NewsBits for January 12, 2005 ************************************************************ I will be out of the country beginning 01/14 through 01/31 and my access to the Internet will be limited. Due to this situation, NewsBits will not be produced during this period. NewsBits will resume normal distribution on Monday, 01/31. Please accept my apology for this disruption of service. RJL ************************************************************ Technician Sentenced in Thefts of IDs A computer technician who prosecutors say touched off the largest identity theft in U.S. history was sentenced to 14 years in prison Tuesday by a judge who said the damage he caused was "almost unimaginable." Philip A. Cummings, 35, of Cartersville, Ga., a former help-desk worker for a Hauppauge, N.Y., software company, apologized before U.S. District Judge George B. Daniels imposed the sentence in New York.,1,75957.story - - - - - - - - - - T-Mobile: Hacker had limited access Mobile-phone carrier T-Mobile has acknowledged that an online attacker gained access to its network, but denied reports that the criminal had the run of its network and broadly threatened its - - - - - - - - - - Suspects elusive in racist e-mails After weeks of investigation, Palo Alto police are still at a loss to explain exactly who used a school computer to send thousands of racist e-mails to a Gunn High School history teacher. - - - - - - - - - - South Korea court acquits song-share site operators A South Korean appeals court on Wednesday acquitted the operators of a Korean-language Web site that allows users to share songs free of charge. - - - - - - - - - - UK firm fingered in US XXX spam probe A British-based outfit is among a dozen or so companies and individuals charged with using spam to flog access to smutty web sites. The US Federal Trade Commission (FTC) charged London-based Global Net Ventures Ltd and the other defendants with spamming hundreds of thousands of unsuspecting consumers with porno emails without their consent. - - - - - - - - - - Cellery worm plays Tetris as it spreads Computer game players could fall victim to a new worm that hides itself behind a version of Tetris Antivirus companies have discovered a worm, dubbed Cellery-A, that poses as an interactive version of Russian computer game Tetris at the same time as spreading across networks.,39020375,39183783,00.htm - - - - - - - - - - Porn worm spreads as new year greeting Happy nude year -- Security experts have discovered a mass-mailing worm which offers an unusual happy new year message in the form of a pornographic photograph. Wurmark-D (W32/Wurmark-D) travels as an attachment via email pretending to be a seasonal greeting, security firm Sophos warned. - - - - - - - - - - Double trouble from Symbian virus Virus writers have created a mobile phone worm theoretically capable of spreading via either Bluetooth or by attaching itself to files. The use of two spreading tactics by Lasco-A is common in the world of Windows viruses but previously unheard of in mobile phones. - - - - - - - - - - Gmail glitch yields access to messages A problem with Google's e-mail service, Gmail, let any user query the company's servers for information on the last message sent, two hackers announced on Wednesday. The programmers, part of a community site dedicated to the Unix-like FreeBSD operating system, found that an improperly formatted address allowed Gmail users to retrieve the message body of the last HTML- formatted e-mail processed by the server. - - - - - - - - - - Apple fixes flaw with iTunes update Apple on Tuesday released an update of its iTunes software to address a vulnerability that could cause earlier versions to crash and execute arbitrary code. - - - - - - - - - - Microsoft Issues Patches for Critical Flaws The latest Windows vulnerabilities are serious in that hackers can get malicious code to execute on PC without user interaction, says Russ Cooper of security firm TruSecure. "The worst is the HTML Help ActiveX vulnerability, because it is the stealthiest." New holes threaten media players,10801,98899,00.html - - - - - - - - - - Cybersecurity czar call renewed Congressional representatives are trying again to create a cybersecurity position within the Homeland Security Department's Information Analysis and Infrastructure Protection Directorate. Yet another cybersecurity chief steps down - - - - - - - - - - 'Anti-phishing' verbal signatures get thumbs up With phishing attacks on the increase there has been growing support for the introduction of 'verbal signatures' for two-way authentication between banks and their customers, as suggested by,39024655,39127007,00.htm - - - - - - - - - - Expert to hold tech harassment summit at school Westchester County has hired an expert on "cyberbullying" to talk to students, teachers, parents and police about young people who harass their peers with mean-spirited Web sites, ounding text messages, invasive cell-phone photos and other high-tech tools. - - - - - - - - - - PUC Delays Vote on 'Bill of Rights' The state Public Utilities Commission said Tuesday that it would delay for two weeks a vote that could shelve indefinitely the nation's first consumer protection rules covering both cellular and conventional phone services. The postponement came as consumer groups and the state attorney general's office complained that they had too little time to respond to a proposed order that Commissioner Susan P. Kennedy issued Jan. 5. A vote on the order had been scheduled for Thursday. (LA Times article, free registration required),1,7803292.story - - - - - - - - - - Securing data from the threat within A companys biggest security threat isn't the sinister hacker trying to break into the corporate network, but employees and partners with easy access to company information. - - - - - - - - - - Computer, physical security expected to merge Companies will increasingly integrate physical and computer security systems in 2005, spending over $1 billion in the United States and Europe, Forrester Research concluded in a report published this week. - - - - - - - - - - RFID : ID'ing the Players RFID is an unproven, unstandardized technology for supply chain usage. EPC Global (Electronic Product Code), a spin-off of the UCC (Uniform Code Council), recently ratified a standard for tags, but everything else is still in a state of emerging chaos. - - - - - - - - - - Nefarious characters roam the wild, wild Web The Internet gives millions of people faster access to more information than at any time in human history. A few mouse clicks enables online users to buy a best-selling book, bid on baseball memorabilia or book a flight to Bora Bora. - - - - - - - - - - Snooping by satellite When Robert Moran drove back to his law offices in Rome, N.Y., after a plane trip to Arizona in July 2003, he had no idea that a silent stowaway was aboard his vehicle: a secret GPS bug implanted without a court order by state police. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2005,, Campbell, CA.