NewsBits for April 15, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ America Online files five spam lawsuits America Online has filed five federal lawsuits targeting spammers it accuses of sending some 1 billion junk e-mail messages promoting mortgages, steroids and pornography to its subscribers. The case resulted from about 8 million individual spam complaints from subscribers, most of whom used a "Report Spam" feature AOL introduced last fall, the company said Tuesday. The lawsuits, one filed Friday and the rest Monday in the U.S. District Court in Alexandria, Va., are the first anti-spam cases AOL launched since May 2001. They seek damages of more than $10 million plus an end to the messages. Most of the defendants are "John Doe," meaning AOL could not determine their identities. http://www.siliconvalley.com/mld/siliconvalley/news/5635061.htm http://zdnet.com.com/2100-1105-996899.html http://news.com.com/2100-1032-996899.html http://www.nandotimes.com/technology/story/854902p-5988534c.html http://www.usatoday.com/tech/news/techpolicy/2003-04-15-aol-spam_x.htm http://www.wired.com/news/business/0,1367,58486,00.html http://www.news24.com/News24/Technology/News/0,,2-13-1443_1348032,00.html - - - - - - - - - - Ex-counselor gets 5 months in porn case A former guidance counselor at the Warrior Run Middle School in Northumberland County will serve five months in prison for downloading child pornography at the school and at a computer lab at Bucknell University. Following the jail term, Robert D. Gift, 35, of Lewisburg, will spend three years on supervised release, the first five months of which he will be confined to home on electronic monitoring. While on probation, Gift may not use a computer with an Internet connection and must undergo mental health treatment and counseling. http://pennlive.com/news/patriotnews/index.ssf?/xml/story.ssf/html_standard.xsl?/base/news/105039901066620.xml - - - - - - - - - - Sentence not lessened in child porn conviction In the end, the prominent Houston defense attorney hired by Janice Reedy's family could not get her conviction overturned or get her sentence lowered in the largest Internet child pornography case prosecuted in the United States. The appeals court ruling also clarified for the first time how images of child pornography on Internet Web sites should be counted in the 5th Circuit which encompasses Mississippi, Louisiana and Texas. The ruling recommended that for sentencing purposes, images be grouped by Web site for one consolidated criminal count per Web site, instead of one charge per image. http://www.dfw.com/mld/startelegram/news/local/5636819.htm - - - - - - - - - - Law Professor Admits He Had Kiddy Porn Cache A law professor accused of storing huge quantities of child pornography on computer drives and disks in his home has pleaded guilty to 100 counts of possessing a sexual performance by a child. Edward Samuels, 54, pleaded guilty as part of a deal in which State Supreme Court Justice Brenda Soloff promised him a maximum of four years in prison when she sentences him on June 23. The judge allowed Samuels to remain free pending sentencing. Samuels, who taught copyright law at New York Law School in lower Manhattan, was arrested Aug. 14 after he brought his computer to school for technicians to repair and they reported finding images of naked girls between the ages of 3 and 13. http://www.wnbc.com/education/2114166/detail.html - - - - - - - - - - Ex-student gets reprieve from prison for cyber porn charges People may argue over whether the war on Iraq was a good or bad thing geopolitically. But for a former Ohio University student facing Internet child pornography charges, it may have been what saved him from a prison sentence. Freshman Kevin B. McCance was indicted on 23 felony counts in November 2001, for allegedly downloading Internet images of juvenile girls in sexual poses to his dorm computer. He faced two counts of pandering obscenity involving minors; 11 counts of pandering sexually oriented material involving a minor; and 10 counts of illegal use of a minor in nudity-oriented material or performance. On April 2, however, Athens County Common Pleas Judge Michael Ward granted a nolle prosequi (no prosecution) motion by the prosecutor's office in the case. In a negotiated plea, the prosecutor then agreed to file a single fifth-degree felony charge against McCance, for unauthorized use of a computer, and to recommend probation rather than prison. http://www.athensnews.com/issue/article.php3?story_id=12409 - - - - - - - - - - Court blocks how-to-hack seminar A pair of students were blocked by a Georgia state court from presenting information at a security and hackers' conference on how to break into and modify a university electronic transactions system. Washington D.C.-based education software company Blackboard successfully convinced a Georgia state court to block the students' presentation, which was scheduled to be given at the Interz0ne conference in Atlanta last weekend. http://zdnet.com.com/2100-1105-996836.html http://www.theregister.co.uk/content/55/30259.html - - - - - - - - - - Aussie court crackers on crackers Lawyers and security firms have condemned a decision by an Australian court to release without punishment a man who admitted to breaking into ISP OptusNet's network. Stephen Craig Dendtler, 22, of Bankstown, New South Wales, escaped either a conviction or fine last week even though he admitted gaining access to thousands of sensitive customer details through a back door in OptusNet's network. http://www.theregister.co.uk/content/55/30258.html - - - - - - - - - - Internet Predator Bill Has Support Law enforcement authorities on Monday praised federal legislation they say improves the odds of catching Internet sexual predators who lurk in online chat rooms and use the telephone to arrange meetings with their victims. The bill, set to be signed by President Bush this week, expands telephone wiretap authority to cases involving suspected sexual predators. http://www.ctnow.com/news/local/hc-predatorbill0415.artapr15,0,3516188.story - - - - - - - - - - DVD pirates running wild in SA Johannesburg - South Africa should be placed on the Priority Watch List, due to the increase in audiovisual piracy levels, the International Intellectual Property Alliance's (IIPA) 2003 special 301 report suggests. "Perhaps no country in the world has had a greater increase in audiovisual piracy levels in the last year than South Africa," the report said. The IIPA report added that imports of pirated copies of motion picture DVDs, often of movies which have not even been released anywhere in the world, flood the South African market on a continual basis. "Devotion of adequate resources to fight piracy remains lacking. http://www.news24.com/News24/Technology/News/0,,2-13-1443_1348032,00.html - - - - - - - - - - Children May Often Be Exposed to Porn Spam Children may often be exposed to "porn spam," according to reports submitted to ObscenityCrimes.org, a Web site that gives people a convenient way online to report possible violations of federal Internet obscenity laws. Since Morality in Media launched the Web site in June 2002, citizens in all 50 states have submitted more than 20,000 reports. MIM forwards these reports to the U.S. Department of Justice's Child Exploitation and Obscenity Section in Washington and to U.S. Attorneys around the nation. Each state has at least one U.S. Attorney. http://www.usnewswire.com/topnews/qtr2_2003/0414-125.html - - - - - - - - - - New privacy threat index mimics terrorism alert levels The Electronic Privacy Information Center today unveiled a new Privacy Threat Index to track what it sees as a growing menace to privacy from the governments expanding surveillance efforts. EPIC officials at the RSA 2003 Security Conference said the Washington centers index would ape the five- level color code established for the Homeland Security Advisory System by the Homeland Security Department. http://www.gcn.com/vol1_no1/daily-updates/21722-1.html - - - - - - - - - - Techs Tangle With Privacy Regs April 15 is a national day of angst in the United States. But for many this year, the government- provoked pain arrived one day early. The Health Insurance Portability and Accountability Act, a broad and complex set of federal privacy rules, went into effect Monday. HIPAA regulations are intended to give people more control over how their medical information is used. They affect anyone who works with or has access to medical information, from huge scientific research centers and big city hospitals to rural one-physician practices or any business that offers health insurance to employees. http://www.wired.com/news/medtech/0,1286,58468,00.html - - - - - - - - - - Americans Embracing E-Gov Despite Privacy Concerns While Americans are increasingly embracing online government services, they are also concerned dealing with government over the Internet may compromise their privacy, according to a new study released by the Council for Excellence in Government and Accenture . The study, The New e-Government Equation: Ease, Engagement, Privacy and Protection, was conducted by Hart-Teeter Research and found that more than 60 percent of Americans who use the Internet are interested in using e-government for conducting activities such as filing a change of address, responding to a jury summons, renewing a driver's license, or obtaining a birth certificate or marriage license. http://dc.internet.com/news/article.php/2190871 - - - - - - - - - - NSA doing wireless crypto pilot As part of its Cryptographic Modernization Initiative, the National Security Agency (NSA) recently began a pilot project designed to secure top-secret wireless communications using a solution from Certicom Corp. The pilot project, which began late last year, will result in new cryptographic technology that will be integrated and used to secure top-secret government communications without compromising network speed and performance, according to Certicom. http://www.fcw.com/fcw/articles/2003/0414/web-nsa-04-15-03.asp - - - - - - - - - - Defense program spurs wider government use of smart cards With the number of Common Access Cards in use approaching the 2 million mark, the Defense Department has opened the way for smart-card use throughout government. Issuing the cards at a rate of 12,000 a day, DOD is leading in identity management, said Brett Michaels, head of government sales for RSA Security Inc. of Bedford, Mass. Their effort, funding and conviction have blazed a trail for the rest of the public sector. Government smart-card use was a hot topic at the RSA 2003 Security Conference this week. http://www.gcn.com/vol1_no1/daily-updates/21739-1.html - - - - - - - - - - Computer security trade show offers hope for tech spending There's nothing quite like a computer security convention to stoke your impending sense of doom. Amid war and pestilence, the most gloomy sector of the high-tech economy gathered for the RSA Conference and Expo in San Francisco on Monday to remind us that it's worse than we think. Oddly enough, it's this depressing sector which has generated the most optimism for an increase in tech spending. While most of the tech industry is still in the dumps, the conference and trade show to promote digital security products and services generated plenty of interest this year, with attendance estimated at about 10,000. The combination of war in Iraq, terrorism threats and recent hacker attacks have heightened awareness -- and worries -- over the security of computer networks. http://www.siliconvalley.com/mld/siliconvalley/5637652.htm More Secure Web Sign-On Services Shown http://www.pcworld.com/news/article/0,aid,110268,00.asp Lawyers see security suit-riddled future http://news.com.com/2100-1009-996935.html RSA unveils management, encryption products http://www.computerworld.com/securitytopics/security/story/0,10801,80356,00.html - - - - - - - - - - Microsoft is crawling toward trustworthy code - experts A panel of security experts have faith in Microsoft's ability to produce trusted code. The problem is that they think it will take Redmond a decade to learn how to do it. Famed phreaker Kevin Mitnick headlined a Churchill Club event here on Monday night, joining fellow security gurus from Oracle, ZoneLabs and Black Hat. This uncharacteristically subdued Churchill discussion perked up when the panel turned its attention to Microsoft's Trustworthy Computing mission. http://www.theregister.co.uk/content/53/30265.html MS relieves patching 'pain point' http://www.theregister.co.uk/content/56/30261.html - - - - - - - - - - New Inkra appliance sells security services Network appliance maker Inkra Networks Inc. is hoping to tap the seemingly unquenchable thirst for more and better network security with a new appliance that offers virtual security services. The Inkra 1500/S Virtual Service Switch (VSS) uses Inkra's existing 1500 and 4000 VSS platforms and Virtual Service Architecture (VSA), to deploy virtual hardware-based security services such as firewalls, virtual private networks (VPNs), intrusion detection and protection (IDP) and secure sockets (SSL), according to a statement released by the company on Monday. http://www.idg.net/ic_1306376_9716_1-5046.html - - - - - - - - - - Florida boosts network security with software toolkit Theres no spring break for Floridas network security this year. The Sunshine State in February installed two Symantec Corp. products on its agency servers, said Mike Russo, Floridas chief information security officer. NetRecon, Symantecs hacker-in-a-box enterprise software, resides on the states agency servers and scans its networks for vulnerabilities, Russo said. http://www.gcn.com/vol1_no1/daily-updates/21734-1.html - - - - - - - - - - Intruders: Is detection or protection the answer? Intrusion detection systems have failed, say the experts - but are intrusion protection systems anything more than an effort to retread and re- market them? Intrusion detection systems are dead, a panel of analysts told the RSA Conference on Monday. The question remains what should replace them, and whether the newly fashionable "intrusion prevention systems" are more than just a change of buzzword. "IDS is dead," said Vic Wheatman of Gartner Group. "People bought it, installed it and turned it down when they had too many alerts." http://news.zdnet.co.uk/story/0,,t269-s2133452,00.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.