NewsBits for April 5, 2005 ************************************************************ Judge ignores plea bargain of convicted eBay scammer A federal judge rejected a plea bargain from a Yarmouth man accused of conducting a series of Internet scams after the man threw a pitcher of water across the courtroom at a prosecutor who called him a thief. U.S. District Judge George Singal on Monday sentenced Charles Stergios, 21, to more than six years in prison for scams that cheated 321 people out of $421,000. Singal said he imposed a stricter sentence because Stergios had fought efforts to pay back his victims. http://www.usatoday.com/tech/news/2005-04-05-ebay-scammer-sentenced_x.htm - - - - - - - - - - Ericsson hacker sent to Swedish clink paradise A HUNGARIAN hacker who cracked the Swedish mobile telecommunications group Ericsson was sentenced to three years in prison. The 26- year-old defendant, whose name was not revealed by the court, was convicted on charges of industrial espionage and illegal use of secret information, according to the Swedish news agency TT. http://www.theinquirer.net/?article=22337 - - - - - - - - - - Police officer arrested in Internet sting A police officer who worked with young people in Queens was arraigned Saturday on charges he tried to meet and have sex with someone he thought was a 14-year-old boy, the Queens District Attorney's office said. Michael Costello, 39, a youth officer in the 114th Precinct in Queens, was caught in an online sting operation by the NYPD's Internal Affairs Bureau, police and prosecutors said. http://www.newsday.com/news/local/wire/newyork/ny-bc-ny--officerarrested0402apr02,0,6788342.story http://www.wnbc.com/news/4342553/detail.html - - - - - - - - - - International bank HSBC deluged by viruses International bank HSBC is suffering thousands of virus attacks a day, a top executive at the company has revealed. Speaking at the e-Crime Congress in London, Alan Jebson, HSBC's group chief operating officer, said that the bank often received tens of thousands times that figure. "I was interested to hear it was seven attacks a day," Jebson said. "On our worst day last year, we had 100,000 attacks." http://news.zdnet.com/2100-1009_22-5655520.html - - - - - - - - - - MP gets police to investigate BT over rogue dialler scams Police investigating cases where BT customers have been ripped off by rogue dialler software have sent a report to the Crown Prosecution Service (CPS). The investigation hinges on whether punters who've been conned out of hundreds of pounds by rogue dialler operators should pay their BT phone bills. http://www.theregister.co.uk/2005/04/05/bt_rogue_dialler/ - - - - - - - - - - California Senate committee votes to ban online hunting A state Senate committee voted Tuesday to ban what one lawmaker calls ``video target practice using live animals.'' The Natural Resources and Wildlife Committee approved a bill by Sen. Debra Bowen, D-Redondo Beach, that would bar computer- assisted hunting sites in California. It's a response to a Texas ranch that says it is setting up a system that would allow people to shoot at live game via the Internet. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/11317290.htm - - - - - - - - - - Sex.com ruling upheld by Court of Appeals Stephen Cohen has lost an appeal against a ruling that he must pay $65 million to Gary Kremen, the man who registered sex.com, reports USA Today. Cohen stole the domain name in 1995 and used it to front a lucrative porn business. Kremen, of San Francisco, originally registered the name in 1994. But Cohen, an ex-convict, took the name from Kremen the following year by sending a forged letter of transfer to Network Solutions (which subsequently became part of VeriSign). http://www.theregister.co.uk/2005/04/05/sex_dot_com_ruling_upheld/ - - - - - - - - - - Court lets man criticize hair clinic in Web site A man can disparage a hair-restoration company on a Web site using the company's name without violating copyright law, an appeals court ruled Monday. Bosley Medical Institute in Seattle sued former client Michael Kremer after he created a Web site in 2000 in a "bald-faced effort to get even" with the company, the 9th U.S. Circuit Court of Appeals said. http://www.cnn.com/2005/TECH/internet/04/05/copyright.law.ap/index.html - - - - - - - - - - Google and Yahoo! accused of click fraud collusion Google, Yahoo! and other players in the search business have become embroiled in a lawsuit which involves overcharging for pay-per-click online advertising. The Wall Street Journal says that plaintiffs in the US filed a lawsuit in February alleging that Google and Yahoo overcharge advertisers, and also that they collude with each other, to continue overcharging. http://www.theregister.co.uk/2005/04/05/google_and_yahoo_accused_of_click_fraud_collusion/ - - - - - - - - - - Cybercrime hitting the UK hard Latest figures suggest that UK firms' bill for high-tech crime runs into billions of pounds. Electronic crime cost UK companies an estimated PS2.45bn last year, the National Hi-tech Crime Unit (NHTCU) announced on Tuesday. Out of 200 companies surveyed, 178 experienced some form of high-tech crime last year. Of those 178 firms, 90 percent claimed to have had their systems intruded and 89 percent said their data had been stolen. http://news.zdnet.co.uk/internet/security/0,39020375,39193831,00.htm http://www.theregister.co.uk/2005/04/05/ecrime_survey/ http://www.vnunet.com/news/1162306 - - - - - - - - - - Police rail against computer crime "We are seeing an increase in computer crime. More and more lawbreakers are operating in the field to get what they want faster and better," national fraud squad deputy chief Jackie Bray warned yesterday. "Violations include Internet gambling and sting operations that glean personal information from individuals including bank account details, in exchange for the promise of huge sums of money. There are incitement and threats, as well as extensive activity by pedophiles," Bray told a press conference organized by Microsoft to mark Safe Internet Day. http://www.haaretz.com/hasen/spages/561011.html - - - - - - - - - - Web postcards hide Trojan horse programs Social engineering techniques used to trick users into installing remote access programs. Beware of Web postcards bearing greetings. That's the advice from the SANS Institute's Internet Storm Center (ISC), which is warning about e-mail messages that pose as Web postcards, then direct recipients to a Web site that installs a Trojan horse program. http://computerworld.com/securitytopics/security/story/0,10801,100874,00.html - - - - - - - - - - Mobile virus moves to new level A new mobile virus is spreading by pretending to be a returned message from a friend. The Mabir.A virus affects Symbian Series 60 phones and is sufficiently similar to the first mobile phone virus Cabir to make some experts think it has the same author. But rather than just relying on Bluetooth to spread Mabir.A uses incoming messages to spread, making it potentially more virulent. http://www.vnunet.com/news/1162311 - - - - - - - - - - IM threats rising sharply, reports confirm New research has found that IM-borne security threats have increased dramatically in volume since the start of 2005. According to a report issued Tuesday by the IMlogic Threat Center-- an industry consortium led by security software maker IMlogic--the quantity of instant messaging threats increased 250 percent in the first quarter of 2005, compared with the same period last year. http://news.zdnet.com/2100-1009_22-5655267.html - - - - - - - - - - Flaw found in Firefox A flaw has been discovered in the popular open- source browser Firefox that could expose sensitive information stored in memory, Secunia has warned. Firefox versions 1.0.1 and 1.0.2 contain the vulnerability, the security information company said in an advisory on Monday. The flaw stems from an error in the JavaScript engine that can expose arbitrary amounts of heap memory after the end of a JavaScript string. As a result, an exploit may disclose sensitive information in the memory, Secunia said. http://news.zdnet.com/2100-1009_22-5655861.html - - - - - - - - - - Sybase allows release of flaw information Database maker Sybase dropped legal threats against a U.K.-based security company this week, allowing the company to publish details on six flaws on Tuesday. The agreement between Sybase and Next-Generation Security Software comes after a two-week dispute over whether the security firm could publish additional details of six flaws it had found last year in the database maker's products. NGSSoftware had been scheduled to released its detailed advisories on March 22. http://www.securityfocus.com/news/10827 - - - - - - - - - - Windows 2003 SP1 Microsoft's release of Windows 2003 Service Pack 1 last week is loaded with security enhancements, and it's a big step in the right direction. Usually I get to use this space to complain about Microsoft's poor security practices, but not this time -- with last week's release of Windows 2003 Service Pack 1, this time they get praise. After eighteen months of beta testing, Service Pack 1 (SP1) is now publicly available and loaded with security enhancements. I thought I'd mention some of my own favorites here. http://www.securityfocus.com/columnists/312 SP2 Right Where It Should Be http://www.newsfactor.com/story.xhtml?story_title=SP--Right-Where-It-Should-Be&story_id=32315 - - - - - - - - - - Piracy protection costs 'prohibitive' Major players in the mobile industry have taken exception to the licensing costs proposed for the Open Mobile Alliance's DRM standard. The GSM Association (GSMA) the uber mobile phone trade group whose members span Microsoft, BT and Nokia has complained the current piracy protection for mobiles is "unworkable" and will cost them too dear. http://news.zdnet.co.uk/hardware/mobile/0,39020360,39193814,00.htm - - - - - - - - - - OMB proposes ID timetable Office of Management and Budget officials have proposed guidelines and deadlines for federal agencies to issue employee identification cards that meet new federal standards for security and interoperability. Government and industry officials will have about 30 days to comment on and suggest revisions to the proposed guidelines after they appear in the Federal Register this week. http://www.fcw.com/article88499-04-05-05-Web - - - - - - - - - - What Search Sites Know About You For most people who spend a lot of time online, impulsively typing queries into a search engine has become second nature. Got a nasty infection in an embarrassing spot? Look up a treatment on your favorite search site. Obsessing about an ex? Try Googling his or her name. Chances are the queries will unearth some enlightening information. But while search engines are quite up front about sharing their knowledge on topics you enter in the query box, it's not so clear what they know about you. http://www.wired.com/news/privacy/0,1848,67062,00.html - - - - - - - - - - Building a hacker-proof network Scientists see answer in quantum cryptography Cambridge, Mass., not too far from the Charles River, which cuts near Harvard and M.I.T., David Pearson is attempting to build an un- hackable network. Pearson is a division scientist at BBN Technologies, a private research company in Cambridge, Mass., which is most famous for building, in 1969, the first few nodes of a computer network connecting its headquarters to Harvard University and Boston University that over time would evolve into the Internet. Now the firm has built a network it says is impervious to hackers. http://www.msnbc.msn.com/id/7394350/ - - - - - - - - - - Security top reason IT pros consider Linux Security concerns are the main reason IT managers consider switching from Windows to Linux on the desktop - but the cost of migration and compatibility issues remain significant barriers, according to a new study. Concerns about Windows security vulnerabilities and the high cost of keeping Windows secure were named as the top motivations for moving away from Microsoft's ubiquitous operating system in the online survey of nearly 1,700 IT professionals by analyst house Quocirca. http://software.silicon.com/os/0,39024651,39129282,00.htm - - - - - - - - - - Government abandons ID card bill Charles Clarke has vowed to reintroduce the bill after the election if Labour win and has accused its opponents of being weak on crime. The UK government has slammed opposition to the biometric ID card bill after admitting it will be forced to shelve the plans after running out of legislative time in the run up to next month's expected general election. http://news.zdnet.co.uk/business/0,39020645,39193816,00.htm Blair to ditch ID cards http://www.theregister.co.uk/2005/04/05/idcards_ditched/ - - - - - - - - - - Feds uncloak the Patriot Act update More information is dribbling out about the exercise of extraordinary powers granted to federal police nearly four years ago as part of the war on terror. As the Bush administration this week called on Congress to expand the USA Patriot Act, it disclosed how two of the most controversial sections of the law have been wielded by police. http://news.com.com/Feds+uncloak+the+Patriot+Act/2100-1030_3-5655112.html - - - - - - - - - - No Teeth in Toothing Craze Dozens of news organizations, including Wired News, have been duped by pranksters claiming to be practitioners of "toothing" -- anonymous sexual encounters organized through Bluetooth devices. Last year, in a story headlined Brits Going at It Tooth and Nail, Wired News reported that strangers in Britain were meeting up on commuter trains and other public places for clandestine sexual encounters. The liaisons were supposedly organized through messages broadcast via Bluetooth phones and handhelds. http://www.wired.com/news/technology/0,1282,67137,00.html http://www.theregister.co.uk/2005/04/05/bluetooth_sex_hoax/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2005, NewsBits.net, Campbell, CA.