NewsBits for May 19, 2004 ************************************************************ E-Mail Scammer Gets Four Years An Internet scammer who used e-mail and a fraudulent Web site to steal hundreds of credit card numbers was sentenced to almost four years in jail Tuesday, one of the stiffest-ever penalties handed down for online fraud. Houston, Texas federal court Judge Vanessa Gilmore sentenced Houston resident Zachary Hill to 46 months in jail for his role in duping consumers into turning over 473 credit card numbers. http://www.washingtonpost.com/wp-dyn/articles/A37406-2004May18.html - - - - - - - - - - FBI opens probe into possible Cisco software theft The FBI has opened an investigation into possible theft of source code from networking equipment maker Cisco, the agency said Tuesday. "We're aware of the situation and we're working with Cisco regarding the potential loss of proprietary data," said Paul Bresson, a spokesman for the Federal Bureau of Investigation, confirming the probe. http://www.usatoday.com/tech/news/techpolicy/2004-05-18-cisco-source-leak_x.htm - - - - - - - - - - 'Large spam attack' hits BT Yahoo! email BT has blamed a "large spam attack" over the weekend for delays to its email service.According to a recorded customer info message this morning: "BT Yahoo! customers may be experiencing a delay in receiving email." Asked to elaborate, a BT spokesman explained that the telco had suffered a "large spam attack over the weekend which resulted in one per cent of emails being delayed". http://www.theregister.co.uk/2004/05/19/bt_email/ - - - - - - - - - - Utah sees first spyware case Overstock.com is set to become the first company to take action under Utah's new anti-spyware law. The company has filed a complaint against online retailer SmartBargains in the third district court in Salt Lake City. Utah's spyware law, the world's first, only made the statute book on 3 May. Utah is the only state with current spyware legislation, although California and Iowa are considering their own versions of the law. http://www.theregister.co.uk/2004/05/19/overstock_utah_spyware/ - - - - - - - - - - McKinney Sentenced To 100 Years For Child Pornography It's a century prison sentence that sends a strong message: If you are downloading child pornography, be prepared to go to jail. Patrick Ryan McKinney of Sioux Falls was sentenced to 100 years for having kiddie porn on his home computer. The videos and photos that twenty-five-year-old Patrick Ryan McKinney had contained titles that ranged from "Asian Kid Gets Raped" to "Kiddie Porn." http://www.keloland.com/NewsDetail2817.cfm?Id=22,32047 - - - - - - - - - - Student pleads guilty to possessing child porn on computer A graduate student ranked second in his class at the College of William and Mary has pleaded guilty to possessing child pornography on his computer at school. Brian E. Glassman, 24, of suburban Philadelphia, is scheduled to graduate this weekend with a master's in public policy, said a college spokesman. Glassman pleaded guilty to the felony charge Wednesday in U.S. District Court. http://home.hamptonroads.com/stories/story.cfm?story=70423&ran=86891 - - - - - - - - - - Man jailed in child porn case A tip from a German computer crime squad has led to a 25-year-old man being sent to prison for possessing and distributing massive amounts of child pornography on the Internet. Alberta provincial court Judge Frank Maloney sentenced William Eric Hughes of Calgary to two years in a federal prison after he pleaded guilty to the charge. http://www.globetechnology.com/servlet/story/RTGAM.20040518.gtchild0518/BNStory/Technology/ - - - - - - - - - - CHILD PORN LONER AVOIDS PRISON A Computer expert guilty of distributing pornographic images of children on the internet has avoided a jail sentence at Chester Crown Court. Nathan Weedall, aged 20, of Hungerford Terrace, Crewe, admitted two counts of distributing indecent photos of children and a third count of possessing 176 indecent photos for distribution, on the second day of his trial in April. Yesterday Judge Roger Dutton described Weedall as a 'lonely and socially isolated figure' and sentenced him to a three-year community rehabilitation order. http://www.thesentinel.co.uk/displayNode.jsp?nodeId=67725&command=displayContent&sourceNode=67252&contentPK=9999584 - - - - - - - - - - California man charged in Florida child porn investigation A California man is accused of sending pornographic photos to an undercover Broward County sheriff's deputy posing a 14-year-old girl in an Internet chat room. Ronald Garkow, 43, of Ontario, Calif., was being held Tuesday in the Broward County Jail on $125,000 bond. He was charged on 32 felony counts, including various child pornography charges. http://www.miami.com/mld/miamiherald/news/state/8696201.htm?1c - - - - - - - - - - Porn suspect denied lower bail A man charged with downloading child pornography from the Internet was denied a request for lower bail Monday. Northampton County Judge Edward G. Smith said he was unsure he could trust John Oliver, who is charged with downloading the pornography on Oct. 24, 2003. http://www.nj.com/news/expresstimes/pa/index.ssf?/base/news-11/1084871078139810.xml - - - - - - - - - - Agent tied to child porn A federal crackdown on an international Internet- based child pornography scheme has reached Imperial County as authorities served a search warrant on a local U.S. Border Patrol agent, seizing the agent's personal computer and files. The El Centro Sector agent, whose name was not released, has not been arrested or charged with any crime, said Lauren Mack, spokeswoman for the U.S. Bureau of Immigration and Customs Enforcement, the lead agency in the case. However, the agent has become one of thousands nationally and internationally under suspicion of allegedly accessing child pornography via the Internet in a case that centers around an Eastern European child pornography enterprise, Mack said. http://www.ivpressonline.com/articles/2004/05/19/news/news02.txt - - - - - - - - - - Officers sift through evidence in child porn case Police investigators continued Monday to sift through thousands of pictures in a child pornography case, as the two suspects, Curt and Carson Crisel, appeared in court for the first time. The El Paso County District Attorney's office asked that the suspects come back to court in a week, to give investigators time to sift through the mountains of evidence. Officers have found thousands of images of child porn, depicting men having sex with children as young as two years old. Detectives will analyze the files from the two hard drives taken from the Manitou Springs home of the Crisels. The evidence will then be sent to the FBI. http://www.koaa.com/news/view.asp?ID=2248 - - - - - - - - - - Professor Faces Child Porn Charge An assistant professor at Millersville University has been charged with possessing child pornography on his office computer, authorities said. Paul W. Studdard, 39, of Mountville, was charged Thursday by university police following an investigation that began last month after a university employee noticed a computer with a "high traffic volume," authorities said. The employee discovered that Studdard's office computer contained pornographic images of children, and a supervisor later ordered Studdard to remove the files, police said. http://abclocal.go.com/wpvi/news/05162004_nw_profporn.html - - - - - - - - - - Man arrested for allegedly having child porn A Deer Park man is behind bars at the Harris County jail, arrested and charged over the weekend with possession of child pornography. Deer Park police say this all began last month, when they charged David Bates with indecency with a child. They allege Bates compelled a 12-year-old boy to expose himself. During their investigation, police say they seized Bates's computer. They say they found on it a large number of photos and movies of children, believed to be under the age of 18, engaging in deviant sexual activities. http://www.khou.com/news/local/stories/khou040517_mz_childpornarrest.1cff87a34.html - - - - - - - - - - Lovgate worm variant has A-V vendors worried A mass-mailing worm known as Lovgate.AB has been upgraded to a medium-level threat by anti-virus company Network Associates. This follows the receipt of over 100 samples of the worm from both customers and through virus-generated emails around the world. The worm affects systems running Windows NT, Windows 2000, Windows Server 2003 and Windows XP. Other variants of Windows and systems running Linux, OSX, any Unix or OS/2 are not affected. http://www.smh.com.au/articles/2004/05/19/1084917636451.html http://www.vnunet.com/News/1155263 - - - - - - - - - - Plug and Play port scan reveals new worms Two good reasons for having the latest Microsoft patches have emerged in the form of Bobax and Kibuv. Investigations into recent increases in port 5000 scans have revealed the existence of two new worms: Bobax and Kibuv. The W32/Bobax-A worm, which employs the same Microsoft security vulnerability as the Sasser worm to break into computers, uses port 5000 to identify Windows XP systems (the port used for "Universal Plug and Play"). http://news.zdnet.co.uk/internet/0,39020369,39155162,00.htm http://zdnet.com.com/2100-1105-5215666.html http://news.com.com/2100-7349_3-5216357.html - - - - - - - - - - Flaws drill holes in open-source databases Flaws in two popular source-code database applications could allow attackers to access and corrupt open-source software projects, a security researcher said on Wednesday. One vulnerability affects the Concurrent Versions System (CVS), an application used by many developers to store program code. The other flaw affects a newer, less widely used system known as Subversion, Stefan Esser, the researcher who discovered the security holes, said. http://zdnet.com.com/2100-1105_2-5216353.html - - - - - - - - - - Mac OS X vulnerable to one-two combo attack Apple Computer got hit by a double whammy this week when a security researcher publicized a pair of flaws in Mac OS X that when used together could let attackers place a malicious program on a Mac and then run the file. The flaws could be used to create a virus that spreads through a Web link sent via e-mail messages. An attacker would have to also create a Web site with special programming. http://zdnet.com.com/2100-1105_2-5215586.html http://news.zdnet.co.uk/software/mac/0,39020393,39155159,00.htm http://computerworld.com/securitytopics/security/story/0,10801,93233,00.html - - - - - - - - - - FTC: Smutty spam must give recipient bare warning A Federal Trade Commission rule went into effect Wednesday requiring that unsolicited commercial e-mail that contains sexually oriented material include the words ``SEXUALLY EXPLICIT'' in the subject line. The rule also bars graphic images from appearing in the opening body of the message. Instead, the recipient must take some action in order to see the objectionable material, either by scrolling down in the e-mail or by clicking on a provided link. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8706069.htm - - - - - - - - - - Delays in deploying biometrics aggravate key lawmakers Two key lawmakers plan to schedule after Memorial Day a debate on legislation that would mandate advanced technology for controlling access to secure areas at airports. We're going to change the law," a visibly frustrated John Mica, chairman of the House Transportation and Infrastructure Aviation Subcommittee, said during a Wednesday hearing on the Homeland Security Department's progress in deploying biometric technologies such as facial recognition to improve aviation security. "We're going to direct you to do something." http://www.govexec.com/dailyfed/0504/051904tdpm1.htm Poll suggests ID card backlash http://news.bbc.co.uk/2/hi/technology/3728043.stm http://www.theregister.co.uk/2004/05/19/id_card_poll_tax/ - - - - - - - - - - Google defines good manners for adware In an attempt to cut down on misbehaving adware and spyware, Google has released a set of suggested principles for software makers to follow when writing programs that embed themselves on Internet users' PCs. The guidelines, released Tuesday evening, say software should follow common-sense rules of politeness: It should admit what it's doing, permit itself to be disabled and not do sneaky things like leak personal information. http://news.com.com/2100-1029_3-5215941.html - - - - - - - - - - Big business blasts tech industry on security Chief executives from some of the largest U.S. companies are criticizing the technology industry in a lobbying campaign, accusing them of selling software vulnerable to hackers and too difficult for consumers to use safely. http://www.msnbc.msn.com/id/5007831/ Execs Seek Cybersecurity Boost http://www.wired.com/news/business/0,1367,63526,00.html - - - - - - - - - - Yahoo releases e-mail standard to fight spam Internet portal Yahoo Inc. yesterday released an e-mail standard designed to prevent spam marketers from hiding unwanted messages behind legitimate e-mail addresses. The technique, if widely adopted, could help Internet service providers block the unwanted bulk messages that now account for up to two-thirds of all e-mail traffic. Yahoo's proposed standard, known as DomainKeys, would embed outgoing messages with an encrypted digital signature matched to a signature on the server computer that sends the message. http://computerworld.com/securitytopics/security/story/0,10801,93257,00.html Soaking in Spam http://www.crime-research.org/analytics/279 - - - - - - - - - - Kids know downloading music is illegal Most users of illegal online file-sharing networks continue to download copyrighted software, games, music and other digital media despite being aware that it is against the law, according to recent research. A Harris Interactive poll of 1,100 P2P users aged eight to 18 found that 88 per cent are aware that digital music is copyrighted, but many of them admit to downloading files anyway. Some 53 per cent download music, and32 per cent download games. http://www.vnunet.com/News/1155266 Ukraine declares a war on piracy http://www.crime-research.org/news/19.05.2004/280 - - - - - - - - - - MS' anti-virus bounty success When Microsoft first announced its "bounty" program late last year, many security experts condemned the initiative as a mere publicity stunt: a marketing tactic designed to distract gullible users from the "real issue" with Microsoft products. With a No Honor Among Thieves mindset, I predicted that the program would yield positive results and that some unlucky malware author would be ratted out by bounty-seeking friends/family/peers, and held responsible for his or her actions. http://www.theregister.co.uk/2004/05/19/anti_virus_bounty/ - - - - - - - - - - How Are Script Kiddies Outwitting I.T. Experts? "Ten years ago, you needed good programming skills to write a virus, but today there are ready made virus-writing programs on the market so you can write a virus and not know much about programming," explains Mikael Albrecht of F-Secure. http://www.newsfactor.com/story.xhtml?story_title=How-Are-Script-Kiddies-Outwitting-I-T--Experts-&story_id=24111 - - - - - - - - - - Embracing the Art of Hacking The idea that every hacker is an artist and every artist is a hacker isn't groundbreaking -- recent gallery and museum shows have focused on the link between art and coding -- but a new book by programmer Paul Graham gives the concept a fresh twist by advising hackers to improve their skills by borrowing creative techniques from other artists. http://www.wired.com/news/infostructure/0,1377,63506,00.html - - - - - - - - - - Cyber-Satans plague online church The world's first Internet church has fallen victim to a plague of virtual demons, some of whom have been logging on as Satan and unleashing strings of expletives during sermons. The "Church of Fools" was launched last week as a unique chance for Christians to worship interactively by choosing a "3D" animated character who could kneel, sing hymns, talk to others, hear a sermon, or shout "Hallelujah". http://news.zdnet.co.uk/internet/security/0,39020375,39155167,00.htm http://www.cnn.com/2004/TECH/internet/05/19/cyber.church.ap/index.html http://www.theregister.co.uk/2004/05/19/online_church_excommunicates/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.