NewsBits for April 10, 2003 sponsored by, Southeast Cybercrime Institute - ************************************************************ Poison applet could wipe Windows PCs A duo of security alerts from Microsoft yesterday pose risks for both home users and corporates. The more serious problem, involving Microsoft's virtual machine (Microsoft VM), which enables Java programs to run on Microsoft Windows, provides a mechanism for attackers to run amok on Windows PCs. Microsoft has released a fix designed to address the problem, which affects users of Windows 98, NT 4, Windows 2000, XP and Windows Me.,,t269-s2133253,00.html - - - - - - - - - - Siebel seeks FBI probe into leaked docs Siebel Systems said on Wednesday it has asked authorities to investigate the leak of internal documents that portrayed the software maker's customer service in a negative light. San Mateo, Calif.-based Siebel, the world's largest maker of customer service software, called an impromptu conference call to say that the leaked documents were distributed with "very malicious intent." - - - - - - - - - - DMCA strikes again in N2H2 filtering list case A Federal Judge has dismissed an application to permit a Harvard researcher to obtain a list of sites blocked by a censorware tool through reverse- engineering. Ben Edelman, a Harvard Law student and well-known online activist, had sought permission to reverse-engineer the list of Web sites blocked by N2H2, a process in possible violation of the controversial Digital Millennium Copyright Act. A lawsuit brought on Edelman's behalf last July by the American Civil Liberties Union's challenged this aspect of the DMCA.,1367,58425,00.html Google filter blocks innocuous sites Librarians Make Some Noise Over Patriot Act - - - - - - - - - - Appeals Court Reverses Child-Porn Convictions A federal appeals court Wednesday tossed four child pornography convictions against a man who flew to Salt Lake City in 1999 to have sex with a fictitious 12-year-old girl. Citing a faulty jury instruction, the 10th U.S. Circuit Court of Appeals in Denver dismissed two counts of transporting child pornography, one count of transporting child pornography by airplane and a single charge of possessing child pornography against Thomas Jared Pearl. Last year, the U.S. Supreme Court ruled that portions of the Child Pornography Prevention Act dealing with the definition of child pornography were unconstitutional. The decision struck down clauses that define child pornography as photographs of subjects who "appear to be" minors, forcing prosecutors to prove that the subjects of photos were actually children. - - - - - - - - - - Court strikes down state e-commerce law A North Carolina law restricting shipments of wine from mail order and Internet retailers in other states is unconstitutional, a federal appeals court said on Tuesday. The 4th Circuit Court of Appeals ruled the state law violates the U.S. Constitution's Commerce Clause by imposing unreasonable protectionist regulations. Similar state laws have spurred a flurry of lawsuits, with courts split over whether such regulations are permissible. Internet retailers are hoping to strike down the laws, which vary by state and restrict online shopping for products ranging from caskets to automobiles. - - - - - - - - - - Antispam bill gets a second go A pair of U.S. senators are trying once again to enact a federal law restricting spam. On Thursday, Conrad Burns, R-Mont., and Ron Wyden, D-Ore., reintroduced a bill they first drafted in 1999, which would make it a federal crime to use a false address when sending unsolicited commercial e-mail. As spam has piled up in in-boxes, interest in the topic on Capitol Hill has increased, and many observers predict that Congress will approve some antispam bills by the end of 2004. But the effect of federal legislation may be limited because a high percentage of spam originates overseas, outside the reach of U.S. law. - - - - - - - - - - Dawn of the Superworm The attack came swiftly and without warning. At 12:30 a.m. eastern standard time, January 25, a single packet of data containing the Slammer worm began spreading across the Internet. Within 10 minutes the worm reached 90 percent of the Net and infected more than 75,000 machines. At its peak 30 minutes later, it disrupted one out of five data packets. The result: service blackouts, canceled flights, and disabled ATMs. Next time around, we might not be so lucky.,aid,110014,00.asp - - - - - - - - - - Behind Patriotic Words, Same Old Spam "Spam" e-mail, already a costly and frustrating bane of computer users and corporations, has surged as spammers invoke the war in Iraq as a way to lure customers. Government regulators and anti-spam software vendors warn of a fresh raft of come-ons that play on emotions and fears about the war, from offering encouragement to U.S. troops to selling patriotic T-shirts, pins and books on how to survive a biological attack. Many are run by known spammers, including some who also are linked to Web sites that offer pornography. - - - - - - - - - - BlackBerry: Focusing on government users Research in Motion Ltd., of Waterloo, Ontario, has been responding to the needs of its many U.S. government users in expanding the functionality of its BlackBerry two-way paging devices, the company's president said today. We are very government focused, RIM president Mike Lazaridis told an audience at the FOSE 2003 trade show in Washington today. In addition to civilian agencies and the Army, Navy and Air Force, the companys government customers include the Executive Office of the President and the Secret Service. The latest BlackBerry models have FIPS 140-2 certification approval for operation on all wireless network standards supported by BlackBerry, including Mobitex, DataTAC, GSM/GPRS, Nextel and CDMA 1X. - - - - - - - - - - Security: Let's get physical IT departments and business managers need to collaborate more closely on an enterprises physical security needs, argues one advocate. The creation of positions such as chief security officer (CSO), and a growing focus on security in enterprises more generally, has started to create interest in whether CIOs and IT managers should be involved in decisions relating to physical security.,,t269-s2133258,00.html - - - - - - - - - - In privacy debate, tech has two faces Although modern technology created many of society's most pressing threats to privacy, a group of researchers is out to prove that it is also the greatest defender of civil liberties. For example, video surveillance could be made more palatable if it worked more like an episode of "Cops," with people's faces blurred out. Only if a crime occurred would the more detailed images be made available. Massive databases designed to root out terrorists, meanwhile, might feel less intrusive if the actual names associated with the information being gathered were kept in a separate file that required a warrant or other authorization to access. - - - - - - - - - - Hoaxster hacker discovers infinite-wealth algorithm Hacker stunt-double and convicted financial fraudster Kim Schmitz (aka Kimble) is up to his old tricks, this time with a package of techno trickery for making a killing in the stock market. To satisfy the dreams of instant fortune common to those who believe in fairy tales, he's devised an "AI-based decision system" for share trading which scientifically "selects the optimal combination of trading strategies for current market conditions". - - - - - - - - - - Controversy surrounding high-tech voting Not so long ago, we lived in an era of hanging chads. Yes, those nasty paper ballots from Florida had such an impact on the most recent presidential election that related issues were presented first to the Florida Supreme Court and then, ultimately, to the United States Supreme Court. Who knows, had the voting been handled differently perhaps employing high-tech means for casting and counting votes the election may have gone the other way, which certainly would be interesting, given where we are at this important juncture in history. - - - - - - - - - - Policy consensus seen critical to information sharing Successful government information sharing projects start with agreement to commit the resources to a common goal, officials speaking at FOSE agreed today. By comparison, the technical side of intergovernmental and interagency information sharing projects is relatively easy, the officials said. Denis Gusty, program manager for the Labor Departments project to provide a common Web site for federal benefits programs, said department officials found resistance to sharing information. - - - - - - - - - - Reporters Flout Cuban Censorship "We are all afraid," he said in a phone interview from his Havana home. "We are waiting for that knock on the door, for the police to go through our apartments and to take us away." Garcia is one of a handful of online journalists who was not arrested in a recent government raid of island dissidents, including writers who, like Garcia, work outside of the media controlled by Fidel Castro's socialist government. So far, 43 of the 80 people arrested -- including human rights activists, librarians and independent economists -- were sentenced this week to up to 27 years in prison.,1283,58414,00.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2003,, Campbell, CA.