February 22, 2002 Taiwan shuts down Web site that illegally sold movies Taiwanese police have seized the servers of a Web site that violated U.S. copyright laws and allowed customers worldwide to watch Hollywood movies on the Internet, officials said Wednesday. For about 35 Taiwan dollars ($1 U.S.), Eternity Italy Ltd allowed people to watch streamed movies from the company's Web site, movie88.com. Films featured on the site included ``Antitrust'' as well as episodes of the ``X-Files'' and ``Star Trek.'' http://www.siliconvalley.com/mld/siliconvalley/news/editorial/2712236.htm - - - - - - - - Oh, no! Inflamed Netizens crash Olympic server South Koreans took to the information superhighway on Friday to let the world know their anger at the disqualification of their skater in the Olympic 1,500 meters men's short track on Wednesday. Korean Kim Dong-sung crossed the line first but was disqualified for impeding American Apolo Anton Ohno, who was awarded the gold medal. A flood of "insulting" e-mail from South Korea caused the server of the United States Olympic Committee to crash on Thursday. http://zdnet.com.com/2110-1105-843025.html http://news.zdnet.co.uk/story/0,,t269-s2104889,00.html http://news.com.com/2100-1023-842924.html - - - - - - - - Spawn of Maldal strikes again Yet another variation of the prolific Maldal virus family is loose on the Internet. Maldal.I (w32.maldal.i@mm) is written in Visual Basic and is 23,552 bytes long. Like its cousin Reeezak, this latest version retards your system's overall performance by producing excess files on your hard drive. Because Maldal.I sends e-mail and does not delete data on infected computers. http://zdnet.com.com/2100-1105-843147.html - - - - - - - - Three new MS security holes - two nasty First up, the mildest of the three. Microsoft XML Core Services (MSXML) may ignore IE security zone settings during a request for data from a Web site, meaning that an attacker could request data from the user's local drive. It would be necessary for the attacker to know the path to the file being sought, and he would have only read privileges. HTML e-mail seems not to be vulnerable to this sort of attack. The hole exists in the XMLHTTP ActiveX control, which "allows Web pages to send and receive XML data via HTTP operations such as POST, GET, and PUT." Supposedly there are security mechanisms to prevent abuse, but they're obviously not quite comprehensive. http://www.theregister.co.uk/content/4/24168.html http://www.newsbytes.com/news/02/174723.html - - - - - - - - Gator Digital Wallet Allows Hacker Back Doors Gator, a digital wallet program installed on millions of computers, contains a security flaw that could enable malicious sites to take control of a user's computer. According to security researchers, an ActiveX plug-in installed with the Gator program can be hijacked by attackers and used to place back-door software or other "malware" on the victim's computer. http://www.newsbytes.com/news/02/174709.html - - - - - - - - FAA: Air Traffic Control Holes Plugged After flunking three congressional audits, the Federal Aviation Administration says air traffic control systems are finally safe from hack attacks. Computer security weaknesses in the U.S. air traffic control network that have dogged the Federal Aviation Administration since 1998 have been substantially closed, the FAA's CIO said Thursday, but the agency needs more funding to continue the effort. http://online.securityfocus.com/news/337 http://www.theregister.co.uk/content/55/24166.html - - - - - - - - Europe pushes to ban racist Web content Authors of e-mails and Internet postings that contain racist or xenophobic material may face criminal charges under a proposed European treaty that is dividing the Internet and law-enforcement communities. The proposal, drafted by the Council of Europe, would essentially outlaw the publishing of "hate speech" on the Internet. Welcomed by law enforcement agencies, it has been slammed by Internet companies as impossible to enforce. http://zdnet.com.com/2100-11-843346.html http://news.com.com/2100-1023-843277.html - - - - - - - - Data protection code lays down law for IT staff IT staff have some suprising new responsibilities according to the first Data Protection code of practice, and job applicants have some unexpected rights. IT staff have new responsibilities for ensuring compliance with the Data Protection Act 1998, which came into full force last autumn, according to a code of practice to be published next week. http://news.zdnet.co.uk/story/0,,t269-s2104882,00.html - - - - - - - - DOD office finds e-mail filter for classified info Classified information embedded accidentally or intentionally in e-mail used to be an everyday headache at the Office of the Defense Undersecretary for Acquisition, Technology and Logistics. Commercial filtering software was flagging too many of the 30,000 Microsoft Outlook messages that flow in and out daily, said David Lloyd, who was detailed to the office to find a solution. http://www.gcn.com/vol1_no1/daily-updates/18028-1.html - - - - - - - - Group to set bug-reporting standards Microsoft and other software makers met with several computer-security companies Thursday to hash out the last details of a group that will set guidelines for reporting software flaws that affect Internet security. Currently named the Organization for Internet Safety, the group is still in flux, with members and rules not yet finalized, said sources knowledgeable with the discussions. The talks took place here, at the RSA Conference 2002. http://news.com.com/2100-1001-842591.html http://www.vnunet.com/News/1129446 - - - - - - - - Email pranks may scare off users High noon for e-jokers, says Professor Cary Cooper The use - or misuse - of the internet and email for pranks and hoaxes may scare users away, according to a leading psychologist. Cary Cooper, professor of organisational psychology at University of Manchester Institute of Science and Technology, said that there was a particular problem with emails that were forwarded beyond the limited group of people for whom they were intended. http://www.vnunet.com/News/1129445 - - - - - - - - Beware the bogus domain sellers Punters are warned to be on their guard against dodgy domain name sales tactics. Some unscrupulous sales people are calling up companies and individuals whose domains names are nearing renewal and trying to pester them to renew them on the spot. Others are being cold-called and told that someone is trying to register their domain name and they should snap it up there and then. http://www.theregister.co.uk/content/6/24176.html - - - - - - - - Cheney touts importance of tech in visit to valley Vice President Dick Cheney whisked into downtown San Jose on Thursday to extol the virtues of technology and how it can play a crucial role in battling terrorism, defending the nation's security and reinvigorating the economy. ``My life is certainly better, thanks to a wide array of technology that I depend on, from the defibrillator that monitors my heart to the secure communications I use every day at my undisclosed location,'' joked Cheney, framed against a backdrop featuring the words ``security,'' ``economy'' and ``technology." http://www.siliconvalley.com/mld/siliconvalley/2721097.htm Cheney: Bush defence budget will revive high-tech economy http://news.zdnet.co.uk/story/0,,t269-s2104838,00.html - - - - - - - - Most SNMP vulns quietly lurking It's been over a week since CERT released a seemingly endless list of devices and software products containing SNMP vulnerabilities discovered by Finnish University of Oulu researchers, and to date very little bad has happened, no doubt to the disappointment of most news agencies. As the story drops off the media radar screen, it's important to keep in mind that threats to your system can't be measured by the amount of mainstream press coverage they receive. http://www.theregister.co.uk/content/4/24167.html - - - - - - - - Pervasive Computing - Where's the Off Switch? Both government and citizens want pervasive computing; the difference is that citizens want to be able to turn it off. A thought has been percolating in my brain for the past couple of months. I'm sure I'm not the first to consider it. It regards pervasive computing and privacy. Almost everyone supports or is looking forward to pervasive computing. I'm talking about the idea that at some time in the near future you'll be able to walk into a room and your PDA will silently query nearby peripherals and make them available to you. http://www.newsfactor.com/perl/story/16475.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.