NewsBits for January 31, 2005 ************************************************************ MSBlast writer thrown in slammer The American teenager who confessed to writing MSBlast.B has been sentenced to 18 months in prison and 10 months of community service - far short of the maximum sentence of 10 years the crimes carried. Jeffrey Lee Parson, 19, of Minnesota, was ordered to serve his time in a minimum security prison and participate in 10 months of community service. http://news.zdnet.co.uk/internet/security/0,39020375,39186035,00.htm http://www.vnunet.com/news/1160879 - - - - - - - - - - Californian gets 16 months for stalking by satellite A man charged with stalking his ex-girlfriend by attaching a global positioning system to her car was sentenced to 16 months in state prison, prosecutors said. Ara Gabrielyan, 33, of Glendale, was sentenced Friday after pleading no contest to one count of stalking and two counts of making criminal threats, said Deputy District Attorney Debra Archuleta. http://www.usatoday.com/tech/news/surveillance/2005-01-29-gps-stalking_x.htm - - - - - - - - - - MySQL worm stopped Access to the servers controlling the spread of the MySpooler worm was cut off over the weekend, effectively stopping the spread of the bot software. A worm exploiting weak database passwords on Windows computers had essentially stopped spreading on Friday, after the systems infected with the program were cut off from the control of several central computers. http://news.zdnet.co.uk/software/applications/0,39020384,39186033,00.htm Government concerned about MySpooler worm http://news.zdnet.co.uk/internet/security/0,39020375,39185935,00.htm - - - - - - - - - - Security on Car Keys Can Be Unlocked, Team Says Researchers said Saturday that they had found a way to crack the code used in millions of car keys, a development they said could allow thieves to bypass the security systems on newer car models. The research team at Johns Hopkins University said it discovered that the "immobilizer" security system developed by Texas Instruments could be cracked using a "relatively inexpensive electronic device" that acquired information hidden in the microchips that made the system work. http://www.usatoday.com/tech/news/2005-01-30-car-alarms_x.htm http://www.latimes.com/technology/la-na-carkeys30jan30,1,4073663.story http://www.theregister.co.uk/2005/01/31/rfid_crypto_alert/ http://www.newsfactor.com/story.xhtml?story_title=RFID-Vulnerability-Exposed&story_id=30105 - - - - - - - - - - SP2's data execution protection cracked A Russian security firm has published a paper detailing a major security flaw in Microsoft Service Pack Two for Windows XP, over a month after alerting Redmond to the flaw. A Russian security company claims it found a way to beat a security measure in Microsoft's Windows XP Service Pack 2. http://news.zdnet.co.uk/software/windows/0,39020396,39186034,00.htm - - - - - - - - - - Juniper routers exposed to attack Networking company Juniper Networks is encouraging customers to upgrade their routers to fix a serious vulnerability in its operating system. Juniper's M- and T-Series routers are affected by the flaw in the version 6 series of Junos, which makes them vulnerable to denial- of-service attacks. Such an attack could allow a hacker to gain access to the router and crucial areas of a company's network. http://news.zdnet.com/2100-1009_22-5557402.html http://news.zdnet.co.uk/communications/networks/0,39020345,39186044,00.htm - - - - - - - - - - 50k spamming fines proposed A law has been proposed by Germany's ruling coalition to try and deal with the growing problem of unsolicited email, with hefty fines promised for those who break it. Spammers in Germany will face fines of as much as 50,000 according to a draft law agreed by Germany's ruling coalition of Social Democrats and Greens. http://news.zdnet.co.uk/internet/0,39020369,39186045,00.htm http://www.theregister.co.uk/2005/01/30/germany_gets_tough_with_spammers/ - - - - - - - - - - Netscape readies antiphishing browser Netscape next month is expected to release a test version of a Web browser designed to resist phishing schemes, taking aim at recent security vulnerabilities in Microsoft's Web browser. Netscape, a unit of Time Warner subsidiary America Online, has been recharging its browser activity in recent months, prodded by the success of its open-source spin-off, the Mozilla Foundation, and by the prospects of increased revenue through browser-based search queries. http://news.zdnet.com/2100-1009_22-5558006.html Phishing morphs into pharming http://www.theregister.co.uk/2005/01/31/pharming/ - - - - - - - - - - Microsoft's anti-piracy plan condemned Microsoft's plan to deny patches to pirates will increase security threats, according to Gartner. Microsoft's Windows Genuine Advantage (WGA) programme, which is designed to help identify pirate copies of Windows, will increase the security problems faced by enterprises, according to research group Gartner. http://news.zdnet.co.uk/software/windows/0,39020396,39186031,00.htm Microsoft's Velvet Glove Microsoft recently announced its latest ploy to extort more money from the public and further strengthen their software monopoly: they want to make you pay for a legal copy of Windows before you get any OS add-on features or updates. http://www.securityfocus.com/columnists/295 - - - - - - - - - - Program for area parents to focus on Internet crime Parents are invited to attend a community outreach program Thursday aimed at protecting school children from sexual predators who use the Internet to find victims. Special Agent Eric Szatkowski of the Wisconsin Department of Justice will give a presentation entitled The Dark Side of the Internet: Sexual Predators of Children at 7 p.m. at the Menasha High School auditorium. http://www.wisinfo.com/postcrescent/news/archive/local_19586305.shtml - - - - - - - - - - Gates vows 'all-out war' against Net crime Microsoft founder Bill Gates says he has launched an "all-out war" against crime on the Internet, according to an interview published on Saturday in a German news magazine. "I have set a number of strategic priorities that have to be achieved, like winning battles in an all-out war," he told Der Spiegel. http://www.iol.co.za/index.php?set_id=1&click_id=115&art_id=qw1107000721590B253 - - - - - - - - - - Internet auctions top fraud list A West Virginia man auctioned an airplane on eBay's site and found a buyer willing to pay $16,200 for it. The prospective buyer sent a $2,000 deposit, but didn't hear a peep from the man afterward. When the man finally responded to the buyer's e-mails, the seller accused the buyer of harassment and said he was going to keep the deposit and not deliver the plane. He then re-listed it on eBay and sold it to another person. http://www.timesdispatch.com/servlet/Satellite?pagename=RTD%2FMGArticle%2FRTD_BasicArticle&c=MGArticle&cid=1031780532252&path=!business!columnists&s=1045855934868 - - - - - - - - - - NIST to issue updated federal ID card specs today The National Institute of Standards and Technology today will release specifications that will firm up biometric plans for governmentwide personal- identity-verification cards. NIST will post Special Publication 800-73 online at csrc.nist.gov. Homeland Security Presidential Directive 12 required NIST to develop the specs for a common federal smart card. http://www.gcn.com/vol1_no1/daily-updates/34934-1.html NIST issues final draft of IT security controls http://www.gcn.com/vol1_no1/daily-updates/34930-1.html - - - - - - - - - - Diebold completes e-voting printer prototype Diebold said Thursday it has completed a prototype printer designed for use with touch-screen electronic voting machines, allowing voters to print, review and verify ballot selections. "Voter verified paper receipts are something new," said David Bear, a spokesman for subsidiary Diebold Election Systems in McKinney, Texas. http://www.usatoday.com/tech/news/techpolicy/evoting/2005-01-28-diebold-printout_x.htm - - - - - - - - - - Cyber-Security: Is the Gov't Doing Enough? The Internet is inherently insecure, and the government is no longer providing sufficient funding to help correct the problem, so said a leading member of an Internet content delivery company at a conference here over the weekend. "The Internet is very insecure," said F. Thomson Leighton in his keynote speech at the Harvard Business School Cyberposium 2005. Leighton, co-founder and chief scientist at Akamai Technologies Inc., based here, noted that over 4,000 viruses were found last year and that 83 percent of the country's financial institutions were compromised. http://www.eweek.com/article2/0,1759,1757355,00.asp - - - - - - - - - - Digital evidence: Today's fingerprints Electronic world increasingly being used to solve crimes. Police and prosecutors are fashioning a new weapon in their arsenal against criminals: digital evidence. The sight of hard drives, Internet files and e-mails as courtroom evidence is increasingly common. http://www.cnn.com/2005/LAW/01/28/digital.evidence/index.html - - - - - - - - - - Most ID theft begins at home It's a frightening prospect: Cyber hackers roaming the World Wide Web collecting credit card numbers and personal financial information of total strangers -- but it turns out most identity theft begins closer to home. http://www.wpherald.com/storyview.php?StoryID=20050128-025622-2329r - - - - - - - - - - Internet Fraud by Freelance Websites This is the latest form of internet frauds. Many offshore projects are being executed via freelance websites where buyers and coders get together for conducing offshore software development or outsoucing any other kind of work. http://www.crime-research.org/news/30.01.2005/933/ - - - - - - - - - - Interview with a link spammer Exclusive Sam - let's call our interviewee Sam, it's suitably anonymous - lives in a three-bedroom semi-detached house in London, drives a vintage Jaguar and runs his own company. But "it's not all rock and roll and big money", says Sam. What isn't? Spamming websites and blogs with text to pump up the search engine rankings of sites pushing PPC (pills, porn and casinos), sthat's what. http://www.theregister.co.uk/2005/01/31/link_spamer_interview/ - - - - - - - - - - Carnivore gone--but it's not dead Robert Corn-Revere clearly remembers the day he became the first person to tell the world about the FBI surveillance system once known as Carnivore. In late 1999, Corn-Revere, a partner at the Davis Wright Tremaine law firm, had been fighting on EarthLink's behalf to keep a government surveillance device off the company's network. A short while later, though, a federal magistrate judge sided with the FBI against the Atlanta-based Internet provider. http://news.zdnet.com/2100-1009_22-5557496.html - - - - - - - - - - Government computer blunders are common and expensive The FBI's failure to roll out an expanded computer system that would help agents investigate criminals and terrorists is the latest in a series of costly technology blunders by government over more than a decade. http://www.securityfocus.com/news/10383 - - - - - - - - - - Insurgent groups use Internet to try to scare away Iraqi voters In Baghdad, armed men hand out fliers threatening people with death if they vote in the upcoming elections. But on the Internet a more effective campaign against the vote is under way. Militant groups have stepped up their anti-election propaganda and threatening statements on the Internet, hoping a stepped up cyberspace psychological operation will suppress turnout and damage the elections' legitimacy. http://www.securityfocus.com/news/10382 - - - - - - - - - - Women warm to online betting Online gambling in the UK has grown 566 per cent since 2003 and the fast growth is mainly due to a big increase in the number of women betting online. In the early 90s, women represented just four per cent of gamblers but now 20 per cent of British women visit an online casino or betting site more than once a year. http://www.theregister.co.uk/2005/01/31/ladies_bet_online/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.