NewsBits for August 6, 2004 ************************************************************ Romanian Indicted in Hacking Scheme A Romanian man has been indicted by a grand jury that charged him and five Americans with a $10- million scheme to steal goods from a computer equipment distributor. The indictment returned Wednesday accuses Calin Mateias, 24, of Bucharest, of hacking into the online ordering system of Santa Ana-based Ingram Micro Inc. and posing as a legitimate customer to place more than 2,000 orders over four years.,1,431196.story - - - - - - - - - - Webmaster held on terror charges The publisher of two pro-Jihad Web sites has been arrested in London on suspicion of various terror charges, U.S. investigators said on Friday. Babar Ahmad, 30, was remanded in custody by a London magistrates court on Friday on a U.S. extradition warrant. American authorities are seeking to try Ahmad on five federal charges, including material support of terrorism and prohibited support of the Taliban, according to a U.S. Department of Justice official. If found guilty, Ahmad faces more than 20 years in federal prison. - - - - - - - - - - Phone spam misery looms Stateside A little-noticed Bill before the Senate will ensure daily misery for US cellphone users, thanks to the inattentiveness of telecomms regulator the FCC. This week the FCC ruled against spam sent to mobile users that originates from email addresses. The regulator believes that the 1991 Telephone Consumer Protection Act (TCPA) already regulates SMS text messages, and that's good enough. But a new bill, S.2603, passed by Congress (as HR.4600) two weeks ago, drives a horse and cart through the TCPA. The bill was approved by the House's Commerce, Science and Transportation Committee and will be considered by the floor. STATEMENT BY NY AG REGARDING FCC DECISION - - - - - - - - - - Lawyer sues Yahoo over message-board insults A Californian who objects to personal attacks made by posters to Yahoo's message boards is attempting to launch a class-action lawsuit against the company. A California lawyer who has waged an ongoing battle with Yahoo over personal attacks made against him on Yahoo message boards has filed a proposed class- action lawsuit against the company.,39020651,39162798,00.htm - - - - - - - - - - 'Stealing songs is wrong' lessons head for UK schools At the beginning of last month the British Government launched a "Music Manifesto" to promote music in schools. But already this typically Blairite bundle of good intentions is being hijacked (with not a little cooperation from the minders in Whitehall) in order to inflict copyright lessons on schoolchildren, from pre-school onwards. - - - - - - - - - - Windows security update ready to go Microsoft on Friday wrapped up development on a long-awaited security update to Windows XP, paving the way for businesses and consumers to upgrade in the coming days and months. The company said it has released Windows XP Service Pack 2 to manufacturing, following a series of delays. Microsoft will make the free update available via download and via CD, but it is recommending that customers turn on Windows' automatic upgrade feature and get the update that way.,10801,95101,00.html?from=homeheads Windows XP SP2 'Released to Manufacturing' - - - - - - - - - - Mozilla, Opera Plug Security Holes The Mozilla Foundation and Opera Software ASA have released updates to their Web browsers to fix a series of security vulnerabilities. Mozilla on Wednesday posted new versions of its Firefox browser, Thunderbird e-mail client and Mozilla suite that provide fixes to three issues. They include a newly reported critical vulnerability affecting multiple vendors' software that uses the library for the Portable Networks Graphic (PNG) image format.,1759,1632120,00.asp Images open door to attackers,39020330,39162797,00.htm - - - - - - - - - - Yahoo's Anti-Spy toolbar feature buggy Yahoo on Friday confirmed that its recently released toolbar has mistakenly linked an alleged spyware program with a product that has nothing to do with the application in question. A company representative said late Friday that its toolbar's Anti-Spy feature incorrectly identified alleged "hijacker" software known as SearchCentrix as being bundled with Claria's Gator eWallet product, which is designed to manage usernames and passwords. Hijacking programs redirect search results or tamper with browser settings, according to Yahoo. - - - - - - - - - - Security Cavities Ail Bluetooth Serious flaws discovered in Bluetooth technology used in mobile phones can let an attacker remotely download contact information from victims' address books, read their calendar appointments or peruse text messages on their phones to conduct corporate espionage. An attacker could even plant phony text messages in a phone's memory, or turn the phone sitting in a victim's pocket or on a restaurant table top into a listening device to pick up private conversations in the phone's vicinity. Most types of attacks could be conducted without leaving a trace.,1848,64463,00.html - - - - - - - - - - Can you hack the vote? A $10,000 challenge is at stake. Electronic voting systems have drawn fire from courts, lawmakers and citizens groups -- and now they're under attack by hackers. It's an organized assault, too. E-voting technology expert Rebecca Mercuri, a Harvard research fellow who has been outspoken in her opposition to such systems, has issued a "Hack the Vote" challenge, trying to illustrate what she calls the systems' unreliability and vulnerability.,10801,95096,00.html - - - - - - - - - - Small security firm puts spotlight on big vendor bugs Research company says it has discovered 67 undisclosed vulnerabilities in major vendors' software News earlier this week that Oracle Corp. was sitting on patches for 34 undisclosed vulnerabilities in its database software may have come as a surprise to some, but not to David Litchfield, the researcher who discovered the holes. "In general, bugs are getting harder to find but in some people's software you don't have to look very hard to find bugs, they just fall apart in your hands ... like Oracle's," Litchfield said in an interview Thursday. - - - - - - - - - - New Passports Will Have Electronic Chips The State Department plans to implant electronic identification chips in U.S. passports that will allow computer matching of facial characteristics, despite warnings that the technology is prone to a high rate of error. Federal researchers, academics and industry experts say the government should instead use more-reliable fingerprints to help thwart potential terrorists. (LA Times article, free registration required),1,2388069.story E-passports are nothing to smile about Passport ID technology has high error rate - - - - - - - - - - Online data a gold mine for terrorists IT's high-alert response overlooks corporate sites The widespread availability of sensitive information on corporate Web sites appears to have been largely overlooked by IT and security managers responding this week to the Department of Homeland Security's warning of a heightened terrorist threat against the financial services sector.,10801,95098,00.html - - - - - - - - - - Cyberterrorism: terrorism of the 21st century Information on new scaled terrorist attacks being prepared caused the necessity of urgent security measures to be undertaken. According to the CIA, Al Qaeda, as earlier, will try to prepare terrorists' acts with more casualties than ever. Al Qaeda and the other terrorists' movements will utilize leakages of secret information that come to mass media, information on methods of mixing explosives and achievements in the sphere of electronics that are also published at the open sources. - - - - - - - - - - Border guards eye surveillance Armed with a revised mission to fight terrorism, U.S. Border Patrol officials plan to expand and integrate technology surveillance systems during the next several years.The federal law enforcement agency is looking to enhance the Integrated Surveillance Intelligence System (ISIS) that includes remote video surveillance cameras; intelligent computer-aided dispatch systems; seismic, magnetic and infrared sensors; and other types of equipment. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2004,, Campbell, CA.