NewsBits for December 22, 2004 ************************************************************ ID theft fears linger after laptop returned A California blood bank has retrieved a stolen laptop, but remains concerned that some donors could be at risk of identity theft. Delta Blood Bank, based in a Stockton, Calif., paid a reward for the Compaq laptop, which had been stolen after a Dec. 10 blood drive in the nearby town of Tracy. On Dec. 15, the blood bank notified more than 100,000 donors that their personal information had been filched and warned them of the threat of identity theft. Blood bank fears ID heist - - - - - - - - - - Symbian smartphones hit by virus-spreading Trojan A program pretending to be the game 'Metal Gear Solid' is attempting to infect smartphones with the Cabir virus, and will disable antivirus protection. MetalGear.A isn't the type of surprise gift mobile phone users are looking for this holiday season. Antivirus-software maker SimWorks said in a release published on Tuesday that the Trojan horse combines several malicious mobile phone programs that work to spread over Symbian-based phones.,39020348,39181939,00.htm - - - - - - - - - - Google stops spread of Santy worm The search engine has blocked attempts by the Santy worm to search for vulnerable PHP bulletin boards that it could infect. Google has responded to calls from antivirus companies to stop the advance of an Internet worm that was using the search engine's technology to spread among online bulletin boards.,39020375,39181937,00.htm Google's search for security New computer worm attacks bulletin boards - - - - - - - - - - Groups fight Internet wiretap push Companies and advocacy groups opposed to the FBI's plan to make the Internet more accommodating to covert law enforcement surveillance are sharpening a new argument against the controversial proposal: that law enforcement's Internet spying capabilities are just fine as it is. - - - - - - - - - - AMD stopped from advertising NX flag as anti-virus cure CHIP FIRM AMD has been prevented from advertising its NX bit as an antivirus panacea in the Netherlands. Dutch site reports that after a complaint to the consumer commission that the AMD advertising was misleading, the firm is being prevented from describing the NX bit as a cure for all forms of viruses, as it can actually only prevent some. - - - - - - - - - - Linux lasting longer against Net attacks Unpatched Linux systems are surviving longer on the Internet before being compromised, according to a report from the Honeynet Project released this week. The data, from a dozen networks, showed that the average Linux system lasts three months before being compromised, a significant increase from the 72 hours life span of a Linux system in 2001. - - - - - - - - - - Netting paedophiles The 'what do we do about online paedophiles?' debate has taken a new turn in the UK, with a controversial proposal by Donald Findlater, deputy director of child protection charity the Lucy Faithfull Foundation and former director of the Wolvercote Clinic residential treatment centre for paedophiles. - - - - - - - - - - Security workers praise Sarbanes-Oxley Many security workers feel that government regulations aimed at protecting IT networks from threats are working, according to new survey. The survey, released Wednesday by security services company RedSiren, indicates that many IT professionals view security guidelines as work-intensive. But they also believe the regulations--such as the Sarbanes- Oxley Act, HIPAA (the Health Insurance Portability and Accountability Act) and the Gramm-Leach-Bliley Act--are making a difference. How to close the information security gap at your company,,98364,00.html - - - - - - - - - - OMB mandates agency use of approved PKI providers The Office of Management and Budget is requiring agencies to use one of three approved shared- service providers for public-key infrastructure and electronic-signature services. These three service providersthe Agriculture Departments National Finance Center, Verisign Inc. of Mountain View, Calif., and Betrusted U.S. Inc. of New Yorkmeet the level-four certification outlined in OMBs December 2003 memo. - - - - - - - - - - Wal-Mart tagging fuels RFID market Wal-Mart Stores' top merchandise suppliers are lifting sales of radio frequency identification devices as they race to comply with a January deadline from the world's largest retailer. RFID Struggles Mount as End of Year Approaches,1759,1744839,00.asp - - - - - - - - - - How ITIL Can Improve Information Security ITIL - the Information Technology Infrastructure Library - is a set of best practices and guidelines that define an integrated, process-based approach for managing information technology services. ITIL can be applied across almost every type of IT environment. - - - - - - - - - - 2004 Review of the Year: Security Not all MyDoom and gloom. Security has remained high on the agenda throughout the IT recession, and the year has seen some major steps forward, and a few steps back. IT industry facing a turbulent 2005 *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2004,, Campbell, CA.