the wrong person on the bus could not only give you sniffles, but could erase all your morning appointments or drain your cell phone’s power? For years, computer security experts have engaged in such whimsical hypotheticals. But the recently discovered Palm Pilot virus suggests that a frightening new era of computer viruses — one where they spread more like biological viruses — has begun. http://www.msnbc.com/news/452912.asp - - - - - - - - - - - - No easy way to exterminate 'Web bugs' Consumers worried about privacy won't get a good solution to Internet "Web bugs" any time soon, privacy and security experts said Thursday. Web bugs -- special HTML coding that requests information over the Internet and returns information about the user -- allow online marketers to track consumers and corporations to protect proprietary data. "The benefits of the feature outweigh the tracking risks," said Richard Smith, chief technology officer for the Privacy Foundation in Denver. On Wednesday, the foundation released a report that put all Internet-enabled applications -- not just Microsoft Corp.'s Word, Excel and PowerPoint -- in the spotlight as new staging grounds from which marketers and employers can track users. By embedding HTML code in a document mailed to or downloaded by users, anyone can be identified by their Internet address. http://www.zdnet.com/zdnn/stories/news/0,4586,2622610,00.html - - - - - - - - - - - - Microsoft adds cookie management to IE 5.5 Microsoft Corp. today said it's ready to ship a promised set of cookie management features for Internet Explorer 5.5 that give users of the Web browser the option of deleting cookies as an added form of privacy. The new cookie controls were released to about 2,000 users for beta testing last month. Now, the controls are due to be made available later today for downloading by all users from Microsoft's IE Web site, according to officials at the software vendor. http://computerworld.com/cwi/story/0,1199,NAV47_STO49328,00.html - - - - - - - - - - - - No master keys for me, thank you With last week's disclosure of a serious loophole in some versions of the Pretty Good Privacy encryption software, I'm fighting the temptation to say that I told you so. I'm losing the fight. I haven't been warning people away from using PGP. Quite the reverse: Here at eWEEK Labs, we chose encryption technologies (with PGP a leading example) as one of the 15 foundations of future IT in our special 15th anniversary report. Strong encryption, enabling trusted transactions between previously unknown parties using standards-based public networks, is the foundation of all future growth in electronic commerce. http://www.zdnet.com/eweek/stories/general/0,11011,2621677,00.html - - - - - - - - - - - - Is Anyone Accountable for Net Security Snafus? The United States is the most litigious country in the world. People sue McDonald's if their coffee is too hot. Prisoners sue if their color TVs are taken away. Doctors, lawyers, big corporations, mom-and-pop corner stores -- no one is immune to being slapped with a contentious lawsuit. Except, apparently, Microsoft and all the other high-tech companies who peddle software with gaping security holes. http://www.ecommercetimes.com/news/viewpoint2000/view-000831-1.shtml - - - - - - - - - - - - The Emotional Side of Cryptography Encrypting data before storage or transmission involves a bit of extra work. This often means that people who ought to be using encryption, instead of relying on the assumption that their data will not be intercepted, fail to do so. But it is also true that some of the people who use encryption are keenly aware of the importance of keeping their information secret. http://www.securityportal.com/topnews/emotional20000831.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000, NewsBits.net, Campbell, CA.