NewsBits for April 24, 2003 sponsored by, Southeast Cybercrime Institute - ************************************************************ Verizon Loses Suit Over Music Downloading A federal judge rejected a constitutional challenge Thursday by Verizon Communications Inc., which is trying to avoid turning over the names of two of its Internet subscribers suspected of illegally offering free music for downloading. U.S. District Judge John D. Bates, who ruled against Verizon in January in the same case, determined that First Amendment protections concerning anonymous expression do not conflict with the 1998 Digital Millennium Copyright Act.,1412,58620,00.html - - - - - - - - - - DirecTV Mole to Plead Guilty A plea agreement is reached in the case of the college student who knew too much, while elsewhere DirecTV lawyers move against a message board poster for giving hacking advice to satellite pirates. A 19-year-old University of Chicago student accused of leaking the secrets of DirectTV's most advanced anti-piracy technology to hacker websites has agreed to plead guilty to violating the rarely used 1996 Economic Espionage Act. Igor Serebryany is scheduled to appear Monday in federal court in Los Angeles to enter a guilty plea, in a plea agreement reached between defense attorneys and prosecutors last week, lawyers for both sides confirmed Wednesday. - - - - - - - - - - Student music piracy racket 'cost PS25m' Australian students who set up a music swapping Web site were arrested on Thursday. The music industry believes the scam cost them around PS25m Australian police said on Thursday they had closed down an Internet music piracy site and arrested three students over an alleged copyright scam that cost the music industry at least $37m (PS23m). The three students -- two Australians aged 19 and 20 and a 20-year-old Malaysian -- are accused of running a dedicated Web site known as MP3 WMA Land at which visitors could download free music files and video clips.,,t269-s2133854,00.html - - - - - - - - - - Trojan defence clears man on child porn charges A man was cleared of possession of child porn this week after experts testified that a Trojan horse infection on his PC could have downloaded 14 depraved images without his knowledge. Karl Schofield, 39, of Reading, was found not guilty after prosecutors accepted defence experts' testimony that the unnamed Trojan could have been responsible for the present of 14 child porn images on Schofield's PC. It's believed to be the first time such a defence to paedophile charges has been run in a UK court case. - - - - - - - - - - Appeal for longer internet child sex sentence United States prosecutors are to appeal against a 21-month jail sentence given to a former top Northern Ireland civil servant who tried to arrange sex with a 14-year-old girl, it emerged today. Stan Mallon, 62, the former acting chief executive of the Ulster-Scots Agency, escaped the maximum sentence of over four years after a judge ruled in March he was suffering a diminished capacity at the time of his arrest in an FBI sting operation in Chicago. Mr Mallon was arrested in March 2002 after arranging on the Internet to meet an FBI agent posing as a 14-year-old girl named Marny in his hotel room during a stopover on the way to Washington. - - - - - - - - - - Four months for child porn collector A man caught with what is believed to be one of the biggest ever hauls of internet child porn under the Operation Ore crackdown has been jailed for four months. Nicholas Ferry, 42, was sentenced at Aylesbury Crown Court in Buckinghamshire after he admitted possessing 250,000 indecent pictures. The father-of-two had also downloaded 495 obscene videos of youngsters on to his Apple Mac computer, the court heard. - - - - - - - - - - BRONX MAN NAILED FOR KIDDIE PORN A 42-year-old Bronx man has been arrested and charged with possessing and promoting child porn after he was ensnared in an Internet sting, the Bronx District Attorney's Office said yesterday. Investigators say Nelson Garcia, of Bronxwood Avenue, carried on a series of chat-room conversations with an undercover New Hampshire cop who pretended to be a 14-year-old boy. During the chats, Garcia allegedly sent the detective photos of prepubescent boys engaged in sexual acts. - - - - - - - - - - DVD piracy lawsuit postponed A hearing has been postponed in the case pitting major movie studios against 321 Studios, a start-up that makes programs to copy DVDs. The hearing in the case was slated to take place on Friday morning in federal court in San Francisco, but has been delayed due to court scheduling conflicts. The Motion Picture Association of America (MPAA) has accused 321 Studios of violating the Digital Millennium Copyright Act, which makes it illegal to crack DVD-protection software in most cases, and wants the company to stop shipping its products. - - - - - - - - - - Microsoft, Macrovision join to halt CD 'ripping' The world's largest software company, along with the firm most involved in protecting the entertainment industry's content, are cooking up a music CD to keep tunes from being "ripped"and traded on the Net.,,t269-s2133809,00.html - - - - - - - - - - Decoding Computer Intruders IN the abstract, fighting a war is simple. The enemy and the targets are generally identifiable. But in the war against hackers and virus writers, the combatants are harder to know. The attacker might be a 14-year-old in Canada, or a co-worker in the accounting department. "You'll have every type of person" practicing the dark arts of programming, said Sarah Gordon, a senior research fellow with the security technology developer Symantec. - - - - - - - - - - Benefits of cracking down on software piracy A recent report by the Business Software Alliance titled Expanding Global Economies: The Benefits of Reducing Software Piracy, makes a compelling argument that lessening the rate of software piracy can help create new jobs and business opportunities, that in turn generate spending and new tax revenues. According to the BSA, information technology driven by the software sector is a "proven engine" for economic growth and prosperity when software piracy is kept at bay. - - - - - - - - - - In wake of serial killer, university purges personal info from site Fear of a serial killer blamed for the deaths of five women has resulted in Louisiana State University removing the addresses and telephone numbers of students and staff members from the school's public Internet directory. Students and LSU employees already had the option of withholding their personal information from the directory. But University Relations Director Gene Sands said worries about safety led to the blanket removal of contact information. - - - - - - - - - - Organizer: 'Hackathon' Will Go On A Canadian programmer says he will go ahead with plans to hold a "hackathon" for participants in an open-source project, despite a decision by the U.S. military's civilian research arm to yank funding for the event. Theo de Raadt, project leader for OpenBSD, an effort to develop a Unix operating system with a security emphasis, said he intends to seek donations or pay himself, to rent space for the gathering, in which coders detect and create fixes for security holes.,1367,58602,00.html - - - - - - - - - - Customised copyright licences going global A customisable form of copyright license will soon be available internationally through the Creative Commons, a non-profit organisation based in the US. The organisation already offers US artists a way build their own copyright agreement. Each custom-made license is also designed to incorporate an identifying piece of code that can be stored on a central database operated by the Creative Commons. This tag should make it simple for other artists to search for a piece of music or video that they can legally incorporate in their own work. - - - - - - - - - - Look out for the latest IE and Outlook patches It's patching time again for Microsoft users, after the software giant released "critical" fixes for Internet Explorer and Outlook Express last night. First up there's a patch for Internet Explorer, designed to fix four critical vulnerabilities, the worst of which could allow crackers to inject arbitrary code onto a victim's machine. The root cause of this problem is, as usual, a buffer overrun vulnerability.,,t269-s2133808,00.html - - - - - - - - - - Cisco flaw affects Windows servers A bug in Cisco's Secure ACS could allow an attacker to take control of a company's security infrastructure. A potentially critical vulnerability has been found in Cisco Systems' Secure Access Control Server (ACS) for Windows servers, which is used to control devices such as routers in large networks. The buffer overflow glitch may allow an attacker to seize control of the Cisco service, when running on Windows. The Unix variant is not affected.,,t269-s2133814,00.html - - - - - - - - - - Auditing Web Site Authentication Consider this scenario: you build a Web site that requires some kind of user log-in. You allow users to create usernames and passwords and require a valid username and password to get in to your site. But is your Web site authentication scheme secure? Every time I register at a site, I marvel at the consistently laughable - sometimes pathetic - security among even the world's largest Web sites. As the Web becomes more a part of our personal lives, the threat of fraud and identity theft grows accordingly. - - - - - - - - - - Prosecutors used electronic device to follow man to wife's body Prosecutors have withdrawn a motion to keep secret the use of global positioning technology to arrest a man who police say murdered his wife and unwittingly led them to her body. State Attorney Harry Shorstein said he had not approved filing the motion to close parts of Michael Jay Garvin's trial and to exclude certain documents from the defendant and the public. - - - - - - - - - - Regulators expand airwaves for emergency communication Federal regulators doubled the airwaves available for emergency and public safety workers Wednesday, giving a boost to police seeking better crisis communications and firefighters wanting to send video from inside burning buildings. The Federal Communications Commission voted 5-0 to allow local and federal safety agencies to sign up for a chunk of airwaves set aside last year for emergency and homeland security efforts. *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2003,, Campbell, CA.