High Tech "NewsBits" for 05/21/02

May 21, 2002 Suspect Helps Police Find Body of Girl He Met on Internet Investigators found the body of a 13-year-old Danbury girl in Greenwich early today after a man she met over the Internet told them where to look, the police said. The United States attorney, John A. Danaher III, said the man, identified as Saul Dos Reis, 25, was arrested on a federal charge of using an interstate device the Internet to entice a child into sexual activity. Other charges were not immediately filed. But Mr. Danaher said that Mr. Dos Reis, who was arraigned on the Internet charge in federal court Monday morning, had confessed to the killing. http://www.nytimes.com/2002/05/21/nyregion/21GIRL.html http://www.foxnews.com/story/0,2933,53291,00.html http://www.msnbc.com/news/755493.asp?0si=- Altar girl, internet flirt: Connecticut sixth-grader led double life, police say. http://www.bayarea.com/mld/mercurynews/3306714.htm - - - - - - - - British police arrest 36 in online child porn sting Police around Britain arrested 36 people in coordinated raids on computer users suspected of using child porn Web sites. Acting on a tip from U.S. officials, the police targeted people accessing pay-per-view Internet sites based in the United States and selling images of sexual abuse of children as young as 5. In an operation coordinated by the National Crime Squad, police raided 43 houses and apartments Monday and seized more than 30 computers, as well as large quantities of discs and videos. http://www.usatoday.com/life/cyber/tech/2002/05/21/britain-porn.htm http://www.nandotimes.com/technology/story/408312p-3256172c.html - - - - - - - - Six arrested over 'Nigerian e-mail' fraud Six people were arrested in South Africa over the weekend on suspicion of being involved in the infamous "Nigerian" e-mail and letter fraud. Four of those detained were Nigerian, one was Cameroonian and the sixth was South African. Police in South Africa believe that the six are part of an international fraud and drug-dealing cartel, sending out thousands of e-mail and letters in an attempt to defraud. http://zdnet.com.com/2100-1105-918960.html http://zdnet.com.com/2110-1104-919153.html - - - - - - - - Former Software Executives Charged The Securities and Exchange Commission filed civil charges yesterday against five former executives of Northern California software firms Legato Systems Inc., Unify Corp. and Quintus Corp., accusing them of fraudulently inflating sales figures. The U.S. attorney's office in San Francisco filed criminal fraud charges against three of the executives. http://www.newsbytes.com/news/02/176695.html http://www.cnn.com/2002/TECH/industry/05/21/software.fraud.ap/index.html - - - - - - - - Trial date set for Russian DMCA case The first criminal trial under the Digital Millennium Copyright Act (DMCA) is scheduled to start Aug.26 in San Jose, Calif., federal court. On Monday, Federal Judge Ronald Whyte set a trial date in the ElcomSoft case. The Russian software company is charged with violating criminal provisions of the DMCA by providing software that could be used to crack copyright protections on Adobe Systems' e-books. The DMCA criminalizes software that can circumvent copyright protections. http://zdnet.com.com/2110-1104-919153.html http://www.newsbytes.com/news/02/176704.html http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3303774.htm http://www.usatoday.com/life/cyber/tech/2002/05/21/copyright-case.htm - - - - - - - - Hacker mag loses DVD appeal Hollywood gets tough over DeCSS descrambling code. Hacker magazine 2600 has lost its bid for an appeal on the ruling preventing it from linking to the DeCSS DVD descrambling code. Late last week the New York Second Circuit Court of Appeals upheld the ruling of its own panel of judges, maintaining that publishing and linking to DeCSS was in direct violation of the anti-circumvention provisions of the Digital Millennium Copyright Act (DMCA). DeCSS is the controversial DVD descrambling tool which has been successfully outlawed by Hollywood over fears that it may be the root cause of DVD piracy. http://www.vnunet.com/News/1131936 - - - - - - - - State Dept. virus exposes system flaw Anyone could have sent messages to U.S. travel warning list. When the State Department sent out a computer virus to an e-mail list devoted to travel warnings last weekend, the incident exposed a larger shortcoming in the agencys security. According to the company that manages the mailing list, the State Department list had been set up to allow anyone to send a message to all recipients including journalists, foreign diplomats, overseas nationals. The virus proved it would have been easy for someone to send out a fake global travel warning in the name of the State Department. http://www.msnbc.com/news/754879.asp Hundreds of law enforcement, media outlets receive computer virus from forged State Department e-mail address. The State Department's e-mail identity was forged by a computer virus that sent itself to law enforcement and media outlets across the country, a department official said Tuesday. Variants of the virus, called Klez, have been spreading since the late 1990s and are transmitted through e-mails and attachments. Klez does not destroy computer files but can clog up mail systemsand corporate networks. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3309078.htm http://www.nandotimes.com/technology/story/409215p-3261482c.html - - - - - - - - Snafu exposes personal information at Indiana State Univ. Indiana State University accidentally posted personal information about 10,000 of its students - including names and Social Security numbers - on the Internet for two weeks. The information was available from April 30 to May 14 about ISU students enrolled in the 1996-97 school year, university spokeswoman Teresa Exline said. Officials removed the information once they learned about the situation, and Exline said the university was in the process of notifying those students. "This is not a hacking incident. No one broke into our security," Exline said. "This is an incident that involves inadvertent exposure." http://www.nandotimes.com/technology/story/408966p-3260107c.html - - - - - - - - House Passes Child-Sex Crime Wiretap Bill The U.S. House of Representatives today approved legislation that would give law enforcement new powers to eavesdrop on the telephone conversations of suspected child-sex predators. Supporters say that the "Child Sex Crimes Wiretapping Act of 2001" is needed to snare potential child molesters who search for children in Internet chat rooms. http://www.newsbytes.com/news/02/176706.html http://www.usatoday.com/life/cyber/tech/2002/05/21/kids-internet.htm - - - - - - - - House draws lines for kids online Hoping to create a safe playground for children on the Web, the House of Representatives on Tuesday approved a bill that would gather sites designed for youth under a new Internet domain. The Dot Kids Implementation and Efficiency Act, which passed 406-1, would set up a special domain where sites deemed child-friendly could reside. http://news.com.com/2100-1023-919416.html http://www.newsbytes.com/news/02/176705.html http://www.msnbc.com/news/755410.asp http://zdnet.com.com/2110-1106-919410.html http://www.wired.com/news/politics/0,1283,52694,00.html - - - - - - - - Senate panel OKs security standards The Senate Commerce Committee has approved a bill that would create a set of "best practices" for computer security for federal departments and agencies, among other things. The standards provision, added to the proposed Cyber Security Research and Development Act late last week by Sen. John Edwards, D-N.C., is a sticking point for industry groups, which say it could pose a threat to national security by encouraging the use of old technology. http://news.com.com/2100-1023-919377.html http://www.govexec.com/dailyfed/0502/052002njns1.htm - - - - - - - - Senate committee sets up 'emergency technology guard' Legislation to make it easier for science and technology experts to assist government agencies during terrorist attacks or other national emergencies won quick approval Friday from the Senate Commerce, Science and Transportation Committee. http://www.govexec.com/dailyfed/0502/052102njns1.htm - - - - - - - - Hotmail policy raises privacy concerns Hotmail users can now get a better look at their personal account settings--but some of the service's estimated 110 million active users may not like what they find. Erroneous reports surfaced this week alleging Hotmail had changed users' default privacy settings. Some feared Microsoft could share entries from their Passports--a collection of personal information now necessary to open a Hotmail account --with other companies. However, Microsoft executives say the free e-mail service didn't change its current privacy policy, it merely rolled out new technology that better reflects its evolving "pure opt-in" philosophy. http://www.cnn.com/2002/TECH/internet/05/21/hotmail.privacy.idg/index.html - - - - - - - - Forman: E-gov good for privacy The federal government could do a lot to promote personal privacy online if agencies would work harder to eliminate duplication, said presidential e-government adviser Mark Forman. A Bush administration inventory of government activity found that the government is involved in 32 "lines of business" and on average, each line providing health care or operating parks, for example is being performed by 19 different agencies. http://www.fcw.com/fcw/articles/2002/0520/web-forman-05-21-02.asp - - - - - - - - Librarian of Congress rejects proposed royalty rates The Librarian of Congress has rejected proposed royalty rates that would have charged Internet broadcasters based on each Web user that listens in. Librarian James H. Billington will issue a final decision setting the new rates by June 20, the U.S. Copyright Office said Tuesday. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3307332.htm http://www.newsbytes.com/news/02/176700.html http://www.msnbc.com/news/755281.asp http://www.nandotimes.com/technology/story/408751p-3258836c.html http://www.nandotimes.com/technology/story/407929p-3251476c.html - - - - - - - - MS server port under hack attack Administrators should check SQL server security Security watchers have warned of a huge increase in the number of connection attempts made on port 1433, the Microsoft SQL server port, in the last 24 hours. An advisory released this morning by security firm Trend Micro said that the significant increase in connection attempts could signify hack attacks. http://www.vnunet.com/News/1131940 'SQLsnake' Worm Blamed For Spike In Port 1433 Scans A mounting trail of evidence has security experts warning that a new Internet worm targeting Microsoft SQL servers could be on the loose. Since Monday, a sharp spike in remote probes of TCP port 1433, which commonly is used by Microsoft's SQL database, has been reported by many server administrators, according to SecurityFocus, which operates an incident-reporting system called ARIS. http://www.newsbytes.com/news/02/176701.html http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3308810.htm http://online.securityfocus.com/news/429 http://zdnet.com.com/2100-1105-919531.html http://news.com.com/2100-1001-919461.html - - - - - - - - Security holes found in popular privacy program A popular Internet privacy service that lets Web surfers visit sites anonymously has fixed several serious flaws, and now the service's founder is offering a reward to the finder of the bugs. Bennett Haselton, an Internet filtering activist who runs the Peacefire Web site, found the problems with Anonymizer.com, a five-year-old service that shields users from tracking by Web sites and their Internet providers. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3306644.htm http://www.wired.com/news/technology/0,1282,52681,00.html - - - - - - - - Trend Micro upgrades products, unveils strategy Antivirus firm Trend Micro Inc. Tuesday announced a new suite of services designed to help users block viruses from entering their networks after an outbreak but before virus definitions are available, as well as clean up after outbreaks. To accommodate the new services, Trend Micro will also be upgrading its full line of products over the course of the next month. http://www.idg.net/ic_864358_5055_1-2793.html - - - - - - - - IT Scorecard: Hackers Still Ahead of Security Gurus There is presently a tempest of activity at the network security software level, with some of the IT industry's top dogs vying to prevent hackers from accessing sensitive data servers. The hack occurred sometime between April 2001 and February 2002, Federal Bureau of Investigation special agent Dawn Clenney told NewsFactor. She was referring to one of the most significant computer network hacks to make the news recently. Last week, 13,000 consumers were notified by Ford Motor Credit that their personal information -- including Social Security number, address, account number and payment history -- had been accessed by hackers who broke into a database belonging to the Experian credit reporting agency. http://www.newsfactor.com/perl/story/17850.html - - - - - - - - The Viral Mind: Understanding the Motives of Malicious Coders Over the years I have seen many people offer opinions on why virus writers do what they do. While I accept that many of these people have indeed spoken to a small number of malware authors, it has become all too apparent that much of their text has been based on opinion and not fact. In this article, I will draw upon my own experiences as a virus writer and as a member of the virus (and anti-virus) community to explore some of the reasons that people would devote their time to developing viruses. http://online.securityfocus.com/infocus/1583 - - - - - - - - A Hacker Whodunit at Vivendi It looks like a key shareholder vote was tampered with in a system that's clearly vulnerable. If so, not many clues were left. It's France's mystery du jour. On Apr. 28, French-American media giant Vivendi Universal announced that during a stormy annual meeting in Paris four days earlier, someone had tampered with the electronic system used for shareholder voting. The culprits -- most likely a small team of hackers with inside information about the voting system -- intercepted and altered some shareholder votes, Vivendi said. The company lodged a criminal complaint and says it may convene another shareholders' meeting to repeat the result, which saw the defeat of a controversial stock- option plan offered by Chief Executive Officer Jean-Marie Messier. http://online.securityfocus.com/news/430 - - - - - - - - Does sex offender data belong online? The Supreme Court has agreed to consider a state law that requires the posting of information about sex offenders on the Internet. The high court said Monday that it will hear arguments over Connecticut's "Megan's Law," a measure named after Megan Kanka, a New Jersey girl who was killed by a sex offender. Under the law, the addresses, names and photos of registered sex offenders must be posted in a state database available online. People search the database by entering information such as a ZIP code or the name of a town. All states have some version of the system. http://news.com.com/2100-1023-919150.html http://www.gcn.com/vol1_no1/daily-updates/18708-1.html - - - - - - - - The evil that lurks in e-mail E-mail is a wonderful thing, but there's plenty wrong with it. The worst thing about the e-mail infrastructure on the Internet is that its design allows abusive, unsolicited bulk mail, often with counterfeit addressing, also known as spam. The response to spam from the software industry, ISPs and the government gets a solid F in my grade book. http://zdnet.com.com/2100-1107-918838.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.