High Tech "NewsBits" for 11/10/00

November 10, 2000 Christmas comes early with new virus Computers in at least 10 Fortune 500 companies have been infected recently by an annoying but only mildly dangerous Christmas-themed virus that security experts call ``Navidad.'' The virus, which affects computers using Microsoft's Windows operating system, arrives as a reply when a user sends an e-mail to an infected computer. The attachment, called ``NAVIDAD.EXE,'' is mainly in Spanish, and antivirus experts believe the virus came from South America. http://www0.mercurycenter.com/svtech/news/breaking/merc/docs/030548.htm - - - - - - - - - - - - Pro-Palestinian Hackers Threaten AT&T AT&T Corp. could be the next target of the hacking war which is running parallel to the violent Palestinian-Israeli conflict. Security-information company LogiKeep Inc. said that notes posted in recent anti-Israel site defacements indicate that attacks against the telecommunications company are planned. It is the latest shot in an online war that is being fought far from Gaza and the West Bank. There are also indications that hackers are active within Saudi Arabia, although they have not been linked to the Israeli-Palestinian conflict. The messages on the defaced sites, from a group called GForce Pakistan, suggest the group is planning to reroute traffic from AT&T to competitor Qwest Communications International Inc. http://www.techweb.com/wire/story/TWB20001110S0010 - - - - - - - - - - - - Cyberterror Should Be Int’l Crime - Israeli Minister As pro-Israeli and pro-Palestinian hackers continue to attack Middle Eastern Web sites, Israel's former science minister has called for an international convention that would make sabotage over the Internet an international crime, "just like any other terrorism." "The Internet should not be a potential battleground,' said former minister Michael Eitan, who now heads the Internet committee of the Israeli Knesset (parliament). "Instead, computers and networks should provide a meeting place between people. I, for example, play bridge over the Internet, and meet there with many people – including some from neighboring countries." http://www.newsbytes.com/news/00/157986.html - - - - - - - - - - - - Yahoo! blasted for chat room apathy Following an investigation by ZDNet UK News, Nigel Williams, director of Childnet International, expressed concern at the way Yahoo! runs adult-rated chats on the main screen of its instant chat service, Messenger. Williams is also founder of Chatdanger.com, a site looking into the dangers of Internet chat rooms. Childnet set up Chatdanger.com in October to coincide with the sentencing of Internet pedophile Patrick Green. Williams explained that Chatdanger.com was designed to "raise awareness among children and parents about the potential dangers of unmoderated Internet chat rooms, and to seek to put pressure on those companies providing chat to do more to protect children." http://www.zdnet.com/zdnn/stories/news/0,4586,2652022,00.html - - - - - - - - - - - - DOD moves on mobile code The Pentagon chief information officer approved a highly anticipated policy Nov. 7 governing the military’s use of mobile code, which can be used for cyberattacks. "Mobile code, unfortunately, has the potential to severely degrade DOD operations if improperly used or controlled," Money continued. "To protect DOD systems from the threat of malicious or improper use of mobile code, we must assess and control the risks imposed on the technology." http://www.fcw.com/fcw/articles/2000/1106/web-code-11-09-00.asp - - - - - - - - - - - - Ruling Says Parents Have Right to See List of Sites Students Visit In an opinion sure to heighten the tension between some parents and school systems over the Internet's role in publicly financed education, a New Hampshire judge has decided that a parent is entitled to see a list of the Internet sites or addresses visited by computer users at local schools. Unless overturned on appeal, the ruling by Judge Gillian L. Abramson of Rockingham Country Superior Court means that James M. Knight of Exeter, N.H., who brought the lawsuit last summer, may review a copy of the "Internet history log" files from computers maintained by two local school districts. The computer disk files contain a record of Internet sites visited by computer users -- students, staff, faculty -- within the Exeter Region Cooperative School District and the Exeter School District. (NY Times article, free registration required) http://www.nytimes.com/2000/11/10/technology/10CYBERLAW.html - - - - - - - - - - - - Dead trooper Internet e-mail hoax It's a new Internet hoax that rings true to many in law enforcement, a moving testament by a Virginia State Trooper who was reportedly killed two short months after writing it. It's an e-mail chain letter that decries double standards in the ways that some members of the public regard law officers. And lately it has been making the rounds in law enforcement circles across the country. It's a fake. The problem is not the message, in any of its forms, but the messenger. He didn't exist. The allegedly slain Virginia State trooper named at the bottom is as real as a sky hook and Virginia State Police are still trying to find the source of this newly-minted urban legend. https://www.policeone.com/policeone/frontend/parser.cfm?object=News&operation=full_news&rel=3204&id=28789 - - - - - - - - - - - - Fraud, consumer protection and spam The last couple of days have seen a mini-boom in e-stories. A couple of the major topics under discussion include the apparent lack of interest in internet fraud and European proposals relating to where and how consumers can seek legal redress against Web sites and the banning of Spam. So starting at the top, let's take a look at online fraud and the attitudes of big business towards it. A recent survey by the SAS Institute reported that 62 per cent of blue chip companies in the UK have no processes in place to tackle internet fraud. http://www.it-director.com/00-11-10-3.html - - - - - - - - - - - - Computers Made Plain Insurance Becoming Latest Weapon In Fight Against Computer Hackers Investor's Business Daily Corporate executives now have another way to defend themselves against hackers: insurance. The British firm SafeOnline Ltd. is selling policies that reimburse companies if attacks disrupt their Web sites. Experts in Internet security say it might be good to hedge your bets. "Corporate executives are aware of the risks that come with the Internet and want to minimize potential losses," said Cindy Hillery, vice president of marketing at Counterpane Internet Security Inc. in San Jose, Calif. "Insurance can help them limit exposure." Insurance companies have shied away from such policies in the past because it's difficult to gauge a company's vulnerability. It's also hard to quantify the potential impact an attack may have on the bottom line. http://web.lexis-nexis.com/more/cahners-chicago/11407/6538251/4 - - - - - - - - - - - - Digital Signature Law: A Catalyst for Security? The law, signed by President Clinton on July 30, 2000, went into effect on October 1, making digital signatures legally valid. It has both been hailed by some as marking a new awareness of the realities of the digital age, and viewed by others with caution and skepticism. I was among the early skeptics, because I felt that such a measure would lead to people being required to use digital signatures offering inadequate security. Such signatures might be the ones produced in the standard form required by one's bank or utility company. http://securityportal.com/articles/digsig20001110.html - - - - - - - - - - - - Net filter laws could create unworkable federal oversight Pornography filtering rules set at the federal level might have to be enforced at the local level, if HR 4600 is enacted. But it’s unclear exactly what the bill means by filtering, how a filter must work and how stringent it must be at catching unacceptable content. This puts schools and libraries in the position of having to decide on their own. HR 4600 also mentions certification to confirm that schools and libraries have installed filtering software. Again, it’s not clear whether certification should be self-policing or administered by an authority that guarantees filters are in place and working. http://www.gcn.com/vol19_no32/com/3223-1.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000, NewsBits.net, Campbell, CA.