December 17, 2002 Russian software firm found innocent in copyright trial A federal jury in San Jose today rejected the government's first attempt to enforce a criminal provision of a controversial digital copyright law. After three days of deliberation, the jury acquitted ElcomSoft, a Russian software company, of violating the Digital Millennium Copyright Act. The jury cleared the company of all seven counts it faced during a two-week trial, saying after the verdict that prosecutors failed to prove that ElcomSoft intended to violate the law.,,t269-s2127640,00.html,1367,56894,00.html DMCA critics say reform still needed - - - - - - - - Disgruntled Ex-Worker Accused In 'Logic Bomb' Scheme Former Systems Administrator Allegedly Engaged In Computer Tampering. A disgruntled former UBS PaineWebber systems administrator attempted to profit after detonating a "logic bomb" program that caused more than $3 million in damage to the brokerage's computer network, authorities charged. Figuring the damage would cause the company's stock price to fall, the former worker bought put options for UBS stock, giving him the right to sell it at a fixed price, before activating the program, prosecutors said. - - - - - - - - Fake escrow site scam widens Auction winners sometimes lose $40,000 at a time In July, warned Internet users that fake escrow Web sites were the latest scam. Six months later, the scam has widened considerably, and it now appears to be among the most successful Internet cons ever. By taking advantage of Net auction winners inherent trust of escrow sites, the con artists are stealing as much as $40,000 at a time from big-ticket auction winners. Their total take may well reach into millions of dollars so far. And while federal authorities, including the Department of Commerce and FBI, are investigating, there seems to be no way to slow down the con artists. Web Scams Scare Shoppers Fraudsters target eBay again - - - - - - - - 50 police arrested in child porn operation Fifty police officers across the UK have been arrested as part of a crackdown on suspected paedophiles who pay to access child pornography websites. The officers are among 1,300 people arrested on suspicion of accessing or downloading indecent images of children - some as young as five - from US-based internet sites. Thirty- four men were arrested in London as part of the investigation - codenamed Operation Ore - following raids on 45 addresses across the capital - - - - - - - - Computers held as evidence in child pornography case Two computers owned by the city of Portola are now being held in Nevada as evidence in charges of child pornography against a Plumas County sheriff's deputy. Deputy Donald Lunau, a sheriff's deputy working in Portola, allegedly used one or both of the computers in his quest for child porn on the Internet. According to information from the Portola substation, Lunau used the computer in the office for business purposes and was allowed to take the laptop home to provide continued work for the department. - - - - - - - - Man Sentenced in Child Porn Case A Lakeland man whose computer was used to distribute child pornography overseas will serve five years' probation. The sentence follows a months-long investigation last year involving the Polk County Sheriff's Office, the U.S. Customs Office, Interpol, the German National Police and the Central Florida Child Exploitation Task Force. Polk Circuit Judge Michael McCarthy sentenced Patrick John Dedeo, 20, to five years' probation last month after convicting him of one felony count of possessing child pornography he intended to distribute. - - - - - - - - Brunswick Man Going To Jail For Trading Child Porn Police believe a suburban man used the Internet to trade in child pornography, including some that he made. David Schneider, 50, pleaded no contest last week to two counts of unlawful sexual conduct with a minor, charges accusing him of preying on a boy he met when he sold the boy's family a computer. A court-ordered search of Schneider's apartment in Brunswick produced evidence that helped federal agents arrest his online acquaintances, including a Texas schoolteacher. When he changed his plea last week, Schneider agreed to a seven-year prison sentence. - - - - - - - - Kid-porn investigation led to others In David Schneider's bedroom, police found a chilling collection of child pornography made in America. Pre-teen boys romped on a big-screen TV that served as the monitor for a computer in a bedroom where Schneider retreated to watch thousands of images of naked children e-mailed to him. They came from California, Montana, Texas. Police believe Schneider, too, traded child pornography he made in Ohio. Schneider, 50, pleaded no contest last week to two counts of unlawful sexual conduct with a minor, charges accusing him of preying on a boy he met when he sold the boy's family a computer. - - - - - - - - Army Vet Child Pornography Charges A retired Army special forces soldier who used to live in central New York is charged with making explicit home movies with an underage girl and downloading child pornography from the Internet. Fifty-year-old Jimmy Husband was ordered held without bond in a Norfolk, Virginia federal court yesterday after being extradited from Kansas, where he was arrested. He was charged with 20 counts of sexual exploitation of a minor and possession of child porn. - - - - - - - - Musician's trial on child porn charges delayed A former Bloomington keyboard player for Hoosier rock star John Mellencamp will not go on trial today as scheduled. No new trial date has been set for Eric Franklin Rosser, 50, the first child pornography suspect to make the FBI's 10 Most Wanted list. The trial date was continued at his attorney's request. Rosser, who was extradited to the United States from Thailand in October, faces up to 70 years in prison if convicted on charges of sending child pornography between Thailand and Bloomington. He is being held in the Marion County Jail. - - - - - - - - AOL wins porn spam payout The ruling is America Online's largest reward to date in an anti-spam case. A US court has granted Internet giant America Online almost $7m (PS4.4m) in damages from a company that the Internet giant said sent its users nearly one billion unwanted emails touting adult websites. The ruling is America Online's second win over CN Productions and its largest reward to date in an anti-spam case, an AOL spokesman said on Monday. The unsolicited mass messages known as spam are one of the biggest annoyances for email users.,,t269-s2127638,00.html - - - - - - - - Pentagon announces data project Critics warn of outsourcing Big Brother in massive collection. It is a classic dilemma for a society that thrives on the right of privacy: How do you balance those rights with the need to protect against a future terrorist attack? The Pentagon has a major project under study, headed by a controversial figure from the past, that digs deeply into the personal activities of individual Americans and a good deal of the early work is going to private contractors. Is this a classic example of government going too far? Privacy group sues for documents on 'total information' project A group that advocates keeping personal information out of government hands wants a federal judge to intercede in its fight against the Pentagon. The Electronic Privacy Information Center (EPIC) requested a temporary restraining order in U.S. district court Tuesday, asking the judge to overturn the Defense Departments decision not to release information about a controversial research project. - - - - - - - - Revised cybersecurity plan goes to Bush next week White House officials expect to present a revamped national cybersecurity strategy to President Bush for his approval next week, and a formal public release is expected in early January, according to a spokeswoman for the White House Office of Cyberspace Security. The strategy has been significantly rewritten and includes greater responsibility for Internet service providers (ISPs) to ensure that computer networks are less vulnerable to attack, according to sources. Further, it puts more emphasis on the need for private firms to disclose computer vulnerabilities and for wireless technologies to be secure. - - - - - - - - Bush signs e-government bill President Bush signed a bill Tuesday intended to make federal information systems communicate more fluently with each other, with government workers and with the general public. In a statement released Tuesday, Bush said the new law would put legislative teeth into goals he set forth this summer for more Internet-friendly government services.,1283,56891,00.html - - - - - - - - Virus warning: old wine in new bottles SurfControl, a web and email filtering company, today issued a warning that "a new e-mail virus that poses as an e-greeting card is putting IT administrators on high alert during the holiday season." How the threat in question can be classified as "new" is puzzling because the Friendgreetings E-Card, which the company referred to, was listed by anti-virus software companies Symantec and F-Secure in the last week of October. - - - - - - - - Government email policy 'flawed' Parliamentary internet group calls for better encryption. The government's policy on email encryption is still flawed, a group of MPs has warned. Liberal Democrat Richard Allan, chairman of the Parliamentary All-Party Internet Group, told Radio 4's Today programme that many MPs and civil servants were unaware of how easy it is for emails to be read by the wrong person. - - - - - - - - Businesses to discuss cybercrime charter Members of blue chip user group to meet hi-tech crime unit in January. UK corporate users are to get their first chance next month to examine in detail the cybercrime confidentiality charter drawn up by the National Hi-Tech Crime Unit (NHTCU). The charter, to encourage businesses to report hacker attacks by minimising the disruption of an investigation and keeping the information out of the media, was unveiled by the police earlier this month. - - - - - - - - School praises `hacker' PROJECT TO BREACH SECURITY EARNS `A' Reid Ellison, an 11th-grader at Anzar High School in San Juan Bautista, recently decided a cool student project would be to hack into the school's computer grading system. So he presented the idea to school administrators, and they gave him the go-ahead. He hacked his way in without difficulty. Once there, he wanted to leave a footprint to prove he had been successful. But he couldn't artificially bump up his grades -- he already had a straight-A average. - - - - - - - - EC denies PS63bn budget software flaw Change in software used to reflect change in practices. The European Commission has strongly refuted "lurid" claims that the computer accounting systems controlling its PS63bn budget are open to fraud. Reports in the Financial Times suggested that the Commission was preparing to scrap its accounting systems for not being "up to the job". - - - - - - - - Wi-Fi a 'threat to radar' The US Defence Department is worried about wireless networks interfering with radar, and its proposals could threaten expansion of Wi-Fi systems. The US Defence Department is seeking new limits on an increasingly popular form of wireless Internet access, arguing that it could interfere with military radar, the New York Times reports.,,t269-s2127694,00.html - - - - - - - - CERT issues advisory over SSH vulnerabilities Vulnerabilities have been found in multiple SSH implementations, according to the latest CERT security advisory. SSH is a widely used secure shell protocol, somewhat like an encrypted and secure "telnet" program. The vulnerabilities may allow an attacker to take control of a server running SSH. The official response from many of the vendors listed as vulnerable has been to deny the problem seriously affects their products. - - - - - - - - Multiple vulns in MySQL, upgrade now Security researchers urge admins to update MySQL database servers, following the discovery of a set of potentially troublesome security flaws. The vulnerabilities could allow attackers to crash unpatched versions of the popular open source database server, inject malicious code on servers or hack into accounts without a password, warns German firm e-matters. - - - - - - - - And deep in IE, a creature was stirring... eEye security researcher Derek Soeder was moved to verse after analysing a complicated - and not particularly devastating - heap corruption vulnerability involving the way Windows handles PNG image format files. An advisory by eEye begins thus: Twas the night before Christmas, and deep in IE. A creature was stirring, a vulnerability MS02-066 was posted on the website with care. In hopes that Team eEye would not see it there. - - - - - - - - The Problem with JavaScript Internet Explorer was the only browser that was vulnerable to Nimda. Brendan Eich, the creator of JavaScript, told NewsFactor that the Mozilla team approaches its JavaScript implementation differently. JavaScript is the scapegoat for many of the Web's problems, including pop-ups, pop-unders and other much-maligned browser behaviors. The language's reputation also has been sullied by malware, such as the infamous Nimda worm, that uses it to spread through the Web. - - - - - - - - Hawaii installs fingerprint systems Hawaiis Human Services Department this week installed 10 digital fingerprint systems as part of an initiative to increase the speed and accuracy of background checks for child and foster care providers working in the state. Sagem Morpho Inc. of Tacoma, Wash., installed its MorphoCheck 100 livescan systems in Human Services offices located on each Hawaiian island. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2002,, Campbell, CA.