September 14, 2000 Irish targeting high-tech crime, visit San Jose for tips When it comes to high-tech crime, it's a small world after all. Officials from the Irish National Police were in San Jose on Wednesday to compare notes and pick the brains of local police, the FBI, state law enforcement and Silicon Valley corporations about ways to combat high-tech crime -- from thefts of intellectual property to takeover robberies. ``We're all having the same problems,'' said Thomas Quinn of the California Department of Justice. ``It's interesting to find out that knuckleheads -- the people that are committing these crimes -- are doing it the same way. They're after the same property, causing the same grief.'' The Irish are only the latest international police force to travel to Silicon Valley in the past few years for tips on tackling high-tech criminals. And what the Irish take home is likely to affect how such crime is fought on all of the continent. http://www.sjmercury.com/premium/local/docs/irish14.htm - - - - - - - - - - - Michigan files it's first felony hacking cases Attorney General Jennifer Granholm today announced that she has filed felony criminal charges against two Michigan men each accused of "hacking" –- or unlawfully entering –- a third-party computer system. The charges are the first under a Michigan law which makes the unauthorized alteration, damage or use of a computer system a felony. In two separate hacking cases, Granholm alleges that Brian Salcedo, age 17 of Whitmore Lake, and Jesse Salens, age 19 of Dearborn, each gained unauthorized access to a third-party computer system, and then either stole or destroyed information on the system. Salcedo and Salens were each charged with one count of unauthorized use, alteration or destruction of a computer system. The Salcedo charge was filed in the 15th District Court in Ann Arbor; the Salens charge was filed in the 19th District Court in Dearborn. Granholm said: "Hacking is the dark side of high technology's power and progress. For every person using a computer or the Internet for research, commerce or communication, there may be another person using that technology to commit a crime. The Internet, unfortunately, has become one more tool to pick the locks of companies across the country." http://167.240.254.37/AGWebSite/press_release/pr10189.htm http://www.newsbytes.com/pubNews/00/155218.html - - - - - - - - - - - Company fires 24 for e-mail abuse Dow Chemical Co. has fired 24 employees and reprimanded 235 others at its plant here after an investigation into the use of the company’s e-mail system to send violent or sexually explicit material. DOW OFFICIALS BEGAN reviewing employees’ e-mail last month after a worker complained about offensive e-mail. A similar review earlier this year at Dow’s corporate headquarters in Midland, Mich., led to 50 firings. A union official criticized the firings as a “witch hunt.” But company officials insisted they acted properly in maintaining a harassment-free workplace. “We will continue to take the appropriate actions to ensure all our employees know they work for a respectful and responsible company,” said Tommy Block, leader of Dow’s Texas operations. Dow spokeswoman Kanina Blanchard said the 235 employees who face disciplinary measures may suffer reductions in base pay or performance bonuses. http://www.msnbc.com/news/460262.asp - - - - - - - - - - - Eve.com scrambles to assess security breach Eve.com today temporarily shut down its Web site after a security breach exposed customer order information on thousands of orders dating back to last year. Discovered by San Francisco Bay Area software developer Jonathan Khoo, the breach allowed customers to view other people's orders by simply changing a number in the URL. The breach exposed customers' names and addresses, products and the dates on which they were ordered, the types of credit cards customers used, and the last five digits of the cards' numbers. "You'd think they would check to see if each page was an order you placed as opposed to anyone else's order," Khoo said. "This shouldn't be happening." Alerted to the problem by CNET News.com, Eve.com took its Web site down sometime between 2:30 p.m. and 3:30 p.m. PT. As of 5:20 p.m., the site was still down. "Privacy and security is and has always been the No. 1 priority for Eve," Dan McMahon, Eve.com's executive vice president of technology, said in a statement. "We are very concerned about customers' privacy and take these matters very seriously." http://news.cnet.com/news/0-1007-200-2770505.html - - - - - - - - - - - Western Union Web site operating again after security breach Western Union put its Web site back online Wednesday, five days after a security breach allowed hackers to steal the credit or debit card numbers of more than 15,000 customers. The site, which allows customers to transfer money electronically using credit cards and offers other services, was accessible by midday. Spokesman Peter Ziverts said the company was confident it was secure. ``We know we've taken the most aggressive action that we could, and we believe it's safe,'' Ziverts said. http://www.mercurycenter.com/svtech/news/breaking/merc/docs/036105.htm - - - - - - - - - - - Personal Web data theft flourishing Bank account search: $249. Available around the country. Takes 10-18 business days. Ads like this on the Internet are proliferating, experts say, despite a 10-month-old federal law prohibiting use of deceptive techniques to get people's personal financial data from banks. Such techniques, notably ``pretext calling,'' in which people misrepresent themselves to obtain the private data of others from banks and other financial institutions, are flourishing, congressional testimony showed Wednesday. Pretext callers often pose as law enforcement agents, social workers, potential employers and other figures of authority. http://www.mercurycenter.com/svtech/news/breaking/ap/docs/399636l.htm - - - - - - - - - - - Online fraudsters fleece UK etailers Online crime pays, according to a report published today by Experian. The global information solutions group claims nine out of ten efraudsters aren't caught and are simply getting away with it. The survey reveals that when it comes to checking the authenticity of credit card transactions, many of Britain's etailers are lax. The survey of 800 British etailers found that many online authentication systems were wanting and most relied on manual systems to check credit card details. This is despite almost 60 per cent of etailers saying that the fear of Net crime is bad for consumer confidence. http://www.theregister.co.uk/content/1/13251.html - - - - - - - - - - - Survey says European health Web sites unsafe Two reports on Web security and e-mail bungling Thursday raised new questions over e-commerce, which is still reeling from a series of security scares. The reports say that while Internet savvy consumers may prefer to use e-mail rather than the telephone, inefficient and even downright unsafe practices meant that they had to resort to the telephone anyway. http://www.mercurycenter.com/svtech/news/breaking/merc/docs/080624.htm - - - - - - - - - - - Internet sites for children say new law hurting business While federal officials are still working out the kinks of implementing a law aimed at protecting children from online pornography, at least one big Internet site is saying the measure is hurting its legitimate business. Steven Bryan, CEO of Zeeks.com, the 15th most popular kid entertainment site according to Media Metrix, Inc., said Wednesday the costs of complying with the Child Online Protection Act are simply too high. As a result, Zeeks.com will pull its e-mail and chat-room services Oct. 1. and try to make up for the predicted 20 percent loss in traffic with additional games. The curtailed Zeeks.com service marks one of the first victims of the cost of complying with the federal online child protection law passed in 1998 and put into effect in April. http://www.mercurycenter.com/svtech/news/breaking/merc/docs/081150.htm http://news.cnet.com/news/0-1005-200-2775242.html - - - - - - - - - - - Software-Sellers Ask Thai ISPs To Police Web Sites The Business Software Alliance (BSA), a grouping of major international software companies, on Thursday sought cooperation from Thai Internet service providers (ISPs) in its fight against software piracy conducted over the Internet. Robert M Kruger, BSA's vice president for enforcement, said the alliance had urged Thai ISPs to establish a community to help monitor Web sites that facilitated the trade or sale of illegal software on the Internet, a significant source of pirated software. Previously, the postal service and compact discs were the major sources of pirated software. Now, piracy has shifted to the Internet, with people using Web sites, e-mail, chat rooms and other forums to trade or sell software illegally. http://www.newsbytes.com/pubNews/00/155224.html - - - - - - - - - - - CIO Council sets funding priorities for cybersecurity The Chief Information Officers Council has identified $48.3 million worth of fiscal 2001 budget requests for cybersecurity that the CIOs believe will form "a solid, day-to-day foundation" for agency security efforts. "No matter how much we spend on security, our systems that are connected to the Internet will be vulnerable to dedicated, sophisticated hackers for the foreseeable future," wrote Energy CIO John M. Gilligan, Commerce CIO Roger W. Baker and State CIO Fernando Burbano in a memo to Congress. The three head up the council's security, privacy and critical infrastructure efforts. They said a recently launched Web repository at bsp.cio.gov will share the best security practices that agencies have found. The council and the General Services Administration are working to increase incident reporting to the Federal Computer Incident Response Center (FedCIRC), they said. http://www.gcn.com/vol1_no1/daily-updates/2936-1.html - - - - - - - - - - - Popular Privacy Bill Stalls Due To Industry Opposition A hugely popular bill that would prevent employers from surreptitiously monitoring their workers' Internet activities has hit an unexpected roadblock in the form of industry opposition. The House Judiciary Committee's Constitution Subcommittee was set to mark up the Notice of Electronic Monitoring Act (NEMA) at a session earlier today, but pulled the bill off the schedule at the last minute to "consider some objections from people in the business community," a congressional source familiar with the legislation told Newsbytes today. http://www.newsbytes.com/pubNews/00/155222.html - - - - - - - - - - - Privacy groups end tie with Amazon Two privacy groups that have criticized Amazon.com's practices in the past have decided to end partnership with the online bookseller to protest Amazon's changed privacy standards. The Electronic Privacy Information Center, a Washington-based advocacy group, sold its and other books as part of Amazon's affiliates program. In the program, affiliates are paid a fee by Amazon for each book sold through the affiliate's Web site. http://www.mercurycenter.com/svtech/news/breaking/ap/docs/400095l.htm - - - - - - - - - - - Fraud casts pall over Internet voting As election officials search for ways to reverse the trend of dwindling voter turnout, the convenience of Internet voting seems to hold great promise. However, the potential for fraud is likely to delay voting via home computers for years to come, according to Gary McIntosh, president of the National Association of State Election Directors. "I’m a fan of Internet voting," McIntosh told the Congressional Internet Caucus Wednesday. "If we can provide greater convenience and greater access for voters, that’s good." But he added, "The kind of security we are going to need is a long way off. It’s going to be a lot harder than we thought." http://www.fcw.com/civic/articles/2000/0911/web-evote-09-14-00.asp - - - - - - - - - - - WSJ wins transfer of 2 web domains The owner of The Wall Street Journal won the rights Wednesday over two Internet addresses based on misspellings of the newspaper's name. U.N. arbitrator David W. Plant ordered John Zuccarini of Andalusia, Penn., to hand over to Dow Jones and Co., Inc., the domain names wallstreetjounal.com and wallstreetjournel.com. http://www.mercurycenter.com/svtech/news/breaking/ap/docs/396774l.htm - - - - - - - - - - - Hospital, Madonna seek domain name A Roman Catholic hospital hopes to get the Internet domain name madonna.com -- the same site sought by Madonna the Material Girl. Madonna Rehabilitation Hospital in Lincoln already owns the Web site madonna.org. Madonna the singer, meanwhile, owns madonnafanclub.com. http://www.mercurycenter.com/svtech/news/breaking/ap/docs/396692l.htm - - - - - - - - - - - Polling company drops spam suit against ISPs A polling company has withdrawn a lawsuit that accused several Internet service providers of blocking correspondence with as many as 2.7 million of its 6.6 million online panelists. Harris Interactive today said it has restored nearly all its email links by way of negotiations during the last two months with more than a dozen service providers, in particular America Online and Microsoft. The publisher of the Harris poll filed a lawsuit in federal court here in July that accused the companies of blocking its mail at the prompting of the Mail Abuse Prevention System, a California company established to fight email abuse. http://news.cnet.com/news/0-1005-200-2776850.html - - - - - - - - - - - New Group Aims For Responsible E-Mail Marketing Practices As Internet users wonder what needs to be done to save their mail boxes from spam overload, an alliance of fifteen Internet advertising and e-mail marketing companies have today teamed up to advocate responsible commercial e-mail advertising. The Responsible Electronic Communication Alliance (RECA) is to be headed by Christopher Wolf, an Internet attorney with Proskauer Rose LLP. Wolf was the attorney who represented a gay Navy sailor in a lawsuit involving AOL's disclosure of personal information about the sailor. Founding members of the group include 24/7 Media, the American List Council, Bigfoot Interactive, Digital Impact, DoubleClick, Phase2Media, yesmail.com, and others. http://www.newsbytes.com/pubNews/00/155176.html - - - - - - - - - - - U.S. Security Scare: Dumb and Dumber Everyone must be stupid. That's the only conclusion possible in light of the recent report released by the General Accounting Office (GAO) on the lamentable state of U.S. government Web site security. Certainly, the 24 government agencies reviewed must be stupid. The GAO report said they have "serious and widespread weaknesses" in spite of the fact that they were alerted to the problems by a similar negative report in 1998. Nobody's Perfect. The GAO says that personal information about individuals can easily be obtained from government computers; defense secrets are at risk of exposure; IRS data can be modified or destroyed; Social Security information is unprotected; and EPA computers are highly vulnerable to tampering -- to name just a few items in a litany of unsettling findings. http://www.ecommercetimes.com/news/viewpoint2000/view-000914-1.shtml *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000, NewsBits.net, Campbell, CA.