NewsBits for May 28, 2003 sponsored by, Southeast Cybercrime Institute - ************************************************************ HP's printer team in espionage drama Hewlett-Packard's top secret printer labs are under attack from an audacious rival using the art of deception to gather confidential information. A group of engineers working on HP's next-generation network laser printer have come under siege from a competitor, The Register has learned. Employees have received calls at work and at home from faux members of the HP team, asking for details on a new 9500 series printer code-named Nozomi. HP has fingered the culprit, we are told, although the company's identity cannot be released at this time. - - - - - - - - - - Second charge approved against Nault Prosecutors have approved a second charge of sexual assault against a former Scout leader and minor-hockey coach accused of luring young boys into sex using the Internet. In a court date Tuesday, Dale Charles Nault, 34, was charged in relation to an alleged relationship with a 15-year-old boy in 2000. He already faces a charge related to a 14-year-old boy. Nault is alleged to have lied about his age and identity while visiting chatrooms aimed at gay teens. - - - - - - - - - - Web firm ordered to curb deceptive ads Bonzi Software settled a class-action suit Monday in the Superior Court of Spokane, Wash., agreeing to clearly label advertisements that appear to be computer error messages. The suit, filed in November 2002, charged the San Luis Obispo, Calif.-based software company with deceiving millions of Web surfers into clicking on its banner ads by presenting them as computer security warnings. - - - - - - - - - - Defense, Justice report on surveillance activities In the 20 months since the September 2001 terrorist attacks, civil libertarians have had two overarching complaints about the federal government's surveillance regime: the breadth of its powers and the secrecy of its capabilities. Now the latter criticism may be changing. - - - - - - - - - - Libraries guard readers' privacy Palo Alto librarians are shredding documents and deleting computer records to keep patrons' reading habits from inquiring FBI agents. The librarians, long supportive of readers' privacy, are reacting to provisions of the USA Patriot Act, the federal anti-terrorism law that makes it easier for the FBI to peruse library records. In a separate but related action, the city's police chief is lending her support to a resolution coming before the city council that would prohibit city police from aiding the FBI in Patriot Act searches, interviews or surveillance without evidence that a crime has been committed. The Patriot Act allows the FBI to employ a lower standard. - - - - - - - - - - Cybercrimes Location The problem of cybercrime became a sore point, both for the majority of the companies, and for experts on IT security. According to Symantec's latest Internet Security Threat Report, in terms of overall volume, the United States topped the top-10 list of attacking countries, with 35.4 per cent of recorded cyber-attacks originating in the US. South Korea was second at 12.8 per cent and China third at 6.9 per cent. - - - - - - - - - - Safety Patrol Readied for Dot-Kids Two Washington-Area Firms Team Up To Stave off Porn, Other Inappropriate Material. Children will soon have an Internet neighborhood of their own, designed to be free of pornography, hate speech, gambling, discount tobacco sales and other content deemed inappropriate for young audiences. - - - - - - - - - - Security hassles leave users open to hacks Consumers want service providers to step in and manage security for them. Residential broadband users want their internet service providers (ISPs) to take the hassle out of installing, configuring and maintaining antivirus, firewall and parental control products. - - - - - - - - - - Taking the offensive on identity theft Catch Me If You Can wasn't just a hit at the movies this winter. It's also the modus operandi of a growing band of street criminals and their hacker allies who trade in consumer credit card information, Social Security numbers and other confidential data that are stored inside organizations and wash across millions of Web sites every day. The Tennessee Senate recently passed a bill that is designed to help protect veterans from identity theft by removing Social Security numbers from courthouse public records. Identity theft is reaching alarming proportions and needs to be taken seriously by all organizations - before it happens.,1426,MCA_539_1992409,00.html - - - - - - - - - - Apple Takes Aim at Music Piracy Apple Computer on Tuesday released an update to ITunes, its digital music player software. The new version, 4.0.1, can be downloading through the Software Update system preference pane. ITunes 4.0.1 gains performance and network enhancements, according to Apple, but one feature has been disabled: Internet-based playlist sharing.,aid,110900,00.asp - - - - - - - - - - Security firms seek common tongue. A group of computer security companies plans to create a standardized way to share information on potential network security problems. The Organization for the Advancement of Structured Information Standards, or OASIS, on Wednesday announced the formation of the Web Application Security (WAS) technical committee, which will develop a model and a data format for describing security problems. The planned standard will convey information via an XML document to classify and rate the risks of vulnerabilities once they are discovered. - - - - - - - - - - Network security tailored to SMBs It is easy to lose sight of the fact that a substantial part of the economy is driven by SMB's, and that they form part of the supply chain. The security demands that their larger supply chain partners place on them means that they will soon be burdened with organising and managing security for themselves to a greater extent and financial cost than they currently do. - - - - - - - - - - Copy Protection Is a Crimeagainst humanity. Society is based on bending the rules. Digital rights management sounds unobjectionable on paper: Consumers purchase certain rights to use creative works and are prevented from violating those rights. Who could balk at that except the pirates? Fair is fair, right? Well, no. In reality, our legal system usually leaves us wiggle room. What's fair in one case won't be in another - and only human judgment can discern the difference. As we write the rules of use into software and hardware, we are also rewriting the rules we live by as a society, without anyone first bothering to ask if that's OK. - - - - - - - - - - Virus writing at University: Could we, would we, should we? Forgive the reference to a Hollywood blockbuster, but that line neatly sums up technology's unswerving ability to fail to see beyond theory, feasibility and possibility to the wider issues which exist within society. In science and technology, whether something is possible always takes precedent over whether it's right. To take that statement to the greatest extreme, consider the work of 'father of the atom bomb' Oppenheimer, about whom colleague and fellow scientist Max Born once said: "I wish Oppenheimer had shown less cleverness and more wisdom." Learn virus writing skills in Canada,,t269-s2135325,00.html - - - - - - - - - - Malware Myths and Misinformation, Part Two: Attachments, AV Software and Firewalls This article is the second of a three-part series looking at some of the myths and misconceptions that undermine anti-virus protection. In the first part of this series, we considered a class of myths and misconceptions that we summarized as the school of "I'm safe because I don't do Microsoft." In this installment, we will consider a class based on perceived immunity through mail hygiene. It is, perhaps, unfair to regard all of these as myths and misconceptions. They might, however, be regarded as problematic because they tend to lay so much stress on security that they impair an organization's ability to carry out its day-to-day business. The first one, though, is decidedly misleading. Malware Myths and Misinformation, Part One: Windows, Mac, Exchange, and IIS *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2003,, Campbell, CA.