NewsBits for September 23, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Jury convicts DirecTV pirate on DMCA charges A US jury this week convicted a Florida man for selling illegal cable TV descrambling hardware. This is the first jury conviction under the Digital Millennium Copyright Act (DMCA). Thomas Michael Whitehead, 38, of Boca Raton, Florida, was found guilty of three counts of violating the DMCA. His role in selling hardware used to pirate DirecTV broadcasts also earned a conviction on two counts of selling unlawful decryption device and one count of conspiracy. Whitehead faces up to 30 years in jail and fines of up to $2.75 million when he returns for sentencing before US District Judge Christina Snyder on January 26, NBC reports. http://www.theregister.co.uk/content/55/32977.html http://zdnet.com.com/2100-1104_2-5080807.html - - - - - - - - - - eBay trader arrested in missing DVDs probe The man at the centre of a row over the non-arrival of DVDs bought through auctions on eBay has been arrested and questioned by Norfolk Police. Adrian Bailey (aka zippymilk), 33, was arrested on suspicion of deception by Great Yarmouth police on Friday, the Eastern Daily Press reports today. http://www.theregister.co.uk/content/6/32988.html - - - - - - - - - - Ex-FBI translator pleads guilty to charges A former FBI employee facing charges that he sold privileged information to Juarez drug dealers pleaded guilty and was sentenced to five years in federal prison, officials with the U.S. attorney's office said. Mario Castillo, 36, who worked as a translator for the FBI in El Paso for five years, pleaded guilty Friday to one count of unauthorized access of a computer to obtain information for private financial gain and to one count of selling at least eight stolen cellular phones in the fall of 2002, costing Verizon Wireless about $117,000. http://www.borderlandnews.com/stories/borderland/20030923-24795.shtml - - - - - - - - - - Man Pleads Guilty To Child Sex Charges A man from England faces up to 30 years in prison for traveling to Iowa to have sex with a 14-year-old girl he met on the Internet. Barry Beadle, 51, pleaded guilty in federal court in Des Moines Monday to charges of enticement of a minor to engage in sexual activity, and travel with the intent to engage in sexual activity with a minor. http://www.theomahachannel.com/iowabureau/2505231/detail.html - - - - - - - - - - Former Cal Poly SLO professor arrested on child porn indictment A former Department of Mechanical Engineering chairman at California Polytechnic State University, San Luis Obispo, was arrested Tuesday on a federal grand jury indictment alleging possession of child pornography found on his university computers. Safwat Moustafa, 63, of Grover Beach, was arrested by FBI agents without incident, the U.S. attorney's office said. He was indicted Friday by the grand jury in Los Angeles on two counts of possession of child pornography. Moustafa left the university in 2001 after campus police notified the FBI that a technician repairing Moustafa's computer earlier that year found more than 10 images of child pornography. The technician was instructed by university officials to make a "mirror image" of the computer hard drive and then return the computer to the professor, the U.S. attorney's office said. http://www.bayarea.com/mld/mercurynews/news/local/6842016.htm - - - - - - - - - - Internet Sting Nets Sex Charge A 42-year-old Van Buren man is free on bond after being accused of traveling to North Little Rock to have sex with a teenage girl. Brian Jeremiah is charged with one count of computer child pornography after being arrested Sept. 12 at an undisclosed location in North Little Rock. According to Jim Scott, a public information officer for North Little Rock Police, Jeremiah was arrested after he arrived in North Little Rock for a prearranged meeting with someone he thought was a 15-year-old girl he had met on the Internet. Instead, Jeremiah was met by North Little Rock police officers. http://www.swtimes.com/archive/2003/September/23/news/IntSting.html - - - - - - - - - - Doctor charged with child porn A local pediatrician faces child pornography charges after police say they found 10 photos on his office computer of a girl and a boy engaged in sex acts. The 10 counts against Dr. Burton E. Moore, 57, a practicing physician at all three area hospitals, stem from a citizen complaint and a subsequent Rockford Police Department investigation that began in January. On March 13, detectives reportedly found the computer- generated images at Moore's East State Street office. http://www.rrstar.com/localnews/your_community/rockford/20030923-23944.shtml - - - - - - - - - - Suspected child molester arrested in Vegas A man police believe took requests for specific sexual acts to be performed on a child so another man could watch on his computer has been arrested in Las Vegas. Mesa, Arizona police believe David Scott Jackson was asked by Kevin Murdock to engage in sexual acts on a child as Murdock watched on his computer. Security staffers at the Boeing plant in Mesa were suspicious of Murdock, who was an employee of the plant, and alerted police last week. It prompted an investigation and the eventual arrest of Murdock and Jackson on Internet pornography-related charges. http://www.krnv.com/global/story.asp?s=1453710 http://www.azcentral.com/news/articles/0922MesaPorn-ON.html - - - - - - - - - - Dutch spammer to appear in US court Dutch mass spammer Martijn Bevelander may have to appear before a federal judge. The Federal Trade Commission has filed an amended complaint in its pending federal court action against US spam flooder Brian Westby, and added as defendants Martijn Bevelander, and two Dutch companies, Maps Holding B.V. and PB Planning & Services B.V. http://www.theregister.co.uk/content/6/32964.html - - - - - - - - - - California moves to ban unsolicited e-mail California is trying a deceptively simple approach to the problem of junk e-mail: It is about to ban spam. Gov. Gray Davis of California signed a bill Tuesday that outlaws sending most commercial e-mail to or from the state that the recipient did not explicitly request. That is a far more wide-reaching law than any of the 35 other state laws meant to regulate spam or any of the proposed bills in Congress. http://news.com.com/2100-1024_3-5081084.html Anti-Spam Bills Stalling in House http://dc.internet.com/news/article.php/3081231 Spam Slayer: Spotting the Good Guys http://www.pcworld.com/news/article/0,aid,112562,00.asp - - - - - - - - - - Cyber-crime rises 21-fold since 1998 Cyber crimes have multiplied 21 times over the past five years, with perpetrators below the age of 30 accounting for nearly 58 percent of the startling statistics, lawmakers said yesterday. Reps. Choi Yong-gue of the Millennium Democratic Party and Ham Suk-jae of the Grand National Party reported to the National Assembly that there were just 355 cases of cyber-crime in 1998 before a period of explosive growth resulted in 7,487 cases in 2002. http://www.koreaherald.co.kr/SITE/data/html_dir/2003/09/23/200309230112.asp - - - - - - - - - - Paedophile fears close chatrooms Computer giant Microsoft has announced plans to close most of its internet chatrooms around the world to protect children from potential harm. The landmark decision follows a string of disturbing cases where paedophiles have used chatrooms to "groom" youngsters for sexual abuse. Microsoft believes the only way to tackle the problem is to close almost all the chatrooms it operates through its MSN web sites in 34 countries. The only chatrooms which will continue either have their content monitored for inappropriate messages or will be run on a subscription basis, allowing users to be easily traced. http://www.femail.co.uk/pages/standard/article.html?in_article_id=197233 - - - - - - - - - - Report: Lenders miss most ID theft ID theft has grown so far, so fast, because financial institutions and other lenders have missed it. A massive study of 200 million new credit card, checking account and cell phone accounts opened during 2001 with participants like Citibank, Dell, Bank of America, and T-mobile shows that 7 out of 8 identity thefts are mis-categorized as simple credit losses by lenders. http://www.msnbc.com/news/970182.asp U.S. Senate committee clears credit data-sharing bill http://www.usatoday.com/tech/news/techpolicy/2003-09-23-senate-id-theft-bill_x.htm Credit checkers launch ID fraud watch services http://www.theregister.co.uk/content/55/32962.html - - - - - - - - - - Looked at porn? The boss can't just fire you (if you're Dutch) Employees in the Netherlands can't be sacked for downloading Internet pornography onto office computers unless there is a clear code of conduct, according to the Dutch legal trade magazine People Planet Profit, which conducted research on the subject. http://www.theregister.co.uk/content/6/32975.html - - - - - - - - - - Tech pros get to know their enemy A team of hackers furiously peck away at their keyboards, launching a late-night assault on a computer network. While one batters through a creaky Internet address, another filches important documents from the company's database. But it isn't what you think. On a balmy night in south Florida, "white hats," or ethical hackers employed by the government and private enterprise, are learning the tricks of the digital dark side. And they're hacking a fictitious Web site, not a real company. http://www.usatoday.com/tech/news/2003-09-22-hack_x.htm - - - - - - - - - - US agencies demand tighter software security Five federal agencies, led by the US Department of Energy, plan to discuss a new set of government contracting practices that hold software makers accountable for making their products more resistant to viruses and hackers. http://news.zdnet.co.uk/software/applications/0,39020384,39116586,00.htm http://www.govexec.com/dailyfed/0903/092303h1.htm http://www.washingtonpost.com/wp-dyn/articles/A53958-2003Sep23.html http://www.wired.com/news/business/0,1367,60556,00.html http://computerworld.com/securitytopics/security/story/0,10801,85264,00.html Evans touts Energy IT security standard http://www.fcw.com/fcw/articles/2003/0922/web-evans-09-23-03.asp - - - - - - - - - - Software will help track online pedophiles It started as an unsolicited e-mail that a Toronto police officer sent to Bill Gates' general mailbox, and has developed into what will soon become the leading investigative tool for tracking Internet pedophiles around the world. http://www.globetechnology.com/servlet/story/RTGAM.20030923.gtukidsm/BNStory/Technology/ - - - - - - - - - - The FTC is Watching for Online Privacy Abuses The Federal Trade Commission is taking online privacy seriously. In addition to its June enforcement action against Guess Inc., the FTC previously took action against Eli Lilly and Co. and Microsoft Corp. Each company was obliged to change its business practices to adopt comprehensive, stringent, online security measures. http://computerworld.com/managementtopics/management/story/0,10801,85224,00.html - - - - - - - - - - Richer surfers feel less secure Survey shows wealthier US computer users are most concerned about security. Almost one-third of internet users in the US have fallen victim to a computer virus or hackers in the past two years - and the richer the surfer, the more vulnerable they feel. http://www.vnunet.com/News/1143000 - - - - - - - - - - Tech coordinators for Homeland Security face challenges Integrating 22 agencies into the Homeland Security Department remains a challenge for project coordinators, Chief Information Officer Steve Cooper said Tuesday. "Our challenge is a little bit different than the commercial case studies we've tried to learn from," Cooper said. "We don't actually have an acquiring entity. We are a merger, and there is no parent company to break the ties and make the calls in terms of policy decisions." http://www.govexec.com/dailyfed/0903/092303td2.htm - - - - - - - - - - New era of malware requires new virus prevention solutions Victims of the Lovsan/Blaster virus outbreak already know that simply installing an anti-virus application is no longer enough to protect against increasingly complex virus hybrids designed to wreak havoc on workstations and servers across the globe.Today's virus writers are more than script kiddies looking to make a name for themselves with a piece of Visual Basic code, says Ryan Price, CEO of Y3K Group, South African provider of content security solutions. They now create hybrid worms that use a variety of mechanisms to replicate, combining excellent programming skills with innovative hacker techniques to cause mayhem. http://www.itweb.co.za/sections/techforum/2003/0309230742.asp - - - - - - - - - - Remote control software may jeopardise network security Remote control software is widely acknowledged within the IT industry as one of the most efficient solutions in improving the responsiveness of the helpdesk and support departments. "However, their very ability to provide access to enterprise networks, makes them open invitation to would-be hackers, if the security features aren't what they should be," says Tito Pereira, Managing Director of Blue Label Technology, distributor of the award-winning NetSupport Manager remote management solution. http://www.itweb.co.za/sections/techforum/2003/0309230735.asp - - - - - - - - - - Dropping bombs on privacy Ever since its launch, I've been an unabashed fan of JetBlue Airways, the brash start-up that offers comfortable seats, satellite-linked TVs and beat- the-competition prices. Until last week, that is, when I found out that JetBlue secretly turned over my personal information and details on some 5 million other passengers to a private contractor that's working on a data-mining project for the Bush administration. http://zdnet.com.com/2100-1107_2-5080433.html Airline threatened with prosecution over data-matching http://news.zdnet.co.uk/business/legal/0,39020651,39116587,00.htm http://www.wired.com/news/privacy/0,1848,60551,00.html Army Admits Using JetBlue Data http://www.wired.com/news/privacy/0,1848,60540,00.html - - - - - - - - - - Want to Sue over Buggy Code? Forget it. Microsoft and other software makers shield themselves with the "End User Agreement." What if no one agreed? These past few weeks have been rough on anyone responsible for managing computers -- whether a home network of a couple of PCs or an enterprise with thousands of machines. Given the damage done by the Blaster worm and the flood of junk e-mail generated by the SoBig.F virus -- even for those who avoided infection -- nearly everyone has been left looking for someone to blame. http://www.businessweek.com/technology/content/sep2003/tc20030922_0232_tc129.htm - - - - - - - - - - Taking the sting out of mobile data theft Losing your laptop is like losing your wallet - only worse. It's not just the inconvenience; replacing it is also expensive and time consuming. But while you can quickly cancel your credit cards, the sting of a misplaced or stolen PDA goes much deeper. Sensitive data could be compromised and valuable work lost. http://www.vnunet.com/Features/1143805 - - - - - - - - - - Test your data recovery plan Too many companies think they have disaster recovery measures in place, when in reality no one really knows whether they will work or how to implement them. The problem is that no one person is given the responsibility for disaster recovery, and therefore there is often no follow through. http://www.vnunet.com/Features/1143804 Fit best practice with your security software http://www.vnunet.com/Features/1143807 - - - - - - - - - - VPNs: not just secure, but a business enabler There is pressure on businesses of all sizes to enable remote access to their systems. Companies are having to look at improving productivity while striking a suitable work-life balance for staff needing to work more from home. http://www.vnunet.com/Features/1143803 - - - - - - - - - - States build terror database resembling controversial federal project While privacy worries are frustrating the Pentagon's plans for a far-reaching database to combat terrorism, a similar project is quietly taking shape with the participation of more than a dozen states -- and $12 million in federal funds. The database project, created so states and local authorities can track would-be terrorists as well as criminal fugitives, is being built and housed in the offices of a private company but will be open to some federal law enforcers and perhaps even U.S. intelligence agencies. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6841676.htm http://www.securityfocus.com/news/7036 - - - - - - - - - - Law enforcement official says threat center could be permanent Three top federal law enforcement officials on Tuesday defended the evolving process the government is using to analyze and share information about terrorist activities. The officials testified before the Senate Judiciary Immigration and Border Security Subcommittee. http://www.govexec.com/dailyfed/0903/092303td1.htm Bush orders integration of U.S. terrorist watch lists http://computerworld.com/securitytopics/security/story/0,10801,85233,00.html ACLU Chief Assails Patriot Spin http://www.wired.com/news/conflict/0,2100,60541,00.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.