Saturday, August 27, 2005

Phishers Sinking to New Lows

Don Oldenburg writes in The Washington Post's "Consumate Consumer" Column:

Don't get me started on spam. But the other day, scanning the dregs of my spam filter, there was this one that stood out from the hundreds of unsolicited commercial e-mails that pitch porn, get-rich-quick schemes, cheap pharmaceuticals, urgent business proposals and sure-thing investments. All no-brainer deletes. Click, click, click.

But this one stopped me cold. It raised images of stressed-out and distraught military families stunned by the message that their bank accounts had been breached (all the more troubling after last week's news that someone had indeed hacked an Air Force nonfinancial database containing 33,000 Social Security numbers). Recipients could follow the message's instructions, click on a link to a Web site, and divulge their passwords and confidential information.

Only, that urgent notice isn't from their bank. It's from a crook.

Missing music producer found alive, questioned

This report follows the rumors on Thursday that Irwin was involved, and possibly killed, by persons running a Nigerian 419 scam ring.

Via MSNBC.

The nearly weeklong search for a Grammy-nominated producer ended Friday after a resident spotted the man sitting naked in a backyard creek, washing his jeans.

The Topanga Canyon resident found a distraught Christian Julian Irwin saying he feared he was being pursued by Nigerians who had contacted him in an Internet scam, sheriff’s Capt. Ray Peavy said.

Peavy said there was no evidence anyone was actually pursuing the 48-year-old producer, who has worked with Carly Simon and David Bowie, among others.

Rackspace Survey: Linux vs. Windows 50/50

Ed Sutherland writes in NewsFactor Technology News:

The decision to use Windows instead of Linux is based more on availability of applications and less on security or cost concerns, according to a new survey by Web hosting company Rackspace.

The survey revealed a dichotomy between what the two OS camps believe are the core issues facing corporations and the actual factors involved in choosing Windows or Linux.

Rackspace manages more than 13,000 servers, with an approximate 50-50 Linux and Windows split.

GM will launch self-driving car in 2008

Barb Dybwad writes over on Engadget:

GM self-driving car

This will totally give new meaning to the term auto-pilot: GM will be launching a vehicle with an actual self-driving system in its 2008 Opel Vectra. That’s right — think KITT, people, but without the smarmy voice (well, we assume, anyway). It will be able to pilot itself even in heavy traffic at up to 60 mph, which is more than we can say for most of our friends, really. It’ll be using lasers, a video camera and a sophisticated computer brain to recognize signs and detect obstacles. Let’s hope the OS it uses is, um, extremely stable.


Russian satellite on track despite communication problem

Via PhysOrg.

Russia successfully launched a monitoring satellite from the northern Plesetsk cosmodrome after initial fears the apparatus was out of control, space officials said.

"A liaison session has been carried out with the satellite. It is under control," a Khrunichev space center official told the Interfax news agency.

Earlier, Roskosmos space agency vice-director Nikolai Moisseyev said the satellite might be lost because of difficulties establishing a link with the rocket propelling the unit.

The Monitor-E satellite will be used for mapping, and monitoring pollution and natural or man-made disasters.

Apple Earns Record Industry's Scorn

Jeff Leeds writes in The New York Times:

Two and a half years after the music business lined up behind the chief executive of Apple, Steven P. Jobs, and hailed him and his iTunes music service for breathing life into music sales, the industry's allegiance to Mr. Jobs has eroded sharply.

Mr. Jobs is now girding for a showdown with at least two of the four major record companies over the price of songs on the iTunes service.

If he loses, the one-price model that iTunes has adopted - 99 cents to download any song - could be replaced with a more complex structure that prices songs by popularity. A hot new single, for example, could sell for $1.49, while a golden oldie could go for substantially less than 99 cents.

Music executives who support Mr. Jobs say the higher prices could backfire, sending iTunes' customers in search of songs on free, unauthorized file-swapping networks.

Gates Charity Grant Under Fire

Via Red Herring.

The Bill and Melinda Gates Foundation is getting flak as a conservative Seattle-based think tank that received a $10 million from the philanthropy organization appears to have promoted the “intelligent design” theory of evolution backed by some conservative Christians.

The hullabaloo, mostly confined to the blogosphere, stems from a 10-year grant the foundation awarded the Discovery Institute in August 2003 to develop transportation systems among the states of Washington, Oregon, and Canada’s British Columbia province.

Bloggers began criticizing the foundation, the do-gooder organization founded by Microsoft creator Mr. Gates and his wife, after The New York Times reported Sunday that the institute’s Center for Science and Culture apparently provided “ideological and strategic” support for advancing the theory of intelligent design.

Man Pleads Guilty in eBay Car Sales Scheme

An AP newswire article, via Yahoo! News, reports that:

A Southern California man involved in a scheme to defraud eBay users by taking money for cars sold through the auction Web site but were never delivered has pleaded guilty for his role in the crime.

David Hung Truong, 36, pleaded guilty Thursday to one count of wire fraud as part of a plea agreement with federal prosecutors. He faces a maximum of 20 years in prison and $250,000 in fines when he's sentenced Jan. 5, 2006.

As part of the plea agreement, Truong admitted opening several bank accounts that received payments for the cars listed on eBay. Prosecutors said the scheme, which operated from October 2003 to January 2004, defrauded victims of more than $40,000.

Eavesdropping "Jealous Lover" Program Creator Is Indicted

An AP newswire article, via Yahoo! News, reports that:

The creator and several buyers of a computer program designed to allow jealous lovers to snoop on their sweethearts' online activities have been indicted for allegedly violating federal computer privacy laws.

Carlos Enrique Perez-Melara, 25, was indicted Friday on 35 counts of manufacturing, sending and advertising a surreptitious interception device and unauthorized access to protected computers.

The Loverspy program, disguised as an electronic greeting card showing images of puppies and flowers, was sent as an e-mail. When it was executed, it would begin recording victims' e-mail messages and the Web sites they visited, prosecutors said. The information would be transmitted to computers operated by Perez-Melara and relayed to customers, authorities said.

"It was marketed as a way to catch a cheating lover," said Assistant U.S. Attorney Mitch Dembin.

Friday, August 26, 2005

Time Teaser: Inside the Chinese Hack Attack

Nathan Thornburgh writes yesterday (25 Aug. 2005) in a Time.com online teaser:

Hackers breaking into official U.S. networks are not just using Chinese systems as a launch pad, but are based in China, sources tell TIME. Their story: Sometime on November 1st, 2004, hackers sat down at computers in southern China and set off once again on their daily hunt for U.S. secrets. Since 2003 the group had been conducting wide-ranging assaults on U.S. government targets to steal sensitive information, part of a massive cyberespionage ring that U.S. investigators have codenamed Titan Rain. On this particular night, the hackers' quarry was military data, and they were armed with a new weapon to reach out across cyberspace and get it.

This was a scanner program that "primed the pump," according to a former government network analyst who has helped track Titan Rain, by searching vast military networks for single computers with vulnerabilities that the attackers could exploit later. As with many of their tools, this was a simple program, but one that had been cleverly modified to fit their needs, and then used with ruthless efficiency against a vast array of U.S. networks. After performing the scans, the source says, it's a virtual certainty that the attackers returned within a day or two and, as they had on dozens of military networks, broke into the computers to steal away as much data as possible without being detected.

They hit hundreds of computers that night and morning alone, and a brief list of scanned systems gives an indication of the breadth of the attacks. At 10:23 p.m. pacific standard time (PST), they found vulnerabilities at the U.S. Army Information Systems Engineering Command at Fort Huachuca, Arizona. At 1:19 am PST, they found the same hole in computers at the military's Defense Information Systems Agency in Arlington, Virginia. At 3:25 am, they hit the Naval Ocean Systems Center, a defense department installation in San Diego, California. At 4:46 am PST, they struck the United States Army Space and Strategic Defense installation in Huntsville, Alabama. As with prior attacks, the targeted networks were unclassified systems; the military's classified networks are not connected directly to the Internet. But even unclassified systems store sensitive information and provide logistics support throughout the armed forces. Government analysts say the attacks are ongoing, and increasing in frequency. But whether the Titan Rain hackers are gathering industrial information or simply testing their ability to infiltrate a rival nation's military systems, the U.S. government is taking the threat very seriously.

[In next week's magazine, available at Time.com on Sunday and on the newsstands Monday, TIME presents the Titan Rain investigation in depth — what they stole, how they stole it, and what the United States is doing to stop them.]

User Friendly: "MMORPG 419'ers"

Via UserFriendly.org.


Click on image for enlargement.

R.I.P. VHS: "We barely knew ye..."

Jen Chaney writes in The Washington Post:

VHS -- the beloved videotape format that bravely won the war against Betamax and charmed millions of Americans by allowing them to enjoy mindless Hollywood entertainment without leaving their homes -- has died at the age of 29. It passed away peacefully after a long illness caused by chronic technological insignificance and a lack of director's commentary tracks.

No one knows exactly when this once-valued objet de home entertainment began its journey toward that previously-viewed-video bin in the sky. Some say it was March 1997, when the slimmer, sexier DVD was introduced to American consumers. Others pin the time of death to the week of June 15, 2003, when DVD rentals first topped those of VHS. And there are some -- technophobic, time-warped souls who still keep their Erol's Video membership cards in their wallets -- who argue that VHS isn't deceased at all. It's just, well, resting its eyes.

Web of Crime: Who's Catching the Cybercrooks?

I had almost forgotten to post the link to Part Five of the PCWorld.com series "Web of Crime" -- and then the FBI announcement of the suspected Zotob worm authors being detained abroad reminded me. Silly me. :-)

[This is Part Five in a Five Part series]

[Click for Part One, Part Two, Part Three, and Part Four.]

A PCWorld.com article by Tom Spring, via Yahoo! News, reports that:

In 2004, after months of putting a virtual tail on a hacker who called himself Pherk, Federal Bureau of Investigation agent Timothy Nestor had the guy right where he wanted him. Though unsure of Pherk's identity, Special Agent Nestor was tracking every digital footstep the hacker took as he wreaked havoc on dozens of businesses by shutting down their online storefronts.

Pherk's modus operandi was to commandeer an army of 2000 zombie computers and use those PCs simultaneously and repeatedly to request Web pages from the sites; the surge in queries would overwhelm the sites' servers, knocking the businesses offline. What the hacker didn't know was that Nestor, supervisor of the FBI's Cyber Crime Squad in New Jersey, had isolated one of the zombies and was now following the perpetrator's every online move.

Eventually the accumulating evidence of these illegal Web activities enabled the FBI to trace the attacks to 17-year-old Jasmine Singh Cheema. Nestor then obtained a search warrant; and in early December 2004, six FBI agents and two New Jersey state police officers barged into the Edison, New Jersey, home of Cheema's parents. According to Nestor, the 17-year-old Cheema sat at the family's dining room table and confessed everything to the FBI as his mother hovered nearby.


Meyerrose nominated as CIO of national intelligence office

Patience Wait writes in GCN.com:

The White House has announced that Air Force Maj. Gen. Dale Meyerrose will be nominated to serve as the first CIO of the newly created Office of the Director of National Intelligence, headed by John Negroponte.

Meyerrose has experience in organizing new offices. Named CIO of NORAD in June 2000, he was given additional responsibility as the first CIO for U.S. Northern Command in October 2002, the structure created in the wake of Sept. 11 to assist in homeland defense and support civil agencies as needed.

Legal argument could hamper high-tech job-changers

Ed Frauenheim writes in C|Net News:

Buried in Microsoft's lawsuit against its former executive Kai-Fu Lee and Google is a legal doctrine that could make tech professionals shiver.

The high-profile dispute largely hinges on a noncompete agreement Lee signed with Microsoft. But in court filings, the software giant has also mentioned the theory of "inevitable disclosure," which holds that in some circumstances people can't avoid sharing or relying on trade secrets from their former employer when moving to a competitor.

Thanks to this increasingly popular legal argument, techies and other employees could be in for a surprise when they try to switch companies. In states that accept the inevitable disclosure concept, employers can sue defectors even if they've signed only a confidentiality agreement--or even if they haven't signed an employment agreement at all, said Robin Meadow, an attorney with the firm Greines Martin Stein & Richland.

"It's sort of an unwritten noncompete contract, in effect," Meadow said. "The fact that you haven't signed something doesn't mean you're safe when you move to another company."

Florida University workers accused of changing grades

An AP newswire article by Adrian Sainz, via The Globe and Mail, reports that:

Two employees at a Florida university with access to computer databanks have been charged with accepting cash — and one with accepting sex — in exchange for changing the grades of dozens of students, authorities said.

Ellis Peet and Clifton Franklin allegedly used generic passwords or those belonging to other registrar employees to make the switches at Florida Memorial University. They both had graduated from the school and were fraternity brothers there, authorities said.

Peet, 37, was fired and Franklin, 32, resigned during the investigation at the school in the working class suburb of Miami Gardens.

The former students received payments ranging from $75 (U.S.) to $600 to change more than 650 grades for 122 students over three years, ending in 2002, authorities alleged in court records. Franklin also allegedly received sex from female students after changing their grades, and both men were accused of changing their own grades.

'Eyes in the sky' for homeland security


Image source: MSNBC / Matthew Cavanaugh / Getty Images


Brock Meeks writes for MSNBC:

Blimps, they’re the next big thing in homeland security.

You’re laughing.

That’s okay, a lot of people do, says George Spyrou, president of Airship Management Services, whose blimps are leased to the likes of Fuji Film and have been used as air surveillance and security platforms by the New York Police Department, the U.S. Secret Service and the Athens police during last year’s summer Olympic Games.

lthough blimps have proven their worth in various security environments from the Super Bowl to presidential conventions, the huge airships aren’t widely deployed because they suffer from bad public relations.

Trojan Poses As Plug And Play Patch

Via TechWeb News.

A Trojan horse not connected to last week's Zotob blitz on vulnerable Windows 2000 PCs is nevertheless taking advantage of the scare, security researchers said Friday, by posing as a patch against the Microsoft bug.

A new variant of the Downloader Trojan presents itself as a patch for the vulnerability outlined in the MS05-039 bulletin Microsoft released earlier in August. That vulnerability was used by Zotob just days later to attack Windows 2000 machines, and may be used in the near future to break into some Windows XP systems.

"This is a new way of exploiting the Plug and Play vulnerability, in this case by making use of social engineering, a strategy already used to trigger significant epidemics in the past as it aims to trick users into running the file received," said Luis Corrons, the director of anti-virus vendor Panda Software's research arm, in a statement.

Like other bogus patch messages, the one bearing the Downloader.ejd Trojan spoofs the sending address -- in its case, "update@microsoft.com" -- and uses the subject heading of "What You Need to Know About the Zotob.a Worm" to trick users into opening the file attachment.

Update: Two Arrested in Zotob Worm Probe

An AP newswire article by Mark Sherman, via Yahoo! News, reports that:

Authorities in Morocco and Turkey have arrested two people believed to be responsible for unleashing a computer worm that infected networks at U.S. companies and government agencies earlier this month, the FBI said Friday.

Farid Essebar, 18, was arrested in Morocco, while Atilla Ekici, 21, was arrested in Turkey on Thursday, the FBI said. They will be prosecuted in those countries, the FBI said.

The worm disrupted computer operations in mid-August at several large news organizations, including The Associated Press, ABC, CNN, and The New York Times, such companies as heavy-equipment maker Caterpillar Inc. and the federal Immigration and Customs Enforcement bureau.

Microsoft played a role in locating the suspects, the FBI said.

Update: Mikko writes over on the F-Secure "News from the Lab" Blog:

Two men have been arrested regarding the Zotob PnP worm case.

Moroccan authorities arrested "Diabl0", aka Farid Essebar and Turkey authorities arrested "Coder", aka Atilla Ekici. The suspects are aged 18 and 21, respectively.

Both nicknames can be found from the code of Zotob.A: the worm connected to a irc server named "diabl0.turkcoders.net" and contained the words "Greetz to good friend Coder".

Diabl0 is most likely associated with some of the Mytob variants too.

More from Maghrep Arabe Presse in Morocco.


Wiretap Rules Split VoIP

And speaking of VoIP.....

Via Red Herring.

The VoIP community could be on the verge of a major split as the U.S. government continues to sort out whether companies such as Skype and vehicles such as GoogleTalk are subject to wiretapping rules recently announced by the Federal Communications Commission.

Earlier this month, the FCC said that VoIP providers must be prepared to accommodate law enforcement wiretaps, which are covered by the Communications Assistance for Law Enforcement Act (CALEA).

The commission limited the requirement to “facilities-based broadband Internet access service providers and VoIP providers that offer services permitting users to receive calls from, and place calls to, the public switched telephone network (PSTN).”

That, on the surface, exempts peer-to-peer architectures, including Skype’s main product, and instant messaging products such as GoogleTalk. But law enforcement agencies such as the Federal Bureau of Investigation and the Drug Enforcement Agency are reportedly up in arms over any such technical exemptions.

FCC grants 30-day extension in VoIP 911 ruling

A Reuters newswire article, via Yahoo! News, reports that:

The U.S. Federal Communications Commission said on Friday it was extending by 30 days a deadline for Internet telephone companies to tell customers about 911 emergency calling or shut off their service.

The FCC in May ordered Internet phone service providers to ensure emergency 911 calls go directly to emergency dispatchers and provide the location of callers by November 29, four months after the order became effective.

The agency also required companies to get acknowledgments from all subscribers that they understood the type of 911 service available, and that providers should disconnect anyone who fails to reply by August 29.

The commission said in a release that it had extended the deadline to September 28. Several companies said disconnecting subscribers could cause more harm than good, as many who have not responded already have the 911 service.

The decision came after the FCC heard tear-filled testimony from parents who only were able to reach administrative offices when they dialed 911 with Voice Over Internet Protocol (VOIP) services. Since many VOIP services can be used anywhere a person has a high-speed Internet connection, knowing a caller's location can be difficult.

Austin and NY in bidding war for Samsung facility?

Kirk Ladendorf writes in The Austin American-Statesman:

Austin's bid to land a new Samsung Electronics Co. Ltd. chip plant just got more interesting.

The State of New York, which lured a major Sematech research project from Austin three years ago, also is pursuing the proposed $3.5 billion new chip factory.

Gov. George Pataki's administration has watched Austin's public recruitment process and has made an "incredibly lucrative" offer to the South Korean chip maker, according to a source close to negotiations who asked not to be named.

Those involved with Austin's incentives package are aware of the New York offer and acknowledge that it far exceeds the $210 million to $225 million that Central Texas is expected to offer. By one estimate, the New York offer exceeds $300 million.

Daily gapingvoid.com fix...

Via gapingvoid.com. Enjoy!

Who'll mind the mainframes?

Thanks to a post over on Slashdot for the pointer to this article.

Hiawatha Bray writes in The Boston Globe:

They're the grizzled, unglamorous veterans of the computing world, middle-aged men and women who don't create best-selling computer games or dazzling special effects for the movies. All they do is quietly run the most important computer systems in the world.

They operate mainframe computers, the ''big iron" machines that run businesses and governments all over the planet. Mainframes issue Social Security checks, track credit-card purchases, and oversee the nation's air-traffic network. They're immensely powerful computers, and immensely reliable, routinely running around the clock for years at a time.

But many mainframe operators have been at it for decades, and they've begun to realize that their time is running out.

''Some of us started dying," said Robert Stanley, 56, director of research for Air Traffic Software Architectures Inc. in Ottawa. ''Heart attacks and the like. Thirty years of Twinkie-eating."

IP PBX Sales Outstrip Traditional PBXs For First Time

Mia Gralla writes in Networking Pipeline:

Shipments of IP PBX lines will exceed those of traditional PBX lines this year, according to a new report by In-Stat. The report found that as the total PBX market grows by a compound annual rate of 6.6% through 2009, the IP PBX will gain momentum as the traditional PBX declines. A significant reason for this, the report says, is the increased mobility within and beyond the workplace offered by IP PBXs. Many IP PBXs currently include voice with presence and instant messaging, and in the future will include more data and ultimately video as well. With these changes, IP PBX will go from 9.5 million lines to 28.1 million in 2009, representing 91% of the total PBX shipment, the report concludes.

According to a statement by In-Stat analyst Norm Bogen, "The IP PBX is revealing itself as more than a simple one-for-one replacement vehicle for digital systems. With closer ties to data, this new vehicle is influencing corporate power structures and will ultimately have even more far-reaching effects on how business is done around the globe."

Three indicted in U.S. spam crackdown

Martyn Williams writes in NetworkWorld:

Three people accused of sending massive amounts of spam face possible prison sentences after being indicted by a grand jury in the U.S. state of Arizona and accused of violating the CAN-SPAM Act of 2003 and other charges, the U.S. Department of Justice said in a statement.

Named in the indictment are Jennifer R. Clason, Jeffrey A. Kilbride, and James R. Schaffer. The three are accused of sending spam that advertised pornographic Web sites, the Justice Department said in a statement. They could make money from commissions that the Web sites paid in return for directing traffic to their sites, the statement said.

The defendant's operation was ranked as one of the 200 largest sources of spam on the Internet by The Spamhaus Project, a group that tracks and battles against spam. AOL received more than 600,000 complaints between late January and early June last year related to spam from the operation, the Justice Department said. The actual number of users who received spam from the operation could be in the tens of millions, it said.

LURHQ: Myfip Intellectual Property Theft Worm Analysis

Thanks to Miko over on the F-Secure "News from the Lab" Blog for pointing this out.

It is a fascinating read. Here's an en excerpt of the LURHQ analysis:

Myfip is a network worm discovered in August of 2004. It didn't get an extreme amount of attention at the time, just a few articles talking about a new worm which stole PDF files. It wasn't terribly widespread or damaging, so it didn't rate very high on the antivirus companies' threat indicators. However, it is still worth paying attention to because the potential for damage to a company can actually be greater than with other worms. A Slammer or Blaster outbreak might take the network down for a while, but an incident like that can be recovered from. If the wrong document leaves your network it could have devastating consequences.

ID theft ring escapes shut down

Via the BBC.

An ID theft ring that has hit thousands of people is proving hard to shut down.

Discovered by US security fim Sunbelt Software, the scam used keyloggers to steal data stored by Microsoft's Internet Explorer browser.

Variants of the original bug are popping up and sending data to other servers and are continuing to harvest data from unwitting victims' machines.

Tools are now appearing to help people find out if they are infected and to remove the sophisticated bug.

Sunbelt came across the server at the centre of the ID theft ring by accident while investigating the ways that spyware can infect Windows PCs.

A search of the server revealed log files containing megabytes of data stolen from PC users by a variant of a well-known virus. Sunbelt estimates that up to 30,000 people were caught out by the keylogging bug since it appeared in late July.

Maturing net growing more slowly

Via the BBC.

After years of huge increases, the rate at which net traffic is growing is slowing down, say analysts.

During 2004 the amount of net traffic travelling on backbone cables between nations grew by 104%, reported the consultancy Telegeography.

By contrast in 2005 the growth slumped to a less stellar 49%.

Telegeography said the change could be the result of a global slowdown in the numbers of people signing up for high-speed net services.

Library Challenges FBI Request

Dan Eggen writes in The Washington Post:

A member of the American Library Association has sued the Justice Department to challenge an FBI demand for records, but the USA Patriot Act prohibits the plaintiff from publicly disclosing its identity or other details of the dispute, according to court documents released yesterday.

The lawsuit comes as Congress prepares to enter final talks over renewal of the Patriot Act, a counterterrorism law that was overwhelmingly approved after Sept. 11, 2001. But parts of the law, including provisions that could have an impact on libraries, have since come under fire.

Justice Department and FBI officials have repeatedly declined to identify how many times Patriot Act-related powers have been used to seek or obtain information from libraries, but they have strongly urged Congress not to limit their ability to do so.

The suit, originally filed under seal in Connecticut on Aug. 9, focuses on the FBI's use of a document called a "national security letter" (NSL), which allows investigators to demand records without the approval of a judge and to prohibit companies or institutions from disclosing the request. Restrictions on the FBI's use of NSLs were loosened under the Patriot Act.

'Kutztown 13' Hackers Quietly Offered Deal

An AP newswire article by Michael Rubinkam, via Yahoo! News, reports that:

The case against the "Kutztown 13" — a group of high school students charged with felonies for tinkering with their school-issued laptop computers — seems to be ending mostly with a whimper.

In meetings with students over the last several days, the Berks County juvenile probation office has quietly offered the students a deal in which all charges would be dropped in exchange for 15 hours of community service, a letter of apology, a class on personal responsibility and a few months of probation.

"The probation department realizes this is small potatoes," said William Bispels, an attorney representing nearly half of the accused students.

The 13 were initially charged with computer trespass and computer theft, both felonies, and could have faced a wide range of sanctions, including juvenile detention.

The Kutztown Area School District said it reported the students to police only after detentions, suspensions and other punishments failed to deter them from breaking school rules governing computer usage.

Thursday, August 25, 2005

Rolling blackouts strike Southern Calif.

An AP newswire article, via MSNBC, reports that:

Sweltering heat and the loss of a key transmission line Thursday forced power officials in Southern California to impose rolling blackouts, leaving as many as half a million people without power for about half an hour, officials said.

The California Independent System Operator, which operates the state’s electric grid, declared a transmission emergency at 3:57 p.m., said ISO spokeswoman Stephanie McCorkle.

About 30 minutes later, power was being restored to people subjected to the blackouts, she said.

Discipline urged for CIA officials over Sept. 11

An AP newswire article, via MSNBC, reports that:

The CIA’s independent watchdog has recommended disciplinary reviews for current and former officials who were involved in failed intelligence efforts before the attacks of Sept. 11, 2001, the Associated Press has learned.

CIA Director Porter Goss now must decide whether the disciplinary proceedings go forward.

The proceedings, formally called an accountability board, were recommended by the CIA inspector general, John Helgerson. It remains unclear which people are identified for the accountability boards in the highly classified report spanning hundreds of pages. The report was delivered to Congress Tuesday night.

It's (semi) Official: Men are more clever than women

Hmmm. Wonder if this will fuel a few outrages?

Via SKY News UK.

A new claim that men are more intelligent than women is poised to reignite controversy about the difference between the sexes.

Research to be published later this year argues that men's IQs are on average five points higher than those of women.

The scientists who conducted the study say this is why men are more likely to win Nobel prizes and gain other major academic distinctions.

One of them is Richard Lynn, Emeritus Professor of Psychology at the University of Ulster, whose work on intelligence has already proved highly controversial.

Not only has he maintained that men have higher IQs than women, but also that whites are more intelligent than blacks and eastern Asians brighter than Europeans.

The new work, to appear in the British Journal of Psychology on November 4, was conducted with Dr Paul Irwing, Senior Lecturer in Organisational Psychology at the University of Manchester.

Dr Irwing said he and Prof Lynn had found strong evidence that men not only had larger brains than women but higher IQs by about five points.

Patriot Act used by FBI to secretly take library records

This is probably a good opportunity to mention the "Patriots to Restore Checks and Balances" website again.

Thanks to Declan McCullagh for pointing out this article in his PoliTech Blog.

Via the ACLU website.

The American Civil Liberties Union today disclosed that the FBI has used a controversial Patriot Act power to demand records from an organization that possesses “a wide array of sensitive information about library patrons, including information about the reading materials borrowed by library patrons and about Internet usage by library patrons.” The FBI demand was disclosed in a new lawsuit filed in Connecticut, which remains under a heavy FBI gag order.

The ACLU is seeking an emergency court order to lift the gag so that its client can participate in the public debate about the Patriot Act as Congress prepares to reauthorize or amend it in September.

Maybe the IETF Won't Publish SPF and Sender-ID as Experimental RFCs After All

John Levine writes over on CircleID:

Yesterday, the IESG, the group that approves RFCs for publication received an appeal from Julian Mehnle to not to publish the Sender-ID spec as an experimental RFC due to technical defects. IESG members' responses were sympathetic to his concerns, so I'd say that a Sender-ID RFC has hit a roadblock.

The problem is simple: Although Sender-ID defines a new record type, called SPF 2.0, it also says that in the absence of a 2.0 record, it uses the older SPF1 record. Since SPF and Sender-ID can use the same records, if you publish an SPF record, you can't tell whether people are using it for SPF or Sender-ID.

VoIP Providers Ask FCC to Extend Deadline

An AP newswire article by Jennifer C. Kerr, via Yahoo! News, reports that:

A coalition of Internet phone providers asked federal regulators Thursday to extend a disconnection deadline that could lead to tens of thousands of customers losing service next week.

The Federal Communications Commission has set a Monday deadline for providers of Internet-based telephone calls to get acknowledgments from their Voice over Internet Protocol customers that they understand the problems they may encounter when dialing 911 in an emergency.

Providers of the phone service, known as "VoIP," are expected to disconnect service to people who have not responded. The FCC notice gave the companies a Tuesday deadline to cut off service.

The VON Coalition, which includes AT&T, MCI, and T-Mobile USA, said the FCC order could leave customers stranded in an emergency.

Credit card companies now turn to security

A New York Times article by Eric Dash, via The International Herald Tribune, reports that:

Inside Visa's operations center is a cool, white room about the size of a football field. There, more than one thousand giant computers, set up like hulking linemen, process cardholder information from across the United States.

The computers hum with some 3,000 credit and debit card transactions swiped through its network every second; they will handle more than 35 billion transactions in the next year.

Visa is so protective of its data center that visitors are only allowed to say that it is located in the central region of the United States. All the secrecy and cutting-edge technology were set up to protect Visa's basic business interests - encouraging credit card purchases and shielding banks from losses to fraud.

Nearly two months after the disclosure that a tiny payment processor, CardSystems Solutions, exposed the personal information of more than 40 million cardholders, the system remains vulnerable. Only now, with their brands at stake, have Visa, MasterCard and the other major card companies begun to focus on their consumers' main interests - ensuring that personal information is secure at all times.

LA record producer killed by Nigerian 419 scam ring?

Wow. Crazy days, man. Crazy days.

Mark Frauenfelder writes over on Boing Boing:

This chilling story in today's LA Times sounds like something out of a nightmare. Three days ago, a record producer disappeared from his house in Topanga Canyon while making a desperate phone call for help as he ran barefoot through a creek to elude pursuers at 3:45 in the morning.
In a frantic phone call before his disappearance, Christian Julian Irwin, 48, pleaded for help, telling a friend he was being chased down a ravine by people who he believed might kill him, police said. The call, about 3:45 a.m. Sunday, was his last; no one is known to have heard from him since. Investigators have few clues besides Irwin's glasses, found halfway down the hill behind his house, where it is believed that they fell as he ran.

Irwin's friends and relatives say his pursuers may be linked to con artists who had entangled him in a so-called Nigerian Internet scam.

...

Several months ago, Irwin told his friend and former business partner Fortunato Procopio, 47, that he had been unwittingly drawn into a Nigerian Internet fraud and had been threatened by the con artists, Procopio said.

"I told him it was clearly a scam — don't be silly," Procopio said Wednesday. But Irwin later received a mysterious $50,000 check, friends and relatives said, and became increasingly concerned. Procopio and some relatives offered few details, saying police had asked them not to discuss specifics of the case.

China's Baidu.com's bubble already deflating

A Dow Jones/AP newswire article by Riva Richmond, via SFGate.com, reports that:

Baidu.com Inc.'s bubble has already deflated remarkably, less than three weeks after its U.S. stock-market debut.

The Chinese Internet search engine's shares soared 354 percent to $122.54 on their first day of trading on Aug. 5, a rise that, for some, triggered uncomfortable memories of the late 1990s go-go days.

The stock's ascent, which peaked at $153.98 during the second day of trading, reflected investors' ongoing love affair with Baidu's much larger U.S. cousin, Google Inc., and outsize hopes for China's consumer class and budding Internet industry.

The enthusiasm is already waning. Baidu's Nasdaq-listed American depositary shares are worth little more than half their Aug. 8 peak value, based on Thursday's closing price of $79. The stock went public at $27.

Baidu is still valued at about $2.4 billion, a number that strikes many market watchers as exorbitant for a company that posted $7.9 million in revenue for the second quarter.

Plans For NYC Subway Cell Network Move Ahead

Thanks to Carlo over on techdirt.com for this pointer.

Sewell Chan writes in The New York Times:

The decision to introduce cellphone service in the city's underground subway stations touched off a flurry of interest in the telecommunications industry yesterday, as the Metropolitan Transportation Authority began soliciting bids for a 10-year contract that will involve immense technical complexity and probably be worth $50 million to $100 million.

Representatives of the country's four largest wireless companies - Cingular Wireless, Verizon Wireless, Sprint Nextel and T-Mobile - all said yesterday that they were considering submitting proposals to build the wireless voice and data network, which will cover 277 of the city's 468 stations. Companies that make wireless hardware - cables, radios and antennas - also expressed interest. Bids are due on Oct. 12.

Brazilian police arrest 85 in crackdown on hackers

A Reuters newswire article, via Yahoo! News, reports that:

Brazilian police arrested 85 people on Thursday accused of stealing more than $33 million by hacking into the online bank accounts of unwitting Internet users, authorities said.

The raid -- dubbed Operation Pegasus -- was carried out by 410 federal police officers in seven states, making it one of the biggest crackdowns on electronic crime in Brazil.

In all, 105 arrest warrants were issued after a four-month investigation found that the suspects had pocketed about 80 million Reals in the scam.

States face difficulties keeping up with cyberthreats

An AP newswire article by Kathy Barks Hoffman, via The Mercury News (obnoxious, but free, registration required -- or use BugMeNot.com), reports that:

Obtaining a driver's license got a lot tougher recently when a cyberworm hit government computers in Massachusetts, forcing customers to wait until technicians got infected computers running again.

The Zotob virus and its variations also attacked businesses such as automaker DaimlerChrysler AG, idling up to 50,000 workers at 13 plants, and media companies such as CNN, ABC and The Associated Press.

The scramble in Massachusetts, Michigan, Kansas and elsewhere to fend off the virus shows the vulnerability of states to potential shutdowns in service now that they offer everything from hunting licenses to physician discipline reports on the Internet and keep millions of computerized tax, voter registration and driving records.

Most states, including Michigan, suffered little damage from the attack. But risks remain.

Compounding the problem is the relatively little that states spend to protect those systems from hackers and other threats.

Supreme Court Appeal For Communications Decency Act

Thank you, Seth Finklestein, who wrote to the guys over at techdirt.com, and alerted us to this.

The Nitke v. Gonzales case, which challenges the conflict between obscenity, "community standards", and the Internet, is being appealed to the Supreme Court, in response to an unfavorable lower court ruling. 'The CDA contains provisions that ban speech and images from the Internet that any local community in the U.S. could deem obscene, even though that speech would be fully protected elsewhere.

The CDA also contains a provision that states that it's illegal to put any obscene material on the web in such a way that minors can access it. However since the Internet can be accessed by anyone with a computer, anything on the web can be accessed by a minor as previously held by the Supreme Court in Reno v. ACLU.'"

Japan Postpones Spy Satellite Launch

Probably launching this bird to spy on those Chinese "anti-Japanese" online gamers.... ;-)

An AP newswire article, via Space.com, reports that:

Japan has postponed the launch of a third spy satellite intended to keep an eye on communist North Korea for at least six months due to a technical glitch, a report said Thursday.

Japan launched two spy satellites in March 2003 amid concerns about the security threat posed by North Korea, which claims to have nuclear weapons.

The third was set to be launched this fiscal year, which ends in March 2006, but a government committee postponed it because of a computer chip problem. At least six months are needed to replace the chips and test new ones, Kyodo News agency said. Officials were unavailable to confirm the report late Thursday.

A fourth satellite is still scheduled for launch in the fiscal year starting April 2006, Kyodo said.

Japan embarked on a spy satellite program following North Korea's surprise test launch of a long-range missile over Japan's main island in 1998. The government's original plan was to put a total of eight spy satellites into orbit through 2006 to keep watch on North Korea.

Sprint Nextel's newer new logo

Ryan Block writes over on Engadget:

Sprint Nextel new new logo

Guess Sprint realized right quick that something wasn’t quite right with their new logo, someone just leaked to us a JPEG of this newly revised version they’re going to be introducing soon. Hopefully this one’ll pass mustard, er, muster.


Chinese gaming firm to launch anti-Japanese wargame

Aaron McKenna writes in The Inquirer:

WHEN READING REPORTS from the Department of the Bleeding Obvious one may find a statement saying that "China doesn’t like Japan very much." Now it would seem that the wave of anti-Japanese feeling has spread into videogaming as well.

PowerNet Technology, a Chinese online gaming firm, has developed a new online game in cooperation with the Chinese Communist Youth League (CCYL) called "Anti-Japan War Online."

For anyone who doesn’t get where this is going, the company behind the game cleared things up a little, telling Chinese publication Interfax: "The game will allow players, especially younger players, to learn from history. They will get a patriotic feeling when fighting invaders to safeguard their motherland.”

The game, set to launch commercially before the end of the year, will detail the nasty and rather brutal period of history between Japan and China from 1937 – 1945. Recently anti-Japanese feeling has been rife in China thanks to what the Chinese claim is the Japanese refusal to admit to their past wrongdoings.

Politicized videogames. It had to happen eventually.

After Grokster, Technology Feels the Chill

Ben Hammersley writes in The Guardian UK:

Just weeks after the US supreme court ruled against filesharing network Grokster, legal experts and industry insiders say the verdict is having a chilling effect on US technological innovation.

The Grokster case was the result of a lawsuit brought by 28 of America's largest entertainment companies against a group of peer-to-peer software developers. It hinged on a simple question: should the distributor of a tool be held liable for the copyright infringements that may be committed by that tool's users?

The answer, when it came, was vague. Under certain circumstances, the court said, programmers can be held responsible for the things people do with their applications.

The result, say some, is that venture capitalists made uneasy by the imprecise ruling are abandoning investments in filesharing technologies for more sedate arenas.

"Money has shifted into places which will avoid any conflict with the copyright holders," says Professor Larry Lessig, the top American advocate for copyright reform. "Why buy a [new innovation that gets you a] lawsuit when you can buy a new innovation that doesn't get you a lawsuit?"

Blizzard axes 1500 cheating accounts in World of Warcraft

Aaron McKenna writes in The Inquirer:

BLIZZARD IS in serious danger of becoming the darlings of anti-cheat vigilantes everywhere.

After reporting only earlier this month that they banned no less than 36,000 Battle.net accounts, which covers games like StarCraft and Diablo II, they have now waded into their big MMORPG World of Warcraft and beat the hell out of about 1,500 accounts, wiping them clean off their servers for cheating.

"As part of our continuing effort to keep World of Warcraft free from abuse, we have permanently banned more than 1500 accounts during the last several weeks which were involved in the use of cheats and/or hacks using third-party software or were otherwise violating our Terms of Use. We will continue to take an aggressive stance to ensure that the gaming environment remains an enjoyable place for our customers by actively pursuing those who would seek to violate the principle of fair-play, as well as breach our Terms of Use and policies in this way."

Naval Academy drops CNN over Fox News?

Lauren Weinstein writes to Declan McCullagh, over on his PoliTech Blog:

It was recently brought to my attention that CNN was dropped a bit over two weeks ago from the U.S. Naval Academy's (USNA) internal video network used for academic functions, which feeds to classrooms, more than 4000 students, etc. This left FOX News as the only news channel on the USNA video network, which is operated by the academy's Multimedia Support Center (MSC).

While there are reportedly some at the academy who are not sorry to see CNN go -- I'm told it is routinely referred to as the "Communist News Network" by many USNA officers and civilians -- there are also persons at the academy who are very upset at CNN's plug being pulled.

Remarkably, this all appears to be about a $3500/year fee that I'm told CNN wants the academy to pay, and that MSC has determined they cannot afford, given other budget priorities.

This is the information that I've been able to collect to this point, and I'll update if I learn more.

If CNN's signal is really being withheld at USNA over $3500, then we're looking at a sorry situation indeed. In particular, it would seem in the best interests of CNN (and this country) to make sure that the U.S. Naval Academy network has full access to CNN programming, even if that meant not collecting any fee at all.

FOX News has its place of course, but leaving them as the only news channel on a venue as important as the USNA video network, makes it look like CNN is trying to shoot themselves in the foot.

Techies Still Trying To Solve Heathrow Computer Outage

I mentioned this yesterday, but apparently the problem persists.

Paul McDougall writes in InformationWeek:

Technology workers at the U.K.'s National Air Traffic Services are still trying to determine what caused the organization's main Flight Data Processing System to fail this week and they cannot rule out a recurrence of the event, a NATS spokesman said Thursday.

The system went down for 20 minutes Wednesday morning, causing numerous delays and flight cancellations at London's beleaguered Heathrow airport. Air-traffic controllers use the processing system to route aircraft through Britain's heavily trafficked skies. The system uses custom software running on an IBM S/390 server. The spokesman says NATS IT workers haven't yet determined whether a hardware or software problem was to blame for the failure. The system also experienced a major outage in 2000 and a more minor failure in June of last year.

NATS, along with other European air-traffic authorities, is in the early stages of planning for a $1.8 billion upgrade to its computerized air-traffic-control systems. The spokesman says specifications for the new system haven't yet been published. NATS insists that Wednesday's outage didn't compromise air safety.

Heathrow was hit hard earlier this month when workers at the company that provides catering services for British Airways staged a wildcat strike. BA and Gate Gourmet are in negotiations aimed at preventing a recurrence. The strike forced BA to temporarily cancel all of its flights in and out of Heathrow.

Turkey Puts Telsim Up for Sale

An AP newswire article, via Yahoo! News, reports that:

The Turkish government put wireless carrier Telsim up for sale on Thursday, setting an estimated value of $2.8 billion for the country's second-largest mobile operator.

A notice in the Official Gazette set Sept. 19 as a deadline for companies to make qualifying bids, with Dec. 5 as the deadline for final offers.

Telsim, along with about 200 other businesses owned by the Uzan company, was taken over by the Turkish Saving Deposits Insurance Fund last year to collect debts stemming from the group's troubled flagship bank, Imar.

The sale of Telsim, estimated to have 8 million customers, had been delayed because of legal troubles over debts owed to Motorola Inc. and Nokia Corp.

Adult publisher files for injunction against Google

Dawn Kawamoto writes in C|Net News:

Adult magazine publisher Perfect 10 is seeking a preliminary injunction against Google to stop the search giant from allegedly displaying copyright images of its models.

Perfect 10, in a filing Wednesday with the U.S. District Court in Los Angeles, asked the court to immediately halt Google from allegedly copying, displaying and distributing more than 3,000 Perfect 10 photos.

"Google is directly infringing on our copyrights. They are copying and showing our work on their Web site," said Norm Zada, Perfect 10 founder. "They are also placing ads on these Web sites that are infringing on our work."

Perfect 10 first became aware of Google serving up text links to other Web sites that allegedly carried copyrighted images of Perfect 10 models back in 2001, Zada said in an interview Thursday. The company then sent notices to Google, under the Digital Millennium Copyright Act, asking the search giant to discontinue linking to the other sites.

Database That Helped BTK Detectives May See Wider Use

An AP newswire article by Matt Sedensky, via InformationWeek, reports that:

Technology that helped crack the BTK case could be put into wider use after impressing authorities involved in the intense manhunt for the serial killer.

U.S. Rep. Todd Tiahrt is seeking $3 million to fund a pilot project to work on cold cases using a similar computer system.

The technology had helped detectives here whittle the list of possible BTK suspects down from millions to hundreds--and eventually to Dennis Rader, who is now serving a life sentence for 10 murders.

A McLean, Va.-based company, EagleForce Associates, developed a database that pools all the evidence from the 31-year history of the BTK murders. That system cross-correllates data to find links that might not easily appear to detectives.

It rates information by the probability it is true--a known fact like an address is given a high value, while something from one of BTK's communiques is given a low one.

Bluetooth advertizing scheme sparks virus fears

Iain Thomson writes in vnunet.com:

A newly developed Bluetooth advertising scheme could make mobile phone viruses more commonplace by teaching users bad habits, IT security experts told vnunet.com today.

The technique, known as Bluestreaming, has been pioneered by British firm Filter UK. It involves beaming pictures and music direct to people's mobile phones. The company had run a pilot with six sites in London railway stations and in a two-week period detected 87,000 phones capable of receiving the material, of which 17 per cent accepted the download.

"This is dangerous from a user behaviour point of view," explained Patrick Runald, senior technical consultant at F-Secure.

"We're trying to tell people not to accept things on their phones if they are beamed at them. All mobile viruses rely on the users accepting them in order to spread."

Daily gapingvoid.com fix...

Via gapingvoid.com. Enjoy!

Vonage goes for IPO

Om Malik writes in his Broadband Blog:

Multiple sources including The Daily Deal and The Wall Street Journal are reporting that Vonage is about to file for an initial public offering and is hoping to raise between $400 and $600 million. The Daily Deal has the scoop.


India Collects Histories of Outsource Industry Workers

An AP newswire article by S. Srinivasan, via Yahoo! News, reports that:

The Indian outsourcing industry is trying to combat data fraud by starting a project to compile the work histories of all its employees, the country's main software trade body said Thursday.

The records will be controlled by a government-mandated electronic depository and used by companies to screen prospective employees, said Kiran Karnik, president of National Association of Software and Service Companies.

A pilot project to cover workers at a handful of call center workers was launched this week, Karnik said. The project will eventually expand to cover other back-office workers and software programmers, he said.

Internet Blamed for Young Moscow Policeman’s Suicide

Via MosNews.

A Moscow policeman committed suicide at his desk early Monday, the Moskovsky Komsomolets daily newspaper reported Thursday. Prosecutors have suggested the young man’s Internet addiction may have driven him to commit suicide.

Lieutenant Alexander Andrianov, 23, came to the police station where he worked early on Monday, took out his Makarov gun and went to his office. A few minutes later colleagues heard a shot and on entering his office saw that Andrianov had shot himself in the head.

Investigators are at a loss to explain the officer’s death, the paper reports. The young man was described as sociable and well-tempered, who lived peacefully with his mother and younger sister and carried out his work well. His job was to analyze crimes, so the investigation has ruled out stress at work as a possible reason.

The only possible motive behind the policeman’s suicide could be his addiction to the Internet, prosecutors say.

The young man used to come to work red-eyed, and when questioned, he would say he had spent the night surfing the Net, his colleagues told the newspaper.

China imposes online gaming curbs

Via the BBC.

Gamers in China are facing new limits on how much time they can spend playing their favourite online game.

The government in Beijing is reported to be introducing the controls to deter people from playing for longer than three consecutive hours.

The measures are designed to combat addiction to online role-playing games such as World of Warcraft and Lineage II.

And Boing Boing this morning has a few more details on this story.



NSF Research Grant: A Socio-Technical Approach to Internet Security

In his blog, Bruce Schneier alerts us to this fascinating research grant by the National Science Foundation (NSF):

Interesting research grant from the NSF:

Technical security measures are often breached through social means, but little research has tackled the problem of system security in the context of the entire socio-technical system, with the interactions between the social and technical parts integrated into one model. Similar problems exist in the field of system safety, but recently a new accident model has been devised that uses a systems-theoretic approach to understand accident causation. Systems theory allows complex relationships between events and the system as a whole to be taken into account, so this new model permits an accident to be considered not simply as arising from a chain of individual component failures, but from the interactions among system components, including those that have not failed.

This exploratory research will examine how this new approach to safety can be applied to Internet security, using worms as a first example. The long-term goal is to create a general model of trustworthiness that can incorporate both safety and security, along with system modeling tools and analysis methods that can be used to create more trustworthy socio-technical systems. This research provides a unique opportunity to link two research disciplines, safety and security, that have many commonalities but, up to now, relatively little communication or interaction.




Hackers Attack Via Chinese Networks

Bradley Graham writes in The Washington Post:

Web sites in China are being used heavily to target computer networks in the Defense Department and other U.S. agencies, successfully breaching hundreds of unclassified networks, according to several U.S. officials.

Classified systems have not been compromised, the officials added. But U.S. authorities remain concerned because, as one official said, even seemingly innocuous information, when pulled together from various sources, can yield useful intelligence to an adversary.

"The scope of this thing is surprisingly big," said one of four government officials who spoke separately about the incidents, which stretch back as far as two or three years and have been code-named Titan Rain by U.S. investigators. All officials insisted on anonymity, given the sensitivity of the matter.

Whether the attacks constitute a coordinated Chinese government campaign to penetrate U.S. networks and spy on government databanks has divided U.S. analysts. Some in the Pentagon are said to be convinced of official Chinese involvement; others see the electronic probing as the work of other hackers simply using Chinese networks to disguise the origins of the attacks.

Ebbers Must Serve Time in Medium-Security Prison

Carrie Johnson writes in The Washington Post:

The federal Bureau of Prisons has ordered former WorldCom Inc. chief executive Bernard J. Ebbers to serve his 25-year prison term at a medium-security facility in Oakdale, La., rather than a less tightly guarded location closer to his home.

Federal officials made the decision even after U.S. District Judge Barbara S. Jones recommended that Ebbers, 63, be sent to a minimum-security prison in Yazoo City, Miss., near his family and friends. The Louisiana prison is 200 miles from Ebbers's hometown, defense lawyers said.

Web of Crime: Internet Sieges Costs Businesses a Bundle

[This is Part Four in a Five Part series....]

[Click for Part One, Part Two, and Part Three.]

A PCWorld.com article by Robert McMillan, via Yahoo! News, reports that:

When the first extortion e-mail popped into Michael Alculumbre's inbox, he had no idea it was about to cost his business nearly $500,000.

The note arrived in early November of last year, as Alculumbre's London-based transaction processing company, Protx was being hit by a nasty distributed denial of service (DDoS) attack. Zombie PCs from around the world were flooding Protx.com (the company's Web site) and the transaction processing server that was the commercial heart of the business.

In extortion e-mail's broken English, someone identifying himself as Tony Martino proposed a classic organized-crime protection scheme. "You should pay $10,000," Martino wrote. "When we receive money, we stop attack immediately." The e-mail even promised one year's protection from other attackers for the $10,000 fee.

"Many companies paid us, and use our protection right now," Martino said. "Think about how much money you lose, while your servers are down."

Japan internet providers to inform on suicide posts

A Reuters newswire article, via Yahoo! News, reports that:

Japan's communications and Internet services industry is planning to provide police information on people who post messages suggesting they may be close to committing suicide.

Four communications industry groups have worked out guidelines for submitting the information, which could include the names and addresses of such people, Kyodo news agency reported on Thursday.

Rising numbers of Japanese are dying each year in group suicides after meeting online via suicide web sites, posing a new problem for officials trying to tackle the nation's alarmingly high suicide rate.

The guidelines mandate disclosing the information to police only as an emergency measure when suicide attempts are believed to be imminent.

Wednesday, August 24, 2005

Microsoft to Expand Anti-Phishing Tool

An AP newswire article, via Yahoo! News, reports that:

Microsoft Corp. will soon make available to the general public a tool for warning users about "phishing" scams that could lead to identity theft.

Currently, such a tool comes only with the Internet Explorer 7 browser, which is available in tests only to a select group of developers.

But within a few weeks, Microsoft will incorporate it into a toolbar for older versions of IE. While still officially a test, the anti-phishing tool will be available to anyone running the Windows XP operating system with the Service Pack 2 security upgrade from last summer.

The company will eventually make it available to older Windows systems, too.

F-Secure: More PnP related malware

Katrin writes in the F-Secure "News from the Lab" Blog:

A new trojan that use pnp vulnerability has been spammed today. It disguises itself as removal tool for Zotob and other bots. The spammed email contains the trojan as MS05-039.exe attachment and the email subject is "What You Need to Know About the Zotob.A Worm". If you decide to search the web for more information on this text, the first hit is Microsoft's page about the Zotob incident last week. Also, the senders email address is spoofed so it looks like it comes from Microsoft.

Falwell critic can keep domain name

Thanks to Mike over at techdirt.com for pointing this out.

Anne Broache writes over on C|Net News:

Web site with a domain name resembling Rev. Jerry Falwell's can continue to vent about the preacher's anti-gay views, a federal appeals court ruled on Wednesday.

A three-judge panel on the U.S. Court of Appeals for the Fourth Circuit reversed a lower court's ruling, which had prohibited Christopher Lamparello from "maintaining a gripe Web site critical of Jerry Falwell," the appeals court opinion said.

Falwell's attorney, John Midlen, said he was "disappointed and dismayed" at the decision and plans to seek a rehearing, while Lamparello's attorney, Paul Levy, in an e-mail hailed the decision as "a very important Internet free-speech decision, perhaps the most significant of our domain name cases from the past several years."

Lamparello registered Fallwell.com in 1999 after hearing Falwell give an interview containing what he considered to be offensive opinions about homosexuality, according to the appeals court opinion. The front page of the site, Fallwell.com, implores visitors to continue exploring the site "to see why Rev. Falwell is completely wrong about people who are gay or lesbian." Inside, it links to articles intended to dispel what Lamparello deemed untruths about gay people. It also contains disclaimers that contain links to Falwell's official site.

FTD Sues Rival ProFlowers.com Over Ads

An AP newswire article, via SFGate.com, reports that:

FTD Group Inc. said Wednesday it sued the owner of rival flower delivery service ProFlowers in federal court, denouncing as false and misleading its advertisements claiming that flowers are shipped "direct from the fields."

The lawsuit alleges that ProFlowers parent company Provide Commerce Inc. misleads consumers by stating that its flowers bypass middlemen, extended stays in refrigerators or warehouses. In fact, FTD said, the flowers are stored in a half-dozen refrigerated warehouses around the country and kept in inventory, meaning they are not cut to order as ProFlowers' ads claim.


Panel votes to close Army electronics command

George Leopold writes in EE Times:

The Pentagon's base-closure commission voted Wednesday (Aug. 24) to close Fort Monmouth, N.J., the home of the Army's Communications and Electronics Command (Cecom).

The Base Closure and Realignment Commission voted to close Fort Monmouth and several other Army facilities during the first day of deliberations here. If approved by Congress and the president, the closure would would result in the loss of more than 5,000 jobs. About 2,000 Cecom jobs would then be shifted to the Army's Aberdeen Proving Grounds in Maryland.

Cecom develops a range of communications, electronic warfare, intelligence, surveillance and reconnaissance gear for the Army and other U.S. ground forces. Critics of the decision to close Fort Monmouth said Cecom was currently leading an effort to detect and disarm roadside bombs in Iraq.

Egypt's Bloggers Aid Dissent

A Christian Science Monitor article by Charles Levinson, via CBS News, reports that:

With unkempt black locks and a laptop tucked under his arm, Alaa Fattah has a voice that carries further than those of other antigovernment activists.

Fattah, just 23, is one of Egypt's leading bloggers, part of an online community that acts as a virtual megaphone for Egypt's burgeoning opposition movement. Other countries in the Middle East have started cracking down on the Internet, arresting bloggers and imposing strict censorship regimes.

As bloggers gain clout in Cairo, observers say it is only a matter of time before Egypt follows suit.

Microsoft Mum On Windows 95 Tenth Anniversary

Gregg Kiezer writes in TechWeb News:

Ten years ago today, Microsoft released its landmark Windows 95 with a $300 million launch campaign -- including $12 million for the song "Start Me Up" from the even-then-ancient "Rolling Stones" -- but as Wednesday rolled around, Microsoft didn't even bother to put out a press release marking the anniversary.

Back in 1995, Microsoft wasn't nearly so shy about tooting its horn.

Then, the Redmond, Wash.-based developer opened a marketing and sales campaign that at the time was called the biggest-ever product launch. Nothing was too big, too good, for Windows 95.

Then chief executive, now chairman, Bill Gates broadcast the first public boot-up of the sorta-32-bit operating system in front of cameras that blitzed the image worldwide via satellite. He even had late night talk show host Jay Leno on stage to help him out. At one point, Leno joked that Windows 95 was "so powerful that it can keep track of all of OJ's alibis at once."

TiVo reports its first profit

An AP newswire article, via The Mercury News (obnoxious, but free, registration required, or use BugMeNot.com), reports that:

TiVo Inc., the digital video recording pioneer, reported the first profit in the company's eight-year history as it outpaced Wall Street expectations.

TiVo, the set-top box that built a name for itself by enabling users to skip past commercials, announced Wednesday that it saw a net income for the second quarter of $240,000, or break-even on an earnings-per-share basis. That compared with a net loss of $10.8 million or 13 cents per share deficit in the same period of 2004.

TiVo reported revenue for the quarter ended July 31, 2005 of $40.7 million, up 46 percent from $27.8 million in the year-ago period.