December 11, 2002 Major music piracy ring busted by secret service A New York operation accused of pirating music to the tune of millions of dollars was raided this week by U.S. Secret Service agents and record industry investigators in what they called the largest ever seizure of music piracy equipment in the U.S. About 35,000 pirated CDs, 10,000 DVDs and the equivalent of 421 CD burners were confiscated, the Recording Industry Association of America (RIAA) said in a statement. Three people were arrested in the Monday raid in an industrial complex in the New York City borough of Queens and charged with trafficking counterfeit labels and criminal copyright infringement, the RIAA said. - - - - - - - - Internet watchdog warns of fake eBay Web site Fraudsters trying to steal credit card information from online auction house eBay Inc's 55 million users appear to have set up a fake Web site that mimicked the firm, a private Internet watchdog said on Wednesday. The scam involved e-mails that asked recipients to log on to a Florida- based Web site,, and re-enter financial data for eBay, said Dean White, the Asia-Pacific coordinator of a U.S. group, SANS Institute Internet Storm Center.,,t269-s2127386,00.html - - - - - - - - Compaq accused of breaking EU export laws Irish operation allegedly exported software for nuclear weapons programmes. Compaq's key Irish operation was the site of anti-war demonstrations last week following claims that the company has been illegally exporting software used in the development and maintenance of US and French nuclear weapons programmes. The company has been accused of contravening European export laws, and Ireland's Department of Enterprise has launched an official enquiry into the allegations. - - - - - - - - Gov't tightens its case in hacking trial A Russian software executive sought to deflect accusations against his company Tuesday, in a closely watched criminal hacking trial that legal experts said appeared to leave little room for effective defensive maneuvers. - - - - - - - - Activists plan EU cyber-attack Plot to overload EU site part of anti- globalisation protest. A Danish anti- globalisation group has warned that protesters will attempt to shut down a European Union (EU) website tomorrow. More than 10,000 people will simultaneously launch a WebScript program to overload the EU presidency home page and block access to the site, the Global Roots group claimed. The action is for the benefit of activists unable to get to Copenhagen to demonstrate in person against an EU summit discussing enlargement of the union. - - - - - - - - Law may be updated to cover DoS attacks Concerns that some types of hacking might not be covered by the UK's Computer Misuse Act could prompt changes to the law, following strong lobbying from industry. The government is considering amending the Computer Misuse Act (CMA), amid concern within the Internet industry that denial of service (DoS) attacks may not be covered by the law.,,t269-s2127395,00.htmlj - - - - - - - - Portal service offers to help FBI hunt for a killer Internet portal operator Terra Lycos has volunteered to provide online wanted posters to help track down alleged gangster James Whitey Bulger, for whom the FBI is offering a $1 million reward. Spokeswoman Gail Marcinkiewicz of the FBIs Boston office said Bulger was a major figure in the citys organized crime world who is reported to be responsible for 21 killings. Bulger has been a fugitive since 1995, and the FBI placed him on the 10 Most Wanted list in August 1999, Marcinkiewicz said. - - - - - - - - Spam to overtake real e-mail in 2003 Antivirus firm annual report paints bleak picture. Some time next year, there will be more spam than real e-mail floating around the Internet. Thats the conclusion drawn from annual statistics gathered by British e-mail filtering firm MessageLabs, which on Wednesday delivered disheartening news to e-mail users delivery of unsolicited e-mail rose sharply in the second half of this year. The annual report also revealed that one in every 212 e-mails contained a computer virus. - - - - - - - - IT users in password hell Heavy users of technology now employ nearly two dozen passwords to gain access to various IT systems and Web sites--but are compromising security by writing them down. The 2002 NTA Monitor Password Survey found that the typical intensive IT user now has 21 passwords, and has two strategies to cope, neither of which is advisable from a security standpoint: they either use common words as passwords or keep written records of them. The survey found that some of these heavy users maintain up to 70 passwords. Forty-nine percent write their passwords down, or store them in a file on their PC.,,t269-s2127377,00.html - - - - - - - - Time To ID Identity-Theft Solutions "Identity-Theft Reports Soar!" "Internet Makes It Easier To Steal ID!" "Personal Data In Danger!" Those were the headlines back in 2000, when the Federal Trade Commission noted the spike in ID theft. Things sure have changed since: The situation has gotten much worse. Forget for a moment (if you can) the recent scam involving the theft of more than 30,000 credit reports. A study by Meridian Research predicts that by 2006 nearly a million people a year could find themselves victims of ID theft, with losses adding up to $8 billion annually. VeriSign unveils new online identity-verification services,10801,76558,00.html - - - - - - - - XML encryption specs approved Two key specifications will eventually allow an author to secure parts of an XML document - such as a credit card number entered in an XML form. The Web's leading standards group on Tuesday approved two XML encryption specifications, a move that promises to boost the development of secure Web services. The two specs, XML Encryption Syntax and Processing and Decryption Transform for XML Signature, will enable Web pages using Extensible Markup Language to encrypt parts of a document being exchanged between Web sites, the World Wide Web Consortium said.,,t269-s2127330,00.html - - - - - - - - Unisys emphasizing security services Computer technology and services company Unisys on Wednesday said it will beef up its security consulting arm, announcing a new approach to risk assessment and information security. Rather than focus on providing quick fixes for security problem, Unisys intends to offer tailored plans aimed at getting clients to approach security as a fundamental part of their business, said Sunil Misra, Unisys' newly appointed chief security adviser. The company is also looking to increase the number of security professionals on its staff. - - - - - - - - Rooting Out Corrupted Code Is there a backdoor on your system? A flawed but timely project from the Shmoo Group could help network administrators spot altered programs. Sometimes it's easy to tell when you're dealing with an imposter. That Mona Lisa at your neighbor's yard sale is unlikely to be the real thing. When you see Elvis at the mall, you can be pretty sure that he's a fake, too. - - - - - - - - Flyzik will help establish a consulting firm With retirement from the federal government less than a week away, James Flyzik, senior adviser to White House Office of Homeland Security director Tom Ridge, today announced he would join two other government-IT market veterans to form a consulting firm. Treasury braces for staff loss to Homeland Security Department Burbano takes on homeland job - - - - - - - - Passenger ID system makes progress The Transportation Security Administration has awarded a contract for the beginning stages of a system that will perform background checks and risk assessments on airline travelers, according to the agency's top official. The tool, a substantially advanced version of the Computer Assisted Passenger Prescreening System (CAPPS) now in use, is being designed to cull multiple government and commercial databases for information that could indicate a potential threat. - - - - - - - - Scanner could end barefoot flight checks An Israeli firm has developed a step-up scanner designed to spare travellers the nuisance of having their shoes removed and checked for hidden explosives at airports. The sole-searching "Safeshoe" also detects metal items which could be used as a hijacking weapon, said Avi Kostalitz of Ido Security on Wednesday. The product is in final trials and due to be marketed by early 2003 at some $10,000 a unit, he added. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2002,, Campbell, CA.