Shuttle launch date slips further
Kelly Young writes for NewScientist:
Space shuttle Discovery will have to wait until at least late next week to get off the ground as NASA attempts to find the cause of the fuel sensor problem that delayed launch on Wednesday.
Shuttle managers declined to give a firm target date for launch. But they did say they could attempt to lift off four days after the problem is fixed.
However, it is not yet clear what caused one of four hydrogen fuel sensors to give a false reading on Wednesday. Suspects include the sensors themselves, which lie at the base of the giant external fuel tank, and an electronics box and cables in the orbiter.
Discovery will stay on its launch pad for now as technicians continue to search for the source of the trouble. On Friday, workers drained the shuttle's rear compartment of liquid hydrogen and oxygen. Then they got into the back of the shuttle to look for glitches in the electronics that send data from the sensors to onboard computers.
Fingerprint Scanning At Disney Parks Causes Concern
Chalk another one up for Big Brother and the terrorists.
And thanks to a post over on /. for bringing our attention to this atrocity.
Local6.com of Central Florida reports that:
The addition of finger scanning technology at the entrances of Walt Disney World theme parks for all visitors has caused concern among privacy advocates, according to a Local 6 News report.
Tourists visiting Disney theme parks in Central Florida must now provide their index and middle fingers to be scanned before entering the front gates.
NYPD Launches Tech Center To Tighten The Net On Criminals
Larry Greenemeier writes in InformationWeek:
The New York City Police Department is turning to technology to help its detectives more efficiently chase down leads and solve crimes. The department's $11 million Real Time Crime Center, which debuts Monday at a facility adjacent to the NYPD's Emergency Operations Center in lower Manhattan, is expected to make access to information contained in millions of local, state, and national records available to the city's 4,000 crime investigators on the move via their cell phones and pagers.
The center "will become the new tech nerve center for the NYPD," New York City Mayor Michael Bloomberg said at a Thursday press conference. "Information available from the Real Time Crime Center will be comprehensive, highly relevant, instantaneous, and will transform the way we solve crimes." The mayor, who's running for re-election in the fall, added that the center isn't a "panacea" but will help save time during criminal investigations.
IPv6 push doesn't have much pull in U.S
Mike DeMaria (Network Computing) writes in EE Times:
Federal agencies and Congress are pushing for it. The major economic forces in Asia and the Pacific Rim are mandating it. And in the last month or so, the IT industry has seen more stumping for IPv6 adoption than we saw in the previous decade of the protocol's existence. But will all this hoopla speed the near-term implementation of IPv6 in the United States? Probably not.
In recent years, China, India, Japan and South Korea all have advanced plans for making IPv6 their national standard, and they've set aside substantial budgets to do it. The attitude isn't surprising--these countries are most in need of the additional addresses IPv6 provides. With the money and the incentive behind them, these Asian nations are likely to deploy the next-generation IP before most organizations in the United States do.
Scams worries delay non-English Net domains
An AP newswire article, via MSNBC, reports:
Concerns about "phishing" e-mail scams will likely delay the expansion of domain names beyond non-English characters, the chairman of the Internet's key oversight agency said Friday.
Vint Cerf, head of the Internet Corporation for Assigned Names and Numbers, would not speculate on when such characters might appear but said Internet engineers must now spend time "trying to winnow down, frankly, the number of character (sets) that are allowed to be registered."
Demand for non-English domain names is high outside the United States and a U.N. panel studying Internet governance said in a report Thursday that "insufficient progress has been made toward multilingualization." It cited the lack of international coordination and technical hurdles as among the problems.
Researcher Says Windows XP SP2 Has DoS Bug
Via TechWeb News.
Microsoft Windows XP SP2 has a bug in its kernel that could let attackers bring down the machine with a denial-of-service (DoS) attack, vulnerability tracker Secunia said Friday.
"Microsoft is currently investigating public reports of a possible vulnerability in Windows," a spokesman said Friday afternoon. "We have not been made aware of attacks that try to use the reported vulnerability, or of [any] customer impact."
Cisco Security Advisory: Cisco CSA Vulnerable to Crafted IP Attack
Via the Cisco website.
Cisco Security Agent (CSA) is a network security software agent that provides threat protection for server and desktop computing systems.
A malicious attacker may be able to send a crafted IP packet to a Windows workstation or server running CSA 4.5 which may cause the device to halt and/or reload.
Repeated exploitation will create a sustained DoS (denial of service).
Cisco has made free software available to address this vulnerability.
This vulnerability is documented in the Cisco Bug Toolkit as Bug ID CSCsa85175
Cisco CSA version 4.5 when running on any Microsoft Windows platforms except Windows XP.
The following products are confirmed not vulnerable:
- Cisco CSA 4.0 and earlier
- Cisco CSA while running on Solaris
- Cisco CSA while running on Linux
- Cisco CSA while running on Windows XP
Freekin' %&(#$ bots!.....
I didn't find much of an opportunity to review tech news tidbits and post to the blog this afternoon because I was busy helping to identify, disable, and disinfect a few servers of an Agobot infection in a client network.
What a pain in the ass...
Having said that, I'd really like to hear from anyone who might have $.02 to pitch in on how they might have handled this type of issue before, what they used to detect it/them, etc.
The servers that were infected were probably compromised because of outdated security patches (Microsoft) and did not show any overt indications of suspicous activity (LSASS scanning of hosts, RPC buffer overflows, etc.) than usual day-to-day network errors. And on top of that, the latest installed antivirus signatures (McAfee provided a new .dat signature update earlier this afternoon which did identify the culprit executable) didn't catch the infected exectuable runnning on the servers.
The infected exectuable was "wnpsm.exe" and www.virustotal.com provided this summary report:
Date: 07/15/2005 19:15:37 (CET)
AntiVir 126.96.36.199/20050715 found [Worm/Agobot.PD]
AVG 718/20050715 found nothing
Avira 188.8.131.52/20050715 found [Worm/Agobot.PD]
BitDefender 7.0/20050715 found [Backdoor.SDBot.7E9551EC]
CAT-QuickHeal 7.03/20050715 found [(Suspicious) - DNAScan]
ClamAV devel-20050501/20050714 found nothing
DrWeb 4.32b/20050715 found [Win32.HLLW.Agobot]
eTrust-Iris 184.108.40.206/20050714 found nothing
eTrust-Vet 220.127.116.11/20050715 found nothing
Fortinet 18.104.22.168/20050715 found [W32/AgoBot.ATZ-bdr]
F-Prot 3.16c/20050715 found nothing
Ikarus 2.32/20050715 found [Backdoor.Win32.Agobot.HM]
Kaspersky 22.214.171.124/20050715 found [Backdoor.Win32.Agobot.gen]
McAfee 4535/20050714 found nothing
NOD32v2 1.1170/20050715 found [probably unknown WIN32 virus]
Norman 5.70.10/20050714 found nothing
Panda 8.02.00/20050715 found [W32/Gaobot.gen.worm]
Sybari 7.5.1314/20050715 found [Backdoor.Win32.Agobot.gen]
Symantec 8.0/20050714 found nothing
TheHacker 5.8.2.071/20050715 found nothing
VBA32 3.10.4/20050715 found nothing
I have the ASCII strings of the output of this binary, which I would generally not think anything of posting here--but it's, like, 50 pages in length. ;-)
Here's a couple of troubling lines, though:
00404260 ASCII "CCmdExecutor"
0040495B ASCII "CDownloadHelper"
00405B9E ASCII "%d"
00405BF3 ASCII "***ATTENTION*** NortonBot is protected under
international copyright laws. Any attempt to dissassemble or alter this file is
a violation of international copyright law. NortonBot is NOT intended to be a
virus or trojan."
00405C06 ASCII "Bot - File Transfer Port"
00405C17 ASCII "bot_ftrans_port"
00405C35 ASCII "Bot - File Transfer Port for FTP"
00405C46 ASCII "bot_ftrans_port_ftp"
Look forward to hearing any war storys.- ferg
Jesus Christ, a flim flam artist?
Ben Charny writes in the C|Net News Esoterica Blog:
If you have an e-mail account, you know the scam. A government official is deposed, dead or otherwise incapacitated. He, she or a relative needs your help getting millions of dollars out of their homeland. The only thing you need do is provide several thousands of dollars to secure the money transfer. As dumb as it sounds, it works to the tune of millions of dollars suckered each year.
The latest iteration is aimed at born again Christians. "Dear beloved in Christ," writes Mrs. Maureen Clarks. Her husband, she explains, was "slain to death" in Iraq, and she needs your help getting his considerable wealth out of the country to donate to victims of the tsunami. Worried about sending your bank account information to a stranger? No need, Clarks writes. "Sometimes it's hard to put your trust in things you can't see, or touch, or hear. But, with a God like ours, you don't have to."
Still worried? "Jesus showed us the power of God's peaceful center even in the midst of our tribulations when he said PEACE I LEAVE WITH YOU; My peace I give you... Do not let your hearts be troubled and do not be afraid," Clarks writes.
Some people will fall for this. Don't be one of them.
Cisco sets age limit for board members, Morgridge to retire in 2006
Marguerite Reardon writes in C|Net News:
Cisco Systems, the largest maker of networking equipment in the world, has set a maximum age limit for members on its board of directors, the company said Friday.
The new policy bars people 70 and older from being nominated or renominated for election to the board. This means that the current chairman, John P. Morgridge, 71, will retire from the board in November 2006, when his term is completed.
Morgridge joined Cisco in 1988 as president and CEO. He served in that position until early 1995, when John Chambers became president and chief executive. At that point, Morgridge took on the role of chairman.
During his years as chief executive, Morgridge grew Cisco's annual sales from $5 million to over $1.2 billion and led the company toward its 1990 initial public offering.
Yahoo!, UC Berkeley team on research
Dawn Kawamoto writes in C|Net News:
Yahoo announced Friday that it has established a research lab with the University of California at Berkeley. Yahoo Research Labs-Berkeley will begin operations in August and concentrate on new technologies for search, social and mobile media. Marc Davis, UC Berkeley professor of information management and systems, will head the new lab.
Yahoo is seeking to use the Berkeley lab to leverage its efforts in building the next generation of search applications and technologies to aid users in finding, using and sharing information, regardless of where they are logged onto the Internet.
Dell refutes spyware charge
John Leyden writes in The Register:
Dell has rejected allegations that its PCs come pre-loaded with an intrusive application that spies on users' surfing habits. The equipment manufacturer said there was nothing untoward about My Way Search Assistant despite complaints from customers that the toolbar impares computer performance, changes browser settings and is difficult to remove.
The inclusion of My Way on Dell's Dimension desktop and Inspiron notebooks has prompted complaints to Dell's support pages, numerous gripes in online bulletin boards and even an accusation that the package is spyware. The latter accusation greatly overstates other assessments of the nuisance level posed by the application.
Anti-spyware firm Sunbelt Software defines My Way components as a "potential privacy risk" that pose a moderate threat to users.
60 years of the atomic age and Xeni Jardin at Simnuke
Xeni says on Boing Boing:
I'm on the road, headed to a (double super secret) remote site in the Nevada Desert for Simnuke -- a sci-tech-art-protest event commemorating 60 years of the atomic age. On July 16, 1945, the first nuclear bomb was detonated, marking the successful culmination of the Manhattan project. At dawn tomorrow, about 100 people will witness an explosion crafted to resemble a nuke mushroom cloud (but comprised of biodiesel, and of course many times less powerful/destructive). Details here, read more about Trinity and Manhattan project. Flickr pool for live pics here. Daniel Terdiman's Wired piece is here. I'll be filing a report about the event for NPR "Day to Day", and will post blog updates here at BoingBoing as connectivity permits.
Just What Is Identity Theft?
Jennifer Bosavage writes in InternetWeek:
Poor Bernie Ebbers. The former chairman of WorldCom should have just hacked into the accounts of his employees and investors. Chances are he would have received a lighter sentence than the 25-year one he received on Wednesday; that is, if he'd ever been caught. The fraud he did perpetrate was a huge, intricate orchestration that bilked innocent people out of $11 billion. The public is, and should be, appalled by the arrogance of such a criminal. Let's hope that the prosecutors and the jurors take a similarly dim view of hacker Scott Levine.
If you don't know, Levine is the former CEO of Snipermail, who not incidentally, is accused of stealing information from Acxiom, one of the world's largest database companies. And it's not just a little information he swiped from Acxiom: It's 8.2 gigabytes worth. Things like names, home addresses, bank and credit card information and email addresses. In fact, he faces 144 counts on what could be one of the largest computer crimes to date.
Interestingly, Levine has not been charged with identity theft crimes but did sell the information to a marketing company. But follow me here: It's a bit tough to swallow that a count of identity theft could not be charged against him, if there is evidence he may have stolen information regarding people's identities. It seems the actual appropriating of the information is not at issue; it's what one does with the information after taking it. If one hacks into a database and steals your personal info, but does not, say, go on a cruise impersonating you, the thief may be charged with unauthorized access of a protected computer, conspiracy, access device fraud (as was Levine), but not with identity theft. (Which is, in my mind, the one thing it seems clear the thief did do.) That is crazy. If you hack into a database, that's a crime, just as surely as stealing someone else's information and selling it to someone else is. And it's of little concern what the sellers' or buyers' intentions may be.
Man charged with selling endangered species on Net
Via The Globe and Mail.
A Toronto man has been charged with allegedly selling endangered species on the Internet.
Environment Canada's Wildlife Service says animals and parts were up for sale on an auction website between October, 2002, and May, 2005. The animals included an African elephant, sperm whale, walrus and long-eared owls.
Mark Gleberzon, 36, faces 44 counts under the Wild Animal Plant Protection and Regulation of International and Interprovincial Trade Act. If convicted, he faces fines of up to $150,000 per count and up to five years imprisonment.
Mr. Gleberzon was arrested in May by U.S. officials in New York. He is accused of similar offences in the United States.
British jobs being shipped to Ind… America…?
Aaron McKenna writes in The Register:
It’s not often you hear about British workers being having their jobs sent to California, but handheld maker Gizmondo and parent company Tiger Telematics have done just that.
The company announced last week that it will open an LA-based office to lead the charge for the upcoming US release of its gaming/communications device. At the same time, it said it will “streamline” its UK operation.
China Outage May Involve Cisco
Thanks to Om Malik for pointing out this article over on Light Reading, by Craig Matsumoto:
A recent China Network Communications Group Corp. (China Netcom) outage is being traced to a Cisco Systems Inc. router, according to news reports in Beijing papers, but no blame as officially been pointed Cisco's way.
The July 12 afternoon outage cut Internet access for 200,000 subscribers of Beijing Netcom, a China Netcom subsidiary, according to reports. Beijing Netcom serves more than 2 million subscribers.
The People's Daily Online notes that a "responsible official" yesterday pinned the outage on a router rather than on human error. But China Netcom has made no formal statement saying Cisco's equipment was at fault.
"There is no statement from China Netcom assigning and no statement from Cisco accepting blame for it," a Cisco spokesman says. "The talk that it's all due to a Cisco router is hearsay." The spokesman adds that the outage lasted about 20 minutes; reports from China say it took an hour for Internet connectivity to return to normal.
Cisco and China Netcom are investigating the cause of the outage, the spokesman says.
Disney ex-dissident to shut down Web site
A Reuters newswire article, via Yahoo! News, reports that:
Former dissident shareholder Roy Disney, who led a revolt against the Walt Disney Co management last year, said on Thursday he will shut down his Web site, savedisney.com, days after striking a truce with the company.
Roy Disney and partner Stanley Gold used the site to criticize the entertainment giant's leadership after they left the board in late 2003. But the two men and the management agreed to work together to better the company last week.
The site would be dismantled on Aug. 7, Roy Disney said.
Last Chance to Stop Renewal of the USA PATRIOT Act!
Via The EFF.
Congress will vote any day now on new legislation that would renew parts of the USA PATRIOT Act scheduled to expire or "sunset" at the end of the year, while possibly handing the FBI even more unchecked power to snoop on your mail and private records, including logs of your Internet activities.
PATRIOT's notorious Section 215 allows intelligence investigators to demand private records about citizens who aren't suspected of spying or terrorism, including medical, financial, and library records, while other parts of PATRIOT radically expanded the government's power to subpoena records or conduct wiretaps to see what you're doing online.
The current PATRIOT bills could make these and a host of other highly controversial provisions permanent. Some in the Senate want to go even further, and allow the FBI to secretly demand any and all types of records without a judge's permission, using new do-it-yourself "administrative subpoenas." Meanwhile, the sensible checks and balances proposed in the Security and Freedom Ensured Act (SAFE), an alternative PATRIOT reform bill, have yet to be seriously considered.
Don't let Congress defy the bipartisan will of the hundreds of local communities that have passed resolutions opposing the PATRIOT Act. Contact your legislators today and tell them to vote against PATRIOT renewal and for PATRIOT reform!
Stop by the EFF website and send their ready-made form letter to your elected congresscritters!
Glitches hit Vonage voice mail
Ben Charny writes in C|Net News:
Some of Vonage's customers haven't been able get to their voice mail via the Internet telephony provider's Web site since Wednesday. "We're having voice mail issues right now," a Vonage spokeswoman wrote in an e-mail Thursday. According to postings in a Vonage chat room, people attempting to get voice mail through Vonage's site got the message: "Customers may be experiencing an intermittent issue with logging into your Web account."
With more than 750,000 subscribers, Vonage is among the largest commercial providers of voice over Internet Protocol, which is software that allows Internet connections to double as inexpensive home phone lines.
Update: UN panel fails to agree on how to govern Internet
A Reuters newswire article by Irwin Arieff, via Yahoo! News, reports that:
A group set up by the United Nations to come up with a global plan for managing the Internet said on Thursday that it has been unable to agree on who should do the job or how it should be done.
The Working Group on Internet Governance instead came up with four rival models for overseeing the Web and sorting out technical and public policy questions.
In a report to be submitted to the World Summit on the Information Society in Tunis in November, the group also proposed creation of a permanent forum to carry on the debate.
To understand the problem, "you must recognize that the Internet was set up largely by academicians for limited use, but has grown beyond anyone's wildest expectations, with nearly one billion users today," Markus Kummer, the working group's executive coordinator, said in a telephone interview.
Update: An AP newswire article entitled "U.N. Panel Presents 4 Internet Options" also available here.
Flaws in BT chat sites expose users
Via The Register.
A third party website allowing unrestricted access to Oceanfree and IOL chat sites could enable visitors to view the IP address and domain names of the sites' 'chatters.'
Through the use of a third party website, industry experts have discovered a method for logging into BT Ireland's Oceanfree or IOL chat sites without registering on the system, giving them the ability to impersonate other visitors to the site. What's more, experts have found a vulnerability on the BT Ireland chat sites which reveal not only the IP addresses of other active visitors, but also host names which could be used to pinpoint the physical location of certain visitors.
Responding to questions about the vulnerability of the system, a spokesperson from BT Ireland said efforts would be made to repair the defect. However if a solution cannot be found, "we will need to review the chat servers as a viable entity," the spokesperson told ElectricNews.Net.
OMB seeks R&D on supercomputing, cybersecurity
Aliya Sternstein writes in FCW.com:
The Bush administration’s memo on fiscal 2007 federal research and development priorities tags high-end computing and cybersecurity R&D but hints at continued penny-pinching, policy analysts said this week.
"Agencies may propose new, high-priority activities, but these requests should identify potential offsets by elimination or reductions in less effective or lower priority programs or programs where federal involvement is no longer needed or appropriate," officials from the administration’s Office of Science and Technology Policy (OSTP) and the Office of Management and Budget jointly state in the July 8 memo.
"It's disappointing to see that the memo implies another year of flat budgets, or worse, for R&D," said Peter Harsha, director of government affairs at the Computing Research Association.
The guidance this year – and last year -- states that supercomputing should receive special attention in agency budget requests.
E-mail errors leave Harry Potter fans fuming
A Reuters newswire article, via MSNBC, reports that:
Customers who preordered the eagerly anticipated sixth installment of the "Harry Potter" saga on Amazon.com and walmart.com were in for a shock this week when the retailers mistakenly e-mailed them to say their books might arrive later than expected.
Wal-Mart Stores Inc. rushed to calm shoppers' worries and put a recorded message on walmart.com's toll-free customer service number assuring customers that the books would arrive on July 16 as promised.
Amazon.com e-mailed customers to say its notice that books might be delayed "was sent to you in error."
Attackers Could Eavesdrop On Cisco-Routed VoIP Calls?
Via TechWeb News.
Flaws in Cisco's voice-over-Internet (VoIP) software could allow an attacker to bring down the alternative-to-traditional-telephone service, or access the server that initiates and routes Web-based calls, an Atlanta-based security firm said.
According to alerts posted online by Internet Security Systems' (ISS) X-Force research team, Cisco's CallManager sports a pair of bugs that could be "reliably exploited" by hackers. The potential result: at best a denial-of-service style crash, at worst, a situation where the attacker could redirect calls at will or even eavesdrop on conversations.
By sending specially-crafted packets to Cisco CallManager, an attacker could create a heap overflow and crash the system or gain access. ISS said that an exploit wouldn't need any help from a user, pushing the threat into a more dangerous category.
IBM officially kills OS/2
Jock McFrock the bekilted Engineer writes over on The Inquirer:
Big Blue has hammered the final nails into OS/2's coffin. It said that all sales of OS/2 will end on the 23rd of December this year, and support for the pre-emptive multitasking operating system will end on the 31st December 2006.
Not bad, it lived 20 years - but no one could ever say it had a peaceful childhood. From the days of OS/2 Presentation Manager through its switch to Warp, the OS was always be-devilled by Microsoft, which seemed to have its own agenda.
It looks like it's gone then, unless OS/2 is a bit like a corpse in an Edgar Allen Poe novel, and it's being buried while it's still alive. And it will wake up screaming in its coffin shouting "Warp! Warp!".
Australian man, ISP found guilty of piracy
Steven Deare writes in C|Net News:
Major record labels in Australia have won a legal battle against a man and his ISP for alleged music piracy.
Stephen Cooper, operator of a Web site called MP3s4free.net, was found guilty Thursday of copyright infringement by Australia Federal Court Justice Brian Tamberlin.
Although Cooper didn't host pirated recordings per se, the court found the resident of the state of Queensland breached the law by creating hyperlinks to sites that had infringing sound recordings.
This is the first such judgment against hyperlinking in Australia.
ICANN, VeriSign Will Consider Changes on .net Agreement
ICANN and VeriSign will consider changes to the new .net registry agreement in response to a mass protest by major domain name registrars, who said the deal represented a "breach of trust" between ICANN and the registrar community. In response to a joint protest by more than 30 registrars at a Luxembourg meeting, ICANN chairman Vint Cerf announced today that VeriSign and ICANN will re-examine a provision in the agreement that lifts restrictions on the price VeriSign can charge registrars for each .net domain they sell.
"In light of the comments and the concerns from the community, VeriSign is willing to discuss reworking the fee cap provision," wrote Tim Ruiz of Go Daddy in an update to registrars. With the announcement, ICANN and VeriSign have committed to further discussions, with no guarantee of changes at this time. But the reopening of negotiations was seen as a step forward by registrars, who were concerned that changes in the fee structure in the .net agreement could set a precedent for the renewal of the .com registry, also maintained by VeriSign. But the registrars' primary grievance was that the lifting of the price cap was negotiated privately, and never mentioned in published drafts of the agreement.
Big Brother Could Be Tracking You
An article by Gregory M. Lamb of The Christian Science Monitor (of all places), via CBS Technology News, reports that:
Most of us know where we are on planet Earth — or close enough to make do. But sometimes we travel on business or for pleasure and suddenly wonder: Where am I? Or maybe we might want to know the location of a spouse, teenager, or pet.
More and more, GPS — the global positioning system — is coming to the rescue. But the satellite-based system has one big drawback: Its signals can't reach inside buildings or down into the skyscraper-lined streets of major cities, where millions of people live or work.
The result? One of the era's breakthrough technologies — tracking the location of everything from packages to cell phone users in distress — remains impractical to much of the population. Now that appears likely to change.
Racing to fill in the gaps where GPS can't reach, companies are experimenting with various wireless technologies. Solutions can't come too soon. The federal government has charged mobile-phone companies, even the ones that are Internet-based, to make their phones capable of being located when a user dials 911 for help.
Austin group complains of hack attack
Asher Price writes in The Austin American-Statesman (obnoxious, but free, registration required):
In the 1992 movie "Sneakers," Martin Bishop and his crackerjack hacking partner Cosmo infiltrate the Federal Reserve mainframe in 1969 and orchestrate a $25,000 donation from the Republican Party to the Black Panthers, as well as a generous contribution from Richard Nixon to the National Association to Legalize Marijuana.
The plot seemed far-fetched at the time. But this month, an Austin-based group called ProtestWarrior, which crashes anti-war demonstrations and produced a video that attacks Middle Eastern "Islamo-fascists," informed its members that their credit card information might have been compromised after a Chicago-based hacker cracked the site's code; ProtestWarrior claims that the hacker had intended to give donations to the American Civil Liberties Union, among other organizations.
The FBI is investigating, but no charges have been filed.
EU moves to speed up Europe's wireless Internet
A Reuters newswire article, via Yahoo! News, reports that:
The European Commission opened access to a new radio frequency that it said will speed up wireless access to the Internet in coffee shops and airports throughout Europe.
The European Commission said on Thursday it was making available part of the 5 gigahertz (GHz) band for Wi-Fi, a technology used by laptops for high-speed, wireless connections to the Internet.
The new spectrum will allow data transfer at 50 megabits per second compared with 10 megabits on the current 2.4 GHz radio band, originally used for microwave ovens.
Vonage, AT&T Top VoIP Ratings
Vonage was found to be the most reliable VOIP vendor in a study released this week, with AT&T's CallVantage Service lauded as having the best voice quality.
Keynote Systems placed VOIP calls every 30 minutes on a variety of networks and services, evaluating every service for uptimes, call quality, and audio delays. VOIP calls have yet to exceed the standards and reliability of traditional POTS calls, the study found.
Vonage was found to be the most reliable VOIP vendor of those surveyed, which included AT&T CallVantage, Packet 8, Primus Lingo, Skype's SkypeOut service, Verizon, Voicewing, and Vonage, together with business DSL calls made over the AT&T, Sprint, and UUNet networks.
Walmart.com Web site down overnight
A Reuters newswire article, via Yahoo! News, reports that:
Wal-Mart Stores Inc.'s walmart.com Web site was down on Thursday morning, and a customer service representative said the site had been inoperative since Wednesday night.
A walmart.com spokesperson did not immediately return a call seeking comment. A spokeswoman at Wal-Mart's Bentonville, Arkansas, headquarters could not immediately be reached.
Walmart.com ranks as the 12th-largest Internet retailer, according to statistics compiled by trade magazine Internet Retailer.
It appears to be up now...
Criminal caught by computer game
And since we were just talking about computer games, and all of the hoopla surrounding Grand Theft Auto: San Andreas, how do you like this one? Nick Ferrell writes in The Inquirer:
Police in Taiwan managed to finger the collar of a heavily armed suspect after he went online to play computer games.
Chang Hsi-ming, was wanted for murder, illegal possession of weapons and multiple kidnappings and coppers have been tracking him for about a year.
But the task became easier when the police learnt that he had a passion for online gaming. They sniffed out his online persona, and tracked his IP address.
We don’t know which game he was playing, but when police knocked on his door for a quiet word, they brought nearly 130 colleagues and two tanks.
Even then, Chang, who is dubbed the Evil Dragon by the local press, decided to go out in the style of Butch Cassidy and the Sundance Kid. Unfortunately, it is not ‘game over’, according to the Taiwanese Evening papers, although Chang was shot in the chest and shoulder he appears to have survived and is now in hospital.
Update: Sen. Clinton seeks 'Grand Theft Auto' probe
An AP newswire article in USA Today reports that:
Sen. Hillary Rodham Clinton, who has attacked violent video games as "a silent epidemic" among children, said she wants a federal investigation into one of the most popular, "Grand Theft Auto: San Andreas."
Clinton, D-N.Y., is asking the Federal Trade Commission to probe how users of the game can access "graphic pornographic and violent content" for the game from the Internet.
In a letter dated Thursday to FTC chairwoman Deborah Platt Majoras, she also urged the agency to examine whether the game's rating of "M" for mature should be changed to an "Adults Only" rating.
The Entertainment Software Ratings Board, a self-regulatory ratings arm of the game software industry, is already investigating the issue.
New York's junior senator said it is time for the federal government to step in.
: Mike, over on techdirt.com
, has posted a nice summary here
Greek police arrest alleged Internet fraudster preying on US bank accounts
An AFP newswire article, via Yahoo! News, reports that:
Greek police have arrested a 43 year-old man suspected of lifting the bank details of US citizens over the Internet and stealing over 60,000 dollars (49,600 euros) from their accounts in the past year.
A police raid on the suspect's apartment at the port of Piraeus on Wednesday yielded some 4,000 printed pages of personal bank details downloaded from the Internet, a police source told AFP on Thursday.
The man identified by Greek media as Dimitris Kadas had been briefly jailed for credit card fraud in Houston in 1987 before being deported to Greece.
In the past 18 months, he is suspected of having preyed on the bank accounts of over 300 US citizens, and the authorities believe that he may have conducted withdrawals of over 355,000 dollars (293,700 euros).
Apple cautions after huge quarter
Dawn C. Chmielewski writes in The Mercury News (obnoxious, but free, registration required):
Apple Computer reported the highest revenue and profit in the company's history Wednesday, propelled by the soaring popularity of the iPod, the strongest Macintosh sales in four years and the introduction of the new Tiger operating system.
The Cupertino company reported a profit of $320 million, or 37 cents a share, on revenue of $3.52 billion for the fiscal third quarter ended June 25. That represents a 425 percent leap in earnings over the same period last year and a 75 percent surge in sales.
But Apple's recently announced switch to Intel microprocessors injected an element of uncertainty into the company's otherwise heady financial performance. Apple Chief Financial Officer Peter Oppenheimer warned of a flat September quarter, traditionally a period of strong back-to-school sales. He projected revenues of $3.5 billion and earnings per share of 32 cents.
"We feel that we're being prudent," Oppenheimer said. "This is our first full quarter after the Intel transition announcement and we expect to learn more in the quarter.''
Verisign buys iDefense for $40M
John Leyden writes in The Register:
Net infrastructure firm VeriSign has bought security intelligence firm iDefense for $40m in cash. iDefense's 45 employees will join VeriSign in a move designed to bolster its managed security services offering with proactive threat warning and security remediation advice.
iDefense is best known for its controversial vulnerability contributor program, which rewards hackers for advance notification of unpublished vulnerabilities or exploit code. It's not immediately clear if the program will continue post acquisition.
Xybernaut Denied Funding For Possible Chapter 11
Ellen McCarthy writes in The Washington Post:
Xybernaut Corp., the Fairfax [Virginia] company that makes wearable computers, yesterday said it was unable to secure the financing necessary to operate under bankruptcy protection.
Last month, in preparation for a possible bankruptcy filing, the company asked an undisclosed lender to start work on the loans and paperwork that would ensure the company "debtor-in-possession" financing if it pursues Chapter 11 protection. Xybernaut also sent the lender a $125,000 deposit.
But yesterday, Xybernaut said in a filing with the Securities and Exchange Commission that the lender returned about $54,000 and declined to commit to the debtor financing.
Senators Propose Curbs on Patriot Act
Dan Eggen and Charles Babington write in The Washington Post:
Two senior members of the Senate Judiciary Committee introduced legislation yesterday that would lead to more restrictions on the government's powers under the USA Patriot Act, setting the stage for a protracted legislative battle in coming months over the controversial anti-terrorism law.
The proposal by Sens. Arlen Specter (R-Pa.) and Dianne Feinstein (D-Calif.) would scale back a law that the administration seeks to keep largely intact. But it also attracted immediate criticism from civil liberties advocates who say it does not adequately rein in the government's activities.
...and this seems like a good opportunity to mention www.checksbalances.org
RFID Foes Find Righteous Ally
Keeping in step with the current RFID themes, Mark Baard writes in Wired News:
Anti-RFID activist Katherine Albrecht has a good reason for opposing radio-tagging technology: She thinks it's the Mark of the Beast.
And this is yet another opportunity for me to mention RFIDkills.com. :-)
Microsoft and Marvel ink online game deal
Lisa Baertlein writes for Reuters:
Microsoft Corp. said on Thursday it won exclusive rights to develop and publish multiplayer online games starring Marvel Enterprises Inc.'s super heroes, including Spider-man, the X-men and the Hulk.
The deal covers massively multiplayer online (MMO) game titles developed for Microsoft's upcoming Xbox 360 gaming console and published by the software giant's game studio.
The deal is Marvel's first MMO pact. The first title is expected in 2008.
Banking regulators issue check fraud warning
Bob Sullivan writes on MSNBC:
Federal banking regulators have issued an alert about Qchex.com, a Web site that lets Web users initiate traditional paper check payments through e-mail. The alert follows an MSNBC.com story in May chronicling complaints about fraudsters using the service.
At Qchex.com, visitors can create checks that draw funds from nearly anyone's checking account -- as long as the user has the correct bank routing number and checking account number. Those numbers are found on the bottom of every check.
In its terms of service, Qchex says it does not attempt to verify the identity of its users.
Update: UC Irvine to offer certificate program in RFID
Alorie Gilbert writes in the C|Net News RFID Blog:
The University of California at Irvine is developing a certificate program focusing on radio frequency identification, or RFID -- the electronic identification technology that's so en vogue at the moment in computer circles.Update: Aaaaand
Students of the university's extension program may be able to enroll in the courses as soon as the winter quarter of 2006, according to Stefano Stefan, assistant director of business, management, legal and IT programs for the school's continuing education series.
UC Irvine may be the first college in the country - or even the world -- to offer RFID courses that don't require enrollment in an engineering school, Stefan said.
, just about at the same time that I posted this, Peter Rojas posts this juicy tidbit
at almost the same time over on Engadget
Zapped! RFID workshop in NYC tomorrow
Posted Jul 13, 2005, 7:21 PM ET by Peter Rojas
We were a lot more excited about hitting this when we thought that Scott Baio was one of the presenters, but Preemptive Media is hosting a workshop on RFID at Eyebeam here in NYC tomorrow that’ll teach you how to build a keychain RFID detector that’ll beep every time you’re in range of an RFID tag reader.
UPDATE: Sender ID Gets Notice
Tim Gray writes in internetnews.com:
The solution for stamping out e-mail-based scams may never be complete, but as evidenced at the E-mail Authentication Implementation Summit 2005 on Tuesday, insiders appear more resolved than ever to work together towards that goal.
The event, organized to bring together a diverse collection of e-mail analysts and providers, featured discussions and potential solutions, such as Sender ID, SPF and DKIM, to the halting Internet scourges.
As an aside, while doing a Google search for "E-mail Authentication Implementation Summit", I found this page which revals that The Direct Marketing Association (DMA) was a co-sponsor of this "summit". Draw your own conclusions.
Update: Paul F. Roberts has written a more detailed account of this meeting here. Worth a read if you are interested.
'MP3' Celebrates its Tenth Anniversary
Sachin Garg posts to /.
"The Data Compression News Blog reports that on July 14th 2005, the name "MP3" celebrates its tenth anniversary. On this day back in 1995, the researchers at Fraunhofer Institute for Integrated Circuits IIS decided to use ".mp3" as the file name extension for their new audio coding technology. Development on this technology started in 1987, in 1992 it was considered far ahead of its times, then MP3 became the generally accepted acronym for the ISO standard IS 11172-3 "MPEG Audio Layer 3" and no other coding method so far (2005) could uncrown MP3 as the popular standard for digital music on the computer and on the Internet."
Feds create new post of cybersecurity czar
Anna Broache writes in C|Net News:
A new cybersecurity czar will join the U.S. Department of Homeland Security's ranks, Secretary Michael Chertoff announced Wednesday.
The assistant secretary for cybersecurity and telecommunications will be "responsible for identifying and assessing the vulnerability of critical telecommunications infrastructure and assets; providing timely, actionable and valuable threat information; and leading the national response to cyber and telecommunications attacks," according to a press release from the 3-year-old department. No announcement has been made about who will get the job.
The new official will report to the under secretary for preparedness, one of three top-level officials who report directly to Chertoff. (Currently, the chief cybersecurity officer is a low to midlevel official further removed from the secretary.) The "preparedness" category would also include officials overseeing areas ranging from first responder training to public health to infrastructure.
European ministers promise data retention agreement
Simon Taylor writes in InfoWorld:
European Union home affairs ministers have promised that in October they will agree on a set of Europe-wide rules requiring companies to store phone call and e-mail data. The pledge was made at an emergency meeting of ministers in Brussels on Wednesday in response to the bombings in London last week which killed over 50 people.
The data rules, which have been under discussion by E.U. ministers since April last year, are highly controversial because of fears that they would infringe data privacy rules and impose excessive costs on industry.
But France's interior minister Nicolas Sarkozy on Wednesday dismissed objections that the cost of the rules would be too high. "What would cost us dear would be to have innocent victims," he said. He said that telephone records had played an important part in identifying and arresting terrorist suspects in the UK, France, Spain and Germany.
VoIP backlash in Germany?
Ben Charny writes in C|Net News:
The German unit of cell phone giant Vodafone plans to disable calls from the likes of Skype and other Net phone operators beginning July 2007.
Vodafone Germany spokesman Heiko Witzke said Wednesday that in the interim the company may reverse its policy, which came to light earlier in the week when it filed a tariff with German telephone regulators.
He wouldn't comment about why the company was taking the step, but said in an interview that "2007 is a long ways to go, anything may happen until then."
Vodafone's other 15 divisions serving nations in Europe and Asia have not enacted such a policy, according to a spokesman at Vodafone's U.K. headquarters.
The development is a sign that some cell phone operators are beginning to feel threatened by Internet telephony, just as soaring Net phone subscriber numbers start to significantly impact revenues of traditional landline operators.
ZombieAlert Scours Corporate Networks For Spam-spewing PCs
Gregg Keizer writes in TechWeb News:
A U.K.-based security firm is touting a new service that scours corporate networks for zombies -- PCs that have been hijacked without the owner's knowledge and turned into spam-spewing engines.
Sophos on Wednesday launched the alert service, dubbed ZombieAlert, that warns business, educational, and government administrators when some of the machines on their networks turn into the walking dead. So-called "zombies" account for more than half the world's spam, said Sophos.
Tracking down zombies, however, isn't easy.
Rather than monitoring systems internally for evidence of spam zombies, Sophos analyzes the millions of messages passing through its spam traps -- sometimes called "honeypots" -- traces such spam to its originating domain and IP address, then notifies customers when one of their machines is found sending spam.
Internet Archive sued over Wayback Machine
As reported in various places today, but probably best summarized over on Boing Boing: