[iwar] News


From: Fred Cohen
From: fc@all.net
To: iwar@egroups.com

Sun, 21 May 2000 07:19:28 -0700 (PDT)


fc  Sun May 21 07:20:14 2000
Received: from 207.222.214.225
	by localhost with POP3 (fetchmail-5.1.0)
	for fc@localhost (single-drop); Sun, 21 May 2000 07:20:14 -0700 (PDT)
Received: by multi33.netcomi.com for fc
 (with Netcom Interactive pop3d (v1.21.1 1998/05/07) Sun May 21 14:17:23 2000)
X-From_: sentto-279987-372-958918770-fc=all.net@returns.onelist.com  Sun May 21 09:16:44 2000
Received: from hm.egroups.com (hm.egroups.com [208.50.144.92]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id JAA05031 for ; Sun, 21 May 2000 09:16:44 -0500
X-eGroups-Return: sentto-279987-372-958918770-fc=all.net@returns.onelist.com
Received: from [10.1.10.38] by hm.egroups.com with NNFMP; 21 May 2000 14:19:33 -0000
Received: (qmail 2087 invoked from network); 21 May 2000 14:19:30 -0000
Received: from unknown (10.1.10.26) by m4.onelist.org with QMQP; 21 May 2000 14:19:30 -0000
Received: from unknown (HELO all.net) (24.1.84.100) by mta1 with SMTP; 21 May 2000 14:19:28 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id HAA16071 for iwar@onelist.com; Sun, 21 May 2000 07:19:28 -0700
Message-Id: <200005211419.HAA16071@all.net>
To: iwar@egroups.com
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen 
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Sun, 21 May 2000 07:19:28 -0700 (PDT)
Reply-To: iwar@egroups.com
Subject: [iwar] News
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Montreal Teen Guilty In NASA, MIT, Harvard Hacks
A teenage hacker has reportedly pleaded guilty in a Montreal
court to illegally penetrating the computer systems of several
Canadian and foreign institutions, including NASA, Harvard
University and the Massachusetts Institute of Technology,
among others. The Toronto Globe & Mail newspaper reported
that following the surprise plea, the judge served the
maximum sentence of 240 hours of community work plus one
year's probation, restricted use of a computer, and ordered
the defendant to deliver a speech at a local high school
court on the evils of hacking.=20=09
http://www.newsbytes.com/pubNews/00/149257.html

Is Local Hacker Group Accessing ISPs?
GrammerSoft, an alleged underground group of Filipino hackers
who are being implicated in the creation and spread of the Love
Letter Virus, has allegedly hacked into major Internet service
providers (ISPs) on several occasions. In a conversation with
local reporters, Willy Gan, chief technology officer of Mosaic
Communications (MosCom), the country's first commercial ISP,
said that the group had tried to crack the company's system
several times this year. he declined to confirm if the group
was successful.
http://www.currents.net/news/00/05/18/news17.html

"Lets Watch TV" Virus Hoax on the Rampage
IBM has issued a warning about a hoax alert, apparently
originating from IBM itself, that advises about a new virus,
possibly as virulent as the Melissa virus. The hoax message,
which warns PC and Apple Mac users to be on the lookout for
a message entitled "Let's watch TV," first appeared in low
numbers in late March, but appears to have resurfaced in the
wake of the ILOVEYOU virus. IBM said that the message is a
hoax one and should be ignored by recipients. The message
now appears to be circulating widely, Newsbytes understands,
because of heightened worries about worms such as the
ILOVEYOU virus.
http://www.currents.net/news/00/05/18/news2.html

G8 agree to reinforce cooperation on cybercrime
The G8 group of nations, representing the world's leading
industrialized countries and Russia, agreed today to increase
cooperation to fight cybercrime at the conclusion of their Paris
meeting. Co-chaired by Japan and France, the meeting was called
to prepare for a discussion and agreement on cybercrime that will
take place among G8 leaders during their annual meeting this year
in Okinawa in July. Other participants include the U.S., Canada,
the U.K., Italy, Germany and Russia. Prompted by global concern
over the growing threat of cybercrime, including the success of
viruses like "ILOVEYOU" wreaking havoc across the Internet, the
member governments agreed rapidly to extend an existing network
of early warning contact points to cover cases of cybercrime and
to mandate Interpol, the international police network, to supervise
this network.
http://www.idg.com.hk/cw/readstory.asp?aid=3D20000518005

NSC drafts battle plan against cyber crime
If there is one lesson both the government and the private sector
can learn from the world's continuing million-dollar bout with
various strains of the "Love Bug" - as the "I LOVE YOU" virus is
known alternatively - it is that a group of teenage students and
fresh college graduates can pose a threat to a nation's economic
well-being. So said Fidel R. Anonuevo, Jr., head of the National
Security Council's (NSC) sociopolitical cluster, after presenting
the agency's plan for fighting crimes committed through the Internet
and computer-related offenses during the National Information
Technology Committee meeting last Tuesday at the Department of
Education, Culture and Sports headquarters in Pasig City.
http://web.lexis-nexis.com/more/cahners-chicago/11407/5856401/2

Group calls privacy protection measures ineffective
Web surfers who believe they have taken adequate precautions
to protect their personal data online may be in for a rude
awakening, according to new privacy reports showing that
preferences for high security frequently revert to low
security without notice. Privacy consultants Interhack this
week illustrated the point through an obscure privacy glitch
they say affects certain versions of Netscape Communications'
Web browser. According to Interhack, a Netscape security
feature could potentially expose people to online snooping
by overriding "opt out" preferences that block Web sites
from gathering data.
http://news.cnet.com/news/0-1005-200-1891902.html

Slashdot struck by denial-of-service attacks
Slashdot.org, the "news for nerds" Web site popular among
Linux fans, fell victim to a series of hacker attacks for
three days last week. The site was taken down intermittently
by a series of distributed denial-of-service (DDoS) attacks
Thursday, Friday and Saturday, Slashdot founder Rob Malda
said today. The attacks were similar to those that crippled
Yahoo, eBay, E*Trade, Amazon.com, the FBI and other sites
in February.
http://news.cnet.com/news/0-1003-200-1889595.html

'America's Most Wanted' site said DoS'ed after cyber-crime broadcast
America's Most Wanted host John Walsh urged his viewers on
Saturday night to help "take down" those responsible for
the distributed denial of service (DDoS) attacks which
briefly crippled numerous high-profile Web sites back in
February. The low-brow crime-busters show from Fox Television
draws a large audience with its melodramatic and bloody
crime re-enactments and psychobabbling criminal profiles.
This weekend's show included a typically overblown segment
on cyber terrorism, during which Walsh fretted about
fifteen-year-old DDoS suspect Mafiaboy while treating viewers
to images of violently flattened buildings and a tank firing
its gun in a (presumably Middle-Eastern) desert. "Tonight
let's take down some cyber terrorists," Walsh urged, and gave
an account of the devastating ruin caused by the DDoS attacks.
http://www.theregister.co.uk/000516-000004.html

ANOTHER VIRUS TIED TO `LOVE BUG' SUSPECT
A young computer graduate who insists he had nothing to do
with the "Love Bug" virus appears to have created a similar
virus seized from the home of another potential suspect,
authorities said Tuesday. The second virus was found on a
computer disk from the apartment of computer student
Onel de Guzman, who has acknowledged he may have released
the "ILOVEYOU" program. If so, he says, it was an accident.
http://chicagotribune.com/news/nationworld/article/0,2669,SAV-0005170225,FF.html

Man Admits Stealing Military Credit Accounts
A New Jersey man has admitted to a scheme in which he used
personal information gleaned from the Internet to create
hundreds of fake credit card accounts in the names of the
nation's highest-ranking military officers. Lamar Christian,
32, of Trenton, N.J., pleaded guilty in U.S. District Court
on Tuesday to one count of conspiracy to commit bank fraud.
Federal prosecutors say Christian created 331 fake credit
accounts and used them to buy $161,000 worth of computers
and jewelry online.
http://www.apbnews.com/newscenter/internetcrime/2000/05/17/creditcard0517_01.html

Computer crimes on the rise in Russia, police official says
The number of computer-related crimes continues to rise in
Russia, with more than 200 cases of hacking reported in the
three months of the year, a news agency quoted a top police
official as saying Wednesday. More computer crimes were
recorded in the period from January through March than in
all of 1999, said Vitaly Degterev, first deputy chief of
the Interior Ministry's department on high-tech crimes,
the ITAR-Tass news agency reported. In 1998, there were
only 80 reported, Degterev said. Victims are often reluctant
to report such crimes, fearing damage to their business
reputation, Degeterev was quoted as saying.
http://cnn.com/2000/TECH/computing/05/17/russia.hackers.ap/index.html

Teens Swipe $20,000 in ATM Scam
Four teenage boys stole close to $20,000 by hanging out near
a cash machine in the food court of a local mall and watching
shoppers enter their personal identification numbers, police
said today. The boys, ages 14 to 17, memorized the bank card
codes people entered, then used the numbers after shoppers
walked away from the machine before ending their transactions,
leaving their accounts open for another withdrawal, police said.
During the few seconds when the machine queried the user for
another transaction, the boys were hitting "yes" and re-entering
the codes to withdraw more cash, said Lt. Paul Kennedy of the
Providence Police Department's Youth Services Bureau.
http://www.apbnews.com/newscenter/breakingnews/2000/05/17/atmtheft0517_01.html

Bill Clinton associates Love Bug with terrorism
Commander-in-Chief Bill Clinton fretted about cyber-security
during a US Coast Guard Academy commencement speech which he
delivered in Connecticut today. "I have requested now some
$9 billion for counter-terrorism funding in the 2001 budget.
That's 40 percent more than three years ago," the President
boasted, and then solicited support to add $300 million on
top of it. "To protect America from cyber-crime and cyber
terrorism, we have developed a national plan for cyber
security, with both public and private sector brains putting
it together. We're asking for increased funding to implement
this plan to protect our vital networks. That's something else
I hope you will support."
http://www.theregister.co.uk/000517-000031.html

Feds: No warrants for Net wiretaps
In a case with broad implications for communications technology,
lawyers for the Justice Department and a coalition of
telecommunications and privacy groups square off in federal
court Wednesday to argue whether the FBI should be allowed
to intercept Internet communications and pinpoint the locations
of cellular phone users without first obtaining a search warrant.
At issue in the proceedings before the U.S. Court of Appeals in
Washington are rules issued last year by the Federal Communication
Commission spelling out how telecommunications providers will be
required to comply with the Communications Assistance for Law
Enforcement Act (CALEA), passed by Congress in 1994.
http://www.zdnet.com/zdnn/stories/news/0,4586,2570897,00.html

Pa. Eyes Warning Labels for Cyber-Smut Spam
In an effort to shield children from adult material online,
state lawmakers are close to approving a bill that would
require sexually oriented e-mail to be labeled. Sponsored
by state Sen. Melissa Hart, R-Allegheny, the bill already
has passed the House and Senate with no opposition. The
measure now goes back to the Senate for a final vote after
some last-minute changes.
http://www.apbnews.com/newscenter/internetcrime/2000/05/17/sexemail0517_01.html

Hackers get backdoor access
Governments are searching for ways to stop cyber-criminals
at the same time as the US is adopting laws that will make
it easier for malicious hackers to remotely disable software,
say security experts. In the wake of the havoc caused by the
Love Bug virus, leading industrial nations are debating how
best to tackle the rising tide of computer crime at a G8
conference in Paris. But their efforts could be undone by a
law being adopted by US states which allows software makers
to put backdoors into programs so they can be remotely disabled.
http://news.bbc.co.uk/hi/english/sci/tech/newsid_752000/752180.stm

Microsoft's 'Clippy' a security nightmare?
So much for the friendly assistant. That's the hard lesson
learned after last week's discovery of a security hole that
subverts the powerful functions of Microsoft Office Assistant.
The hole, which allows an attacker to write a script that can
do anything once on a user's computer, gets activated by
clicking on a Web page or HTML-enabled e-mail. The script can
then add or delete files. "Because its abilities are marked
'safe for scripting,' anything is possible," said the security
researcher that found the hole, a hacker known as "Dildog" who
works for the security firm @Stake Inc.
http://www.zdnet.com/filters/printerfriendly/0,6061,2570727-2,00.html

Microsoft IE browser bug bites the Mac
Microsoft's browser bug team is working to patch an Internet
Explorer glitch that afflicts Apple Macintosh computers running
the latest iteration of IE. The bug, which can expose private
files and, in some circumstances, grant unauthorized access to
sites on a company's intranet, first cropped up in late 1997.
Microsoft patched it then, only to reintroduce the bug with
the release of IE 5.
http://news.cnet.com/news/0-1005-200-1888031.html

First British companies report NewLove virus
Two UK companies have been hit by a new, much nastier version
of the LoveBug dubbed NewLove, according to anti-virus firm,
Symantec Aled Miles, managing director of Symantec Europe says
the level of damage caused by the NewLove virus to these companies
is unclear although he warns that this virus is vicious. "This
virus has the capability to spread very fast," says Miles. "It
has the power to proliferate and we'll keep a close eye on it."
So far, however, the virus has not been reported in anything like
the volume of the original ILoveYou virus, although most anti-virus
experts are classifying the risk as very high.
http://www.zdnet.co.uk/news/2000/19/ns-15473.html

Fake IDs Flourish on Internet
Alarmed at the availability of highly sophisticated fake
identification on the Internet, Sen. Susan Collins, R-Maine,
the chairman of the Senate Permanent Subcommittee on
Investigations, today called for a crackdown on those who
produce the IDs and stiffer penalties to deter such activities.
http://www.apbnews.com/newscenter/internetcrime/2000/05/19/id0519_01.html
http://www.mercurycenter.com/svtech/news/breaking/merc/docs/085735.htm
http://www.newsbytes.com/pubNews/00/149363.html

Techies wage war on copyright cartels
Cyber-rights advocates, open-source evangelists and even
librarians met at Stanford Law School on Thursday in an attempt
to limit the effectiveness of the Digital Millennium Copyright
Act of 1998 -- a piece of legislation that gives music producers,
Hollywood studios and software companies unprecedented powers
over the use of copyrighted works. "American copyright law is
supposed to encourage creativity, but what we are seeing --
200 years later -- is a situation where the law discourages the
creative process," Siva Vaidhyanathan, a faculty fellow in the
School of Culture and Communications at New York University,
said at a press conference before a meeting whose outcome could
handcuff the law.
http://www.zdnet.com/zdnn/stories/news/0,4586,2572409,00.html

China's Ministry of Public Security has toughened
regulations against computer viruses, mandating fines of
up to $3,600 and up to five years imprisonment for those
who author and distribute malignant viruses.
http://www.mercurycenter.com/svtech/news/breaking/merc/docs/046220.htm

ADSL to give firms security headache
BT confirmed last week that its broadband ADSL service will
give users a fixed IP address, exposing home users to possible
attack from crackers The decision means that BT's Openworld
ADSL service, due in July, will pose a security headache for
IT managers who will have to monitor the security on any
connected PCs that staff own and use at home. During trials
of the ADSL service BT (quote: BT) used network address
translation (NAT) to keep users' addresses hidden from the
Internet -- but this prevented users from running public Web
sites and taking part in two-way activities such as gaming.
Fixed public IP addresses will overcome this problem, but at
the expense of security.
http://www.zdnet.co.uk/news/2000/19/ns-15489.html

Sony offers tighter data security with fingerprint scanner
Sony today announced a new fingerprint authentication device
designed to trump passwords and other less advanced forms of
security. Sony's FIU-700 is a credit card-sized device that
verifies the user's fingerprints to allow access to networks,
computers or individual applications. The add-on device can be
connected to a computer via the USB port and works with either
Windows 98 or Windows 2000.
http://news.cnet.com/news/0-1006-200-1900719.html

------------------------------------------------------------------------
GET WHO WANTS TO BE A MILLIONAIRE FREE!  GET THE OFFICIAL COMPANION 
TO TELEVISION'S HOTTEST GAME SHOW PHENOMENON PLUS 5 MORE BOOKS FOR 
$2.  Click for details.
http://click.egroups.com/1/3014/7/_/595019/_/958918770/
------------------------------------------------------------------------

------------------
http://all.net/