November 28, 2000 United Seeks Identities Of Web Site's Users In an escalating battle with its mechanics, United Airlines has obtained a subpoena for computer files and user identities from a Web site popular with airline mechanics. United went to federal court Nov. 17 and obtained a restraining order forbidding mechanics from taking part in a job action that would delay or cancel flights. In a subpoena obtained Wednesday, United's lawyers seek identifying information on about 30 mechanics who have posted messages to a bulletin board on the Web at www.the-mechanic.com. United confirmed the subpoena on Monday and said it believes mechanics posting to the site had encouraged violating the restraining order. http://www.newsbytes.com/news/00/158674.html - - - - - - - - - London bank hit by computer raiders Deutsche Bank has admitted to vnunet.com that its City of London offices were hit by computer thieves this week, who escaped with expensive computer hardware. The theft, which is being investigated by City of London police, occurred on Monday night. A source within the bank told vnunet.com that up to 50 motherboards and I/O boards were stolen in the raid on the "company's secure servers". Other sources revealed that Sun Microsystems equipment was targeted in the raid. Sun equipment has been at the centre of a number of so-called steal-to-order incidents in the UK this year. http://www.vnunet.com/News/1114509 - - - - - - - - - Work-At-Home Internet Scam Artists Settle With FTC A pair of scam artists have agreed to settle charges of using unsolicited e-mail campaigns, or "spam," to rope people into a pyramid scheme by disguising it as a legitimate work-at-home job, federal regulators said today. The Federal Trade Commission (FTC) said in July 1999 that DP Marketing and its principals conducted a series of spam campaigns advertising a work- from-home job with a salary of $13.50 per hour. The company said the position would consist of "processing applications for credit, loans or employment," in addition to providing some online customer service. http://www.newsbytes.com/news/00/158688.html http://www0.mercurycenter.com/svtech/news/breaking/ap/docs/685203l.htm - - - - - - - - - Police warn of new high-tech identity scams Department stores and retail dot-coms aren't the only ones eager for the holiday rush. Computer savvy scam artists are counterfeiting checks, receipts and credit cards and inventing new schemes to rip off unwitting consumers during the busiest shopping season of the year. This year, a handful of stores selling the new scannable gift cards, an e-version of paper gift certificates, have been hit by hackers, who steal credit from cards bought as Christmas presents. http://www.southcountyjournal.com/sited/retr_story.pl/35401 - - - - - - - - - Cyber-pirates escape judicial net A Customs taskforce set up last year to battle Internet piracy has failed to secure any prosecutions. The problem was due to the difficulty in producing evidence admissible in court, a Customs official said. The team, established in December by the Customs and Excise Department, had investigated five cases and arrested 12 people in connection with the sale of pirated products over the Internet. However, none had been prosecuted because most of the evidence collected was in digital form, making it difficult to submit as evidence in court. http://technology.scmp.com/internet/Daily/20001128073328357.asp http://www.newsbytes.com/news/00/158646.html - - - - - - - - - Groups clash on results of Carnivore report A research institution’s evaluation of the FBI’s Carnivore system concluded that laws ensure that the system only intercepts approved information. But a privacy group says much of that information is below the law’s radar. The Justice Department ordered the study to determine if Carnivore performed as FBI officials claimed - that is, capturing e-mail messages specified by a court order without intercepting additional information. http://www.fcw.com/fcw/articles/2000/1127/web-carn-11-28-00.asp - - - - - - - - - Email snooping row kicks off again The Data Protection Commissioner has come out the corner fighting in Round Two of the email snooping legal argument - caused by the introduction of the RIP Act. Despite heavy criticism by the government and CBI, Elizabeth France is standing by her proposed code of practice for monitoring employee email and phone conversations, reports the FT. The code contradicts the government's official line on email monitoring, stating that emails marked personal or private should be off-bounds to employers.She also says staff should be made aware when they are being watched. Any monitoring outside these two conditions should be carried out only in order todetect or prevent a crime. In contrast, the government says employers should have "routine access" to staff emails and phone conversations. http://www.theregister.co.uk/content/6/15039.html http://www.zdnet.co.uk/news/2000/47/ns-19354.html - - - - - - - - - Bosses use spy software on workers in China, says report Some firms in Wenzhou, a region in Eastern China, are using spy software to monitor their employees' online activities, according to a report on Eastday.com, an official Web site backed by the Shanghai government. The issue has stirred up heated debate over the issue of employee privacy. The "magic spy" software used by the enterprises in Wenzhou, a port city of Zhejiang province, allowed supervisors to monitor employees' activities on the Internet by conducting browser checks, the Web site report said. http://www.zdnet.co.uk/news/2000/47/ns-19330.html - - - - - - - - - Music technology forum awards hackers in contest A music and technology forum that ran a $10,000 contest back in September challenging people to hack into copyright protection technologies said on Tuesday it was paying prize money to two hackers. The Secure Digital Music Initiative (SDMI) said it was contacting two successful challengers, who will receive $5,000 each, for participation in the HackSDMI public invitation. The two challengers emerged from a field of 447 submissions as the only ones able to remove the protection systems and successfully disable one of five technologies currently under consideration for SDMI screening technology, the group said. http://www0.mercurycenter.com/svtech/news/breaking/reuters/docs/685259l.htm - - - - - - - - - Surfing Behind Closed Doors Keeping someone's tracks across the Web secret has long been a tough prospect, with every footprint recorded in somebody's log files. Services that could help the user remain private have been hindered by downloads, complicated interfaces and cost. Throw in consumer apathy, and it's no wonder that companies specializing in making Web surfing anonymous have not prospered. But executives at SafeWeb, launched last month, said its service overcomes the traditional barriers to the business of privacy. The service is free, and it involves nothing more than visiting SafeWeb's Web site. SafeWeb's service also completely masks Web site addresses and content from potential snoopers, which distinguishes it from its main rival, Anonymizer.com, said SafeWeb Chief Executive Stephen Hsu. http://www.zdnet.com/intweek/stories/news/0,4164,2657794,00.html - - - - - - - - - Judge rules on rights to sex.com An Internet porn operator has discovered a harsh truth: One day you can have sex.com, the next day you don't. In an unexpectedly swift ruling, a San Jose federal judge Monday stripped ownership of the choice Web address from its previous operator, Stephen Cohen, concluding that he most likely stole the rights to the domain name from San Francisco entrepreneur Gary Kremen. Kremen and Cohen have been locked in a legal war for two years over the rights to sex.com, currently a popular portal to scores of X-rated Web sites. http://www0.mercurycenter.com/svtech/news/front/docs/sex112800.htm http://www.zdnet.com/zdnn/stories/news/0,4586,2658026,00.html - - - - - - - - - Soccer players win Internet dispute Two Dutch soccer players and the operators of Wembley Stadium won the right Tuesday to use their names as Internet addresses. A U.N. panel ruled in favor of Jaap Stam and Pierre van Hooijdonk as well as the famed London stadium. http://www0.mercurycenter.com/svtech/news/breaking/ap/docs/683682l.htm - - - - - - - - - Wanted: More Schools for Security Pros Not nearly enough is being done to train information security experts, and U.S. companies face a staffing shortfall that will likely grow ever larger. Hetal Patel is a hacker headhunter. An associate at PPS Information Systems Staffing in Baltimore, Patel caters to the booming trade in information-security specialists. Trouble is, these days there aren't enough hackers out there interested in honest work. So the frantic campaign is on at companies large and small to try to shore up their information security defenses. That means lots of business for everyone from the firewall engineers and intrusion detection specialists who man the perimeters to programmers with expertise in cryptography algorithms. "It's very tough to find the engineers because there is so much competition," Patel says. http://www.businessweek.com/bwdaily/dnflash/nov2000/nf20001128_281.htm - - - - - - - - - Universal secure messaging will rely on outsourcers We rely so heavily on e-mail that it's a bit of a shock to realize how insecure today's messaging systems are. Few users have ever digitally signed or encryptedan e-mail, and few have received such messages. How can we be sure the messages we send aren't being read or modified in transit by unauthorized parties? http://www.nwfusion.com/columnists/2000/1127kobielus.html - - - - - - - - - Microsoft Announces Two New Internet Safety Web Sites As part of its long-standing Internet safety efforts and in light of ongoing privacy concerns among parents, Microsoft Corp. today launched two new Web sitesdesigned to promote increased safety and privacy on the Internet: the Stay Safe Online Web site for children and parents, and the Safe Internet privacyand security fundamentals portal for consumers. Stay Safe Online is a fun, interactive safety education program led by Shaquille O'Neal and Tara Lipinski, and Safe Internet is a resource offering tools and answers that address commonly asked questions about protecting personal information online. http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/11-27-2000/0001373462&EDATE= - - - - - - - - - Sizing Up Security Services You hire a security consulting firm that analyzes your network. On his way out, the auditor leaves you to grapple with an 800-page report listing your network's 60,000 vulnerabilities. "Sound familiar?" asked Alan Paller, research director of the SANS Institute in Bethesda, Md., as he addressed 300 information security managers and executive officers at a recent security conference. The room erupted with laughter as the group of IT professionals collectively nodded their heads in agreement. Despite such negative sentiments, IT departments need security services vendors, given the short supply of IT security professionals and the high demand for such services. http://www.computerworld.com/cwi/stories/0,1199,NAV47-68-84-90_STO54345,00.html - - - - - - - - - Cyber-terrorism A focus is beginning to emerge about the topic of cyber-terrorism. For some time, everything bad, or perceived as bad, on the Internet fell into the black hole known as cyber-terrorism. Events as varied as hacking, political protests, actions by international terrorists, wartime attacks on computers, denial of service attacks, and trashing Websites came under cyber-terrorism. Fortunately, a more mature perspective continues to emerge. http://securityportal.com/articles/cyberterrorism20001128.html - - - - - - - - - Hype and the Security Scene: Taking the "rep" Ever since there has been a "hackerscene" there has been a constant struggle between its "inhabitants" and mainstream media over words. That's all it is you know, "what's in a name" to put it really (really :) trite. Wether it was hacker, cracker or script kiddie, wether it was Kevin Mitnick or Mafiaboy (or neither) who represents the word "hacker", there was and will always be disagreements and misconceptions in and about this scene when it comes to words. http://www.net-security.org/text/articles/thejian/rep.shtml *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000, NewsBits.net, Campbell, CA.