NewsBits for April 6, 2005 ************************************************************ eBay fraudster lands six-year prison term A federal judge in Maine sentenced a man to more than six years in prison for conducting Internet scams on eBay. U.S. District Judge George Singal rejected on Monday a plea bargain from Charles Stergios, 21, because of the man's failure to attempt to make restitution with his victims, according to Assistant U.S. Attorney Halsey Frank, who represented the state of Maine in the case. - - - - - - - - - - Mississippi joins list of colleges leaking data Surfer stumbles on 700 names, Social Security Numbers. Ray was just surfing the Internet looking for information on an old friend. Instead, he found a gold mine for identity thieves -- a Web site full of documents listing hundreds of student names and Social Security Numbers. It was posted right on the University of Mississippi's Web site, there for anyone to see. - - - - - - - - - - Tyndall Airman convicted of possessing child porn An Airman was convicted of possessing child pornography during a recent court-martial here. A military judge sentenced Airman 1st Class Axel Acevedo, a 325th Operations Support Squadron air traffic controller, to five months confinement, reduction to airman basic and a bad conduct discharge. Airman Acevedo said he used an Internet file-sharing program to search for images of young boys, which he then downloaded and burned to a CD. The Airman said he knew the pictures were of real boys younger than 18. He showed the pictures to two other Airmen, one of whom subsequently reported him to the authorities. - - - - - - - - - - Trojan horse takes down smart phones A Trojan horse has been created that causes smart phones to crash, security software maker F-Secure has warned. The Finnish company posted details of the Trojan horse, which they've named Fontal.A, on Wednesday. Fontal.A affects Nokia Series 60 handsets running the Symbian operating system. The advisory did not say whether any infections had been reported. New mobile malware wipes phones - - - - - - - - - - Latest smart phone virus targets Symbian Mabir.A can spread as an MMS message and over Bluetooth, but it's unclear whether the mobile virus is in the wild yet. Symbian is looking into reports of a new mobile phone virus that targets smartphones running its operating system. The worm, dubbed Mabir.A, appears to be a variant of the Cabir virus -- recognised by security experts as the first smartphone virus.,39020375,39194129,00.htm - - - - - - - - - - Security flaw found in Firefox A flaw has been discovered in the popular open-source browser Firefox that potentially could release sensitive information stored in memory, according to a report by security information company Secunia. While the flaw is only rated as "moderately critical," the rapid adoption of the open-source browser may put a growing number of users at risk. Prior to the release of version 1.0, downloads of earlier versions of the browser had reached eight million within the first 18 months.,3800003100,39129316,00.htm - - - - - - - - - - Hacker law change gets 'elevator pitch' in parliament Measures to reform UK hacking law were aired in parliament yesterday. But a lack of mainstream political interest means that changes in the law are unlikely for some time. Derek Wyatt MP, chairman of the All Party Parliamentary Internet Group (APIG), moved a 10 Minute Rule Motion calling for amendments to the Computer Misuse Act (1990) in parliament on Tuesday. Election sparks calls for cybercrime minister,39020375,39194001,00.htm - - - - - - - - - - Internet giants sued over click fraud A Texarkana gift shop that advertises on the Internet has filed a lawsuit against America Online, Google, Yahoo and other Web-centered companies alleging they knowingly overcharged the shop and other companies for "pay per click" advertising. Lane's Gifts and Collectibles says in a Miller County lawsuit that the Internet companies charged it for advertising traffic not generated by bona fide customers. Lane's Gifts hopes to represent numerous other companies in a class-action lawsuit against the Internet companies. - - - - - - - - - - Identity thieves' new ploy: `pharming' First online crooks went ``phishing,'' and now they're getting into ``pharming'' to reap their harvest of potential identity-theft victims. Pharming is a new scam that automatically directs computer users from a legitimate Web site to a fraudulent copy of that site -- without any warning signs. The fraudulent site collects passwords, credit card numbers or other private information for potential misuse. Security experts say such attacks are rare so far but could grow in the coming months in much the same way phishing scams have exploded. Bigger phishes ready to spawn - - - - - - - - - - Homeland Security panel picks controversial chief A federal privacy board on Wednesday appointed a prominent champion of government data-mining as its first chairman. The Department of Homeland Security's privacy board chose as its chairman Paul Rosenzweig, a conservative lawyer best known in technology circles for his defense of the Pentagon's Total Information Awareness project. Bowing to privacy concerns, Congress pulled the plug on the program two years ago. - - - - - - - - - - Schmidt: More cops needed for high-tech beat Howard Schmidt, the former cybersecurity adviser to the White House, has warned that there aren't enough trained police officers in the world to tackle cybercrime effectively. Schmidt, now the chief security strategist at auction site eBay, told delegates at the e-Crime Congress in London on Wednesday that the issue needs to be addressed as high-tech law-breaking becomes more widespread.,39020375,39194007,00.htm - - - - - - - - - - Russian hackers 'the best in the world' Russians who once hacked for fun are now teaming up to get rich through cybercrime, according to police. The Russian police's cybercrime division, known as Department K, has warned that Russian hackers are the best in the world. "Everyone knows that Russians are good at maths," said lieutenant general Boris Miroshnikov of Department K. "Our software writers are the best in the world, that's why our hackers are the best in the world.",39020369,39193999,00.htm - - - - - - - - - - Clarke confirms disappearance, and reappearance, of ID cards Home Secretary Charles Clarke has confirmed that controversial legislation to introduce ID cards has been shelved. But he said the ID card bill would be included in the Labour Party's manifesto, published early next week, and would be an early priority for the next Parliament should Labour win the election. Clarke blamed the Tories for the failure of the bill. He said their lack of support forced him to ditch the bill. The Tories rejected this and pointed out that the government chose how much legislation to include in the Queen's speech as well as the date of the General Election. Clarke pledges to push on with ID cards,39020651,39194132,00.htm - - - - - - - - - - First responders to get biometric IDs About 200,000 first responders in the Washington region will be issued biometric smart card IDs under a new program to be deployed by the Homeland Security Department, in partnership with state and local agencies in the Washington region, Lee Holcomb, DHS chief technology officer, said today. The initiative will involve police, fire and emergency response agencies in the District of Columbia, Virginia, Maryland and Pennsylvania, Holcomb said at a forum on interoperability at the FOSE trade show in Washington. - - - - - - - - - - Texas bill would replace vehicle inspection stickers with RFID tags A Texas legislator has filed a bill that would, in part, call for the state to replace vehicle inspection stickers with radio frequency identification (RFID) tags, otherwise known as transponders. But the idea does not sit well with some privacy experts. The tags would be used by law enforcement to ensure compliance with the state's insurance laws, according to Larry Phillips, the Republican state representative who proposed the bill.,10801,100892,00.html - - - - - - - - - - Defeating Honeypots: System Issues, Part 2 This paper will explain how an attacker typically proceeds in order to attack a honeypot for fun and profit. In part one we compared honeypots to steganography and then looked at three common techniques for virtualizing honeypots. For each of these methods, which included User Mode Linux, VMware environments, and chroot/jail environments, we looked at weaknesses that lead to their detection. - - - - - - - - - - Web bookies demand higher security standards Giving all Internet users decent firewalls would go a long way towards preventing DDoS attacks,says Internet bookmaker Blue Square. Online gambling companies are urging ISPs to do more to prevent hackers disabling computers with distributed denial-of-service (DDoS) attacks. An industry forum made up of the UK's biggest Web gambling firms has been lobbying Internet service providers for several months to provide all their customers with better security.,39020375,39193981,00.htm *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2005,, Campbell, CA.