March 25, 2002 Foreign hackers tried to enter Air Force computer network Hackers operating outside the United States tried unsuccessfully to enter the computer network at Wright-Patterson Air Force Base, officials said. There were 125,000 attempts made early Friday, said Lt. Gen. Richard Reynolds, commander of the Aeronautical Systems Center. ``I don't know whether they wanted to get in and just get information, or whether they wanted to get in and cripple our network,'' Reynolds said. - - - - - - - - FrontPage Bug Opens Microsoft Sites To Attackers Exploiting a widely known flaw in Microsoft's Web server software, attackers have defaced three Microsoft Web sites this month. On Sunday, a Brazilian defacement group known as Silver Lords replaced the home page of a Microsoft customer support site with one of their own. - - - - - - - - US Internet porn law battle heads for court The law would limit Internet access in US public libraries, but many call it unconstitutional. The latest attempt by Congress to control pornography on the Internet is expected to go to trial on Monday in Philadelphia, where a coalition of libraries, library patrons and Web site operators are battling the Children's Internet Protection Act. The law seeks to prevent children from accessing objectionable Internet material by cutting off federal funds that subsidise Internet access at libraries that fail to install filtering software on their computers.,,t269-s2107258,00.html,1283,51287,00.html - - - - - - - - Dead Napster Gets Deader A federal appeals court said Monday that Napster may not resume its free online file-swapping service. The decision by the 9th U.S. Circuit Court of Appeals upholds a federal judge's July ruling that ordered the Redwood City company to keep its free service offline until it can fully comply with an injunction to remove all copyright music.,1283,51301,00.html - - - - - - - - Encryption patent firm stakes claim on industry A previously unknown Californian firm which has obtained a patent for application-independent file encryption is seeking to enforce licensing from other companies in the security industry. The move has spurred anger among vendors hit by patent infringement claims; they say they will contest the action vigorously. Maz Technologies was granted a patent last year for a "method of transparent encryption and decryption for an electronic document management system". Recently the company appointed lawyers to press its claims. - - - - - - - - Piracy-prevention bill sparks hot debate Several government and industry leaders this weekend criticized proposed legislation that calls on hardware makers to help protect Hollywood's interests, saying lawmakers should not decide the tech industry's "winners and losers." Sen. Maria Cantwell, D-Wash.; Les Vadasz, president of Intel Capital; Mitch Kapor, chairman of the Open Source Applications Foundation; and Hilary Rosen, CEO of the Recording Industry Association of America, engaged in a lively, sometimes heated, debate on recently proposed government controls on digital media devices. - - - - - - - - Ridge urges state, local governments to unite on security State and local governments need to be sure that they engage the private sector in homeland security efforts by uniting technological expertise, human capital and knowledge to work toward common Monday. These entities cannot "operate in a vacuum," Homeland Security Director Tom Ridge told the National Association of Regional Councils (NARC). - - - - - - - - Hacking goldmine as BT publishes remote dial-up numbers BT is to remove the list from the Web, but security experts warn that the companies affected are at risk of attack in the future BT has admitted that it published the private remote access numbers of a number of British companies on its Web site -- a move that could expose the firms affected to hacking attacks. The numbers were published on the public BT Together Web site in a list that BT thought only included local and national ISP dial-up numbers.,,t269-s2107318,00.html - - - - - - - - Copy-write protection could be built into hardware Microsoft researchers jump into the tussle between Hollywood and hardware makers over anti-copying protection, saying software alone isn't enough to lock out pirates. Software alone can't stop digital piracy, researchers said this week, emphasising that only a totally secured infrastructure has a chance to eliminate the problem.,,t269-s2107260,00.html - - - - - - - - MS planned to keep secure music APIs secret A small section of Jim Allchin's deposition for the Microsoft trial we'd overlooked until now casts an interesting light on the way Microsoft had been planning to give itself an edge in secure music distribution. Jim tells us that in accordance with the commitments the company has made in the Revised Proposed Final Judgment (RPFJ, the document agreed with the DoJ) it won't be doing that after all, but we're not entirely sure about that. - - - - - - - - City That Won In Court, Loses In UDRP The German city of Heidelberg has become the latest government to strike out in a bid to wrest Internet addresses from Web-site operators they claim are cybersquatters. In a decision released today by the World Intellectual Property Organization (WIPO), arbitrator Desmond Ryan, a Melbourne, Australia-based intellectual property attorney, found that Heidelberg's city council failed to show it controlled any trademark rights to the municipality's name. - - - - - - - - GSA awards task order for software patch filtering The General Services Administration has awarded a task order to Science Applications International Corp. of San Diego for a Web service that will alert users of security vulnerabilities in their computer systems and of patches to fix them. The free program will support the Federal Technology Services Federal Computer Incident Response Center, which tests and distributes security patches for federal users. Government users will be able to sign up for the service, enter information about their information systems and receive information specific to those systems. Vigilinx Inc. of Parsippany, N.J, developed the service. - - - - - - - - IBM Unveils Built-In Digital Security for Mainframes IBM said its customers now will be able to issue and revoke digital security certificates to clients and business partners. IBM announced Monday that its newest operating system for the eServer mainframe will have built-in digital authentication capability. The company said it will begin shipping its flagship operating system for the eServer, called z/OS, on Friday, and added that the software will enable users to create and manage millions of "digital certificates." - - - - - - - - Sorting Security Threats From False Alarms Security experts say that there is no such thing as a foolproof network security system. Someone or something is always trying to break in. That's why many companies employ people to monitor the alerts produced by security software. Sorting the real threats from the false ones involves manpower, time and money. So Juanita Koilpillai, co-founder of CyberWolf Technologies Inc., set out to create a product that would help with that task. - - - - - - - - Registry hack turns XP Pro into server, vice versa A routine currently circulating on the web reawakens the old controversy over how different the workstation and server versions actually are. NTSwitch, apparently produced by Hungarian outfit 3am Labs, is claimed to allow various versions of Microsoft workstation operating systems to be turned into server versions, and vice versa. 3am's free download of the routine has been pulled "due to legal considerations," but at time of writing was still being hosted by ADTW, which presumably either hasn't had a take-down notice yet, or is ignoring one. - - - - - - - - Hacker speaks out on security basics Security holes exist in just about every application, but preventing an attack can be remarkably simple, says an expert hacker. "It's simple," says Rain Forest Puppy. "Don't feel you have to...take it from Microsoft, just figure out what services lead to security risks and turn them off.",,t269-s2107261,00.html - - - - - - - - Whos Watching WinWhatWhere? Spyware, anti-spyware programmers in virtual battle. It sounds like a James Bond subplot but this is real life. The folks who write spy software, sometimes called snoopware, are fed up with countermeasure anti-spy software like Whos Watching Me that blows their cover. So the latest versions of spy software WinWhatWhere and Spectorsoft, released in the past several weeks, intentionally disable their anti-spy counterparts. And now the programmers at Whos Watching Me are throwing down the virtual developers glove, calling for a duel. - - - - - - - - Web services: Security nightmare? The hype surrounding Web services has reached crescendo proportions. That's not surprising given how eager some big information-technology companies are to find some sort of recurring, high-margin business in a down tech economy. But in their rush, an important data security issue is being ignored: Confidential information is vulnerable to malicious employees or hackers because customer data, which gets stored in applications or databases operated by the Web services provider, still exist in clear or unencrypted form. - - - - - - - - The privacy imbroglio One of my favorite expressions is: "When all you have is a hammer, the whole world looks like a nail." Whenever I read an article about privacy issues, I can hear lawyers hammering away like deranged cobblers. With approximately 50 privacy-related laws scheduled for review in Congress, numerous privacy violations continuing to steal headlines, and countless privacy groups popping up everywhere, privacy is being positioned as the next legal frontier. But in the rush to litigation, we've failed to notice that we don't even have a general consensus of what privacy really is. - - - - - - - - Cuba Bans PC Sales to Public The Cuban government has quietly banned the sale of computers and computer accessories to the public, except in cases where the items are "indispensable" and the purchase is authorized by the Ministry of Internal Commerce. News of the ban was first reported by CubaNet, an anti- Castro site based in Miami. According to the organization's correspondent in Havana, the merchandise -- which had been sold freely in the capital since mid-2001--was yanked off store shelves in January.,1283,51270,00.html - - - - - - - - Crime-Fighting by Computer Widens Scope New York City's renowned Compstat crime-fighting program, originally created to measure and map serious crime in city neighborhoods, has grown into a sweeping data-collection machine that traces hundreds of factors, many of which appear distant from the nuts and bolts of police work. The system, introduced in 1994 to focus largely on the seven major crime categories, has changed in ways both substantial and subtle, and now records 734 of what officials call indicators: everything from concentrations of prostitutes to police overtime, allegations of abuse by officers and how often police commanders meet with community leaders. (NY Times article, free registration required) - - - - - - - - Mich. police keep tabs on radio gear By fall, the Michigan State Police's new communications system will provide radio coverage for 97 percent of the state. Still, maintaining the 181 tower sites scattered statewide, along with several thousand portable and mobile radios, is no easy task. But technicians who once jotted down assignments from a white board now download work orders on their computers and handheld devices. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2002,, Campbell, CA.