March 18, 2002 Ashcroft Announces Arrests in Porn Sting 86 Arrested on Child Porn Charges. Federal law enforcement authorities have broken up a computer-based pornography ring that targeted children, Attorney General John Ashcroft said. Announcing "Operation Candyman," Ashcroft said Monday that more than 80 people have been arrested in the operation and said more are coming. "As its name implies, the 'Operation Candyman' e-group had a single purpose in mind as well: to exploit and degrade children," Ashcroft told a news conference at FBI headquarters here. - - - - - - - - Supreme Court denies relief to man who sells urine online Internet shoppers can expect one less product online: urine from South Carolina. Kenneth Curtis lost a Supreme Court appeal that asked for permission to sell his fluids, part of a business that caters to people who are trying to beat drug tests. A 1999 South Carolina law made urine sales illegal, and it was Curtis' challenge of the law that justices refused Monday to review. - - - - - - - - Many Interior employees still stuck offline More than 80 percent of the Interior Departments computers are back online after a three-month shutdown of Internet access. But workers at the departments headquarters and in three major agencies are still stuck with only telephones, fax machines and the post office to communicate with the outside world. - - - - - - - - GOP High-Tech Task Force lists security, information sharing among top priorities. Internet security and combating terrorism through information sharing among companies and agencies are among the top priorities for the Senate Republican High-Tech Task Force. The group, made up of 10 senators and chaired by Virginias George Allen, last week released its 2002 policy agenda and outlined the issues it will focus on during the second session of the 107th Congress. - - - - - - - - Pa. law requires ISPs to block child pornography Starting next month, Internet service providers with customers in Pennsylvania will be legally responsible for blocking access to child pornography. The law, with maximum penalties including prison time for repeat offenders, is believed to be the first of its kind. But by putting the onus on the state attorney general's office to notify ISPs of what should be blocked, the law is expected to have limited success. - - - - - - - - AOL not liable for unauthorized e-books In a ruling that further clarifies whether Internet service providers are responsible for material on their networks, a federal judge ruled that America Online is not liable for the unauthorized posting of some e-books on its Web servers. Harlan Ellison, author of several books and hundreds of short stories, sued AOL in 2000, alleging the company violated his copyrights by allowing unauthorized copies of his work to remain on Usenet servers for two weeks. - - - - - - - - Philippines - School Assails Slow Resolution Of Hacking Case Executives of a prominent business school alleged to be a hacking victim blame the Philippine judicial system for the sluggish progress of the case against several former employees accused of stealing digital copies of the school's programs. The Thames International Business School, which was the first local entity to invoke Republic Act 8792, or the E-commerce Law, last year sued two of its former employees for illegally hacking into the school's computers and retrieving proprietary materials with the intent to profit. - - - - - - - - Pacific Rim a highway for hack attacks Servers based in South Korea and China are the most commonly used in attacks on the Internet, following servers housed in the United States, according to a study released Monday by an infrastructure consulting firm. Using its more than 50 sensors around the Internet to study more than 12 million probes and attacks, New York-based Predictive Systems found that 49 percent of all attacks took advantage of servers in the United States, 17 percent used South Korean servers, and about 15 percent used servers based in China. - - - - - - - - CIA Web Site Tracks Visitors With Cookies A Web site operated by the Central Intelligence Agency is marking visitors with a unique identification tag or "cookie" that violates federal privacy guidelines and the agency's own privacy policy, according to Public Information Research, a non-profit group. The CIA's Electronic Reading Room site, which provides online access to previously released CIA documents, places a "persistent" cookie on visitors' computers when they visit the site. - - - - - - - - Computer Security Lacking At State DMVs GAO Report Most state motor vehicle departments don't do enough to protect Social Security numbers from hackers, the federal government's investigative arm said today. The findings were part of a General Accounting Office (GAO) study that examined state DMV compliance with a federal law that requires states to harvest Social Security numbers from driver's license applications to aid in the collection of past due child support payments. - - - - - - - - NSA certifies vendors to help agencies test security The National Security Agency has cleared seven companies to take part in a program to help agencies and private industry evaluate their information security. The Infosec Assessment Training and Rating Program validates companies qualified to assess information security. The companies were evaluated against NSAs Infosec Assessment Capability Maturity Model. The participating companies use either NSAs Infosec Assessment Methodology or similar techniques. - - - - - - - - Security expert warns of MP3 danger New technology such as MP3s may soon be used as vectors for viruses, a security specialist visiting Australia has warned. We've recently been looking at how things embedded into MP3 files might become a problem, Vincent Gullotto, vice president of AVERT -- the developer of McAffee anti-virus systems -- told ZDNet Australia. There will soon be MP3s that will play the video clip at the same time as the music, and if you can embed movie files to MP3s you can embed Java and other languages that may contain malicious programming. - - - - - - - - Security Bug Disclosure Standard Dead In The Water Proponents of an effort to standardize the handling of computer security vulnerabilities today aborted the effort after receiving critical comments from reviewers. In a message today to members of the Internet Engineering Task Force's Security Area Advisory Group, the authors announced they were withdrawing the draft in response to feedback from members who felt the document was not appropriate for the IETF "since it does not deal with technical protocols." - - - - - - - - Privacy, security sides clash The U.S. government is enjoying "a golden age of surveillance," says Jim Dempsey. From financial records to fingerprint data, federal agencies "are choking on information." And in the name of homeland security, Congress is increasing the government's ability to gather information. But accumulating more data may not improve security, warns Dempsey, who is deputy director of the Center for Democracy and Technology. "The difficulty isn't in collecting information, it is in analyzing it," he said. Giving the government more authority to collect information is likely to dramatically erode the privacy rights of Americans, Dempsey said during a security forum March 15 in Washington, D.C. - - - - - - - - Sites wary of automatic privacy disclosure Dozens of leading Web sites are adopting the Internet's version of nutrition labels, giving visitors a quick sense of how well they honor surfers' personal privacy. The labels alone won't protect credit card numbers or stop junk e-mail -- just as nutrition labels won't guarantee balanced diets. But they should offer consumers a simpler alternative to the lengthy privacy policies written in legalese that hardly anyone reads. - - - - - - - - Cryptome dishes the Dirt Controversial bugging software turns up on the web Controversial spying and bugging software, Dirt, exposed by last summer, was revealed to be a bit more than vapourware when it turned up on a Dutch website last week. Dirt first hit the headlines last May, when it emerged that Codex Data Systems was marketing a password-stealing Trojan, similar to the infamous Back Orifice or the FBI's mysterious Magic Lantern, to law enforcement authorities. The company, headed up by Frank Jones, a convicted felon and known fraudster currently on probation for illegal possession of surveillance devices, denied that the product was vapourware but could not offer any proof. - - - - - - - - Study: Online Gamblers May Have Serious Problems Fully 74 percent of those who admitted to gambling online were found to have gambling behaviors classified as 'problematic'. A new study claims that those who make wagers on the Internet may be more likely to have serious gambling problems than other types of gamblers. The study, published in the March issue of Psychology of Addictive Behaviors, also said explosive growth of the Internet is likely to lead to more gambling opportunities -- and more health and emotional disorders associated with gambling. - - - - - - - - Rough waters ahead for work surfers? Employees who use the Internet for personal surfing or email may find their freedom curtailed as companies view the activity as a potential security hazard. Brace yourselves, corporate workers: one of the last bastions of work place relief -- sneaking in some online shopping or snickering over an email joke -- could be destined for universal banishment. Major corporations are increasingly classifying employee email and Internet privileges as potential security hazards, distractions or worse, costly legal dangers in the making.,,t269-s2106798,00.html Filters Block 'Sinful Six',1367,51009,00.html - - - - - - - - Do Corporate Firewalls Still Work? Analysts agree that the biggest challenges for firewall users are proper configuration, up-to-date patching and interoperability with other applications. Corporate firewalls may not have the glamour of the latest technologies in computer security, but experts say these basic cyber perimeters remain a central component of defense in an increasingly dangerous environment. While corporate firewalls still pull their weight, they are increasingly being folded into additional security measures -- such as anti-virus, intrusion detection and other filtering methods -- in single- security machines and applications. - - - - - - - - From Joke to Alkahest Remember when we'd call someone who believes in magic computer viruses with supernatural powers a fool? Today, we call him Senator. Poor worm, thou art infected! I mean the computer virus, not its target. Its image ripe and diseased with grand fictions, the gravity and nature of the computer virus phenomenon, as far as the public understands it, is now whatever anyone with the microphone says it is. To wit: "A more technologically sophisticated Timothy McVeigh may, at this moment, be at home developing a virus that could undermine the American economy," declared U.S. Senator Chuck Schumer as recently as February. - - - - - - - - Commission Hearing Probes Vegas Vice Hacks In a nondescript hearing room in a Las Vegas office building, officials investigate a remarkable claim: that a shady conspiracy of super hackers rules Sin City's telecom infrastructure. The only hint that Larry Duke Reubel is 63-years-old is his slow step as he ambles to the witness chair and takes a seat behind the microphone. Once seated he looks fifteen years younger. He's dapper in a sports coat and a black shirt buttoned to the top, the overhead florescent lights glint off his gold watch, which matches his earring and peroxide hair. In the hearing room in this anonymous Las Vegas office building there's a trace of weariness etched into Reubel's sunburned face, as he recounts his story of a high- flying life in the adult entertainment industry -- driven slowly and inexorably into the ground by hackers. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2002,, Campbell, CA.