May 8, 2002
Judge: Elcomsoft Case Can Proceed
A federal judge ruled on Wednesday that the copyright
infringement case against the Russian software company
Elcomsoft can go on, dismissing the defense's claim
that key provisions of the Digital Millennium Copyright
Act are unconstitutional. U.S. District Court Judge
Ronald Whyte of San Jose said that the DMCA was
neither vague nor did it violate the First Amendment,
as Elcomsoft had argued. Although the judge agreed
with Elcomsoft that computer code is speech, he said
that the DMCA does not unconstitutionally ban that
speech.
http://www.wired.com/news/politics/0,1283,52404,00.html
- - - - - - - -
Handsets key to Vivendi vote 'piracy'
An alleged episode of vote 'piracy' at the Vivendi
Universal general meeting is to be investigated by
the Tribunal de Commerce de Paris, the body that
presides over corporate legal disputes in France.
The Tribunal authorized the investigation into the
'malfunctions' that occurred during the course of
the general meeting held on April 24, which was
intended to gain the seal of approval for corporate
investments urged by chief executive Jean-Marie
Messier but the result has been overshadowed by
claims of vote hijacking.
http://zdnet.com.com/2100-1103-902756.html
http://news.zdnet.co.uk/story/0,,t269-s2109881,00.html
Tribunal examines Vivendi piracy claim
http://news.com.com/2100-1023-902810.html
- - - - - - - -
Xbox 'Emulator' Front For Online Money-Making Scam
A new fraud by Internet scam artists attempts to
tap into video game aficionados' burning desire
to play Microsoft Xbox games on their personal
computers. An "Xbox emulator" currently being
offered for free on the Web is actually a Trojan
horse designed to covertly rack up money for its
authors using pay-for-click and other schemes,
malicious code experts said.
http://www.newsbytes.com/news/02/176472.html
- - - - - - - -
'Cute' Trojan Could Take Over Your PC - Anti-Virus Companies
A moderately dangerous Trojan horse that might
let an outsider take over someone's computer is
circulating by e-mail, two anti-virus companies
warned today. According to Symantec and McAfee,
the e-mail in question has the subject line:
"Thoughts..." with a message that reads, "I
just found this program, and, I don't know
why...but it reminded me of you. Check it out."
http://www.newsbytes.com/news/02/176443.html
- - - - - - - -
Virus Hoax Making The Rounds - 'JDBGMGR.EXE'
A virus warning is making the rounds urging
people to search for a purported virus on their
hard drives - a file named JDBGMGR.EXE. Chances
are, they will find it, because the "warning"
is a hoax. According to several anti-virus
companies, the hoax first appeared in April,
but two new variants of the message have been
spotted in the last three days.
http://www.newsbytes.com/news/02/176442.html
- - - - - - - -
'Nimda,' 'Code Red' still alive and crawling
When computer security historians look back at
2001, the emergence of the "Nimda" and "Code
Red" worms will likely sit close to the top of
their significant events lists. Both worms were
heralded as threats that could have brought
down large sections of the Internet, but when
this didn't happen the security spotlight
quickly moved elsewhere.
http://www.cnn.com/2002/TECH/internet/05/08/nimda.code.red.idg/index.html
- - - - - - - -
House OKs stiffer cybercrime penalties
Computer criminals would face increased penalties,
and Internet users would face greater surveillance
by access providers, under a bill approved
Wednesday by a House of Representatives panel.
Spurred by worries about electronic terrorism,
a dramatic increase in computer viruses and other
Internet intrusions, the House Judiciary Committee
unanimously approved a bill that seeks to better
coordinate efforts to fight cybercrime while
increasing recommended sentences for those
found guilty.
http://zdnet.com.com/2100-1106-903235.html
http://www.cnn.com/2002/TECH/internet/05/08/cybercrime.reut/index.html
House Keeps Focus on Cybercrime
http://www.wired.com/news/politics/0,1283,52388,00.html
- - - - - - - -
Top Argentine court wants law against hackers
Argentina's Supreme Court wants legislation to
outlaw computer hacking after rights activists
allegedly vandalized its own Web site but escaped
punishment because no law covers digital attacks.
A federal court threw out a case in April against
a group of hackers, known as the ``X-Team,'' who
were charged with defacing the site in 1998 with
accusations the South American nation's top
judges covered up the murder of a journalist.
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3216770.htm
- - - - - - - -
Long-awaited privacy bill unveiled
Several U.S. lawmakers introduced a long-awaited
privacy bill Wednesday that would allow U.S.
businesses to share information about customers
who have not explicitly forbidden them to do so.
MORE THAN A YEAR in the making, the privacy
bill unveiled in the House differs from a
competing bill making its way through the Senate
that would require businesses to get consumers
explicit permission before sharing sensitive
information such as income level, religious
affiliation or political interests.
http://www.msnbc.com/news/749520.asp
http://www.usatoday.com/life/cyber/tech/2002/05/08/privacy-bill.htm
- - - - - - - -
Privacy Groups Want Tougher DoubleClick Settlement
The Electronic Privacy Information Center (EPIC)
and privacy advocacy firm Junkbusters have filed
a formal objection to a proposed settlement of
litigation against online advertising company
DoubleClick. Several class-action suits against
DoubleClick alleging privacy violations have been
consolidated, and the matter is being heard in
the U.S. District Court in the Southern District
of New York. EPIC and Junkbusters filed their
objections in advance of a hearing scheduled
for May 21.
http://www.newsbytes.com/news/02/176471.html
- - - - - - - -
When Kid Porn Isn't Kid Porn
The photograph captures two boys, about 6 or 7
years old, cavorting naked on a beach. One of the
boys looks coyly over his shoulder. The other has
an erection. Child pornography or art? Definitely
art, according to a growing number of websites
charging up to $40 a month for subscribers to
gain access to images of naked children as
young as 4 years old.
http://www.wired.com/news/business/0,1367,52345,00.html
Behind the Kid 'Erotica' Scenes
Sites that compile images of naked children and
charge members to access them - otherwise known
as "child erotica" sites - are a booming business.
Type "boys cash" or "lolitas cash" into a search
engine and you'll tap into a long list of child
erotica sites looking for webmasters to carry
their banner ads and drive traffic to their
homepages. For every membership obtained through
such an ad, the child erotica site typically pays
webmasters 60 percent of the membership fee, which
starts at $40 a month. More information about how
the terms work is available here.
http://www.wired.com/news/culture/0,1284,52371,00.html
- - - - - - - -
Verisign To ID New Ebay Sellers, Auction Domain Names
Individuals signing up to sell merchandise on Ebay
will soon have to prove to e-commerce security
company Verisign that they really are who they say
they are. In a "multi-year services and marketing
alliance" announced by the two companies today,
Ebay will use Verisign's Authentication Service
Bureau (ASB) to identify Ebay sellers during the
registration process on its site. Verisign says
its ASB allows companies to outsource the task
of validating individuals' identities and can
also issue digital certificates that can be
used to confirm those IDs.
http://online.securityfocus.com/news/393
- - - - - - - -
Microsoft Warns of Critical Instant Messaging Flaw
A security flaw in Microsoft's instant messaging
services could enable remote attackers to take
control of users' computers, the company warned
today. Microsoft has rated the vulnerability
"critical" on client systems and advised customers
using MSN Messenger and Exchange Instant Messenger
to immediately upgrade to a new version released
today.
http://www.newsbytes.com/news/02/176470.html
http://www.nandotimes.com/technology/story/395826p-3150192c.html
- - - - - - - -
IBM report cites mobile phone hacking risks
The majority of GSM phones can be cloned in
just a minute or two, IBM says. IBM researchers
released a report on Tuesday showing that some
cell phones' security cards could be cloned in
minutes, letting hackers make calls and route
charges to the cloning victim's account. The
hacking technique studied by the researchers,
known as a partitioning attack, analyses power
fluctuations in a phone's security identification
module (SIM) card, allowing an attacker to divine
the security codes stored inside.
http://news.zdnet.co.uk/story/0,,t269-s2109824,00.html
http://www.vnunet.com/News/1131598
- - - - - - - -
Microsoft Witness Raises Windows Security Issues
Hackers, software pirates and purveyors of computer
viruses could cause more damage if antitrust
sanctions sought by state prosecutors are imposed
on Microsoft Corp., a top company official testified
yesterday. James Allchin, the most senior Microsoft
executive other than Chairman Bill Gates to appear
at federal court hearings, laced his written
testimony with national security concerns, noting
that computers running the Windows operating system
are used by the Defense Department and U.S. armed
forces in Afghanistan and elsewhere.
http://www.newsbytes.com/news/02/176453.html
http://www.wired.com/news/antitrust/0,1551,52373,00.html
- - - - - - - -
Hackers say holes exposed retail data
White-hat hackers last week discovered
vulnerabilities in the wireless networks of two
major retailers -- holes that they claimed exposed
data that appeared to include customer information.
On May 1, an anonymous hacker posted a message on
an online security mailing list stating that he had
discovered holes in the wireless LANs operated by
Best Buy. Later that day, Jonas Luster, co-founder
of security consultancy D-fensive Networks Inc.
in Campbell, California, told Computerworld that
he had conducted a test of networks operated by
a San Jose outlet of The Home Depot and found
similar vulnerabilities.
http://www.cnn.com/2002/TECH/internet/05/08/retail.security.idg/index.html
- - - - - - - -
Sun burnt by second bug in a week
Flaw affects default installation of cachefsd
daemon Sun Microsystems' Solaris operating
system has come a cropper for the second time
in a week after the Computer Emergency Response
Team (Cert) published another security advisory
on Monday. Coincidentally, the new found
vulnerability affects exactly the same version
of the operating system as the flaw found in
the Solaris rwall daemon last week - 2.5.1,
2.6, 7, and 8 on both Sparc and Intel
architectures.
http://www.vnunet.com/News/1131569
- - - - - - - -
11 courts put criminal case files online
Eleven federal courts are letting the public
access criminal case files online. The effort
is part of a pilot program by the Judicial
Conference of the United States to study
privacy and public access to electronic files
in criminal cases. Users can access the files
through the federal courts Public Access to
Court Electronic Records system for seven
cents per page, Judicial Conference officials
said.
http://www.gcn.com/vol1_no1/daily-updates/18615-1.html
- - - - - - - -
McAfee unveils spam software
Security company McAfee this week took the wraps
off newly branded filtering software that helps
consumers dodge unsolicited commercial e-mail,
or spam. The Sunnyvale, Calif.-based company
acquired the software, called SpamKiller, and
related intellectual property from its creator,
Norway-based Novasoft, for an undisclosed amount
last month. The technology, which costs customers
$29.95, works in conjunction with the e-mail
client to scan all incoming messages for language
and headers commonly found in junk mail. It then
deletes the junk mail and gives consumers options
to report the spammer to its Internet service
provider, among other features.
http://zdnet.com.com/2110-1104-902960.html
- - - - - - - -
Wind River Seeks Wi-Fi Security
"Wind River Systems is looking to quell one of
the vexing worries over wireless -- WLAN security
-- with new software that aims to let developers
build more secure networks based on the increasingly
popular Wi-Fi standard..." "'As it started to get
popular ... so did the opportunities to break
into the networks,' Gartner security analyst
John Pescatore told Wireless NewsFactor. The most
overlooked security challenge that WLANs face, he
said, is from hackers pretending to be an access
point on the network. It takes a good deal of
security protocol to address that problem..."
http://www.newsfactor.com/perl/story/17650.html
- - - - - - - -
IT Security Experts Match Wits in Hacker Challenge
Contestants in the Honeynet hacker intrusion
contest will investigate and explain items such
as the source of the hacker's binary code, its
features, its encoding process, a detection
method that would have identified it, and two
tools similar tools that have been discovered
in the past.
http://sci.newsfactor.com/perl/story/17637.html
- - - - - - - -
Cable Modem Hacking Goes Mainstream
An ambitious hackware project promises to
bring illicit broadband "uncapping" to the
masses, and with it the risks that come with
high-speed hijinks. From a pitiable 56kbps
AOL dial-up somewhere in suburban Colorado,
19-year-old Myko Hein would like to tap out
this sad, regretful message to the powers-
that-be at his former cable Internet provider,
AT&T Broadband: I was wrong. It'll never
happen again. Please take me back.
http://online.securityfocus.com/news/394
- - - - - - - -
Securing Exchange 2000, Part Two
This is the second installment in the two-part
series on securing Exchange 2000. The first
article offered a brief overview of implementing
Exchange 2000, along with some exploits that
systems administrators need to be aware of.
This installment will focus on secure
configuration and administration of Exchange
2000, including locking down Exchange, and
an analysis of some publicized vulnerabilities.
Secure Administration. Now that we have covered
some of the basics of implanting Exchange 2000,
lets step away from the assessment side, and
get into securing it.
http://online.securityfocus.com/infocus/1578
Securing Exchange 2000, Part One
http://online.securityfocus.com/infocus/1572
***********************************************************
Search the NewsBits.net Archive at:
http://www.newsbits.net/search.html
***********************************************************
The source material may be copyrighted and all rights are
retained by the original author/publisher. The information
is provided to you for non-profit research and educational
purposes. Reproduction of this text is encouraged; however
copies may not be sold, and NewsBits (www.newsbits.net)
should be cited as the source of the information.
Copyright 2000-2002, NewsBits.net, Campbell, CA.