NewsBits for July 29, 2004 ************************************************************ Apple accuses RealNetworks of hacking Software that lets iPod owners listen to songs in RealNetworks' music format will not work with future iPods, Apple has said, in a stinging attack on the media firm. Apple Computer on Thursday issued a scathing response to RealNetworks' move to unlock Apple's proprietary technology and make it possible for people to listen to music in RealNetworks' digital file format on iPod devices.,39020351,39162161,00.htm,1282,64383,00.html,39020357,39162161,00.htm - - - - - - - - - - West Point Cadet Gets 18 Months In Jail For Videotaping Women The son of a Kentucky judge has been sentenced to 18 months in prison for secretly videotaping female West Point cadets while they were in various stages of undress. Senior cadet and Army football player Mark Conliffe of Louisville, Ky., was sentenced earlier this month to military prison for taking semi-nude pictures and videos of eight female cadets, the Times Herald-Record of Middletown reported Thursday. The photographs and videos were found by an information systems worker at West Point, who came across them during an upgrade of the U.S. Military Academy's computer network. - - - - - - - - - - Russian extortion gang faces 15 years A Russian cyber extortion gang arrested last week cost British bookmakers tens of millions in lost revenues, according to the head of a Russian police agency. Three men suspected of masterminding a cyber- extortion racket targeting online bookies were arrested last week in a joint operation between the UK's National Hi-Tech Crime Unit and its counterparts in the Russian Federation. - - - - - - - - - - A Ukrainian child porn ring exposed Ukrainian police has stopped the activity of a criminal group taking porn pictures and movies of more that 500 girls between 8 and 16 years old in the likeness of a model agency and sold them to foreign porn websites. The studio for shooting porn was rented in the centre of Kiev, police officers informed. The company also had branch offices in Kharkiv and Simferopol. - - - - - - - - - - Retailers bans Manhunt after murder link claim Updated UK consumer electronics retail chain Dixons and games retailer Game have pulled the computer game Manhunt from its shelves after the parents of a murdered schoolboy blamed the title for their son's death. Stefan Pakeerah, 14, was stabbed and beaten to death in a Leicester park in February. Warren Leblanc, 17, of Braunstone Frith, Leicester this week pleaded guilty to the lethal attack. - - - - - - - - - - NIST says Data Encryption Standard now 'inadequate' It says the encryption algorithm should lose its certification for use in government software. The National Institute of Standards and Technology (NIST) is proposing that the Data Encryption Standard (DES), a popular encryption algorithm, lose its certification for use in software products sold to the government. The advent of massively parallel computing has rendered DES inadequate to protect federal government information, NIST said.,10801,94910,00.html - - - - - - - - - - PayPal settlement e-mails confuse recipients Some think notice of class action case is a hoax Millions of PayPal users received an e-mail this week offering them a chance to receive a little money just for filling out an online form -- and for once, the e-mail wasn't a fake. The notice tells PayPal customers that they may be eligible to receive payment as part of a class-action lawsuit settlement the eBay-owned Web signed last month. - - - - - - - - - - Seven of 24 meet security requirements A recent audit of 24 of the largest federal agencies found only seven agencies in compliance with a law requiring that they certify and accredit their information systems' security. The audit report released this week by the Government Accountability Office prompted Rep. Adam Putnam (R-Fla.) to issue a statement chastising federal agencies for not complying with security policies and guidelines issued by Office of Management and Budget officials. - - - - - - - - - - Law enforcement tackling computer crime Federal and state law enforcement agencies are joining forces to combat computer crimes, officials announced. The Cyber-Crime Strike Force will have a staff of seven investigators: four from the FBI, two from the state Attorney General Jerry Kilgore's office and one from the Virginia State Police. They will work out of the Richmond FBI office, which has a computer lab from which online undercover investigations may be conducted. - - - - - - - - - - Search engines expose vulnerabilities Malicious hackers use search engines to parse through a Web site's source code. Internet search engines have long been used in uncovering vulnerabilities for launching attacks, and security experts expect malicious hackers to increase their use of the technology to find exploitable information. Hackers have long used search engines to parse through a Web site's source code, seeking clues about what the site contains and configuration information that may be useful in launching an attack.,,94880,00.html Google a favorite among hackers too - - - - - - - - - - Companies take too long to patch software flaws, exec says Companies are taking too long to patch critical internal vulnerabilities and are still struggling to protect systems against external attacks. That's according to Qualys Inc. CTO Gerhard Eschelbeck addressing the Black Hat conference in Las Vegas. He said the typical patching time or "half life" for critical internal vulnerabilities was 62 days, about 22 days more than the 40 days he suggested companies should be aiming for.,10801,94903,00.html,39020375,39162060,00.htm - - - - - - - - - - Online shopping increase provides bait for phishers More and more people are shopping online, leading to an increasing number of incidences of phishing. Phishing is on the increase and the phenomenal rise of the crime shows little sign of slowing -- especially with more and more of us moving online to use services such as banking and shopping.,39020375,39162080,00.htm - - - - - - - - - - Spam Foes Band Together An organization due to launch Thursday will connect influential opponents of spam around the world in an effort to roust junk e-mailers from their international hideouts. Anne Mitchell, president of the Institute for Spam and Internet Public Policy, will present the group -- the International Council on Internet Communications -- Thursday at ISIPP's International Spam Law and Policies conference in San Francisco.,1282,64383,00.html - - - - - - - - - - US online pharmacies take fight to Canadians The trade in discounted prescription drugs between Canada and the US has elicited considerable controversy on both sides of the border. Yet recent figures show that sales of drugs via Canadian pharmacies have not been as great as some had predicted. However, as Datamonitor's David Deon explains, pharmaceutical companies could go further by driving the expansion of online prescribing in the US. - - - - - - - - - - Gates: Security can be an asset and opportunity Microsoft Corp. is looking to turn security from a "concern" into a "business asset" and "opportunity" for the company through software enhancements and management applications, Chairman and Chief Software Architect Bill Gates said today. Security and network complexity are now on top of all business customers' minds, Gates said in a presentation at Microsoft's annual financial analyst meeting in Redmond, Wash.,10801,94908,00.html - - - - - - - - - - E-voting critic calls on hackers to expose flaws Electronic voting systems have major security problems and hackers should make it their mission to find the flaws, an e-voting critic told security researchers on Thursday. Speaking at the Black Hat Security Briefings here, Rebecca Mercuri, a fellow at a Harvard-affiliated research center and a noted e-voting critic, called the current voting process a statistical game of shells, one that e-voting machine makers are playing for profits. - - - - - - - - - - Lining up the defense At the Black Hat Security Briefings in Las Vegas, the talk turns to e-voting security, tougher tools and RFID hacking. Meanwhile, Check Point shores up its network software. (Series of articles) - - - - - - - - - - PDAsconvenience, and no security A proof-of-concept virus discovered last week is a relatively benign bug for infecting Windows CE devices. It carries no destructive payload and has not been released in the wild. But a little tweaking of the code demonstrated at the Black Hat Briefings Wednesday can let an attacker delete files from a personal digital assistant running the Microsoft operating system. - - - - - - - - - - Email Privacy is Lost As if the common use of "web bugs" inside spam was not enough, companies are using new techniques to watch and track the private emails you read, forward, print, and more. Ah, humanity. We are a sneaky species, forever attempting to get a leg up on everyone else in as underhanded a manner as possible. If there's a way to listen in to conversations not meant for us, watch the actions of others furtively, or read someone else's secrets, we do it. - - - - - - - - - - Internet Snagged In the Hooks Of Phishers Maybe it's time we all went to digital self-defense school. How else can we learn how to deflect the Internet thieves pounding on our electronic doors? The pounding is getting louder, judging by recent reports of scammers trying to steal identities through counterfeit e-mails and bogus Web sites. Should the doors give way, I'm afraid we can kiss many legitimate Internet commerce sites goodbye, because they require a foundation of trust. - - - - - - - - - - Counting the cost of a worst-case worm A single 'superworm' attack could cost business as much as $50bn. Each week asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week Pete Simpson, ThreatLab manager at Clearswift, examines research that estimates the possible economic impact of a 'worst-case worm' attack. - - - - - - - - - - Intelligence officials clamor for information sharing Shock from the Sept. 11, 2001, terrorist attacks has caused a near 180-degree shift in thinking about classified information, according to national security officials. Several current and former National Security Agency officials who spoke this week in Washington, D.C., at GovSec, a government security conference, said sharing intelligence information with coalition partners must become the new way of doing business. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2004,, Campbell, CA.