NewsBits for February 25, 2005 ************************************************************ Bank of America says tapes with customer data lost Bank of America Corp. has lost computer data tapes containing personal information on 1.2 million federal employees, including some members of the U.S. Senate. The lost data includes Social Security numbers and account information that could make customers of a federal government charge card program vulnerable to identity theft. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/10994411.htm http://news.zdnet.com/2100-1009_22-5590989.html http://www.gcn.com/vol1_no1/daily-updates/35170-1.html http://www.govexec.com/dailyfed/0205/022405c1.htm - - - - - - - - - - Online investment crook sentenced to prison A former resident of Mexico was sentenced Friday to more than five years in federal prison for his role in one of the nation's largest online investment schemes, which bilked 15,000 investors around the world out of nearly $60 million. Keith Nordick, 42, formerly of Puerto Vallarta, Mexico, was sentenced to 65 months in federal prison for mail and wire fraud and conspiracy to launder money. He pleaded guilty in November in U.S. District Court. http://www.usatoday.com/tech/news/2005-02-26-fraudster-sentenced_x.htm - - - - - - - - - - Thai man arrested for smuggling dinosaur fossils A Thai policeman looks at the seized dinosaur fossils in Bangkok on Friday. Police acting on a tip from U.S. officials arrested a man trying to sell dinosaur fossils at least 100 million years old and valuable antiques over the Internet, Thai police said Friday. http://www.msnbc.msn.com/id/7031742/ http://news.zdnet.com/2100-1040_22-5590529.html - - - - - - - - - - Payroll hole exposes dozens of companies The payroll records of at least a dozen companies were exposed to the Internet by a flaw in the online W-2 service of PayMaxx, the accounting firm has acknowledged. The flaw, uncovered by a Web application programmer this week, affected a limited number of customers, PayMaxx said Thursday in a statement sent to CNET News.com. http://news.zdnet.com/2100-1009_22-5591029.html - - - - - - - - - - Limp Bizkit porn leak could lead to Hilton hacker A celebrity porn deal gone bad could be the key to cracking the T-Mobile hacking case, publicity professional David Hans Schmidt said Friday. Late Tuesday night, an amateur porn video of Limp Bizkit lead singer Fred Durst and an unknown woman hit the Internet. http://news.zdnet.com/2100-1009_22-5590569.html - - - - - - - - - - Call for child porn users amnesty Operation Ore has led to thousands of UK arrests Fewer users of internet child pornography should face court action, a child protection group has said. The Churches' Child Protection Advisory Service (CCPAS) wants to encourage otherwise low-risk offenders to confess and hand over their computers. http://news.bbc.co.uk/2/hi/uk_news/4296613.stm - - - - - - - - - - ChoicePoint theft prompts Senate investigation Pressure on ChoicePoint and other data brokers mounted Thursday as members of Congress called for investigations and new legislation to better regulate the industry. The intense scrutiny comes in response to last week's revelations that 145,000 U.S. citizens are at risk of identity theft after criminals stole a host of personal information from the database giant. http://www.msnbc.msn.com/id/7024899/ Potential ID theft victims eye information Warren Lambert thought it was just another piece of junk mail until he read the letter more closely and learned that con artists may have obtained his Social Security number, name and address just what they need to steal his identity and ruin his credit. http://www.usatoday.com/tech/news/2005-02-25-choicepoint-victims_x.htm - - - - - - - - - - Scottish Parliament lines up against ID scheme The Scottish Parliament yesterday condemned the UK ID Cards Bill as flawed and an unacceptable threat to civil liberties, leaving the legal position of the ID scheme largely unchanged but positioning it as a live election issue north of the border. The vote suggests that the Scottish Executive's 'kinder, gentler ID' policy may not be enough. http://www.theregister.co.uk/2005/02/25/msps_oppose_id_scheme/ - - - - - - - - - - UK Government Launches Virus Alert Site Although ITsafe has not yet launched its first offensive, Sophos security researcher Graham Cluley praises the government's strategy, especially for its potential educational advantages. "Anything that can raise awareness among the general public is welcome," he says. "Clearly, home users are a big problem." http://www.newsfactor.com/story.xhtml?story_title=UK-Government-Launches-Virus-Alert-Site&story_id=30681 http://www.securityfocus.com/news/10551* http://news.zdnet.com/2100-1009_22-5588756.html - - - - - - - - - - MP calls for action over menacing 'silent' calls Communications regulator Ofcom isn't doing enough to protect people from the menace of "silent" phone calls made by companies trying to flog their goods and services. BT receives more than 112,000 complaints a month from people worried that they've received a "silent" call. http://www.theregister.co.uk/2005/02/25/silent_calls/ - - - - - - - - - - Cyber warriors anticipate center Personnel in the military's new cyberdefense organization hope to operate a new command center by late spring. The facility will include new hardware and software to help workers of the Joint Task Force-Global Network Operations (JTF-GNO) operate, manage and defend the military's computer networks. http://www.fcw.com/fcw/articles/2005/0221/web-jtfg-02-25-05.asp - - - - - - - - - - Trend Micro archive bug unearthed Trend Micro is urging users of its anti-virus products to apply security updates following the discovery of a potentially serious security vulnerability in 29 of its products. The security bug - discovered by security researchers at ISS - involves flaws in the processing of ARJ archive files by an antivirus library that give rise to possible buffer overflow attacks. http://www.theregister.co.uk/2005/02/25/trend_micro_vuln/ - - - - - - - - - - EU and Asia unite against spammers European and Asian countries agreed to unite in the fight against spam at the conclusion of an ecommerce conference in London this week. Government participants attending an Asia-Europe (ASEM) conference on ecommerce issued a joint statement pledging to tackle the junk mail menace. http://www.theregister.co.uk/2005/02/25/eu_asia_ant-spam_agreement/ - - - - - - - - - - Firefox foils phishing flaw All Firefox users are being encouraged to download a security update for the popular open source browser. The update includes several fixes to guard against spoofing and arbitrary code execution, and improves stability, said The Mozilla Foundation. http://www.vnunet.com/news/1161518 Firefox dusted down with security upgrade http://www.theregister.co.uk/2005/02/25/firefox_update/ Mozilla warns of security holes, updates Firefox http://computerworld.com/securitytopics/security/holes/story/0,10801,100060,00.html - - - - - - - - - - Microsoft offers $5 windfall for errant software Afraid Microsoft's anti-spyware will muck up your hard drive, erasing your digital photos, music collection and work files? Don't worry, you've got a $5 rebate coming your way in this worst- case scenario--enough to buy five songs on iTunes. That is, if you read and take advantage of Microsoft's legal promise. http://news.zdnet.com/2100-1009_22-5590042.html Microsoft patches firewall problems http://news.zdnet.co.uk/0,39020330,39189174,00.htm Ready or not, Windows XP update is coming http://news.zdnet.com/2100-3513_22-5590501.html Microsoft IM release expected soon http://news.zdnet.com/2100-3513_22-5590751.html XP deloaded? MS tightens screws on loose product keys http://www.theregister.co.uk/2005/02/25/ms_oem_wpa_move/ - - - - - - - - - - Expensive anti-piracyware threatens open standard A handful of technology companies are overcharging for anti-piracy software needed for digital music stores on the Internet, preventing the emergence of open standards, electronics goods makers said on Friday. http://www.usatoday.com/tech/news/computersecurity/2005-02-25-drm-infighting_x.htm - - - - - - - - - - Privacy advocates criticize Homeland Security privacy committee Privacy advocates say a committee set up recently to advise the Homeland Security Department on privacy issues amounts to little more than a fox guarding a chicken coop. One member works for a high-tech company that distributed software that many computer users complained contained adware. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/10991077.htm Privacy panel membership questioned http://www.msnbc.msn.com/id/7031597/ - - - - - - - - - - New federal ID standard approved The Commerce Secretary today approved the Federal Information Processing Standard for Personal Identity Verification, starting the clock for agencies to implement common smart card-based ID cards. FIPS 201 lays out the technical and operational requirements for the PIV system and card. The Homeland Security Presidential Directive that mandated the card requires agencies to have the access systems in place, to the maximum extent practicable, by Oct. 25. http://www.gcn.com/vol1_no1/daily-updates/35171-1.html http://www.fcw.com/fcw/articles/2005/0221/web-fips-02-25-05.asp - - - - - - - - - - Online security - we must remain vigilant A recent online theft case highlights the risks of internet banking - and reminds us that security means never letting down your guard. Fran Foo reports from Australia. Miami businessman Joe Lopez could change the face of internet banking. Lopez discovered his company bank account was $90,000 short and a quick check online revealed the amount had been transferred - without his knowledge - to a Latvian bank. http://comment.silicon.com/0,39024711,39128178,00.htm - - - - - - - - - - Web lets parents spy on driving kids Black boxes show where and how well - or badly - teenagers drive. Anxious parents are turning to technology to make sure teenagers behave themselves when they take the family car out for a spin. One in eight cars in the US currently has some form of data recorder installed which logs details of the vehicle's movements. http://www.vnunet.com/news/1161532 - - - - - - - - - - E-mail reliability at risk as spam controls get aggressive Sometimes the only way to know whether an e-mail got through is to call. Just ask Ashley Friedlein, who runs E-consultancy Ltd. in London. He never heard back from a correspondent in the United States, a subscriber of Verizon Online. So he phoned and learned his e-mail was never received. ``I wouldn't have known anything about it had I not called to check'' he said. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/10993009.htm - - - - - - - - - - Bomb disposal disarms napalm-making teen British Army bomb disposal experts have disarmed a Suffolk teenager who brought home-made "napalm" into school, the Daily Telegraph reports. The unnamed 14 or 15-year-old apparently got instructions on how to knock up the concoction from a website, and rather splendidly decided to spend the half term holiday producing the flammable brew. http://www.theregister.co.uk/2005/02/25/napalm_producing_teen/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.