NewsBits for September 30, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Hacker Arrested in San Diego A computer security specialist who claimed he hacked into top-secret military computers to show how vulnerable they were to snooping by terrorists was arrested and charged Monday with six felony counts that could bring a 30-year prison sentence. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6898215.htm http://www.latimes.com/technology/la-me-hack30sep30,1,2684627.story http://www.securityfocus.com/news/7099 http://www.wired.com/news/business/0,1367,60638,00.html http://www.usatoday.com/tech/news/computersecurity/2003-09-30-okeefe-hack-arrest_x.htm http://www.theregister.co.uk/content/55/33128.html - - - - - - - - - - Single tip smashes child porn ring Thanks to a single tip-off to a hotline a year ago, one of the biggest child pornography rings was smashed last week in the German state of Saxony-Anhalt. Operation Marcey kicked off on 26 September, involving 1,500 police officers who, over the course of a day, confiscated 745 computers, over 35,000 CDs, 8,300 diskettes and 5,800 videos, all thought to contain illegal child pornography. http://www.electricnews.net/news.html?code=9376756 - - - - - - - - - - Va. man gets 19 years for taking Pittsburgh teen as sex slave A man who called himself a "master for teen slave girls" on a Web site and took a teenage runaway from the Pittsburgh area to his Virginia home for bondage sex last year was sentenced to 19 years, seven months in federal prison on Friday. A defense attorney failed to sway U.S. District Judge William Standish by arguing that Scott William Tyree deserved a lesser sentence because, according to Tyree, the girl - then 13 - first raised the bondage fantasies when they chatted on the Internet in December 2001. http://www.observer-reporter.com/284204794639821.bsp - - - - - - - - - - Child Porn Guilty Plea A Sioux Falls man admits that he had child pornography. 53-year-old Richard Buechler pleaded guilty to two felony counts of possessing kiddie porn on Monday. He was originally charged with 15 counts, but in a plea agreement the other charges were dropped. Buechler was one of four South Dakotans caught as part of a nationwide child porn sting called "Operation Site-Key." Site Key is a credit card verification service in Santa Clara, California. A search of customer information revealed a number of customers who used Site-Key to purchase or attempted to buy child porn online. The South Dakota Attorney General's office says it is aggressively pursuing people who subscribe to child porn web sites. http://www.ksfy.com/Global/story.asp?S=1462231&nav=0w0jIFqP - - - - - - - - - - Toledo Priest Sentenced A Toledo priest is headed to prison for possessing child pornography. Reverand Stephen Rogers arrived at Toledo Federal Court today surrounded by other priests. In May, Rogers pleaded guilty to subscribing to a California-based web site containing kiddy porn. The former Central Catholic high school teacher was sentenced to 21 months in prison. http://www.wtol.com/Global/story.asp?S=1461995 - - - - - - - - - - Kilgore man expected to plead guilty in child porn case A 41-year-old Kilgore man accused in a federal court of receiving child pornography over the Internet is expected to enter a guilty plea Wednesday, court records indicate. Michael Charles Kelly is accused in a five-count indictment that lists one charge of downloading pornography and four charges for having the images on his computer hard drive. The charges are the result of an investigation by the Longview Police Department's Internet Crimes Against Children Task Force and the FBI. http://www.news-journal.com/news/newsfd/auto/feed/news/2003/09/29/1064891137.19830.3085.2933.html - - - - - - - - - - Alleged Internet Predator Nabbed In Turlock A 34-year-old man who allegedly set a date with a teen from Turlock whom he met on the Internet ended up finding himself face-to-face with a police officer instead. Stanislaus sheriff detective Ken Hedrick, of the Sacramento Valley High-Tech Task Force, said the parents of a 15-year-old girl who was communicating on the Internet with the man contacted him. The parents said they knew of the communication because of software they installed that allowed them to view their daughter's e-mails. http://www.thekcrachannel.com/news/2519738/detail.html - - - - - - - - - - Online date leads to arrest Scott police arrested an Army Reservist and hotel manager from New Jersey after he drove to Scott Park to meet someone he thought was a 14-year-old girl. Thomas Lee Heeter, 31, of Riverton, N.J., was wearing his Army fatigues when he was arrested at 7 p.m. Friday and charged with statutory sexual assault, involuntary deviate sexual assault, aggravated indecent assault, indecent assault, exploitation of children, corruption of minors and unlawful contact with a minor. Scott Police Chief Stanley Butkus said Officer James Stoker, using the identity of a 14-year-old girl, entered a Yahoo chat room Sept. 21. Heeter responded and subsequently arranged a meeting at Scott Park. http://www.post-gazette.com/neigh_west/20030930wburbs0930p9.asp - - - - - - - - - - NZ court asked if just looking is illegal Does looking at child pornography on the Internet, but not downloading it, amount to the criminal offence of possessing it? That is a question a New Zealand judge is considering in a test case authorities have brought against the former headmaster of a school, a newspaper reported yesterday. http://www.taipeitimes.com/News/world/archives/2003/09/28/2003069574 - - - - - - - - - - Congress' half-baked ID theft measures Recent findings by the Federal Trade Commission confirm what many had feared: The rate of identity theft is reaching unprecedented heights. In the past five years this crime category has boomed, and it now affects more than 27 million Americans. What's more, it costs business and financial institutions almost $48 billion a year. As the incidence and financial damage of identity theft escalates, so does the public's demand that policy makers enact new laws and regulations to stop this personal crime. http://rss.com.com/2010-7355_3-5083839.html Expanding roles for identity management http://computerworld.com/securitytopics/security/story/0,10801,85366,00.html - - - - - - - - - - File Sharing Down After Lawsuits The major record companies' legal assault on file sharing appears to be cooling the most popular networks for downloading unauthorized copies of songs, new research shows. A study by Nielsen//NetRatings, a firm that measures audiences for Internet-based applications, found a 41% drop-off over the last three months in the audience for Kazaa, the leading file-sharing network. Many of the 261 file sharers sued by the major record labels Sept. 8 were Kazaa users. http://www.latimes.com/technology/la-fi-p2p30sep30,1,5649771.story http://www.theregister.co.uk/content/6/33125.html RIAA draws civil liberties opposition http://news.zdnet.co.uk/business/legal/0,39020651,39116777,00.htm http://www.washingtonpost.com/wp-dyn/articles/A21601-2003Sep30.html http://www.usatoday.com/tech/news/techpolicy/2003-09-30-riaa-settles_x.htm Use of Subpoenas to Name File Sharers Criticized http://www.washingtonpost.com/wp-dyn/articles/A19721-2003Sep29.html Music group settles with 52 file sharers http://www.cnn.com/2003/TECH/internet/09/30/download.music.ap/index.html ACLU Steps Into DMCA Subpoena Controversy http://dc.internet.com/news/article.php/3085201 - - - - - - - - - - VeriSign sued again for domain cock-up VeriSign is seeing its nightmare come true with a California lawsuit brought by Optima Technology for wrongful handing over of the companys domain name to a former employee. http://www.theregister.co.uk/content/6/33113.html - - - - - - - - - - The e-spy who loves you could be a felon A company calling itself Lover Spy has begun offering a way for jealous lovers--or anyone else--to spy on the computer activity of their mates by sending an e-greeting, the equivalent of a "thinking of you" card that doubles as a bugging device. Computer security experts said the Lover Spy service and software appeared to violate U.S. law but also said the surveillance program pointed to an increasingly common way for hackers to seize control of computers. http://rss.com.com/2100-1029_3-5083874.html http://www.cnn.com/2003/TECH/internet/09/30/spyware.lover.reut/index.html http://news.zdnet.co.uk/internet/security/0,39020375,39116772,00.htm - - - - - - - - - - Unpatched Explorer hole is hackers' 'gold mine' A long-ignored security hole in Microsoft Internet Explorer is a gold mine for hackers, providing an easy way for them to plant malicious programs on vulnerable machines through hacker websites and instant messaging applications. New attacks using the vulnerability include a worm that spreads through America Online Instant Messenger (AIM) and a malicious website which silently loads snooping software on victims' machines, according to independent security expert Richard Smith. http://www.computerweekly.com/articles/article.asp?liArticleID=125296 - - - - - - - - - - AOL filters spam tools down to users America Online is extending the availability of its personalized antispam software to people who use older versions of its online services. The software for blocking unwanted e-mail previously had been accessible only to AOL customers who use the latest versions of the company's online services, AOL 9.0 Optimized and AOL for Broadband. The personalized antispam controls are now available to users of AOL 8.0 Plus and will be extended to versions 8.0, 7.0 and 6.0, and to AOL for Mac OS X later this year, the company announced Tuesday. http://zdnet.com.com/2100-1104-5083980.html Spam: This Time It's Personal http://www.wired.com/news/politics/0,1283,60635,00.html - - - - - - - - - - Forgotten war dialling risk leaves networks in peril War Dialling, the scanning of telephone lines to find insecure modems that provide a back door route into corporate networks, is ignored as a risk by many organisations, security testing outfit NTA Monitor warns. The company is calling on organisations to revise their procedures to guard against the long established, but still serious, security risk. http://www.theregister.co.uk/content/55/33134.html - - - - - - - - - - ID cards protect civil liberties - Blair The Prime Minster has given his strongest support yet for the introductiuon of identity cards in UK. In what was billed as a make-or-break speech at the Labour Party conference in Bournemouth today, Tony Blair presented ID cards as a way of guarding against bogus asylum claims. http://www.theregister.co.uk/content/6/33138.html - - - - - - - - - - Identity theft on the Internet: how to spot a scam Sometimes you can spot a scam a mile away and others present themselves in less obvious ways. Now experts warn that thieves are becoming more savvy and that like everything else, swindling has gone high tech. "Probably the most often attempted scams are Internet scams,"said David Lawrence, Consumer Fraud Specialist, "because it's hard to trace backwards in the process you can hide yourself fairly easily that way." http://www.wfsb.com/Global/story.asp?S=1462413&nav=1VGmIFzL - - - - - - - - - - Lofty claims for anti-virus agency Anti-virus software NOD32 is now available in SA via 4D Digital Security, the sole local agent for the maker, US-based ESET Software. A press release detailing the announcement claims NOD32 is "the only anti-virus software not to miss a single virus in the VB100% awards (an international virus evaluation body) since introduction in 1998". ESET further claims NOD32 is "used by Microsoft to screen all [its] products prior to release". http://www.itweb.co.za/sections/channel/2003/0309301129.asp - - - - - - - - - - Researchers still defending terror program Researchers working on the Defense Advanced Research Projects Agency's Terrorism Information Awareness program said today the program died prematurely largely because the agency didn't better explain its uses and safeguards. http://www.fcw.com/fcw/articles/2003/0929/web-tia-09-30-03.asp - - - - - - - - - - End Point Security It is difficult these days to avoid the subject of spam, worms, vulnerabilities and intrusion, and when you do you walk right into the path of SSL VPN. Vendors in the SSL VPN have money to spend on marketing and do they use it. Not only that, they are typically very well funded. http://www.it-director.com/article.php?articleid=11285 - - - - - - - - - - Proprietary software--banned in Boston? The commonwealth of Massachusetts has adopted a new policy favoring open-source software and adherence to open standards in government computing systems, a state official said. Eric Kriss, state secretary of administration and finance, said the policy was articulated in an internal memo circulated last week and formalized in a state capital spending plan released Monday. http://news.com.com/2100-7344_3-5084442.html *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.