High Tech "NewsBits" for 01/04/02

January 4, 2002 US Army Web Site Goes Dark In Asia-Pacific Region The main U.S. Army Web site is unreachable for many Web surfers in the Asia-Pacific region, according to user reports and network test results. Web surfers in Taiwan and New Zealand have reported they are unable to reach the site (http://www.army.mil ). Tests conducted today using network trace tools from Internet addresses in other Asian countries, including India, Singapore, Korea and Hong Kong produced similar results. Attempts to access the Army site from Internet addresses in the U.S. were successful. http://www.newsbytes.com/news/02/173391.html - - - - - - - - India Shuts Down Net Access In Kashmir, Says Pakistan The Pakistan government claims India has shut down local Internet access in the troubled region of Kashmir and is policing Internet cafes in an effort to restrict communications between Pakistan and Kashmir. Pakistan's long standing feud with neighbor India has escalated in the past month after India blamed an attack on the Indian parliament on Pakistan-based Kashmiri separatist groups. http://www.newsbytes.com/news/02/173373.html - - - - - - - - Nvidia settles Dutch hacking case Hackers allegedly broke through chip designer's security and posed as employees to gain confidential information. Graphics chip designer Nvidia has settled a case with two people who it said broke through its security systems and published confidential company documents on the Web. In 2001, Nvidia brought an enforcement action against two alleged hackers in the Netherlands, ages 19 and 21. They had posted confidential product information, intellectual property and information about unannounced products on computer fan site M3DZone, according to an Nvidia representative. http://news.zdnet.co.uk/story/0,,t269-s2101988,00.html http://www.msnbc.com/news/681639.asp http://www.theregister.co.uk/content/55/23551.html - - - - - - - - Appeals court upholds California's anit-spam law In a victory for anyone annoyed by the distasteful ``spam'' that clogs e-mail boxes, an appellate court has upheld California's tough 1998 law regulating unwanted commercial messages. A state appeals court ruled earlier this week that California can require Internet ``spammers'' to identify their e-mails as advertisements. The court also said they must provide ways for recipients to get off their mailing lists. http://www.siliconvalley.com/docs/news/tech/071931.htm http://www.siliconvalley.com/docs/news/reuters_wire/1722610l.htm http://www.newsbytes.com/news/02/173401.html http://www.cnn.com/2002/TECH/internet/01/04/antispam.law.reut/index.html http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2002/01/04/MN228257.DTL http://www.usatoday.com/life/cyber/tech/2002/01/04/calif-spam-law.htm - - - - - - - - Utah student defends handling of AIM security flaw Brushing back criticism, a 19-year-old Utah college student said on Thursday he revealed a security flaw in AOL's popular instant messaging service because when he tried to tell the media giant privately, he was ignored. ``We never expected it to get this much attention,'' said Matt Conover, the college student and one of the founders of w00w00, which bills itself as the world's largest non-profit security team with more than 30 members in about nine countries. http://www.siliconvalley.com/docs/news/reuters_wire/1722009l.htm Was AIM hole report ignored? http://www.zdnet.com/zdnn/stories/news/0,4586,2836272,00.html http://news.cnet.com/news/0-1005-200-8358574.html Gartner: AIM shows a weak defense http://www.zdnet.com/zdnn/stories/comment/0,5859,2836287,00.html AIM Hole Highlights IM Weakness http://www.techtv.com/news/hackingandsecurity/story/0,24195,3366733,00.html - - - - - - - - Badtrans Victim Database Goes Commercial Rudy Rucker last month refused to turn over to the FBI his massive database of users infected by a recent Internet worm. But the listing has lately become a treasure-trove for organizations trying to root out Badtrans.B from their networks. According to Rucker, operator of Monkeybrains.net, a small San Francisco-based Internet service provider, companies including Prudential, Motorola, ETrade, British Petroleum and 3M have paid a small fee to receive a list of their customers and employees culled from the database of more than 300,000 accounts infected by Badtrans.B. http://www.newsbytes.com/news/02/173402.html - - - - - - - - Trojan horse conveys IE users to porn A new Trojan horse is redirecting Internet users to pornographic Web sites by exploiting an old vulnerability in Microsoft Internet Explorer (IE). The JS/Seeker-E script can arrive by e-mail or can be embedded into a Web page: When a user opens the e-mail or clicks on the Web page, the script is activated. Once activated, Seeker attempts to change the user's IE settings, such as the start page and search settings, and will redirect the infected user to a porn site. http://www.zdnet.com/zdnn/stories/news/0,4586,5101254,00.html http://news.zdnet.co.uk/story/0,,t269-s2102008,00.html Microsoft alerts Passport users to patch IE Microsoft is pressing .Net Passport users to install a patch for some versions of its browser nearly two months after it fixed a security flaw that threatens their personal data online. The Redmond, Wash.-based company has sent millions of e-mail notifications in the past month to Passport users, urging them to visit a special Web page to determine whether Internet Explorer needs a security upgrade. http://news.cnet.com/news/0-1005-200-8355007.html http://securitycheck.passport.com/default.asp http://www.zdnet.com/zdnn/stories/news/0,4586,2836270,00.html http://news.zdnet.co.uk/story/0,,t269-s2102007,00.html http://www.vnunet.com/News/1127984 Security hole hits patched Internet Explorer A patch issued by Microsoft for IE 5.5 and 6.0 closed one security hole in the browsers, but appears to have opened another one that is just as dangerous. A new vulnerability has been detected in Microsoft's Internet Explorer (IE) that could allow the execution of malicious code on systems running IE 5.5 and 6.0 of the browser. http://news.zdnet.co.uk/story/0,,t269-s2101972,00.html http://www.usatoday.com/life/cyber/zd/zd4.htm Ditch IE - veteran bug hunter http://www.theregister.co.uk/content/55/23557.html - - - - - - - - Rare Linux virus on the loose It has emerged in the last week that another of those rare Linux viruses may be on the loose. And this one has strong similarities to October's Remote Shell Trojan (RST) that was largely dismissed by the Linux community. In a posting to a security mailing list at the end of December, SecurityFocus brought 'RST.b' to the internet community's attention. http://www.vnunet.com/News/1127965 - - - - - - - - BSA offers amnesty to software pirates The Business Software Alliance, the main software trade group enforcing license and copyright restrictions, is offering a limited amnesty program this month to businesses using illegally copied software. Under the program, businesses can conduct a software audit and begin paying proper license fees for all applications in use without the threat of penalties for past use, which can run as high as $150,000 for each incident of copyright infringement. http://www.zdnet.com/zdnn/stories/news/0,4586,5101229,00.html http://news.cnet.com/news/0-1003-200-8354860.html - - - - - - - - Legal Fight Costs Federal Agencies Web Access, E-Mail A protracted legal battle over mismanagement and poor computer security has left the U.S. Department of Interior, the National Park Service and a slew of other agencies without e-mail and Internet access for nearly a month. Now, the hardship of living in the technological dark ages is beginning to take its toll. http://www.newsbytes.com/news/02/173393.html http://www.usatoday.com/life/cyber/tech/2002/01/04/interior-dept-offline.htm - - - - - - - - New York Deletes Sensitive Information from Web Internet security experts say removing information from the Web, while not a perfect solution, can control who has access to it. An unprecedented state order to remove sensitive information from government-run Web sites has prompted 10 agencies to delete a range of content, including the addresses of nuclear power plants and driving directions to New York's two emergency stockpiles. http://www.newsfactor.com/perl/story/15594.html - - - - - - - - Feds take minimal role in patching holes in cyberspace In the early 1800s, Prussian strategist Carl von Clausewitz wrote that even the simplest things are difficult to accomplish during war. Now, almost two centuries later, he would probably laugh at the truth of his statement: The United States has computers in just about every office and in most homes, yet even the simplest computer-security defense plans are proving difficult to implement. http://www.govexec.com/dailyfed/0102/010402nj1.htm - - - - - - - - UK threatened by web fraud City lawyers have warned that financial markets in the UK may be at risk from internet fraud following web based abuse in the US. The warnings follow reports that the US Securities and Exchange Commission (SEC) has launched a lawsuit against 24-year old Ned Sneiderman for allegedly posting a false press release on the internet last October. http://www.vnunet.com/News/1127981 - - - - - - - - UK Mobile Phone Industry grapples with Crime wave Growing UK mobile phone use in the past few years has been matched by a surge in phone thefts, as the industry struggles to stay ahead of criminals who can reconfigure handsets and sell them on international markets. Experts said on Friday that cellphone thieves range from the professional with a ready market, normally outside the UK, to the street robber who just grabs the phone and runs away. http://www.siliconvalley.com/docs/news/reuters_wire/1722505l.htm http://news.cnet.com/news/0-1004-200-8361849.html - - - - - - - - Rise of Net 'Borders' Prompts Fears for Web's Future It is the modern-day equivalent of a border sentry. When visitors try to enter UKBetting.com, a computer program checks their identification to determine where they're dialing in from. Most people are waved on through. Those from the United States, China, Italy and other countries where gambling laws are muddy, however, are flashed a sign in red letters that says "ACCESS DENIED" and are locked out of the Web site. http://www.newsbytes.com/news/02/173389.html http://www.msnbc.com/news/681900.asp - - - - - - - - Experts Foresee More Mass-Mailing Viruses In 2002 The forecast this year calls for more mass-mailing viruses that shut down corporate servers and more Trojan code that opens up backdoors into computer systems, according to security experts. The forecast this year calls for more mass-mailing viruses that shut down corporate servers and more Trojan code that opens up backdoors into computer systems, according to security experts. http://dailynews.yahoo.com/h/cmp/20020103/tc/inw20020103s0004_1.html - - - - - - - - Tenacity Carries The Cybersecurity Message When national cybersecurity czar Richard Clarke talks about the danger that cyberterrorists pose to the nation's computer systems, it's clear he believes a major attack is simply a matter of when. He warns of a "digital Pearl Harbor," in which an attack on one portion of the nation's IT infrastructure would have a domino effect on other systems, halting operations at hospitals, airports, and utilities. "Our enemies know our technology as well as we do, and our enemies will use our technology against us," he says. "Our enemies will find the fissures and the seams in our high-tech economy." http://www.informationweek.com/story/IWK20011221S0014 - - - - - - - - Information Operations New course explores using information as a weapon Recent events both in America and abroad have shown that the nature of warfare is changing. Information has become both a weapon and battlefield. The Army has developed a new Functional Area - Information Operations - to train soldier to fight and win on this new battlefield. The TRADOC Commander saw a need to increase the Army's IO capability and directed that IO courses be set up immediately to support the ongoing military operations. http://www.ftleavenworthlamp.com/display/inn_news/news3.txt - - - - - - - - Sept. 11 myths abound online Tales embellished as they speed across the Web. The way most people heard it, a friend of a friend received a letter on Sept. 10 from a former boyfriend, an Afghan, begging her not to fly on commercial airplanes on Sept. 11. The story was passed around in early October because the boyfriend had also warned her not to visit malls on Halloween. http://www.msnbc.com/news/681820.asp - - - - - - - - Going fast, cybersquatters and their dotcom booty Cybersquatting, the speculative registration of Internet domain names which turned into a cottage industry at the height of the dotcom boom, appears to be dying as demand wanes for names, industry experts say. A study by British Internet research firm Netcraft this week provided the latest supporting evidence. According to Netcraft, the number of active Web sites shrank by 182,142 in November to reach 36.28 million in December -- only the second monthly decline in the past six years as more Web site registration contracts lapsed in that period than new ones were created. http://www.siliconvalley.com/docs/news/reuters_wire/1722225l.htm - - - - - - - - A Deadly Collection of Information Killer Paid Online Data Broker for Material Obtained Through Trickery. On the last day of her life, Amy Boyer could not have known a killer was waiting for her on her way home from work. But her stalker knew exactly where she would be. As the 20 year-old dental assistant slipped into her Honda Accord on a quiet road just off Main Street here one day in October 1999, the obsessed young man pulled up, shot her repeatedly and then turned the gun on himself. http://www.washingtonpost.com/wp-dyn/articles/A59329-2002Jan3.html http://www.newsbytes.com/news/02/173387.html - - - - - - - - Using IPSec in Windows 2000 and XP: Part Three This is the third and final installment in a series devoted to exploring IPSec in Win2K and XP. The first installment of this series offered a brief overview of IPSec, as well as a look at the structure and interface for IPSec in Windows and a look at the two different modes of IPSec authentication methods for IKE in Windows. The second installment discussed Security Associations, main mode authentication and IKE, Quick Mode Authentication Headers and ESP, and some of the tools available in 2000 and XP. This article will look at the integration of IPSec policies into Active Directory, attacks on IPSec and other security concerns, as well as a few properties of IPSec. http://www.securityfocus.com/infocus/1528 Using IPSec in Windows 2000 and XP, Part One http://www.securityfocus.com/infocus/1519 Using IPSec in Windows and XP, Part Two http://www.securityfocus.com/infocus/1526 - - - - - - - - Study: Face-recognition system flawed, a failure A network of surveillance cameras tied to face- recognition technology run by the police in this city is flawed and has not led to any arrests, according to an ACLU study released Thursday. Tampa was the first city in the United States to install the permanent camera surveillance system along public streets. Thirty-six cameras were deployed June 29 in Ybor City, the city's nightlife district. http://www.usatoday.com/life/cyber/tech/2002/01/04/police-cameras.htm http://www.theregister.co.uk/content/6/23559.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.