NewsBits for June 16, 2004 ************************************************************ Akamai now says it was targeted by DDoS attack Akamai Technologies Inc. said today that problems it experienced yesterday morning were caused by a "sophisticated" and large-scale attack aimed at specific Akamai customers, not by a global attack. In a statement released this morning, Akamai also said the impact of the distributed denial-of-service (DDoS) attack had been overstated. According to Akamai, less than 1% of the company's 1,100 customers "had a significant impact affecting more than 20% of their users." http://computerworld.com/securitytopics/security/story/0,10801,93862,00.html http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8938238.htm http://www.securityfocus.com/news/8920 Security experts ponder Akamai attack, defense That's the question some security experts are asking in the wake Domain Name System problems at Akamai Technologies Inc. yesterday that resulted in performance degradations for some customers. The company initially said the problem appeared to stem from a broad global Internet attack. But today Akamai said the problems resulted from a denial-of-service attack aimed at four specific customers. http://computerworld.com/securitytopics/security/story/0,10801,93874,00.html Q&A: Tom Leighton, chief scientist at Akamai He talked about the nature of yesterday's apparent DDoS attack http://computerworld.com/securitytopics/security/story/0,10801,93875,00.html 'Zombie' PCs caused Web outage, Akamai says http://news.com.com/%27Zombie%27+PCs+caused+Web+outage%2C+Akamai+says/2100-1038_3-5236403.html Russian hackers attacked Akamai servers http://www.crime-research.org/news/17.06.2004/435/ Akamai Web Sites Under Attack http://www.newsfactor.com/story.xhtml?story_title=Akamai-Web-Sites-Under-Attack&story_id=25420 - - - - - - - - - - Teen eBay scammer jailed for nearly three years A US teenager has been fined and sentenced to time in jail after committing fraud via online auction site eBay. The 19-year-old from California has been sentenced to 33 months in prison and ordered to pay a fine of $20,000 after repeatedly offering goods for sale, including mobile phones, collecting payment and never actually sending out any goods to the auction winners. http://management.silicon.com/government/0,39024677,39121403,00.htm http://news.zdnet.co.uk/business/legal/0,39020651,39157758,00.htm - - - - - - - - - - Tipster among additional suspects in 'Sasser' worm case The informant who tipped Microsoft Corp. to the identity of the ``Sasser'' computer worm's creator last month is among five people under investigation as possible accomplices, prosecutors said Wednesday. The worm's 18-year-old confessed creator, Sven Jaschan, was arrested May 7 at his home in northern Germany following the tip to Microsoft from an informant seeking a reward. Jaschan, whose worm raced around the world exploiting a flaw in the company's Windows operating system, is free pending charges. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8937262.htm http://www.securityfocus.com/news/8917 http://www.msnbc.msn.com/id/5224978/ - - - - - - - - - - Hackers hacked...a printing-house Moscow competitors are suspected of allegedly hacking a computer system of "Ural worker" printing house. The damage is estimated to be tens of thousands of Russian rubles. The hacking was detected after Internet-traffic analysis that amounted to 30Gb. Hackers broke into the system through an e-mail port. http://www.crime-research.org/news/16.06.2004/429/ - - - - - - - - - - World's first mobile virus is not lethal yet A group of underground virus writers has showed off what is believed to be the world's first worm that can spread on advanced mobile phones, but security software companies say the virus had no malicious code attached. The worm, named Cabir, was sent to security software firms Kapersky Lab of Russia and U.S.-based Symantec by a member of 29a, a group of virus writers from the Czech Republic and Slovakia who pride themselves in creating "proof of concept malicious viruses", Kapersky Labs spokesman Denis Zenkin said. http://www.usatoday.com/tech/news/computersecurity/2004-06-16-mobile-virus_x.htm - - - - - - - - - - Rogue code can take down Linux systems A program dubbed 'evil.c' can allow people with access to a Linux system to crash it. Linux users have been urged to fix a flaw in the core component of the open-source operating system, following the public release of code that could be used to crash Linux systems. The flaw, found by two software programmers, could give a user with access to a Linux system the ability to crash the system using two dozen lines of code written in the C programming language, said an advisory posted over the weekend on linuxreviews. http://news.zdnet.co.uk/0,39020330,39157749,00.htm - - - - - - - - - - Canadian spam king agrees to stop sending junk e-mail A Canadian man accused of being one of the world's biggest spammers has agreed to stop sending the junk messages and plans to educate children about the dangers of the Internet, a newspaper reported Tuesday. In March, Yahoo sued Eric Head, his father and brother as part of a worldwide industry crackdown on hundreds of people sending unsolicited e-mail, or spam. http://www.usatoday.com/tech/news/2004-06-16-spam-king-abdicates_x.htm - - - - - - - - - - Judge tosses online privacy case The dismissal of lawsuits brought against Northwest Airlines has online privacy advocates renewing calls for federal privacy legislation. In a decision dated June 6, U.S. District Court Judge Paul Magnuson ruled that seven consolidated class action lawsuits against Northwest had no merit--in part because the privacy policy posted on the airline's Web site was unenforceable unless plaintiffs claimed to have read it. http://news.com.com/Judge+tosses+online+privacy+case/2100-1023_3-5234971.html - - - - - - - - - - DOJ fears wiretaps won't apply to Net calls Criminals could make plans over Internet phones without fear of getting caught if Congress does not ensure that existing wiretap laws apply, the U.S. Justice Department told a Senate committee on Wednesday. Investigators could find it harder to monitor Internet-based phone calls if the government decides to exempt them from traditional telephone regulations, Deputy Assistant Attorney General Laura Parsky said. http://www.msnbc.msn.com/id/5227670/s http://www.cnn.com/2004/TECH/internet/06/16/telecoms.voip.reut/index.html Feds: VoIP a potential haven for terrorists The U.S. Department of Justice on Wednesday lashed out at Internet telephony, saying the fast-growing technology could foster "drug trafficking, organized crime and terrorism." Laura Parsky, a deputy assistant attorney general in the Justice Department, told a Senate panel that law enforcement bodies are deeply worried about their ability to wiretap conversations that use voice over Internet Protocol (VoIP) services. http://zdnet.com.com/2100-1105_2-5236233.html The plot to disconnect VoIP http://zdnet.com.com/2100-1107_2-5235810.html A long, hot summer for VoIP? http://news.com.com/A+long%2C+hot+summer+for+VoIP%3F/2010-7352_3-5235523.html - - - - - - - - - - FTC Stays Out of Spam's Way, Rejecting List Idea Following that reasoning, the Federal Trade Commission on Tuesday rejected a plan to create a "do-not-e-mail" list modeled after the popular "do-not-call" registry that keeps telemarketers at bay. In a 5-0 vote, the FTC decided that the proposed list would entice spammers to send more junk e-mail, not less. (LA Times article, free registrarion required) http://www.latimes.com/technology/la-fi-spam16jun16,1,2151169.story - - - - - - - - - - Gartner warns banks on spyware fraud Theft from personal bank accounts is the fastest- growing financial fraud plaguing US consumers, with spyware attacks to blame for much of the rise. According to a survey by Gartner, 1.98 million online adults have experienced this sort of crime in the past 12 months. The analyst organisation urged banks to implement stronger access controls to online and telephone banking systems. http://www.vnunet.com/news/1155924 - - - - - - - - - - SurfControl distributes email mailing list SurfControl yesterday issued an exciting press release outlining "the dangers facing businesses who do not protect their e-mail communications against confidential data loss". As is the local custom, the release was sent by email to a long list of eager recipients. Sadly, the operative responsible has clearly never considered protecting their email communications against confidential data loss by using the handy blind copying facility. http://www.theregister.co.uk/2004/06/16/surfcontrol_confidential_data/ http://management.silicon.com/smedirector/0,39024679,39121419,00.htm - - - - - - - - - - One in three PCs hosts spyware or Trojans An average of one in three PCs scanned in March and April was carrying a system monitor or Trojan horse hidden on its hard drive. The research, carried out by privacy firm Webroot Software and ISP EarthLink, warned that these sorts of spyware can forward information about a user's online activities to another individual or company without the user's knowledge or permission. Scans of 650,000 consumer PCs performed between 1 March and 30 April found more than 18 million instances of spyware. http://www.vnunet.com/news/1155923 http://zdnet.com.com/2100-1104_2-5236735.html - - - - - - - - - - Trusted Electronic Communications Forum aims to fight online fraud More than a dozen corporate giants in the retail, telecommunications, financial services, banking and technology industries are joining forces to combat phishing, spoofing and other methods of online identify fraud. The companies -- among them AT&T Wireless Services Inc., IBM, Best Buy Co., and Fidelity Investments -- today announced the formation of the Trusted Electronic Communications Forum (TECF), a group that will focus on eliminating phishing's threat to e-mail and e-commerce. Details about the group first emerged yesterday. http://computerworld.com/securitytopics/security/cybercrime/story/0,10801,93871,00.html - - - - - - - - - - Conference aimed at combatting online hate Experts gathered in Paris on Wednesday seeking a common approach to combatting racist, anti- Semitic and xenophobic propaganda on the Internet, believed to be a chief factor in rising numbers of hate crimes. Officials from more than 60 countries were attending the two-day conference aimed at finding ways to keep racist information off the Web without compromising free speech and freedom of expression. http://www.usatoday.com/tech/news/techpolicy/2004-06-16-against-online-hate_x.htm http://www.newsfactor.com/story.xhtml?story_title=International-Conference-Attendees-Lament-Hate-Speech-on-Web&story_id=25425 - - - - - - - - - - Spammer prosecutions waste time and money The recent US Federal Trade Commission (FTC) report on the futility of establishing a national 'do not email' registry contains a number of interesting observations related to spam control and to the so-called CAN-SPAM Act. In a nutshell, the FTC rejects the registry because it would become a weapon that spammers could use to fortify their ever-growing lists of victims, as we reported here. http://www.theregister.co.uk/2004/06/16/spam_suits_dont_work/ - - - - - - - - - - Fans urged not to download films The kids are out of school, more people have high- speed Internet connections at home, and the Motion Picture Association of America is concerned many might try to kill time this summer by downloading unauthorized online copies of movies. Tuesday, the MPAA began an education campaign to urge kids to respect copyrights. http://www.usatoday.com/tech/news/2004-06-16-valenti_x.htm - - - - - - - - - - Piracy Fight Spreads to Radio Airwaves Afraid that music pirates could cruise the airwaves for booty, record labels want the government to make it tough for people to copy digital radio broadcasts. The Recording Industry Assn. of America is expected to ask the Federal Communications Commission today to require broadcasters to either encrypt their digital signals or transmit a special marker that discourages replication. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-hdradio16jun16,1,6109885.story http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8939250.htm Court clips DirecTV piracy suits http://www.securityfocus.com/news/8925 321 Studios close to shutting down http://zdnet.com.com/2100-1104_2-5236366.html - - - - - - - - - - Spam not a problem in workplace, say staff More than half of US computer users believe spam is not a problem in their workplace and that their company's current junk email situation is under control, according to a survey. The report by software security maker Symantec, found that 50.8 per cent of end users believe spam is not an issue at work. Approximately 68.2 per cent said their company has been able to curb junk email. http://www.silicon.com/research/specialreports/thespamreport/0,39025001,39121401,00.htm - - - - - - - - - - Microsoft on track to offer anti-virus software Microsoft is still on track to offer an anti-virus product that will compete against similar software offered by Symantec and Network Associates, the world's largest software maker said late Monday. Mike Nash, chief of Microsoft's security business unit, told reporters that Microsoft is developing software to protect personal computers running Windows against malicious software, the worms and viruses that in recent years have plagued users with data loss, shutdowns and disruptions in Web traffic. http://www.usatoday.com/tech/news/computersecurity/2004-06-16-ms-av_x.htm - - - - - - - - - - Security titans intensify rivalry Network Associates Inc. and Symantec Corp. long to be more than antivirus vendors. The rivals want to be one-stop security shops where businesses buy everything from intrusion prevention to spam control to firewalls. Each has invested a small fortune in pursuit of this goal, yet sweeping success is guaranteed for neither. http://computerworld.com/securitytopics/security/story/0,10801,93869,00.html - - - - - - - - - - Retail PCs can reach customers without latest patches The excitement home buyers feel when taking a new PC out of its box can be short-lived if the machine is vulnerable to the swarm of viruses and worms on the Internet. One senior administrator at a major research university recently endured a prolonged setup procedure with his new laptop. http://computerworld.com/securitytopics/security/story/0,10801,93868,00.html - - - - - - - - - - The War on Child PornographyWho are the Victims? The sexual victimization of children is overwhelming in magnitude, yet largely unrecognized and underreported. Peter Banks, National Center for Missing and Exploited Children. The dissemination of child pornography on the Internet is growing very fast. At the same time, internet crime against children is the fastest growing crime in America. The problem is so big that the FBI operation to combat these kinds of crimes is now second only to the fight against terrorism. http://blog.watchright.com/?itemid=146 - - - - - - - - - - Analyst: Mobile Security Is A Top Priority With yesterday's detection of a virus that could worm its way onto smartphones, security has once again come to the forefront of people's minds. While the appearance of a virus on a handset is something of an inevitability, the wireless industry views security as a top concern, according to one industry analyst. "Mobile security is one of the fastest growing sectors in the wireless space and it is a priority for everybody, from operators to device manufacturers to silicon vendors to the mobile software and middleware vendors," Yankee Group analyst John Jackson tells news@2. "It is an area that gets tons of attention." http://www.wirelessweek.com/index.asp?layout=document&doc_id=134004 *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.