June 5, 2002 NY Times sicks FBI on MSNBC journo In 1998, kiddiots Slut Puppy and Master Pimp humiliated the New York Times with a defacement that took the paper's Web site off line for the better part of a day before its clueless admins could regain control of their equipment. This year, the venerable 'Gray Lady', as the paper loves to hear itself called, was stung again by a humiliating hack courtesy of Adrian Lamo, who effortlessly grabbed the private details of James Carville, James Baker, Larry Lessig, Robert Redford, William F. Buckley Jr., Jeanne Kirkpatrick, Rush Limbaugh, Vint Cerf, Warren Beatty and Jimmy Carter, along with hundreds of other noteworthy contributors to its Op-Ed page. http://www.theregister.co.uk/content/6/25574.html http://online.securityfocus.com/news/465 http://www.usatoday.com/life/cyber/tech/2002/06/05/hacker-subpoena.htm - - - - - - - - New viruses aim to cross multi platforms A new virus called Simile.D may not be much of a threat to computer systems, but some of its technical tricks could lead to a rethinking of the principles underlying antivirus software. The program has code that not only works hard to hide the virus' presence, it also randomizes the program's size so as to make it harder to identify. On top of that, the fourth and latest variant of the virus can spread to both Windows and Linux computers, according to a recently released analysis. http://zdnet.com.com/2100-1105-932447.html http://www.msnbc.com/news/762230.asp Experts warn of Linux/Windows virus http://www.vnunet.com/News/1132372 http://news.com.com/2100-1001-932423.html http://news.zdnet.co.uk/story/0,,t269-s2111374,00.html Security headaches everywhere http://zdnet.com.com/2251-1110-932922.html - - - - - - - - Klez worms its way into history Email virus 'the biggest of all time'. Stubborn internet worm Klez has topped the virus charts for the fourth month running and is now responsible for almost 97 per cent of user infections. Antivirus software vendor Kaspersky Labs reported figures that consign previous troublemakers such as SirCam and BadTrans to the sidelines. http://www.vnunet.com/News/1132339 - - - - - - - - BIND glitches could trigger DoS attacks Security organizations have issued an alert about a domain-name service software vulnerability that could see companies face denial-of-service attacks. The vulnerability is found in version 9 of the Internet Software Consortium's BIND (Berkeley Internet Name Domain) server. If it is exploited by an attacker, the BIND server would stop responding until rebooted, according to an advisory issued by U.S.-based security advisory CERT. http://zdnet.com.com/2100-1105-932573.html http://news.zdnet.co.uk/story/0,,t269-s2111375,00.html http://www.vnunet.com/News/1132360 - - - - - - - - New IE flaw enables remote PC attacks ANOTHER SECURITY FLAW identified in Microsoft's IE 5.5 and 6.0 Web browsers has the potential to give a remote user access to a host computer, according to security company Online Solutions. The attack exploits IE's built-in gopher client. Gopher is a nearly obsolete protocol for accessing remote directories and files which has been largely superseded by the Web and Hypertext Transfer Protocol (HTTP). http://www.idg.net/ic_873554_5055_1-2793.html http://www.vnunet.com/News/1132379 http://www.cnn.com/2002/TECH/internet/06/05/microsoft.security.flaw.ap/index.html http://news.com.com/2100-1001-932644.html http://zdnet.com.com/2100-1105-932663.html - - - - - - - - Industry group pushes new anti-piracy standard for digital TV A powerful alliance of technology and entertainment companies agreed Tuesday to a standard for encrypting digital television broadcasts in hopes of preventing the rampant copying of programs over the Internet. http://www.siliconvalley.com/mld/siliconvalley/3399916.htm http://www.usatoday.com/life/cyber/tech/2002/06/05/digital-tv.htm http://online.securityfocus.com/news/467 http://zdnet.com.com/2100-1105-932452.html http://www.washingtonpost.com/wp-dyn/articles/A60770-2002Jun4.html - - - - - - - - Info sharing bill gains support A bill mandating that federal law enforcement and intelligence agencies share homeland security information with their state and local counterparts has the support of top officials within the Bush administration, House members said at a hearing June 4. Following the hearing, the House Judiciary Committee's Crime, Terrorism and Homeland Security Subcommittee passed the bill to the full House Judiciary Committee. http://www.fcw.com/fcw/articles/2002/0603/web-bill-06-05-02.asp http://www.govexec.com/dailyfed/0602/060502njns1.htm - - - - - - - - ITAA hails Internet filter ruling The Information Technology Association of America commended last week's decision by three federal judges to abolish the Children's Internet Protection Act (CIPA) because it required libraries to block content protected under the First Amendment. http://www.fcw.com/geb/articles/2002/0603/web-itaa-06-05-02.asp - - - - - - - - Best Buy's new privacy policy raises alarm Best Buy is changing its online privacy policy, allowing the company to combine customer information from its Web site with that collected in its stores. As part of the policy modification, the company also said it may share with third parties information collected from surveys or reviews on its site. The company has begun notifying customers of the changes via e-mail; the updated policy will go into effect June 9. http://zdnet.com.com/2100-1106-932779.html - - - - - - - - A new teenage wasteland? Script kiddies, Web site defacers, chat-room gangsters: Today's digital troublemakers get a bad rap. But in "The Hacker Diaries" we learn that they're really all right. Behold the glory of the "Web site defacement," a truly modern act of juvenile delinquency. Ludicrous (replacing a Baptist Church Web page with an invocation to Satan, for example) and yet troubling in their signal of arcane technological mastery, Web site defacements are apparently all the rage among angry young computer users. http://www.salon.com/tech/books/2002/06/05/teenage_hackers/index.html - - - - - - - - Dead Men Tell No Passwords The man in charge of archiving and maintaining electronic copies of Norway's most important historical documents is dead and so is access to those archives. So the director of the Norwegian cultural center is pleading for hackers to help him crack the center's password-protected database. http://www.wired.com/news/technology/0,1282,52997,00.html - - - - - - - - Ralph Nader to govt.: Use non-Microsoft software Government technology officials, tired of security holes in Microsoft's products, are discussing whether to use their collective purchasing power to force changes in the way the software giant does business. Their efforts got a boost Tuesday when consumer activist Ralph Nader joined the cause in a letter to the White House saying that changes in purchasing policy may be more effective and palatable to the administration than antitrust sanctions. http://www.usatoday.com/life/cyber/tech/2002/06/04/microsoft-nader.htm http://www.newsfactor.com/perl/story/18087.html http://www.msnbc.com/news/761838.asp http://zdnet.com.com/2100-1104-932127.html - - - - - - - - Smart card use booming Smart cards, while not a panacea, have "tremendous potential" to help agencies and organizations guard their networks and buildings against potential unauthorized intruders, said Paul Kurtz, senior director for national security in the White House's Office of Cyberspace Security. Kurtz, who was speaking June 4 at a Smart Card Alliance symposium in Washington, D.C., said the "deployment of smart cards and the use of smart cards will be significant." http://www.fcw.com/fcw/articles/2002/0603/web-smart-06-05-02.asp - - - - - - - - Elite Solution Secures WLANs The IEEE 802.11 committee has done a credible job developing workable wireless LAN standards that address the physical and data-link layers, but the absence of a standards-based security architecture is a big headache for organizations contemplating a large-scale rollout of WLAN services. Even before WEP (Wired Equivalent Privacy) encryption got hacked last year, vendors and enterprise users recognized that something more was required for WLAN security. http://www.networkcomputing.com/1312/1312f2.html - - - - - - - - United We Fall The United Linux distribution will introduce thousands of open-source fans to the security nightmare of a software monoculture. For economic, political, and social reasons, United Linux seems like a good idea, but it may well prove to be a security nightmare. United Linux is a new distribution of Linux, announced last week, to be produced by Caldera, SuSE, Turbolinux and Conectiva, though more vendors may join the consortium before version 1.0 is released. Release of the first version is scheduled for the fourth quarter of this year, with a beta version expected in the prior quarter. http://online.securityfocus.com/columnists/86 - - - - - - - - FBI most wanted: new IT priorities The controversy over who knew what when about the 9/11 terrorist attacks has the country buzzing. It's likely to make for an entertaining summer as the committees and subcommittees play the Beltway parlor whodunit game, partly for the political gain and partly to find remedies for systemic problems plaguing various government agencies tasked with protecting national interests. http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2869002,00.html - - - - - - - - Tech factors in port protection The House passed legislation June 4 that would give the Coast Guard greater powers in the war against terrorism and would rely on the Customs Service to help protect U.S. ports, using technology to do it. The Maritime Transportation Anti-Terrorism Act authorizes $83 million annually in grants for enhanced facility security at U.S. ports for the next three fiscal years. These grants will help cover the cost of anti-terrorism improvements and fund projects to determine which technologies will improve port security the best. http://www.fcw.com/fcw/articles/2002/0603/web-custom-06-05-02.asp - - - - - - - - U.S. Will Seek to Fingerprint Visas' Holders The Justice Department will propose new regulations this week requiring tens of thousands of Muslim and Middle Eastern visa holders to register with the government and be fingerprinted, administration officials said today. The initiative, the subject of intense debate within the administration, is designed for "individuals from countries who pose the highest risk to our security," including most visa holders from Saudi Arabia, Pakistan and many other Muslim nations, officials said. http://www.nytimes.com/2002/06/05/national/05IMMI.html - - - - - - - - Faceless Snoopers Have the Upper Hand In the 1997 film Conspiracy Theory, New York cab driver Jerry Fletcher is convinced that someone is continually spying on him. Fletcher locks his refrigerator to keep his food safe. When he's home, he balances a Coke bottle on his door knob -- to alert him if an intruder tries the door. Fletcher has even rigged his apartment with detonation devices to destroy all traces that he ever lived there and outfitted the place with a trap door for easy escape. http://online.securityfocus.com/news/466 *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.