November 17, 2000 Internet Romance Leads to 2 Deaths Rickie Mandes slipped his old .45-caliber handgun into his pocket. Then, police say, he took one last moment in his lonely apartment and thought about his two daughters. Within a few hours, those two girls, 9 and 15, would be fatherless. Their lives would be shaken Thursday by a nightmare of violence, jealousy and revenge. Mandes would be dead, and so would Robert J. Fry, the man he believed had stolen his wife's affection over the Internet. http://www.apbnews.com/NEWSCENTER/BREAKINGNEWS/2000/11/17/netkill1117_01.html - - - - - - - - - Duo Tried To Auction Stolen Palm Beach Voting Machine Two Florida men are charged with stealing a Palm Beach County voting machine and trying to sell it on eBay, police said today. The pair took a small voting machine from a polling place two days after the election, and posted it for sale on auction site eBay, Mike Flint, chief investigator for the Florida Department of Law Enforcement (FDLE), told Newsbytes. Palm Beach County election officials learned of the posting and told the FDLE, which made contact with the thieves in an undercover operation. "Originally, they asked $2,000, then raised it to $20,000," Flint said. "We met to talk price." Officers posing as buyers arranged a meeting late Thursday and, after agreeing to a negotiated price of $4,000, arrested Mark Richter, 40, and Steven Robert Solomon, 43, who were jailed, Flint said. http://www.newsbytes.com/news/00/158341.html - - - - - - - - - Online License Peddler Shut Down The attorney general of Missouri has persuaded an Internet service provider to shut down a Web site that sells international driver's licenses to people, regardless of their driving history. "Drivelegal.com is now officially road kill," said Scott Holte, a spokesman for the Missouri Attorney General's Office. "They're off the Internet right now. We got their server to pull the plug on them." Drivelegal.com, which was taken off the Internet on Thursday, allegedly issued international licenses for $350 to drivers with revoked or suspended licenses. http://www.apbnews.com/NEWSCENTER/BREAKINGNEWS/2000/11/17/drivelegal1117_01.html - - - - - - - - - Mass Xmas hack plan exposed Internet security researchers have warned that hackers are planning to launch internet-based denial of service (DoS) attacks on web retailers over the Christmas period. Internet Security Systems (ISS) said that many hundreds of computers are infected with so-called zombie agents, which would allow hackers to commandeer the machines and cripple the servers by flooding sites with a huge number of spurious requests. However, the company warned that only 10 per cent of online retailers are prepared to deal with attacks of this type, which were responsible for bringing down high-profile sites such as Yahoo and eBay in February this year. http://www.vnunet.com/News/1114142 http://www.newsbytes.com/news/00/158336.html - - - - - - - - - British unions call for email agreement British unions called Friday for employers to promise not to spy on their emails to members, and to allow staff to send some private emails from work. The Trades Union Congress said it wanted employers to draw up sensible guidelines with unions on how staff can use emails, following a new law last month which gives bosses wide powers to read employees' communications. The TUC said users should be warned in advance that emails may be electronically scanned for obscene, indecent, racist or illegal remarks. http://www0.mercurycenter.com/svtech/news/breaking/reuters/docs/644930l.htm - - - - - - - - - EDS devises package to pre-empt hackers Services giant EDS last week said it knew about recent denial-of-service attacks two months before they happened, and had even identified the tools the crackers were planning to use. Speaking in Las Vegas before the launch of new EDS Internet security services, vice-president for global information assurance Shakil Kidwai said the company was now offering its anti-hacker intelligence as part of a package of security measures. http://www.zdnet.co.uk/news/2000/45/ns-19144.html - - - - - - - - - Ruling a partial win for online anonymity In what cyber-privacy advocates are calling a partial victory, a ruling by a Pittsburgh judge would make it harder to unmask anonymous online authors. A judge in Allegheny County Court of Common Pleas issued a decision this week allowing another judge to learn the identity of the author of two Web sites that allegedly defamed her. But the judge also wrote that people bringing such suits must show the merits of their complaints when seeking to uncover online critics, who often write using pseudonyms. http://digitalmass.boston.com/news/daily/11/17/online_privacy.html - - - - - - - - - New Zealand Anti-Hacking Bill Faces Select Committee A planned amendment to New Zealand's crime bill that would outlaw malicious hacking for the first time - while also controversially allowing security services the freedom to hack into citizens' computers and intercept e-mail and faxes - has passed through to the Government's Law and Order Select Committee. The long-awaited legislation is mainly intended to criminalize computer hacking in New Zealand. The country has so far been without specific laws outlawing malicious hacking. But some have criticized the amendment and claim the real intent is to extend police powers of surveillance. The New Zealand Parliament today voted to send the amendment to the select committee, which will take submissions and debate its introduction. http://www.newsbytes.com/news/00/158285.html - - - - - - - - - Once-controversial computer security plan moves forward A year ago, government officials faced a firestorm of controversy from civil liberties groups over their plan for the Federal Intrusion Detection Network, or FIDNet. But this year, when Congress approved funding for the computer-security program, hardly a word of protest was heard. Senate appropriators quietly slipped $8 million in funding for both the Federal Computer Incident Response Capability (FedCIRC) and FIDNet programs into the fiscal 2001 Treasury-Postal Service appropriations bill in October. President Clinton vetoed the measure Oct. 30 and funding for the program remains unclear; however, the money is not expected to be removed entirely when Congress reconvenes to resolve differences over federal spending in early December. http://www.govexec.com/dailyfed/1100/111700td.htm - - - - - - - - - Council framing agencies’ security picture With the availability of a tool to help agencies assess the adequacy of their security programs, the federal CIO Council is asking the administration to encourage agencies to reach a common baseline by next summer. The council’s Security Subcommittee is close to releasing its Federal Information Security Assessment Framework. The methodology is designed to help agencies measure their programs on five levels and then develop plans to improve their security. http://www.fcw.com/fcw/articles/2000/1113/web-afcea-11-17-00.asp - - - - - - - - - ID Fraud Book Goes Too Far - Mitnick Kevin Mitnick, the recently-paroled superhacker, said that a new book that documents how people can uncover ID fraud, as well as conceal their own identities, has gone too far. In his review of "Who Are You? The Encyclopedia of Personal Identification," Mitnick said that the book is "dangerous to the general public and should never have been published." Dan Stevens, Intelligencehere.com's managing editor, who published the book, said that Mitnick's analysis is not all bad, as both sides of the story need to be available to illustrate the scope of the ID fraud problem. http://www.newsbytes.com/news/00/158317.html - - - - - - - - - Your PC could be watching you If you lie awake at night fretting about personal privacy and your computer, consider this: The biggest threat may not be the government or the operator of the Web site you visited late last night, but your business partner, your boss, or even your spouse. Products for monitoring desktop computers have been around for years. But until recently they were primarily designed for and marketed to large businesses that worried about employee misuse of Internet access and the company e-mail system. Now, a new wave of low-cost, easy-to-use monitoring products is available to home and small-business users. Dubbed snoopware, these products do everything their large-scale corporate cousins can--and in some cases, even more. http://www.cnn.com/2000/TECH/computing/11/15/desktop.tracker.idg/index.html - - - - - - - - - RETHINKING OF WEB SITE DISCLOSURE RULES URGED As more individuals build their own Web sites, some privacy advocates are questioning requirements that the site owners disclose their personal contact information. Names, e-mail addresses, postal addresses and telephone numbers for more than 24 million domain names are stored in databases called Whois. The information is available to anyone with an Internet connection. It's like a global phone directory--without the option for an unlisted number--and can be easily accessed through servers at companies that register domain names. "Sacrificing your privacy should not be a condition of access to the domain space," said Alan Davidson, staff counsel with the Center for Democracy and Technology. http://chicagotribune.com/news/nationworld/article/0,2669,SAV-0011170161,FF.html - - - - - - - - - Commentary: Don't click the panic button over Carnivore Privacy advocates have not hesitated to publicly express their fear that Carnivore will give the FBI unlimited, unrestricted access to everyone's email. Historically, their fears are justified, given the abuses the FBI was responsible for 40 years ago. Nevertheless, such discussions often overlook a key fact: Others can look through your email, too. Internet service providers have this capability, and by extension, so do the employees of ISPs. Moreover, individuals can obtain software programs today that have greater power and versatility for capturing email than Carnivore has. http://news.cnet.com/news/0-1005-200-3748066.html How powerful is Carnivore? The FBI’s controversial e-mail surveillance tool, known as Carnivore, can retrieve all communications that go through an Internet service - far more than FBI officials have said it does - a recent test of its potential sweep found, according to bureau documents. http://www.msnbc.com/news/491454.asp - - - - - - - - - Use common sense, not the obvious, when choosing passwords I was sitting at a friend's computer, helping install a firewall program so her recipes, e-mails and school notes would be safe from invasion by crafty foreign hackers with an appetite for rosemary chicken. Actually, a firewall program to provide security on the Internet is a good idea and -- properly installed -- doesn't get in the way of your online activities. But something happened while I sat at that computer that made me wonder if too many people worry about the wrong thing when it comes to security. That's because I noticed a yellow stick-on note attached to my friend's monitor showing both her user name and password. http://www.startribune.com/stOnLine/cgi-bin/article?thisSlug=TECH20&date=20-Nov-2000 *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000, NewsBits.net, Campbell, CA.