NewsBits for June 2, 2004 ************************************************************ Hackers crash Canadian Conservative Website Canada's Conservative Party called in the Mounties on Tuesday to find out who crashed the party's Web site in the middle of the federal election campaign. "Somebody went after it," party spokesman William Stairs said, explaining that one or more computers had apparently been programmed to overwhelm the site, The Conservatives brought in the technical crimes unit of the Royal Canadian Mounted Police. Within a couple of hours the site was back up and running. - - - - - - - - - - Jury Takes Up Student's Internet Terrorism Case A jury in Boise got the case in the trial of a Saudi Arabian graduate student accused of using his Internet expertise to rally support for terrorism. The jury of four men and eight women met for 15 minutes before retiring for the evening. Deliberations were scheduled to begin in earnest today.,1,5140591.story - - - - - - - - - - Child tutor charged with creating porn It began Saturday, when a man picking up his 12-year- old daughter from a Beverly tutoring center noticed a peculiar flashing red light inside the center's only bathroom. The man looked closer and saw what appeared to be a surveillance camera hidden within an exhaust fan, the man later told Chicago Police. Now, Beverly Instructional Center's director, a 62-year-old man who has tutored Chicago kids of all ages for 30-plus years, has been charged with manufacturing and possessing child pornography. - - - - - - - - - - Symantec nabs first 64-bit virus Symantec Corp. has captured an example of what is believed to be the first virus that targets 64-bit Microsoft Corp. Windows operating systems, the company said. The company posted a security advisory for W64.Rugrat.3344 on its Web page last week. The virus is rated a low threat and doesn't appear to be spreading on the Internet, Symantec said. Instead, Rugrat is believed to be a "proof of concept" virus written by the same author of at least six other virus "firsts," Symantec said.,10801,93585,00.html - - - - - - - - - - Ex-investigator's suit against DirecTV dismissed A Los Angeles court last week dismissed a lawsuit filed by a former enforcer in DirecTV's anti-piracy campaign who claimed he resigned rather than continue to prosecute the company's controversial war against buyers of hacker-friendly smart card equipment. - - - - - - - - - - Top administration cybersecurity officials face scrutiny The Bush administration's top cybersecurity officials on Wednesday faced scrutiny from a House subcommittee on the continued lag in protecting the federal computer networks. - - - - - - - - - - Phishers Put Surfers on the Hook Phishing scammers cast a wide net, luring victims into a nasty snare that often costs them critical financial data. Preventing the scams may be harder than anyone has imagined. Phishing scams use phony e-mail messages and fraudulent websites -- phishers like to pose as PayPal, a favorite tool of eBay customers, for example -- to dupe people into divulging personal financial data, especially credit card info.,1367,63605,00.html Electronic documents and computer crime Survey: Cyberattacks on the rise at financial institutions,10801,93589,00.html Attacks on sites dilute trust in Net - - - - - - - - - - Attack of the bandwidth-hogging hackers Swiss security researchers have unearthed a flaw in wireless LAN systems that might be used by hackers to drastically increase their share of the available bandwidth at the expense of the other users. The issue should be of particular concern to hotspot operators, according to a team from the computer labs at the Ecole Polytechnique Federale de Lussanne (EPFL). - - - - - - - - - - DOD begins cross-credentialing pilot The Defense Department is sponsoring a pilot program to test interoperability of government and private- sector identification credentials. The Defense Manpower Data Center and six defense contractors participating in the summer-long pilot will use a central DOD broker to authenticate each others credentials. The program is an effort of the Defense Cross-credentialing Identification System and the Federated Electronic Government Coalition, a private-sector organization promoting electronic transactions with the government. - - - - - - - - - - Catching a Virus Writer Like a sneeze in a crowded subway, it's hard to find the human source of the latest viral infection. On the Internet it's not much different. The people who write these nasty little programs and release them into the wild almost never get caught. Why? The answer is easy, but it's also a sort of technical nemesis: there's simply no way to track these people down. - - - - - - - - - - Trapping the Worm Ah, to be 16 and have your very own worm. That mark of distinction turned into a possible 10-year jail sentence for a Canadian youth who was accused of creating the "Randex" Trojan Horse program. Trojan Horses seize control of vulnerable computers, letting hackers do what they will with them. In this case, the Randex worm allowed the unnamed youth to gain control over 9,000 computers running Microsoft's Windows operating system. - - - - - - - - - - Multiple Security Roles With Unix/Linux After the reception my last column regarding the security criticism I heaped on Unix and Linux vendors who are pursuing end-user desktops, I thought I would outline some of the areas where I think Linux and Unix already have strong wins. - - - - - - - - - - Learn the Basics of Handheld Security Use of Personal Digital Assistants (PDAs) continues to increase as new applications become available for them on almost a daily basis. While the PDA market has not grown as quickly in the last two years as it did in the mid and late '90s, as the U.S. economy recovers, the market will likely get a second wind. If your organization has not taken PDA security into consideration previously, now is the time to do so. Promiscuous BluePod file swapping - coming to a PDA near you - - - - - - - - - - Database on U.S. Visitors Set for Huge Expansion The Department of Homeland Security yesterday awarded a contract worth up to $10 billion to Accenture LLP to oversee and expand a massive U.S. program to track millions of foreign visitors as they cross American borders. The project, called U.S. Visit, collects and stores information about foreigners entering and exiting the country on visas through airports and seaports. The data, including digital photographs and fingerprints, are stored in an electronic database and shared among some government agencies to ensure that visitors do not overstay their visas and to help authorities capture suspected terrorists and criminals. - - - - - - - - - - Via eavesdropping, terror suspects nabbed An ordinary-looking grid map of Riyadh adorns one wall of a command-and-control center deep inside a government building in Saudi Arabia's capital. The map is higher-tech than it appears at first glance. Tiny embedded lights flash red when certain cellphones - those belonging to suspected terrorists - initiate or receive a call. Teams of officials from Saudi Arabia, the FBI, the CIA, and the US Treasury Department decide instantly whether simply to watch and listen to the suspected terrorist - or to send in screaming police cars to nab him. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2004,, Campbell, CA.