High Tech "NewsBits" for 11/29/04

NewsBits for November 29, 2004 ************************************************************ Man cleared in keyboard-wiretapping case A man accused of planting a keystroke recording device on a workplace computer wasn't violating federal wiretapping law, a judge has ruled. Larry Lee Ropp, 46, was indicted in March on charges he installed such a device to obtain e-mails, passwords and other information from a computer used by the secretary to the vice president of an Anaheim, Calif.-based insurance company. http://www.usatoday.com/tech/news/internetprivacy/2004-11-29-not-a-wiretap_x.htm - - - - - - - - - - Broadcom Accuses 7 of Taking Secrets Chip maker Broadcom Corp. is charging that seven current and former employees stole its cellphone chip designs to use for a newly formed company. The Irvine-based company, in a suit filed this month in U.S. District Court in Santa Ana, alleges "a well-orchestrated, international scheme to steal from Broadcom trade secrets worth millions of dollars." http://www.latimes.com/technology/la-fi-broadcom25nov25,1,7985181.story - - - - - - - - - - Ex-virus writer questioned over Slammer Police are questioning Benny, a former member of the 29A virus writers' club, over the Internet worm Slammer. According to Czech security news site viry.cz, police interviewed the 22 year-old, who lives in Brno, and confiscated computers from his home last Thursday. http://news.zdnet.co.uk/internet/0,39020369,39175383,00.htm - - - - - - - - - - SCO hacked in apparent IP protest Visitors to SCO's website this morning were treated to a rare moment of corporate self- awareness after hackers apparently replaced an image linking to the undoubtedly scintillating "Extending Legacy Applications and Databases to the Web and Wireless Devices with SCOx Web Services Substrate" with a graphic bearing the rather more promising "We own all your code - pay us all your money": http://www.theregister.co.uk/2004/11/29/sco_hacked/ http://www.vnunet.com/news/1159720 http://www.newsfactor.com/story.xhtml?story_title=Hackers-Deface-SCO-Site&story_id=28694 http://computerworld.com/securitytopics/security/story/0,10801,97903,00.html - - - - - - - - - - Special Needs Teacher Spared Jail A special needs teacher was today spared jail despite admitting downloading more than 2,500 indecent images of children. Ralph Bell, 38, of Bankhall Road, Stockport, Greater Manchester, pleaded guilty to 20 child porn offences, the citys magistrates court was told. http://www.crime-research.org/news/25.11.2004/801/ - - - - - - - - - - Feds: PA D.A.R.E. Cop Had Sex w/Boy A Baden police officer took time off from his job to engage in sexually explicit Internet chats with a 14-year-old boy with whom he later had sexual contact, federal prosecutors said Monday. "While his wife and children were upstairs, he was downstairs talking dirty to a 14-year-old boy on the computer," assistant U.S. Attorney Tina Miller said at a detention hearing for Kenneth Jones, 38. "He clearly led a parallel life that had gone way beyond fantasy." http://www.lineofduty.com/blotterstory.asp?StoryID=70164 - - - - - - - - - - Youth jailed for court camera phone pics A nineteen year-old has been given a six month custodial sentence for using his camera phone to take pictures in court. Shaun Nash, who was at a Bristol Crown Court for the robbery trial of a friend, was taking pictures and videoing proceedings from the public gallery. One of the jurors noticed what he was doing, and the trial was abandoned. http://www.theregister.co.uk/2004/11/29/camera_phone_court/ - - - - - - - - - - UK's biggest spammer goes AWOL Britain's most prolific spammer, 23-year-old Peter Francis-Macrae, is on the run from both the police and UK domain registry Nominet after he finally pushed his luck too far. Francis-Macrae, who lives in the tiny village of St Neots in Cambridgeshire with his father, failed to turn up to a hearing at Huntington Magistrates court and a warrant for his arrest has been issued. http://www.theregister.co.uk/2004/11/29/uk_spammer_goes_awol/ - - - - - - - - - - Hacker puts obscene message on traffic sign A hacker put an obscene message, possibly for this city's mayor, on an electronic traffic message board, shocking morning commuters in West Palm Beach, Fla. http://www.globetechnology.com/servlet/story/RTGAM.20041125.gthaynov25/BNStory/Technology/ - - - - - - - - - - Hacking tool reportedly draws FBI subpoenas The author of the popular freeware hacking tool Nmap warned users this week that FBI agents are increasingly seeking access to information from the server logs of his download site, insecure.org. "I may be forced by law to comply with legal, properly served subpoenas," wrote "Fyodor," the 27-year-old Silicon Valley coder responsible for the port scanning tool, in a mailing list message. http://www.securityfocus.com/news/10011 http://software.silicon.com/security/0,39024655,39126180,00.htm - - - - - - - - - - Kazaa heads to court for file-swap trial Industry eyes are turning toward Oz as more than 50 lawyers begin waging a courtroom battle over Kazaa, the peer-to-peer technology owned by Australia-based Sharman Networks that touts some 60 million users worldwide. The major record labels and 25 other North American, European and Australian record company "applicants" brought the federal court action in Sydney to stop illegal peer-to-peer file sharing. They also want to recover compensation for past illicit downloads, estimated by some to be worth billions of dollars. http://news.com.com/Kazaa+heads+to+court+for+file-swap+trial/2100-1027_3-5468757.html http://www.usatoday.com/tech/news/techpolicy/2004-11-26-kazaa-au-trial_x.htm Music industry lashes out at Kazaa trial http://news.com.com/Music+industry+lashes+out+at+Kazaa+trial/2100-1027_3-5469211.html Trial to Unmask Kazaa Owners http://www.wired.com/news/digiwood/0,1412,65860,00.html - - - - - - - - - - Hacker evidence admissible in court? New Zealand is considering making evidence gathered by a hacker admissible as evidence in court, raising the spectre of vigilante hackers. A bill to be introduced to New Zealand's Parliament early next year will clarify the legal status of evidence of an offence gained by hacking, as well as other evidence collected through illegal acts. http://www.techworld.com/security/news/index.cfm?NewsID=2691&Page=1&pagePos=4 - - - - - - - - - - Blair announces severe sentences for ID card abuse Prime Minister Tony Blair has revealed the government will introduce severe prison sentences to prevent abuse of its proposed identity card scheme. Blair told reporters at his monthly 10 Downing Street press conference that anyone found guilty of tampering with the new card will face a sentence of up to 10 years. http://www.vnunet.com/news/1159724 ID cards spread biometrics http://www.vnunet.com/news/1159719 - - - - - - - - - - Warning: critical Winamp vuln Security researchers are warning of a serious - and unfixed - security hole with the popular Winamp media player. A remotely exploitable stack based buffer overflow creates a means for hackers to take over machines running Winamp- providing they can trick users into running maliciously constructed files. http://www.securityfocus.com/news/10013 http://www.vnunet.com/news/1159673 - - - - - - - - - - Web on watch for common enemies Security experts are watching out for attacks that burrow through two new flaws, warning that the vulnerabilities are a bigger threat because of people's reliance on the targeted software. Last week, a security researcher published details of a hole in Sun Microsystems' browser plug-in for running Java applets downloaded from the Internet. The week also saw a banner-ad attack that exploited an unpatched flaw in Microsoft's Internet Explorer browser software. http://news.zdnet.com/2100-1009_22-5466524.html Sun moves to eclipse Java hackers Sun Microsystems has moved to patch a potentially devastating flaw in the Run Time Environment of its Java Virtual Machine (JVM) that security experts warn could leave millions of desktops open to hack attack. http://www.vnunet.com/news/1159651 - - - - - - - - - - Call to arms against cybercrooks The chief technology officer of online gaming portal Betfair has called for more government and industry cooperation to combat the growing threat of distributed denial-of-service attacks to online businesses. In an exclusive interview, David Yu said that DDoS attacks may have only really affected a handful of businesses so far, but any company that relies on the Web to make transactions with customers or partners should be aware of the problem. http://news.zdnet.com/2100-1009_22-5466520.html - - - - - - - - - - The Cost of Virus Protection Rises But while leading antivirus software vendors Symantec and McAfee have been hiking annual subscription fees for stand-alone products, they've kept those charges flat for product suites that bundle antivirus utilities with firewall, intrusion-detection, and spam-control software. The idea is to encourage customers to move over to these suites. http://www.pcworld.com/news/article/0,aid,118648,00.asp - - - - - - - - - - Phishers tapping botnets to automate attacks Computer criminals are making phishing more potent by automating attacks. Anti-Phishing Working Group (APWG) analysts reckon fraudsters are using automated tools and botnets to ramp up attacks. It estimates attacks grew by an average of 36 per cent a month between July and October. http://www.theregister.co.uk/2004/11/26/anti-phishing_report/ - - - - - - - - - - Cell Phones Increasingly Attractive To Hackers Early this month, several Web sites began offering software promising ringtones and screensavers for certain cell phones. But those who downloaded the software found that it turned every icon on their cell phones' screens into a skull-and-crossbones and disabled their phones, so they could no longer send or receive text messages or access contact lists or calendars. http://story.news.yahoo.com/news?tmpl=story&ncid=1209&e=1&u=/washpost/20041126/tc_washpost/a13361_2004nov25&sid=96168965 Skulls program carries Cabir worm into phones http://news.zdnet.com/2100-1009_22-5469691.html - - - - - - - - - - Met warns of growing 'cashback' scam The Metropolitan Police Specialist Crime Directorate has issued a warning to the public about the re-emergence of a fraud that has been around for a few years. The scam, dubbed 'criminal cashback', is aimed at anyone who advertises something for sale, be it over the internet, in the local paper, in the specialist press or in a shop window. http://www.vnunet.com/news/1159728 - - - - - - - - - - Passport privacy questioned In their latest salvo against the way Bush administration officials want to use technology to track travelers, American Civil Liberties Union officials are accusing them of disregarding privacy and security warnings about remotely readable biometric passports. http://www.fcw.com/fcw/articles/2004/1129/web-epass-11-29-04.asp http://www.usatoday.com/tech/news/computersecurity/infotheft/2004-11-29-passport-safety_x.htm http://www.cnn.com/2004/TECH/ptech/11/29/electronicpassports.ap/index.html - - - - - - - - - - Colombian bank launches biometric ATM Bank customers in Colombia now have the option of using their fingerprints to withdraw cash from ATMs. Colombia's Bancafe Bank has partnered with technology company NCR to upgrade its ATMs and allow its 2.5 million customers the option of accessing their accounts and withdrawing money using just their fingerprints and PIN numbers. http://news.zdnet.com/2100-1009_22-5469902.html - - - - - - - - - - China moots foreign software crackdown Microsoft has reportedly lost a contract to supply Beijing council with software. The $3.5m deal was announced last week and was heavily criticised by local software providers and government officials. They called on local authorities to do more to support local software companies. The contract is now on hold, Hong Kong business paper The Standard reports. http://www.theregister.co.uk/2004/11/29/china_microsoft_list/ - - - - - - - - - - Breaking, Entering Your PC It can, and often does, start something like this: You're online, maybe searching for a specific piece of information, maybe just cruising the Web. I was investigating new search technologies that were advertised as useful in dealing with variations in the spelling of names and had read that Lycos, a pre-Google Internet portal and search engine, had developed some. (LA Times article, free registration required) http://www.latimes.com/technology/la-na-spyware26nov26,1,315167.story Profitware http://www.securityfocus.com/columnists/278 CA slaps spyware label on Kazaa http://news.com.com/CA+slaps+spyware+label+on+Kazaa/2100-1025_3-5467539.html Are you sitting comfortably? Then let's spy http://news.com.com/Are+you+sitting+comfortably+Then+lets+spy/2100-1028_3-5470286.html - - - - - - - - - - Seeds of Disaster Internet Explorer's problems can be traced to Microsoft's shortsightedness during the browser wars of the 1990s. Is the company sowing tomorrow's security woes today? http://www.securityfocus.com/columnists/279 - - - - - - - - - - Random answers retain privacy If IBM is right, corporate databases in the future might record your age as 157 and your income as the square root of two. Big Blue is experimenting with an idea for customer databases called data randomization. The technique will, conceivably, preserve consumer privacy by masking data such as income, age, past purchases or medical information through mathematical calculations that can't be unwound. http://news.zdnet.com/2100-1009_22-5469837.html - - - - - - - - - - Porn Prohibitionists Miss Point All week I've been thinking about the recent "porn is heroin" hearing, which concluded that porn bypasses the cognitive speechmaking part of the brain, turns men into rapists and -- my favorite -- releases damaging "erototoxins" into the bloodstream. The stated point of the hearing was to determine whether Congress should fund studies about the effects of pornography addiction on families and communities, and whether it should launch a public health campaign to warn people of the dangers of online porn. http://www.wired.com/news/culture/0,1284,65831,00.html - - - - - - - - - - White House to CIA: Use IT to improve intelligence gathering The White House has ordered the CIA to develop IT tools that can assist in processing and using foreign language information. The Nov. 23 presidential memo focuses on rebuilding CIAs analytic and human intelligence capabilities, including hiring more analysts and agents with proficiency in critical languages such as Arabic. http://www.gcn.com/vol1_no1/daily-updates/28004-1.html - - - - - - - - - - Treasury testing tools to help connect the dots Feds want to make it easier to spot criminals and terrorists who camouflage funding in legitimate money transactions. Federal investigators trying to disrupt terrorist financing expect to get more analytical muscle from a new system run by the Treasury Departments Financial Crimes Enforcement Network. The system, dubbed BSA Direct for the Bank Secrecy Act work its supposed to help investigators do, will spot anomalies, trends and patterns that officials might otherwise miss in financial data scoured to uncover money moved for illegal uses. http://www.gcn.com/23_33/news/27960-1.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.