NewsBits for April 22, 2003 sponsored by, Southeast Cybercrime Institute - ************************************************************ Peru Crushes 50,000 Pirated CDs with Steamroller Peru's state property rights agency on Tuesday crushed 50,000 pirated music CDs with a steamroller on a Lima street as part of a plan to deter a rampant trade in counterfeit goods. Musicians and singers danced atop the pile of thousands of compact discs protesting pirating that the government says inhibits artistic creativity and starves a cash-strapped state of needed taxes. "We need to eliminate (piracy) immediately ... We are calling on everyone to come out and help us crush counterfeit goods," Martin Moscoso, director for intellectual property rights of state agency INDECOPI, told Canal N cable television. - - - - - - - - - - E. Naples man enters plea agreement in child porn case An East Naples man whose child pornography case was first dismissed by a judge then reinstated by an appeal court has reached a plea agreement to serve nine months in jail. Paul Pasko, 45, of 908 Augusta Blvd., was sentenced Monday to nine months in the Collier County jail, followed by five years of state probation. Pasko pleaded no contest in Collier Circuit Court to 77 felony counts of possession of photos depicting sexual conduct by a child. It was one judge's definition of the latter part of that charge, sexual conduct, that led to dismissal of the case against Pasko in December 2000. Having a photograph of a nude child isn't necessarily illegal, ruled Circuit Judge William Blackwell, now in Charlotte County but based in Collier County at the time of the ruling. For Pasko's actions to be illegal, the photos must show a lewd display of the genitals or the child engaged in sexual conduct. In this case, neither applied, Blackwell ruled. Collier County sheriff's deputies found the images, downloaded from the Internet, on Pasko's computer. All 77 photos showed nude girls under age 18 and as young as 6 or 7. Some of the photos were of nude children doing regular activities such as playing a flute, showering or holding flowers. - - - - - - - - - - Man faces trial on child porn charges A local man who last week was sentenced to five years probation in Ulster County Court on a charge of stealing credit cards now faces child pornography charges in Greene County stemming from an investigation into another credit card scam. Barry Brecker, 49, pleaded guilty earlier this month to a single charge of felony grand larceny. On Nov. 27, police said, Brecker stole credit cards from a home where he had been hired to do yard work and used the hot plastic to make numerous purchases in Woodstock. The arrest by Woodstock police was Brecker's second run-in with police in 2002. According to Greene County District Attorney Terry Wilhelm, Brecker will go on trial next month for 10 felony counts of possessing an obscene sexual performance by a child. Brecker was arrested following an investigation by state police into an identity-theft scam carried out by a friend and neighbor in the village of Catskill, where Brecker lived until recently. According to Wilhelm, the friend was arrested in early 2002 for using stolen personal information to apply for credit cards online. Brecker was a suspect in the case and detectives from the state police Bureau of Criminal Investigation seized his computer, looking for evidence. While nothing on the computer linked Brecker to the credit card fraud, police discovered pornographic images of children, Wilhelm said. Brecker was arrested on Feb. 21 2002, and later indicted. - - - - - - - - - - Penn aide booked in kid-porn case Penn's library director got booked yesterday for allegedly checking out the kiddie porn section of the Internet. But instead of a nickel-a-day fine, University of Pennsylvania Vice Provost Paul Mosher faces hard time in the true crime section for allegedly possessing child pornography. He turned himself in yesterday to Philadelphia police sex crimes detectives on charges stemming from what investigators say were well over 2,000 pornographic images depicting children. The cyber smut was allegedly purchased by Mosher with a credit card and downloaded onto an office computer he used at Penn's Van Pelt Library, where he has been the director since 1988. - - - - - - - - - - Man, 30, indicted in sex case A 30-year-old Waynesville man with ties to a 2001 sex case was indicted Monday on seven criminal charges, accusing him of a three-day sexual encounter with a 16-year-old Xenia girl he met on the Internet. The girl told police she had consensual sex with Gregory S. Hoagland for three days after he picked her up at her house on New Year's Eve and showed her pornographic magazines and movies, according to court records. - - - - - - - - - - Record labels sue Napster investor Two major record labels filed suit Monday against venture capital firm Hummer Winblad Venture Partners for its investment in Napster, alleging that it contributed to rampant music theft through the former file-swapping network. Universal Music Group and EMI Recorded Music filed a lawsuit in the U.S. District Court in Los Angeles against San Francisco-based Hummer Winblad, its cofounder John Hummer and general partner Hank Barry, who was formerly the CEO at Napster. The 23-page complaint charges that the Napster system, as conceived and implemented, "provided a safe haven for the rampant piracy of copyrighted works on an epic and unprecedented scale...Hummer Winblad knowingly facilitated infringement of plaintiff's copyrights for its direct financial benefit." - - - - - - - - - - Accused of Privacy Violations Privacy and consumer advocacy groups Monday asked federal regulators to investigate, claiming that the online retail giant lets children post personal information on its Web site in violation of a children's privacy law. The Electronic Privacy Information Center, the Media Access Project and several other groups charged that Seattle-based Amazon lets children post online product reviews, which often include their names, e-mail addresses and other personal data. A 1998 federal law, the Children's Online Privacy Protection Act, requires Web sites to get parental consent before allowing children under the age of 13 to post data. Update: EBay, Amazon hit with complaints from privacy groups,10801,80571,00.html - - - - - - - - - - White House cybersecurity czar resigns. Again Former Microsoft security chief Howard Schmidt has resigned as White House cybersecurity advisor, just weeks into his new role. Schmidt took over the job from his much-criticised predecessor, Richard Clarke, in February. He is leaving at the end of this month to work in the private sector. In a resignation letter, Schmidt said that many of the functions of his job had been taken over by President Bush's newly-created Homeland Security Department. A successor to Schmidt is yet to be named. - - - - - - - - - - Consultants advise Los Alamos on security Los Alamos National Laboratory needs to centralize its IT user access controls, take better care of its backup tapes and re-engineer its business process controls before switching to a new financial system, according to a report from an independent auditor. Ernst & Young LLP of New York surveyed the operations of the Los Alamos, N.M., weapons laboratory for the University of California, which manages the lab for the Energy Department. The consulting firm compiled its findings into seven reports, which the university released yesterday. - - - - - - - - - - Hackers, Madonna mix it up Madonna just can't seem to find peace on the Net. After releasing the first single from her new "American Life" album online a few weeks ago, the Material Girl saw her Web site hacked last weekend, with links to pirated versions of her full album replacing the sites content. The hacker's attack appeared to be in response to Madonna's most recent, typically colorful broadside against file-swappers seeking free copies of her music. The singer has put files that appear to be versions of her new songs onto peer-to-peer networks that actually contain recordings of her saying, "What the f*** do you think you're doing?" DVD Copying Court Battle to Begin,1282,58583,00.html - - - - - - - - - - Military academies face off in blunting cyberattacks A stream of hostile data packets flooded a Web server. Cadets in camouflage fatigues moved double- time, shouting about mail servers and passwords. Cadet Dan Jeffers calmly tracked the action on his computer screen, wondering about the enemy's next move. "I'm sure they're just surfing around, looking for something right now," said Jeffers, examining long gray lines of scrolling script. The Cyber Defense Exercise conducted last week among the service academies in the United States is a new kind of drill to prepare a new kind of military. The flanking maneuver Jeffers worried about didn't come from a tank column. It stemmed from hackers ramming his computer defenses. - - - - - - - - - - Internet Is Losing Ground in Battle Against Spam Alyx Sachs is no longer sending people e-mail offering to "fix your credit risk free." Confronted by an increasing number of individuals, businesses and Internet service providers using software meant to identify and discard unwanted junk e-mail commonly known as spam Ms. Sachs has been forced to become more creative in her marketing pitches. The subject line on her credit e-mail, for example, now reads "get a fresh start." From a small office on Sunset Boulevard in Los Angeles, millions of messages prepared on behalf of others by Ms. Sachs and her partner are still going out to e-mail in-boxes every day, promising not just to restore a poor credit rating but also to sell printer ink, 3-D glasses and, lately, even playing cards with pictures of wanted Iraqi leaders. (NY Times article, free registration required) - - - - - - - - - - Spam 2003: A progress report The amount of spam grew in March and has almost doubled from last year, threatening to cost businesses $10 billion in 2003. The best tech minds are working feverishly to help you perform one simple task--read your e-mail. Internet Is Losing Ground in Battle Against Spam - - - - - - - - - - Office 2000 users hit by flaw A security setting that keeps administrative privileges safe is causing a registration-request bug to surface in the latest Office 2000 update. A software slip-up in Microsoft's latest update to Office 2000 results in the application repeatedly asking some customers to register the program.,,t269-s2133703,00.html,10801,80580,00.html - - - - - - - - - - Windows 2003 leaves security gaps Microsoft will launch Windows Server 2003 Thursday, offering improved security and faster file and web server performance compared with Windows 2000, according to tests carried out by's sister title, IT Week. But Microsoft's security- by-default strategy and new advanced features will demand tough policy decisions. - - - - - - - - - - DOD buys Pentagon system protection The Department of Defense has awarded EDS a two- year, $258 million contract to upgrade the Pentagon's information technology infrastructure under the Command Communications Survivability Program. The contract's intent is to ensure the Pentagon's IT infrastructure can withstand an attack. The CCSP also addresses the redundancy and recoverability of data. The upgrade covers networks, data storage, and voice and messaging systems.,10801,80575,00.html - - - - - - - - - - Too great a risk to take Last week the Cape High Court stopped a small clothing company from making a T-shirt that displays social comment on black labour exploits during apartheid. The judge said that it "bordered on hate speech". Next month the Constitutional Court will hear an application to have the ban on the possession of child pornography partially lifted. Both cases deal with one of the human rights in the constitution that evokes the most public emotion - the right to freedom of expression. What does child porn do to children? Can child porn 'research' be legal? - - - - - - - - - - Fears over public ID system to access Govt services online Resistance is brewing over steps to provide a public ID system to access Government services online. The State Services Commission is preparing a report due mid-year on the subject. It has stated its considerations do not involve a national ID card and will work on an "opt-in" basis. - - - - - - - - - - Anti-Virus Defence In Depth Lately it seems I can't open my inbox with out seeing a new article on defence in depth. This is fine: defence in depth is crucial to anti-virus protection. Unfortunately, most of the articles are missing two crucial components. To understand what is being missed, we need to look at what is meant by defence in depth as it applies in the malicious software world. For the purpose of this paper, when referring to defence in depth, we will be specifically talking about the utilization of anti-virus software, and other methods to provide a multi-layered anti- malware defence in a corporate environment. - - - - - - - - - - Flushing out spyware on your PC How to detect programs that track your Web moves Your employer may not want you surfing the Net just because it means youre not working. You may be dragging along your path all kinds of crud, programs downloaded onto your computers which spy on what youre doing, cluttering up your hard drive, even taking over your Web settings. - - - - - - - - - - Big Brother comes to Scotland Grampian police try facial recognition technology Grampian police have become the first force north of the border to try facial recognition technology to identify suspects, but privacy campaigners have condemned the move as a waste of time. - - - - - - - - - - New Jersey to Make Driver's Licenses Harder to Counterfeit New Jersey driver's licenses, known as the easiest outside Alaska to counterfeit, will be replaced starting in late July with a digital model that state officials say will be among the most tamper- proof anywhere. Gov. James E. McGreevey announced plans for the new design today, promising that the phase-in could be handled at the notoriously slow offices of the Division of Motor Vehicles. The state has hired a contractor to produce the licenses with equipment at the offices, which will add employees and offer express lanes for people who have completed a preliminary registration online. (NY Times article, free registration required) - - - - - - - - - - Net phone services get 911 capability Users of Internet-based telephone services can finally call 911. Vonage DigitalVoice, the biggest provider of voice over Internet Protocol service, will formally announce this week that it is enabling customers to connect to the 911 emergency system, becoming the first such provider to offer the capability. "You're seeing the first few steps into the future," Executive Vice President Lou Holder said on Tuesday. The company began offering customers the capability during the last few weeks but has yet to officially tout the move. *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2003,, Campbell, CA.