August 28. 2002 RIAA site comes under second attack For the second time in a month, the Recording Industry Association of America's (RIAA) Web site was attacked Wednesday, apparently by opponents of the industry group's efforts to shut down online music trading. By midday Wednesday, the trade group's site was unreachable. Earlier in the day, it had been modified to contain pro- file trading messages, and even direct links to downloadable music and to file-swapping service Kazaa.,1283,54812,00.html KaZaA poisoned with salted files? - - - - - - - - Spam scam sparks queries Always question an order you can't remember making. And never, ever give out your credit card number for an online transaction you didn't initiate. At least that's the sage advice given to hundreds of customers who recently received bogus e-mails that referred to phantom orders. The bogus e-mails, designed to appear as though they were acknowledgments for orders from, apparently were aimed at getting unsuspecting consumers to reveal their credit card information. - - - - - - - - Appeals Court Overturns Own Web Site Ruling A lawyer for online privacy-rights group the Electronic Frontier Foundation said a certain amount of inconvenience for police is often the price of protecting privacy. Heeding prosecutors' pleas, the federal appeals court in San Francisco has overturned its own ruling that would have made it much harder to peek at private Web sites. The unusual reversal by the Ninth U.S. Circuit Court of Appeals came after federal and state prosecutors warned that the ruling would hamper investigations of child molesters who recruit victims online. - - - - - - - - Rugby World Cup ticket scam uncovered Australian authorities are warning rugby union fans not to buy world cup tickets on the internet. Those on sale at the moment are forgeries, the Fair Trading Minister for New South Wales state says. John Aquilina says no tickets for the tournament, which kicks off next October around Australia, have been released. He added: "If anyone's contemplating buying tickets for next year's World Cup - don't. - - - - - - - - Canada's ISPs may get 'spy' role The right to be anonymous online may be strongly affected by new proposals to build a database of every Canadian with an email address. The Canadian government is considering a proposal that would force Internet providers to rewire their networks for easy surveillance by police and spy agencies.,,t269-s2121423,00.html - - - - - - - - First test of 'Net Decoy' system shows promise The airmen of the 100th Communications Squadron here hosted the first-ever demonstration of the pioneering "Net Decoy" system, combining two defensive information systems that detect, track and potentially identify cyberspace intruders. During the latter part of August the Air Force Information Warfare Battlelab, Lackland Air Force Base, Texas, has worked with members from the 100th CS and a team of Air Force computer experts from the 92nd Information Warfare Aggressor Squadron, also at Lackland, "to demonstrate the military value of creating virtual networks (false computer units) designed to decoy attacks and exploits," said Capt. Robert Anderson, project officer for the AFIWB initiative. - - - - - - - - Electronic identity theft soars Insurers cash in on latest threat. As identity theft continues to rise, some insurance companies are eager to establish a small but growing niche market to help cover expenses to restore the victims' credit. Identity theft can be carried out in a variety of ways, from computer hackers stealing credit card information online to criminals stealing driving licence numbers and ATM cards to impersonate their victims. - - - - - - - - FTC enlists cartoon turtle for Web safety campaign When U.S. officials wanted to keep kids from littering, they enlisted a cartoon owl named ``Woodsy,'' and to help prevent forest fires, they recruited a bear by the name of ``Smokey.'' These days the concern is Internet safety and security, and the U.S. Federal Trade Commission is turning to a new messenger -- a savvy little turtle named ``Dewie'' with a hardened shell that won't get crushed on the Information Superhighway. - - - - - - - - Liberty Alliance gains tech talent The Liberty Alliance Project added a new member on Wednesday, boosting its efforts to establish an online authentication plan to compete with Microsoft's Passport online ID system. Bridgewater Systems said it plans to provide technical expertise in network identification and authentication to Liberty's quest to establish new standards in online authentication systems. - - - - - - - - Cisco launches integrated security hardware IT departments that handle networking and security separately may come into conflict over who controls the switches in Cisco's latest hardware. Cisco on Tuesday announced hardware intended to safeguard networks at a lower cost, but it could lead to infighting in IT departments.,,t269-s2121408,00.html - - - - - - - - PGP is back! Phil Zimmermann's PGP is back in the hands of an independent company, after Network Associates agreed to sell the technology it mothballed back in March to a start-up specially created to market PGP. Jon Callas, the former PGP chief scientist, becomes the CTO of the new company, PGP Corporation. Will Price, former Director of Engineering at NAI, becomes VP of engineering. - - - - - - - - Lobbying for Insecurity The NSA's Linux security project was so good it almost made up for that whole Echelon thing. Then politics entered the picture. The U.S. National Security Agency's contribution to open- source security, Security-Enhanced Linux, found broad approval and support in geek forums from Wired News to Slashdot that are typically suspicious of the government. It's not surprising that it couldn't last, however, and a recent CNET article suggests that the NSA may not make further contributions to software released under the GNU General Public License, and perhaps other open-source licenses. - - - - - - - - Personal remote control: Security disaster Combine easy access to the Internet, ubiquitous Web browsers, the common use of home computers, and the natural demand of users to access their files from home, and the stage is set for the effective marketing of a new class of Web-based remote control tools. These tools bring back an "old problem" --that is, the security risks of personal remote control. Enterprises should define policy and implement security controls to ensure that serious security vulnerabilities are avoided.,14179,2878280,00.html - - - - - - - - E-terrorism: Preparing for the unthinkable One year after the Sept. 11 terrorist attacks, many chilling questions remain. What lessons have we learned? Can we prevent new attacks? How can we minimize damages? And, how will this new order affect our daily lives?,,t269-s2121452,00.html - - - - - - - - How Secure Is Instant Messaging? Companies balance convenience with safety concerns. As instant messaging use grows, so do business concerns about security, authenticity, and encryption. Companies that wouldn't dream of conducting business through public, Web- based e-mail now worry that employees are sending unrestricted messages on public programs from AOL, MSN, and Yahoo.,aid,103721,00.asp *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2002,, Campbell, CA.