NewsBits for May 27, 2003 sponsored by, Southeast Cybercrime Institute - ************************************************************ Deaths linked to Web suicides Three people were found dead in an apartment in western Japan in what appeared to be the latest in a series of group suicides linked to the Internet, police said Sunday. More than a dozen people have died so far this year in group suicides in which participants are believed not to have known each other before meeting online. A 30- year-old man and two women aged 21 and 18 were found dead Saturday night of carbon monoxide poisoning from a charcoal stove in a sealed room in the man's apartment in the western city of Kyoto, said a police officer at the Fushimi precinct. Their bodies were sprawled on a bed, and a suicide note was found in another room. - - - - - - - - - - Local woman arrested in identity-theft investigation Authorities said they made an arrest Thursday in an identity-theft case that stemmed from the suspect's job at U.S. Healthworks in Modesto. Investigators said Denyce Yvonne Spears' victims included a female client of U.S. Healthworks, a company that specializes in occupational medicine and rehabilitation, and pre-employment physicals and drug screening. - - - - - - - - - - Police smash child porn ring A TERRITORY man has been arrested for running an international child porn operation that displayed images of children under the age of five via the Internet. The arrest was made following information provided to Territory police from a US Customs investigation. Police from the Computer Crime Unit and the Sex Crime Unit uncovered the porn operator after searching a house in the rural area of Howard Springs. Police seized three computers and various computer devices. Examination of the computers' hard drives had so far revealed more than 20 pornographic images of children under five years. Police said none of the children "appear to be local".,4057,6489727%255E13569,00.html - - - - - - - - - - Wellington businessman jailed for nine months on sex charges A Wellington businessman who used an internet chat room to solicit sex from a teenager was jailed for nine months yesterday. Martyn Grant Bryant, 31, was sentenced in the Wanganui District Court. He pleaded guilty to indecently assaulting a girl under the age of 15 and permitting a girl under 15 to perform an indecent act upon him. The offending happened on January 4 last year. Bryant used a teen chat room to help arrange a meeting in a Wanganui motel with the teenager. He twice attempted sexual intercourse with her but stopped each time she objected. Bryant was granted permission to apply for home detention.,1478,2495888a11,00.html - - - - - - - - - - No prison for child porn case doctor A DOCTOR who downloaded child pornography escaped a jail sentence at Cambridge Crown Court today. Adrian Catterall, of Fox Hill Road, Guilden Morden, near Royston, walked free from court with his wife after being sentenced to a community rehabilitation order for three years. The court heard the 16 offences took place in 1999 after which he attempted to give up his growing interest in child pornography and cut up a credit card that was being used to access a child pornography website. Beth Cook, prosecuting, said: "There were a number of indecent images viewed and downloaded on more than one occasion because the sites were revisited. So that doesn't fit in with the explanation that he found the sites accidentally." - - - - - - - - - - New Attorney Brings New Child Porn, Rape Trial Date A Van Buren man who had been scheduled to go to trial next week on rape and child pornography charges has a new attorney and a new trial date. Earlier this month, Crawford County Deputy Public Defender Thurman Ragar, who had been representing Ferrari, asked that evidence seized from Ferraris computer be excluded at trial. He said police did not have a warrant to search it. Cottrell ruled that Ferrari waived his rights during a police interview and allowed police to search the computer. According to a police report, Ferrari was arrested Oct. 29 after police found several sexually explicit images on his computer. - - - - - - - - - - Music teacher caught in Internet sex sting A former Westchester Music teacher, 60-year-old Seymour Kushner of Harstdale, is accused of using the Internet to entice a minor to meet and have sex with him. Police caught Kushner in an Internet sex sting last Wednesday. The person typing to Kushner on the other keyboard was an undercover police officer. The officer had been tracking the illegal computer chats for weeks.,5942,&rid%3D11(r)ion;%3DWC&tab%3Dtopstories&id%3D55895,00.html - - - - - - - - - - NY Man busted for kiddie porn A Flushing man was busted for kiddie porn after a two- month-long investigation in which the man chatted with a detective posing as a young girl, police said. Brian Oswald, 48, was arrested at his Parsons Boulevard home around 7:30 p.m on Thursday, cops said. He's charged with disseminating indecent material and attempting to promote sexual performance of a child, authorities said. - - - - - - - - - - Cyber-crime crackdown The newly minted Australian High Tech Crime Centre could collect its first scalp on Thursday when a 17-year-old faces the Adelaide Youth Court charged with a single count of illicitly receiving $4890 from an ANZ customer's internet banking account. It will be alleged that the youth received proceeds from an unauthorised internet banking transaction after the funds were transferred to Adelaide. - - - - - - - - - - Security alert ad lawsuit settled Bonzi agrees to change Web advertising tactics. The maker of Bonzi Buddy software has agreed to change some of its Internet advertising practices as part of a settlement of a lawsuit that alleged it was deceptive, the attorney bringing the lawsuit said Tuesday. At issue are online ads that mimic Windows system warnings or tell users that their computers are broadcasting their IP addresses. The settlement, which was approved Friday in Washington state Superior Court, could have a ripple effect on other Internet advertisers who use such tricks to get clicks. - - - - - - - - - - Irish DP rep threatens to sue over secret order Irish Data Protection Commissioner Joe Meade has twice threatened to bring High Court proceedings against the Irish Government over an "invalid" order on data retention, secretly issued a year ago. According to a report by Karlin Lillington in the Irish Times, Meade claims the order is in breach of the Irish Constitution, lacks "the character of law" and is in breach of the principles of European Community law. Backroom deal selects unknown for Euro data 'supervisor Officials warned on freedom of information - - - - - - - - - - OMB: Federal IT securitys better but still not good enough Agencies have made progress in evaluating and securing systems, but serious and pervasive problems persist and much work remains to be done, according to the Office of Management and Budget. OMB released its second report to Congress last month under the Government Information Security Reform Act. The report compares the performance of 14 departments and 10 independent agencies in fiscal 2002 with baseline data collected in 2001. Future reports will be made under the Federal Information Security Management Act. - - - - - - - - - - Over 70 percent of businesses are hacked Most businesses in Asia have suffered a hacker attack - despite the fact that nearly all of them have some sort of security software. A survey has found that three-quarters of businesses in Asia have suffered from network intrusions in the past, says market research firm IDC According to IDC's recent survey of over 1,000 companies across nine countries in Asia-Pacific, 72 percent of enterprises have experienced an Internet security breach while 39 percent felt their online threats have increased in the past year.,,t269-s2135232,00.html - - - - - - - - - - Online auctions fertile ground for fraud The Federal Trade Commission and state Attorney Generals across the country have launched a crackdown on Internet auction fraud that, according to the federal agency, has "bilked thousands of consumers out of their money and merchandise. Most consumers have positive experiences with Internet auctions and most sites are run professionally and provide good opportunities for both buyers and sellers. Nevertheless, consumers should be careful. - - - - - - - - - - Feds to Open Cyber-Security Ops Center Officials at the Department of Homeland Security plan to announce this week the establishment of a national cyber-security center, which brings all the department's information security assets under one umbrella, according to people briefed on the plan. So far, however, no one has been named to head the center, and security experts warn that without a strong leader, the center will lack the muscle it needs to be effective.,3959,1104230,00.asp - - - - - - - - - - American Spam Is Flooding Europe The EU's laws on junk e-mail are not as strict as those in the U.S., and enforcement is uneven. The junk e-mail plaguing Europe has something decidedly in common with the American variety. Nearly all the spam messages are in English, originate in the U.S. and don't even bother to price their wares in euros. "It's always some unbelievable business opportunity, which is what we get from America," said Olle Thylander of the Swedish University Computer Network, a Stockholm-based group that oversees Internet traffic for Swedish universities.,1,1739663.story - - - - - - - - - - Police provide PR help The UK's National High Tech Crime Unit (NHTCU) is to help to handle PR for firms that have been the victims of computer crime, in an attempt to encourage more prosecutions. In December the unit launched a confidentiality charter, which allows companies to report computer crime without fear of public disclosure, but some firms are pulling out of prosecutions just before they go to court, according to John Lyons, crime reduction co-ordinator for the NHTCU. - - - - - - - - - - Fraud poses new police challenge Kalispell detective adds calculator to his belt. Forget the smoking gun. Don't even bother looking for blood stains in the carpet. "The guy who's most likely to get you is armed with a keyboard," said Brian Fulford. "He has a computer and a business card, and he doesn't look anything like that guy your mother warned you about." Fulford, a detective with the Kalispell Police Department, spent most of the last year and a half not with smoking guns, but with smoldering file cabinets. "We went through box after box after box of paperwork," he said. "Sometimes it seemed like an insurmountable paperwork task." That task has increasingly become the task of the modern cop. In an age of electronic banking and Internet shopping, of dot-com startups and high-tech investment opportunities, of Enron and CEO bonuses, white-collar crime is emerging as a serious slice of the policeman's pie. - - - - - - - - - - Fighting Child Pornography 75 % of all child pornography is distributed in the Internet. According to experts, 70 % of Internet - payments B2C are made for "xxx-sites", and the words related to sex and pornography are in a half of query search engine. The problem is that the statutory acts of many countries so differ that allow xxx-sites" owners skillfully avoid responsibility. The overwhelming majority of porno-sites have simple screen - verification page. This method is inefficient, but according to legislation of many countries declines almost all responsibility. - - - - - - - - - - Using a hammer on a delicate problem Thailand is earning a terrible reputation around the world as the source of massive amounts of pirated software, illegally made entertainment DVDs and rip- off, counterfeit material that ranges from fashion clothing to aeroplane tyres. The United States threatens to put Thailand on a punitive watch list before the end of the year. Europe has named Thailand as the biggest source of pirated material on that continent, and trade sanctions are possible. The government has begun a crackdown that already shows signs of fizzling out. - - - - - - - - - - College plans virus-writing course While many students would be expelled from their computer science programs for writing a virus, the University of Calgary plans to make writing such malicious programs a part of the curriculum. This fall, the Canadian school is offering a class for fourth-year students titled "Computer Viruses and Malware," in which students will write and test their own viruses. The move has touched off a wave of criticism within the antivirus community. - - - - - - - - - - Microsoft pulls software update because of Internet glitches Microsoft withdrew a security improvement for its flagship Windows XP software after it crippled Internet connections for some of the 600,000 users who installed it. Microsoft officials said Tuesday the update which had been available as an option since Friday on its "Windows Update" Web site apparently was incompatible with popular security software from other companies, such as Symantec.,10801,81575,00.html Microsoft offers Software Reassurance Windows Users Knocked Off Net,1282,59006,00.html - - - - - - - - - - Trend Micro apologises over P bug Resellers not told about flaw that blocked all emails containing letter P. Trend Micro has promised an internal investigation into a bug contained in one of its security product updates that blocked all incoming emails containing the letter P. Although the number of customers reporting the flawed update was low, the reseller channel in the US was notified because the company said it wanted to be as open as possible. - - - - - - - - - - Kazaa to patch 'serious' vulnerability update Users of file sharing programs such as Kazaa and iMesh are urged to install a security patch after a serious bug was discovered in their underlying network. A security researcher recently found a potentially critical vulnerability in the program which drives the FastTrack network. FastTrack is used by peer-to-peer software service including Kazaa and iMesh. Joltid, the maker of FastTrack, initially said the flaw was not serious, but has since done an about-face and plans to plug the loophole. The makers of Kazaa released a patch Tuesday and are urging customers to install it as soon as possible.,,t269-s2135233,00.html - - - - - - - - - - DISA adds threat intelligence tools to its cybersecurity toolkit The Defense Information Systems Agency has added two software tools to its cybersecurity arsenal that will give it early warnings about potential attacks and recommend ways to respond. DISAs Computer Emergency Response Team will use Symantec DeepSight Threat Management System and Symantec DeepSight Alert Services to get threat and vulnerability intelligence reports. DISA contractor Northrop Grumman Corp. awarded the three-year contract. The company would not release the value. The DeepSight Threat application creates custom intelligence updates by aggregating attack data from 19,000 sensors in more than 180 countries, according to the company. DeepSight Alert tracks vulnerabilities in 13,000 versions of 3,200 products and will send alerts to DISA via e-mail, fax and voice communication.,10801,81568,00.html - - - - - - - - - - Firm pitches 'known good' security With network security loopholes and vulnerabilities on the rise, government agencies should stick with the "known good" approach for protecting information technology assets, according to one security management firm. Chris Mullins, director of policy and compliance products at BindView Corp., a provider of host-based vulnerability assessment software, said the "known good" approach is a simple concept: If agencies configure their machines to the best available market standard, they will be protected against most things. - - - - - - - - - - Firms offer software to prevent PC theft Pilfering a PC may become less appealing, if software makers Phoenix Technologies and Softex have their way. The two companies are teaming to offer software called TheftGuard, which is designed to be anchored in the guts of PCs and automatically disable any stolen machine connected to the Internet.,,t269-s2135251,00.html,10801,81569,00.html - - - - - - - - - - ARM to secure handhelds Mobile microprocessor designer ARM has detailed technology called TrustZone that aims to make handheld devices resistant to the worst effects of viruses, hacks and other security threats. In its next generation of chips, ARM plans to partition secure code and data from the operating system and applications so that confidential data is not compromised in the event of a security breach. A monitoring capability identifies secure and non-secure code and switches modes accordingly. - - - - - - - - - - Juniper tightens up security Years after promising to do so, Juniper Networks, the world's No. 2 router maker, is introducing new security features for its equipment. The most notable addition to be announced Wednesday is "flow monitoring," which has become a reliable way to stop denial of service attacks, according to Infonetics Research Executive Director Jeff Wilson. - - - - - - - - - - PGP Encryption Proves Powerful If the police and FBI can't crack the code, is the technology too strong? Italian police have seized at least two Psion personal digital assistants from members of the Red Brigades terrorist organization. But the major investigative breakthrough they were hoping for as a result of the information contained on the devices has failed to materialize--thwarted by encryption software used by the left-wing revolutionaries. Failure to crack the code, despite the reported assistance of U.S. Federal Bureau of Investigation computer experts, puts a spotlight on the controversy over the wide availability of powerful encryption tools.,aid,110841,00.asp - - - - - - - - - - Ex-Security Czar Richard Clarke Speaks Out During his 30 years in Washington, Richard Clarke evolved from a State Department staffer into the nation's top counterterrorism official and, at the time of his retirement in March, the special adviser to the president for cybersecurity. Along the way, he developed a reputation for knowing how to get things done and also became one of the more polarizing figures in the inner circles of power inside the Beltway. He worked directly for three presidents in a span of 11 years at the White House and was the driving force behind the development of the National Strategy to Secure Cyberspace. He's now working as a consultant to ABC News and several security vendors.,3959,1108617,00.asp?kc=EWRSS02129TX1K0000531 - - - - - - - - - - Spam blockers may wreak e-mail havoc Here's an unhappy prediction: The explosion of spam-blocking technology could herald the death of much legitimate e-mail. I wrote about patents relating to this technology, known as challenge- response technology, last week. Basically, when your mailbox is protected by a challenge-response system, people who try to contact you will be greeted with a response saying something like "click on this link to deliver this message" or "type in the word you see in the box above." The idea is to block increasingly obnoxious spam bots but still let actual humans get in touch with you. - - - - - - - - - - Proposal: Webcams to keep homeland safe Jay Walker wants to revolutionize national security. Jay Walker jump-started an online shopping craze by inventing, the Web site that lets people bid on airplane tickets and hotel rooms. Now Walker is hoping his newest brainchild revolutionizes a completely different field: national security. The premise behind Walker's USHomeGuard is simple: America has 47,000 power plants, airports and other "critical infrastructure facilities." *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2003,, Campbell, CA.