May 7, 2002 `Evil Angelica' Parodies Government Site Hacking Duo Mocking the efforts of a defacement team known as the "Deceptive Duo," an online vandal who refers to herself as "Evil Angelica" has stuck at least two Web sites since Monday. The tongue- in-cheek attacker, calling herself "The Mystical Mono," replaced the home pages at and with a parody of the document that has been posted at dozens of U.S. government sites by the Deceptive Duo since late April. - - - - - - - - Band's Sites Deluged After Mailbox-Bomb Suspect ID'd If suspected mailbox bomber Luke John Helder was looking for attention, he's getting it not only from the FBI. He's also getting noticed in a big way on the World Wide Web. A trio of MP3-hawking Web sites connected to self-described grunge band Apathy from Rochester, Minn., indicate that someone named Luke Helder is a member of the band. The FBI field office in Omaha, Neb., did not return calls from Newsbytes for confirmation that the musician is also their suspect, but there is strong evidence online that the suspect and Apathy's lead singer and guitarist are one and the same. - - - - - - - - Ohio's New Internet Child Porn Law Challenged The expansion of Ohio's child-pornography statute to include the Internet was met with a legal challenge even as the governor signed a bill extending current law to the Net. Media Coalition Inc., representing publishers, bookstores, video retailers and a sexuality Web site for the disabled, on Monday filed a lawsuit in U.S. District Court at Dayton, Ohio, challenging the constitutionality of the law. - - - - - - - - Bill Would Ban Suggestive Child 'Modeling' Sites om Staff Writer. A pair of U.S. lawmakers today will introduce legislation to ban Web sites that feature photos of clothed, but suggestively posed children. So-called "child modeling" sites like and feature photographs of prepubescent girls wearing bikinis and other attire. Virtually all of the sites have pay-per-view sections and don't appear to sell anything other than photographs of the girls. - - - - - - - - Congressman set to introduce Web privacy bill A U.S. lawmaker said Monday that he would introduce this week a long-awaited consumer privacy bill covering Internet commerce. Florida Republican Rep. Cliff Stearns said he would introduce the measure Wednesday, nearly nine months after releasing an outline of what the bill would contain. - - - - - - - - Federal Courts To Permit Web Access To Criminal Records In an unprecedented move, the federal judiciary's policymaking body said today it would allow limited public access to criminal court records on the Internet. Eleven federal courts are allowing Internet access to criminal case files as part of a pilot program adopted by the Judicial Conference of the United States, a panel of 27 federal judges responsible for crafting policy in the federal court system. - - - - - - - - U.S. Interior Systems Face Renewed Shutdown The Interior Department could be ordered to shut down some of the systems it has reactivated since it received a court order in December to cut off its Internet connections, sources said. The presence of American Indian trust data in Office of Surface Mining systems could lead Judge Royce C. Lamberth of the U.S. District Court for the District of Columbia to order the office to disconnect its links to the Internet, according to the plaintiffs attorneys in the case of Cobell v. Norton and other sources close to the case. - - - - - - - - Anti-spam group sues software guru What happens if you create software, bring it with you to an organization and then want to take an enhanced version of it when you leave? In the case former Mail Abuse Prevention System (MAPS) employee Gordon Fecyk, author of the anti-spam ORCA Dial-up User List, you get sued. - - - - - - - - EDS bans IM EDS, the computer arm of the British government, has banned its staff from using Instant Messenger products in the workplace. It cites security concerns, especially over virus transmissions. A memo to staff from EDS' security compliance unit leaked to The Register describes "use of Instant Messenger (IM) products through the Internet" as a "risk to Client EDS' infrastructure and network". - - - - - - - - Wall St. Firms Said to Break E-Mail Rule Some Wall Street firms have advised securities regulators investigating possible conflicts of interest among stock analysts that they have not retained e-mail messages as required by law, according to people close to the investigations. (NY Times article, free registration required) - - - - - - - - Exposing the vulnerabilities of e-commerce A hacking demonstration shows how e-commerce sites can be exploited by attackers, highlighting the need for comprehensive security measures. A few quick keystrokes is all it took to change some key components in a Web address, leaving another online bank open to exploit by hackers.,,t269-s2109802,00.html - - - - - - - - Insurance fraud adds to mobile theft figures A significant percentage of the 700,000 mobile handsets reported stolen last year were never really nicked at all, according to an industry body The recent surge in mobile phone theft is partly caused by fraudulent insurance claims, according to latest research from the mobile industry. The Mobile Phone Industry Crime Action Forum (MPICAF) claimed this weekend that at least 20 percent of reported mobile thefts are actually faked.,,t269-s2109796,00.html - - - - - - - - Flame war after Klez worms onto Richer Sounds mailing list Consumer electronics retailer Richer Sounds has pledged to beef up its security after its mailing list became a conduit for the spread of the Klez worm. A copy of the worm (with the subject line: " Japanese lass' sexy pictures") found its way to all the subscribers on the list on Sunday, presumably after one of its members became infected. This provoked a series of flames on the bargain notification list which, once again, went out to all its subscribers. - - - - - - - - Aging Worms Still Crawl, Threaten Net Should unwitting carriers of Nimda, Code Red be penalized for not securing their servers? The Nimda and Code Red worms, which emerged along with dire warnings that they could bring down large sections of the Internet (but didn't), may have a second chance. New data in a study by Arbor Networks shows that both worms are alive and well, and still infecting new victims daily.,aid,98504,00.asp - - - - - - - - MS .doc bug hibernates on Net Documents still available for download on the Internet have the potential to reveal sensitive information. A security hole affecting old copies of some Microsoft Office applications may have left a legacy of data leaks with the potential to reveal sensitive information and weaken security on government and commercial Web sites around the world.,,t269-s2109785,00.html - - - - - - - - File sharing pirates go underground Networks being used to trade terabytes of software. Software pirates are borrowing techniques and tools from hackers in a bid to take over high bandwidth servers, such as those at universities and web hosts, to help develop large underground file sharing networks. White hat security firm ISS X-Force has been tracking the growth of a number of underground file sharing networks that are being used to trade terabytes of pirated software and movies. - - - - - - - - Antitrust provisions sought by states would compromise security Hackers, virus writers and software pirates could run rampant if Microsoft disclosed the technical product information that nine states have requested as an antitrust penalty, a company executive said Tuesday. - - - - - - - - Survey: Opt-Out Is a Cop-Out Comments gathered by the U.S. Treasury indicate that Americans have plenty of complaints about a recently enacted law that requires customers to opt-out if they want to keep financial institutions from sharing their data. Top items on the grievance list: opt-out notices hidden in thick junk mailings, confusing legal language and the potential for invasive sales tactics.,1848,52328,00.html - - - - - - - - PKI interoperability 'paramount' The government risks undermining the potential benefits of a public-key infrastructure unless it develops common policies and processes to ensure interoperability, a new report from a coalition of vendors says. "Interoperability is paramount. If this is not achieved, the U.S. government and American industry is dealing with a potentially disruptive technology that will affect the policy, legal, technical and process implementation aspects of their business," according to the report, issued May 3 by the Federated E-Government Coalition. - - - - - - - - Undetectable 'son of cookie' system wins grant The developers of a 'son of cookie' web monitoring system have received a Proof of Concept grant from Scottish Enterprise to commercialise the system. Their non-cookie based web monitoring software does not (as indeed the name suggests) rely on cookies, but instead is intended to replace them with something far more powerful. - - - - - - - - VeriSign focuses on managed security services VeriSign Inc will today announce a series of new and enhanced managed services aimed at enterprises that want to outsource the complexity of their security infrastructure. The company has inked a number of partnerships to help it manage customers' firewalls, VPNs and intrusion detection systems. - - - - - - - - Web Attack in the Workplace Security: Protecting PC networks from Internet invaders has never been more vital for small business. Last year the network at Beauty Fashion magazine, a small trade publication in New York, was simultaneously infected by two viruses: Code Red and Nimda. The attack destroyed all the computers files and shut down Internet access for three days. After several thousand dollars worth of help from outside consultants, most of the information was restored. Some files of old articles, though, were irretrievable. - - - - - - - - A Challenge to Dissect Some Code Systems administrators have to stop thinking like glorified janitors. Cleaning malicious code from a system as quickly as possible should never be an administrator's primary goal, security experts agree. Administrators should instead focus on carefully dissecting malicious program code and preserving the evidence of attacks.,1282,52342,00.html - - - - - - - - Wearable ID device to hit the market Microvision and Robotic Vision Systems have teamed up to market a wearable biometric identification device to the U.S. government and commercial businesses, the companies said Tuesday. Biometrics technology, which uses retinal scans, fingerprinting and other biological markers for personal identification, has been of huge interest since Sept. 11, when terrorist attacks fixed the government's attention on national and airline security. But even before then, the technology was gaining attention as companies started to implement it for more everyday uses such as driver's licenses with embedded microchips. - - - - - - - - Emergency program moving along Following a successful demonstration with some of the most high-tech state and local agencies, the federal government is ready to move on to a tougher test of the Domestic Emergency Response Information Services (DERIS) program: working with rural governments. The Defense Department, which is running the program, also is working to transfer DERIS to the Federal Emergency Management Agency and the National Guard Bureau, both of which are responsible for coordination with first responders under the Bush administration's homeland security mandate, said Rosanne Hynes, information technology adviser for DOD's Homeland Security Task Force, which led the development of the program. - - - - - - - - Hearing on Technology Reveals Other Heroes of 9/11 In the aftermath of Sept. 11, firefighters and police officers were lionized. Rescue workers and clean-up crews were celebrated for their endurance and bravery. Politicians like former Mayor Rudolph W. Giuliani became international celebrities. Yesterday was a day for people like Raju Venkataram. Mr. Venkataram is a computer guy. As director of management information systems for New York City's chief medical examiner, he designed from scratch a database system for the gargantuan and horrendous task of identifying victims of the attack on the World Trade Center. - - - - - - - - Parents turn to high-tech tools to protect children from would-be abductors. The fears are the same, but the tools parents are using to prepare for the un-thinkable possibility of child abduction are going high tech. If the trend continues, DNA samples could replace fingerprints as the most useful component of a child identification kit. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2002,, Campbell, CA.