Friday, October 14, 2005

UK: Child porn ring run from net cafe

Via The BBC.

A Glasgow student has admitted running an international child porn ring from an city centre internet cafe.

Nicholas Dockray, 31, sent images of children being abused to paedophiles in the US, UK and Europe.

Glasgow Sheriff Court heard Dockray was traced to the cafe when Croatian police arrested a known sex offender, who was a member of the porn ring.

Sentence was deferred for a risk assessment and Dockray was placed on the sex offenders register.

He had been caught when the police in Croatia found repeated references to a person nicknamed Kinderpix who ran the site.

H5N1 Update: Secret of drug-resistant bird flu unveiled

Debora MacKenzie writes in NewScientist:

A strain of the H5N1 flu virus that resists the antiviral drug Tamiflu has been analysed by scientists. Tamiflu, known generically as oseltamivir, is expected to be almost the only defense against the virus in the early stages of any H5N1 pandemic.

But New Scientist can reveal that this discovery does not mean the drug will become useless. The mutation that made the virus resistant is already well known in ordinary human flu, and it seems to make both ordinary flu - and now H5N1 - less able to cause further infections.

The resistant strain was found in a 14-year-old girl in Vietnam. She had been put on one Tamiflu capsule a day in February, to protect her while she was caring for her 21-year-old brother who had H5N1 bird flu. This dose - half the normal therapeutic level - is commonly used as a preventative measure for people exposed to the virus.

But after three days she fell ill. Her dose was doubled to normal treatment levels – and it worked. Doctors failed to isolate flu virus from the girl after she went on the full dose and she eventually recovered.

But a sample of virus isolated just before she started full treatment contained some viruses that were sensitive to Tamiflu, and some that were a hundred times less sensitive, report Yoshihiro Kawaoka, at the University of Tokyo, Japan, and colleagues (Nature, vol 437, p 1108). This might suggest that in a pandemic with many people taking Tamiflu, the virus could become drug resistant.

Australian ISP settles with music industry

Steven Deare writes in C|Net News:

The case between the Australian music industry's antipiracy unit and Internet service provider Swiftel Communications has been settled out of court.

Music Industry Piracy Investigations (MIPI) had alleged that Swiftel's employees and customers created a BitTorrent file-sharing hub to host thousands of pirated sound and video recordings.

Michael Kerin, MIPI general manager, would not reveal if a financial arrangement was involved, saying: "Let me put it this way--the music industry would never have settled the case unless it was on terms that suited it."

As part of the settlement terms, announced Friday, Perth-based Swiftel will implement a new process to deal with copyright-infringement notices issued by copyright holders.

Estonians Hold Election on the Internet

An AP newswire article by Jari Tanner, via Yahoo! News, reports that:

This tiny Baltic republic is breaking new ground in digital democracy. This week, the country nicknamed "e-Stonia" because of its tech-savvy population became the first country in the world to hold an election allowing voters nationwide to cast ballots over the Internet.

Less than 10,000 people, or 1 percent of registered voters, participated online in elections for mayors and city councils across the country, but officials hailed the experiment held Monday to Wednesday as a success.

"Everything has gone smoothly," said Tarvi Martens, a spokesman for the National Electoral Committee.

Thousands of people voted online in Democratic primaries in Arizona in 2000 and Michigan in 2004. The city of Geneva, Switzerland, has held several online referendums, the first in January 2003.

But Estonia is the first to allow voters nationwide to chose their representatives online, experts in Estonia and abroad said.

MTV Acquires iFilm for $49 Million

Nate Mook writes in BetaNews:

Viacom subsidiary MTV Networks has agreed to purchase iFilm, a site that hosts video content from users, amateur filmmakers and some larger movie studios. The deal, valued at $49 million, will keep iFilm CEO Blair Harrison in place and the company will remain in Hollywood.

iFilm joins the growing number of online efforts by MTV. The company recently purchased youth community Neopets and launched MTV Uber, a 24-hour Web based music channel. "This move is at the heart of MTV Networks multi-platform strategy and meshes with our tradition of cultivating independent and creative brands," said Judy McGrath, MTV Networks CEO.

UK: Paramedic rmoved from professional register for net scam

Via The BBC.

A former paramedic accused of trying to sell medical equipment on internet auction site eBay told a hearing he did it to pay a child support debt.

Thomas Wildman, 34, offered to sell life-saving equipment including a defibrillator and oxygen masks.

He has been struck off his professional register and will not be able to reapply to join again for five years.

"I did not know which way to turn," he said in a statement to the Health Professions Council hearing in London.

China: Imprisoned Cyberdissident Zhang Lin ends hunger strike

Via Reporters sans Frontières.

Reporters Without Borders has learned that Zhang Lin started eating again, on 28 September 2005, almost one month after beginning a hunger strike. The cyberdissident, sentenced to five years in prison in August for writing articles "contrary to the Constitution", has been left extremely weak from his ordeal.

Zhang Lin suffers from minor heart problems as a result of his prolonged fast. The prison authorities have refused to transfer him to hospital, despite the fact that he is in a poor state of health. He is however receiving medical care in prison.

He is allowed to receive visits from his lawyer, but not from his wife, Fang Cao. After ending his hunger strike, he told his lawyer that he would "never give up morally" and he thanked all those who supported him in China and abroad, whom he asked to continue to work for "freedom of expression".

Microsoft aligns with Nigeria to crack down on 419 scams

Jeremy Kirk writes in InfoWorld:

The Nigerian government and Microsoft signed an agreement Friday calling for the software giant to help law enforcement break up crime rings that use the Internet for fraud and theft.

It's the first-ever agreement Microsoft has signed with an African country to aid law enforcement efforts, said Neil Holloway, Microsoft's Europe, Middle East and Africa president. Holloway spoke with Mallam Nuhu Ribadu, executive chairman of Nigeria's Economic and Financial Crimes Commission (EFCC), and Ambassador M.K. Ndanusa at the Nigerian High Commission in London.

Scams originating in Nigeria such as those called "419," which often seek to coax gullible e-mail users into revealing sensitive financial data, have done "unquestionable damage to our country's image," Ribadu said. The EFCC was created two years ago to address Internet crime, money laundering and corruption.

Microsoft's aid will include providing information to law enforcement in addition to training, Holloway said. The company has already been working with Nigerian authorities over the last three to six months, he said.

H5N1 Update: European bird flu experts holding crisis talks

A Reuters newswire article, via MSNBC, reports that:

European bird flu experts were due to hold an emergency meeting on Friday, a day after health officials confirmed what many had long feared was inevitable — the spread of the deadly H5N1 strain from Asia to Europe.

The European Commission said the meeting would start later Friday and look at the risk migratory birds might pose for the European Union.

“The experts’ groups will then issue recommendations on the potential risk for humans in contact with such birds,” it said in a statement.

Meanwhile, nine people have been kept under observation in hospital in Turkey for blood tests for suspected bird flu after the death of a number of their pigeons, state-run Anatolian news agency said on Friday.

Meanwhile, the World Health Organization (WHO) released a new Avaian Influenza update yesterday:

Avian influenza – new areas with infection in birds – update 34

User Friendly: Agree to the E.U.L.A. and be pwn3d!


Click on image for enlargement.

HP Recalls 135,000 Laptop Battery Packs

An AP newswire article, via Yahoo! News, reports that:

Hewlett Packard is recalling about 135,000 battery packs for some HP and Compaq laptop computers because of reports they overheated and melted, the Palo Alto, Calif., company announced Friday.

The lithium ion rechargeable battery packs are used with HP Pavilion, Compaq Presario, HP Compaq and Compaq Evo laptop computers.

The company has received 16 reports of the batteries' overheating; four cases occurred in the United States.

The recalled packs bear a barcode label starting with GC, IA, L0 or L1.

al-Qaida proving elusive on the Net

Declan McCullagh and Anne Broache write on C|Net News:

An American-led military invasion of Afghanistan took just months to uproot al-Qaida from the rocky slopes of Tora Bora and the White Mountains.

But nearly four years later, even the combined might of the United States and its allies have had a far more difficult time scouring the Internet of the shadowy network of Islamic fundamentalists. The British government announcement in July that it planned to clamp down on people who run Web sites that incite terrorism has had no noticeable results to date.

"For al-Qaida, the survival of the ideology is a lot more important than the survival of any of their physical assets or members, and the Internet is a way to ensure the propagation of that ideology," said Rebecca Givner-Forbes, an analyst for the Terrorism Research Center, which provides research services to the federal government.

Al-Qaida has adopted online tactics that mirror its offline techniques for evading discovery: reliance on a constantly shifting collection of Internet sites and hostile takeovers of Web servers where propaganda can be posted. Last year, a server operated by the Arkansas highway office was hijacked and used to distribute 70 files including videos featuring Osama bin Laden.

UK: Lloyds steps up online security

Image source: BBC

Via The BBC.

Lloyds TSB is to trial a new security system for online banking customers, in an attempt to beat internet fraud.

About 30,000 customers will receive keyring-sized security devices, which generate a six-digit code to be used alongside usernames and passwords.

The code, which changes every 30 seconds, could help fight fraudsters who hack people's PCs or use "phishing" emails to steal login details.

Internet Access Dispute Cut Off Some Businesses

Arshad Mohammed writes in The Washington Post:

Last week, the computers in Barbara F. Buckley's office in the District suddenly went blind to parts of the Internet.

A colleague at the Precursor Group, which analyzes the telecommunications industry for institutional investors, couldn't get online to send out the firm's research. Another couldn't download statistics from a government Web site.

"This is a disaster," Buckley, a Precursor vice president, recalled thinking. "A research firm is really only supposed to do two things and that is create the research and sell it, and we can't do either."

After a day of troubleshooting, Buckley finally found the "culprit." It was a dispute between Cogent Communications Group Inc. and Level 3 Communications Inc., two of the companies that move Internet traffic around the world seamlessly but, in this case, cut off many of their clients from parts of the Web.

Thursday, October 13, 2005

Get ready: More Microsoft exploits in the wild...

Well, the way I figure it, there will most certainly be a worm in the wild which takes advantage of one of the vulnerabilities that Microsoft just released patches for this past Tuesday.

Yesterday, we have heard (from various sources), that an exploit for MS05-051 was in the wild.

Tonight, we hear that three (3) more exploits have been made public for the vulnerabilities that Microsoft released patches for on Tuesday:

Microsoft Windows FTP Client File Transfer Location Tampering Exploit (MS05-044)

Microsoft Windows Network Connection Manager Local DoS Exploit (MS05-045)

Microsoft Collaboration Data Objects Buffer Overflow PoC Exploit (MS05-048)

Of these three latest exploits, the MS05-048 is considered "high risk".

Prepare. And patch!

Marijuana might cause new cell growth in the brain

Kurt Kleiner writes in NewScientist:

A synthetic chemical similar to the active ingredient in marijuana makes new cells grow in rat brains. What is more, in rats this cell growth appears to be linked with reducing anxiety and depression. The results suggest that marijuana, or its derivatives, could actually be good for the brain.

In mammals, new nerve cells are constantly being produced in a part of the brain called the hippocampus, which is associated with learning, memory, anxiety and depression. Other recreational drugs, such as alcohol, nicotine and cocaine, have been shown to suppress this new growth. Xia Zhang of the University of Saskatchewan in Saskatoon, Canada, and colleagues decided to see what effects a synthetic cannabinoid called HU210 had on rats' brains.

They found that giving rats high doses of HU210 twice a day for 10 days increased the rate of nerve cell formation, or neurogenesis, in the hippocampus by about 40%.

The number "7" blocks Belgian ATM machines

In RISKS Digest 24.07,Lindsay Marshall writes that:

The Dexia Bank ATM machines are experiencing a curious problem. The machines stop functioning when someone enters the number 7, making it impossible for people with a 7 in their pin (personal identification number) code to perform a cash withdrawal.

The problem has been occurring for a month. To prevent people from running out of cash, they are able to perform cash withdrawals inside. "We are experiencing a problem with the software", a Dexia spokesman admitted last wednesday in the daily journal Het Laatste Nieuws, "the problems should be solved within three weeks." (Dutch, 5 Oct 2005)

U.S. Agency's Drug Web Site Not Available as Promised

An AP newswire article by Kevin Freking, via ABC News, reports that:

The government Web site designed to help senior citizens compare prescription drug coverage did not have that feature up and running Thursday, despite widespread publicity that it would be available.

A spokesman for the Centers for Medicare and Medicaid Services said organizations helping CMS needed to undergo training on how to use the Web site and officials believed that such training would be more appropriate for a day other than the Jewish holiday Yom Kippur.

In recent weeks, CMS Administrator Mark McClellan had pointed to a "mid-October" unveiling as the agency's goal.

Still, scores of advocacy groups and government agencies, including CMS, advertised Oct. 13 as the day that Medicare beneficiaries could begin comparing the scores of prescription drug plans operating in their state at

Cross-Site Scripting Worm Hits MySpace

Nate Mook writes in BetaNews:

With the advent of social networking sites, becoming more popular is as easy as crafting a few lines of JavaScript code, it seems.

One clever MySpace user looking to expand his buddy list recently figured out how to force others to become his friend, and ended up creating the first self-propagating cross-site scripting (XSS) worm. In less than 24 hours, "Samy" had amassed over 1 million friends on the popular online community.

How did Samy transcend his humble beginnings of only 73 friends to become a veritable global celebrity? The answer is a combination of XSS tricks and lax security in certain Web browsers.

First, by examining the restrictions put into place by MySpace, Samy discovered how to insert raw HTML into his user profile page. But MySpace stripped out the word "javascript" from any text, which would be needed to execute code.

With the help of Internet Explorer, Samy was able to break the word JavaScript into two lines and place script code within a Cascading Style Sheet tag.

Spamhaus takes warning shot at the NRA

Brian McWilliams writes over on the Spam Kings Blog:

Spamhaus has blacklisted an Internet protocol (IP) address assigned to the National Rifle Association (NRA). According to the anti-spam organization, the NRA's is "sending to spamtraps, not honoring unsubscribes."

Spamhaus rarely shies away from battling spammers, but it's apparently wary of picking a fight with the gun rights group. The IP blacklisted by Spamhaus ( isn't actually in current use by the NRA for sending email or hosting web sites.

In its explanation for the intentional misfire, which went into effect September 30, Spamhaus said that the NRA "sends enough opt-in mail that blocking the source [] is not desireable [sic]." Spamhaus also says that MCI, which hosts the NRA address, "needs to work with this customer on list hygeine."

Feds to probe e-mails in N.Y. terror alert


Federal authorities on Thursday opened a criminal investigation into who wrote e-mails that warned private citizens of a possible terror threat to New York City subways days in advance of a city government decision to issue a public alert last week.

News of the probe followed a report Thursday in the New York Daily News that a "select crowd of business and arts executives" received e-mails tipping them off to a potential threat days before most New Yorkers heard about it from local officials.

NBC's Pete Williams reported that investigators were looking at the e-mails, which appear to be based on statements by government officials with knowledge of the potential threat.

A federal official, who spoke on condition of anonymity because the case is under investigation, told NBC News that it was not clear whether the e-mails were written by government employees or by people who overheard discussion of the potential threat. But now, the fact there is a criminal investigation would indicate an interest in finding out whether government officials in possession of classified information were somehow involved in the unauthorized e-mail.

All the money in the world, and you're still a Geek...

I laughed so hard I almost choked on my lunch when I saw this. :-)

Image source: C|Net / SIPA
Sir Bill and Mrs. Gates on vacation.
Here they visit the ancient city of

Symantec Quietly Increases Software Renewal Prices

Ed Oswald writes in BetaNews:

Without any public announcement, Symantec earlier this week raised prices on its renewal licenses for its software by as much as a third. The move could be an attempt to maximize profits one last time before Microsoft enters the security software space next year, analysts say.

The price of a renewal for Symantec's popular Norton AntiVirus and System Works products rose to $29.99 USD, a 20 percent increase. Upgrading Norton Personal Firewall now costs $19.99 USD and $39.99 USD for Norton Internet Security - both up 33 percent.

Open-source Nessus security tool to be commercialized

Ellen Messmer writes in NetworkWorld:

Tenable Network Security, the sponsor for the widely used open-source vulnerability scanning tool Nessus for discovering weaknesses in software, plans to commercialize Nessus in a major upgrade to be unveiled next month.

Tenable CEO Ron Gula said the main technical change in the upcoming Nessus 3.0 is that it will run vulnerability scans at five times the speed of Nessus 2.0. Like Nessus 2.0, which runs on a variety of computer platforms, Nessus 3.0 will be free. But end users will have to obtain a commercial license for it rather than the less formal open-source general public license. Tenable also anticipates offering a line of Nessus appliances in the future, and said the reason for the shift is because many organizations outright reject using open-source tools due to concerns about support.

Best Buy to offer Clearwire wireless broadband

Evan Blass writes over on Engadget:

Best Buy, in an effort to provide customers with immediate Internet access once they arrive home with their new computers, will soon become one of the first retailers to offer pre-WiMax service in certain locations. The company has teamed up with Craig McCaw’s Clearwire (clear wire = no wire, get it?) to provide this nascent wireless broadband technology in what is being promoted as a true plug-and-play configuration. Customers will lease a wireless modem which need only be plugged into a computer and power outlet to begin usage: no software required. The rollout will begin October 30th at 25 Best Buy stores (mostly along the West Coast, Texas, and Florida, although currently no major metropolitan areas are covered), to be expanded as Clearwire enters new markets, and will cost between $25 and $40.

Japan: KDDI and TepCo joining forces to counter NTT

Via The BBC.

Two of the biggest players in Japan's telecom market are to merge in a $1.1bn (£630m) deal.

The country's number two firm KDDI has taken over the fixed-line phone unit of Tokyo Electric Power Company (Tepco) to square up to telecom giant NTT.

The mobile arm of KDDI is doing well, but its landline business has flagged as Japanese consumers turn to internet based phone services.

The takeover is the latest in a string of deals in the Japanese phone sector.

Japan Telecom, one of the biggest players, was sold by US fund Ripplewood Holdings to internet group Softbank last year.

Tor Network Bogged Down by P2P?

Thanks to Mike over on for pointing out this story.

A brief snippet over on reports that:

Some time ago our security regulars broke down Tor, an anonymity tool from the Electronic Frontier Foundation, designed for whistle-blowers, political dissidents, researchers, and others concerned about exchanging information without authoritarian backlash. Sadly its intended purpose is being jeopardized by file-traders who've been hopping on the network.

File traders have been reconfiguring their Bit Torrent clients to take advantage of the network. Unfortunately the Tor network wasn't designed with high volume porn transfer in mind, so the activity is slowing it down to a crawl. The likely result will be the EFF being forced to restrict network use.

UK: The internet and the draft Terrorism Bill


The draft Terrorism Bill, published yesterday, contains controversial measures dealing with the detention of terrorists, the criminalisation of those planning or preparing a terrorist act and the prohibition of the encouragement or glorification of terrorism.

All of the proposals have been criticised by civil rights groups – not least the Government’s own terror law watchdog, Lord Carlile of Berriew QC, who yesterday published his own report about the draft bill.

But Lord Carlile was generally approving of those parts of the bill that could affect website owners and ISPs, finding that the rules relating to the encouragement or glorification of terrorism were on the whole “proportional and a sensible part of the legal armoury”.

H5N1 Update: Bird flu confirmed in samples in Romania

An AP newswire atricle, via The International Herald Tribune, reports that:

Experts have confirmed that a bird flu virus found in samples taken from dead birds in Romania's Danube Delta is the H5 type, authorities said Thursday.

The samples are being sent to Britain to identify the specific strain of the virus. So far there are no indications it is the H5N1 strain, which is blamed for the deaths of more than 60 people in Asia since 2003.

Agriculture Ministry spokesman Adrian Tibu said tests have identified the virus as an H5 type and samples would be sent to a laboratory in Weybridge, southeast England, for further analysis to determine the exact strain.

Agriculture Minister Gheorghe Flutur said he hoped it was a low-intensity virus and authorities were ''continuing measures to isolate the affected area.''

H5N1 Update: Deadly bird flu strain confirmed in Turkey

A Reuters newswire article, via MSNBC, reports this morning:

Turkey has the type of bird flu dangerous to humans and European authorities are working on the assumption that cases discovered in Romania are of the same strain, the European Union’s health chief said on Thursday.

His comments were the first official confirmation that the potentially lethal virus, which has killed more than 60 people in Asia since 2003, has now reached southeastern Europe.

“The virus found in Turkey is avian flu H5N1 high pathogenic virus,” EU Health and Consumer Protection chief Markos Kyprianou told a news conference.

EU countries should be ready for a potential flu pandemic and should stockpile anti-viral drugs, he said.

He said the EU executive did not yet know for sure whether the cases found in Romania were of the same virulent strain but they were assuming it was, pending final tests.

EU experts on avian influenza and migratory birds will hold an emergency meeting on Friday.

User Friendly: Jobs rebuffs the RIAA with laughter...


Click on image for enlargement.

Europeans are taxed twice for online music

A Reuters newswire article by Lucas van Grinsven, via Yahoo! News, reports that:

European consumers are paying music labels and artists twice when downloading digital content on the Internet, which is set to lead to a sharp increase in double taxation, a study found on Thursday.

Most European countries have added special levies on electronic storage items such as recordable compact discs, DVD discs, MP3 players, hard disk recorders and computers, to compensate artists for uncontrolled copying of their work over the Internet.

However, consumers are increasingly buying music and other digital content on the Internet in shops such as Apple's iTunes Music Store where a percentage of the price flows directly to the music publisher and artists.

"That means European consumers are forced to pay usage rights multiple times for the same music: at the download point, and through taxes imposed on their equipment," the Business Software Alliance (BSA) said in a statement.

Her Majesty's Secret Service goes online


In the same week the new James Bond was announced, Britain's secret service has come out from the cold to search for real-life Bonds.

The Secret Intelligence Service - usually referred to as MI6 - has gone public, a big step for an organisation whose very existence was long denied by the British government.

MI6 said it hoped the information on the internet would help quash "ridiculous" conspiracy theories such as the notion that British agents murdered Princess Diana.

The website - - will now be the recruiting point for agents of the future.

Ball State named top WiFi campus in U.S.


Wireless Internet is rapidly becoming a standard feature of U.S. college campuses, according to a survey released this week by Intel.

The company's second annual "Most Unwired Campus" survey found Indiana's Ball State University to be the top WiFi school, thanks largely to its more than 600 access points spread over 600 acres.

Ball State students can access the Internet without wires from just about anywhere on campus, a trait shared by 74 percent of the 50 colleges named in the survey.

Exploit Already Out For New Win2K Bug

Gregg Keizer writes in TechWeb News:

An exploit was released Wednesday for the most dangerous of the 14 vulnerabilities that Microsoft unveiled Tuesday, making the appearance of a worm virtually a lock, said a security expert.

The exploit is against the MSDTC vulnerability within Windows, which was patched Tuesday by Microsoft and outlined in its MS05-051 security bulletin. Because the MSDTC component -- which coordinates any sort of transaction on multiple servers -- is enabled by default and remotely exploitable on Windows 2000 systems, experts fear that the bug will result in a repeat of the Zotob attacks of August. Most security analysts named the flaw as the most dangerous of Tuesday's bunch.

Wednesday, an exploit was made available to customers of Immunity Security's Canvas vulnerability tool, said security giant Symantec in an alert to users of its DeepSight Threat Management System.

Japan to Offer VoIP for Cell Phones

An AP newswire article, via Yahoo! News, reports that:

Japan is readying a new network for cell phones that will allow people to connect to the Internet to talk over the phone more cheaply and transmit data more quickly.

The government plans to introduce mobile Voice over Internet telephony by 2007, officials said Thursday.

The mobile service under consideration at the Ministry of Internal Affairs and Communications will allow people to use Voice-over-Internet Protocol, or VoIP, phone service, on cell phones — similar to what's now available on fixed lines.

Nokia joins Chinese firm in telephony venture

An AFP newswire article, via Yahoo! News, reports that:

Global mobile telephone market leader Nokia said it had agreed to form a third-generation telephony joint venture with China Putian.

The firm would be based in Wuhan, the capital of China's Hubei province, it said Thursday.

Total investment in the joint venture amounted to 90 million euros (108 million dollars), the firm said. China Putian would hold 51 percent in the venture, with Nokia taking the remainder.

The venture is to focus on research and development and the manufacturing and sale of third-generation network solutions with the first rollout expected next year.

Wednesday, October 12, 2005

H5N1 Update: Are top secret briefings good public policy?

A couple of days ago, I mentioned that one of my many fascinations is with virulent diseases, especially the deadly ones -- and that from time to time, I would be providing updates on the Avian Flu (H5N1) issues that I come across.

Well, here's one.

Michael Isikoff and Mark Hosenball write in Newsweek:

As if they didn’t have their hands full with Iraq and terrorism, U.S. intelligence agencies are being drawn into the debate over whether the United States is imminently threatened by a deadly outbreak of bird influenza and whether the Bush administration has adequately prepared for such an epidemic.

Over the last two weeks, the administration has held bird flu briefings classified “Top Secret/Sensitive Compartmented Information” for members of both houses of Congress, according to intelligence and congressional officials. A counterterrorism official indicated that the intelligence community is also studying whether it would be possible for terrorists to somehow exploit the avian flu virus and use it against the United States, though there is no evidence that terrorists have in any way tried to do so.

The intelligence community also recently distributed inside the government an illustrated booklet, “Avian Influenza and the Threat of Pandemic Influenza,” marked “Unclassified/For Official Use Only” that highlights the dangers of a global outbreak. The booklet, a copy of which was obtained by NEWSWEEK, cites unidentified "experts” who believe that H5N1, a bird flu strain now circulating in Asia, could spread around the world as a pandemic and cause mass fatalities. (Scientists define a pandemic as a disease for which there is no certain treatment and to which humans have no natural immunity.)

According to the intelligence document, the World Health Organization is warning that if a pandemic outbreak occurs, “as much as one-fifth of the world’s population could become ill, at least 30 million people worldwide could require hospitalization, and at least 2 million people could die.” According to the booklet, however, other experts “warn that far more could die, with some estimates as high as 180 million” in the event that a new pandemic virus is as potent as the “Spanish flu” virus which caused massive casualties in 1918.

Viacom expected to close iFilm merger deal

Stefanie Olsen writes in C|Net News:

Viacom International and iFilm are expected to close a merger agreement this week, according to people familiar with the matter.

Shareholders of privately held iFilm, a video-on-demand Web site, received a letter in the last week announcing the anticipated buyout by media conglomerate Viacom and seeking their approval. The deal is expected to be worth about $50 million, according to sources.

As previously reported, the proposed deal would give Viacom further exposure to a growing online advertising market. Also, it would provide an online venue to feature video content from its many traditional companies, including MTV Networks and Paramount Pictures.

Cisco Forms New Business Unit

Paula Musich writes in eWeek:

Cisco Systems Inc. on Thursday will make its biggest play yet in the application acceleration/WAN optimization space with the launch of new offerings for the branch office and data center and the formation of a new business unit.

Cisco, four months after its acquisition of Fineground Networks Inc. in June, created the new Application Networking Delivery Business Unit, headed by George Kurian, vice president and general manager.

Along with the new unit, Cisco will launch the new data center-based Application Velocity System appliances—rebranded versions of Fineground's existing offerings tested to interoperate with Cisco's Catalyst 6000 switch, its load balancers and application acceleration products.

Three indicted in largest U.S. bust of pirated CDs

Via Reuters.

A federal grand jury indicted three men on Wednesday in what prosecutors are calling the largest bust of pirated CDs in U.S. history.

The indictment follows the arrest last week of Ye Teng Wen, 29, Hao He, 30, and Yaobin Zhai, 33, on charges of illegally reproducing 325,000 music and software CDs.

Two of the men are American citizens and one has a U.S. work permit, said a spokesman for the U.S. Attorney for Northern California.

Terror's media: War over the Web

A Christian Science Monitor article by Alexandra Marks, via USA Today, reports that:

Wanted: Video editors, writers, and webmasters to help Al Qaeda spread its message. Contact: The Global Islamic Media Front via e-mail.

It sounds unlikely, but such messages have appeared on radical Islamist Internet sites in the past week. They are just the latest sign of Al Qaeda's increasing sophistication in communications that is allowing the terrorist network to expand its universe of sympathizers around the world.

Prior to 9/11, only a handful of extremist websites existed. Now there are thousands of increasingly sophisticated sites offering everything from chat rooms to videos of beheadings as well as in-depth instructions on kidnapping, bomb- making, and recruiting.

Earlier this month, an Italian newspaper reported that Al Qaeda started producing what is essentially an "All Al Qaeda, All The Time" video news release, providing converts and sympathizers an Islamist perspective on the day's events.

Qwest repeats call for conditions in telecom mergers

Grant Gross writes in InfoWorld:

Qwest Communications International Inc. on Wednesday stepped up its push for the U.S. government to impose conditions on two mergers involving four of its telecommunications competitors.

During a Washington, D.C., press conference, Qwest repeated earlier requests for government conditions in Verizon Communication Inc.'s acquisition of MCI Inc. and SBC Communications Inc.'s acquisition of AT&T Corp. The two resulting telecom giants would create two "mega-sized monopolies," said Steve Davis, Qwest's senior vice president for public policy and deputy general counsel.

The two merged companies would dwarf other telecom companies in the U.S., with Verizon and SBC owning more than 70 percent of the residential long-distance market in many of the territories they operate, said Qwest, which lost out to Verizon in its bid for MCI. SBC's region includes the southwestern U.S. and parts of the Midwest; Verizon's territory covers the northeastern U.S.

The mergers of the two largest local telephone providers in the U.S. with the nation's two largest long distance carriers will cause the largest "fundamental reshaping of the telecom marketplace" since the U.S. government broke up the old AT&T in the mid-1980s, Davis said. Unless the U.S. government imposes some conditions, the mergers will cause price increases for a wide variety of telecom customers, he said.

Xeni Jardin rips Yahoo! a new one in LA Times commentary

Go, Xeni...

Via The LA Times:

As blogs become big business, Internet giants have begun trying to profit from new forms of journalism, including war coverage. The results are not encouraging.

Yahoo's latest experiment reveals that it considers war news just another form of entertainment. This from an online giant that has already shown it is cavalier about press freedom and a friend of oppression.

Look back to 2004, when reporters at a Hunan province newspaper listened as their editorial director read a statement from the Communist Party's Propaganda Department about the upcoming 15-year commemoration of the Tiananmen Square massacre. It warned that dissidents may use the Internet to spread "damaging information."

One reporter used an anonymous Yahoo e-mail account to ask a colleague in New York to post a report about the statement on pro-democracy website Minzhu Tongxun (Democracy Newsletter).

But as the 37-year-old married reporter behind the numeric pseudonym "198964" learned, he shouldn't have assumed that Yahoo defends press freedom. When Chinese security agents asked executives at Yahoo Holdings (Hong Kong) to identify the man, they did so. Police grabbed him on a street, searched his house and seized his computer and other belongings, according to documents filed in his defense.

eMail wallops, yet again, traditional snail-mail

Via eMail Battles.

While Australia's postal service is crying in its Foster's over its plummeting popularity, the USPS is busting out the Bud. First-Class letter delivery looks like it may be up for the year... around 400 million letters. That's not so much when your letter-stream totals 98 billion. It's even less impressive when you look back a few years to the halcyon days of 2000, when 102 billion letters whizzed through the system.

As more and more folks opt for email, the long term prognosis for First-Class home delivery is not good. Unless you happen to be the monopoly that owns the franchise. While the latest plan cites eroding mail volumes (due to email, electronic bill presentment and payment) and rising costs (like an antiquated benefits program), the USPS says it isn't through. Not by a long shot.

MS05-051 exploit info and rumors

Via the SANS Internet Storm Center's Daily Handler's Diary.

Patch yesterday folks. So far we're aware that an MS05-051 exploit is in the hands of immunitysec Canvas customers - "October 11, 2005: MS05-051 (MS DTC) Trigger for the bug in MS DTC on Windows 2000"

In addition we're seeing reports of non-specific exploit warnings from managed security service providers to their customers. And some rumors.

McAfee Vulnerability Information says that they have protection against exploits of MS Vulnerability MS05-051, "Entercept's Generic Buffer Overflow Protection protects against code execution that may result from exploiting this vulnerability."

ISS says they have protection out for an exploit, it's announcement is here.

Here's some pre-vuln announcement facts, see the DShield data on Port 3372 scanning, ymmv.

We'll post anything else that's specific and critical when we get it.

Google, Comcast may invest in AOL

A Reuters newswire article, via CNN/Money, reports that:

Google Inc. and Comcast Corp. are in "serious discussions" to buy a minority stake in Time Warner's America Online, a source familiar with the matter said Wednesday.

AOL has been in discussions with both parties separately, the source said. But in recent weeks, Google and Comcast have had discussions to possibly make a joint investment in the online unit of Time Warner Inc.

iTunes Store brought to its knees by Video iPod announcement

How's that for a Denial of Service attack? :-)

Via Netcraft.

The Apple Store was offline for more than an hour following the launch of a new video-enabled iPod, which was unveiled today after months of anticipation. While the launch of a new Apple product routinely leads to brief "restocking" outages for the Apple store, today's downtime was longer than usual, perhaps due to web traffic generated by the pent-up curiosity of iPod lovers.

Report: DDoS attacks big Net threat


A new report warns that Internet service providers are facing an unrelenting barrage of distributed denial of service attacks aimed at crashing the network.

Arbor Networks said Wednesday that its survey of Tier 1 ISPs and Tier 2 network operators found that the DDoS remains the most worrisome Internet security threat, and that their number and scale are steadily increasing.

Despite the concern, only 29 percent of the companies surveyed said they offer security and other service agreements related to DDoS to their commercial clients.

"The report clearly indicates that an entire criminal economy is evolving around denial of service activity and is driving some service providers to offer new network-based security services to combat these attacks," said Arbor's Dan McPherson.

Optical Sciences: Molecules of Light


Researchers at the University of Rostock in Germany have made the world's first molecules of light, which might allow a significant increase in the data transfer rate of fiber optical systems. The molecules are built of solitons, pulses of light that do not dissipate or easily lose their shape like most other types of pulses. Solitons are useful for transmitting information because the signals can travel over long distances without degrading.

Solitons are waves that can have characteristics similar to material particles, like electrons and billiard balls. The researchers claim that this is the first time anyone has made solitons stick together to form structures analogous to molecules.

Fiber optical systems transmit information by sending light signals through a fiber as a combination of zeros (dark) and ones (light). The data transfer rate for binary coding is fast approaching its fundamental limits, but it may be possible to bypass the limit by transmitting information as zeros, ones, and twos with soliton molecules representing the number two.

Rumor Mill: Google readying "Google Purchases"?

Alorie Gilbert writes in the C|Net Google Blog:

Bloggers claim to have discovered evidence this week that Google may be about to launch an online payment system.

The GoogleRumors blog is displaying an alleged screen shot of something called Google Purchases, a page it claims to have stumbled on yesterday by visiting

The page, as it appears on the blog, says "Get started with Google Purchases" and displays a form for entering credit card information and a billing address. The form also says, "'Google' will appear by the charge on your credit card statement" and urges visitors to review terms of service.

It's no secret that Google's developing a payment system to support a push into the e-commerce arena. The company acknowledged the project in June, fueling speculation it's part of Google's plan to deliver movies, TV shows and other video content over the Web though its Google Video Viewer program.

UK: Businesses call for tougher sentences for hackers

René Millman writes in SC Magazine:

More than eight out of ten British businesses think hackers should get longer sentences, according to a new poll.

The survey of 330 business PC users, conducted by antivirus company Sophos, revealed that 86 percent believed that the British virus writers responsible for the TK Worm, jailed last Friday, should have been given harsher sentences by the authorities.

Members of the Thr34t-Krew cybercrime gang, Andrew Harvey and Jordan Bradley, were sentenced to six months and three months in jail respectively for causing unauthorized modification of computers with intent.

Only three percent of respondents believed that the sentence given out at Newcastle Crown Court was too harsh. 11 percent thought the punishment for creating the trojan, which was designed to take control of victim's computers, as fair.

Apple Finally Unveils Video iPod

Nate Mook writes in BetaNews:

It's official. At an event in San Jose Wednesday, Apple ended months of speculation by introducing the first generation video-enabled iPod, moving the company into the portable media center space. The new iPod will sport a 2.5-inch TFT display and stays in the familiar form factor used by its predecessors.

The 320x240 pixel display supports only 260,000 colors, but does include a video-out jack for hooking the iPod up to a TV. Real-time decoding of MPEG-4 and H.264 video content is supported. Apple is releasing the video iPod in two models: a 30GB version for $299 USD and a 60GB version for $399 USD. Both models are thinner than the current 20GB iPod and include a case to prevent scratching.

ICANN Board Meeting Today

Bret Fausett writes in his Lextext blog:

The ICANN Board will hold another one of its closed Board meetings today. The agenda is ambitious:

  • Consideration of .NET RRA and .NET Registry Agreement Amendment
  • VeriSign Litigation Status Update
  • Review and Consideration of Policy Development Process Results and Public Comments for "Procedure for use by ICANN in considering requests for consent and related contractual amendments to allow changes in the architecture or operation of a gTLD registry"
  • Appointment of new Chief Financial Officer
  • Consideration of .ASIA sTLD Application
  • Review and Consideration of GNSO Bylaw Change Recommendation
  • Nominating Committee Scheduling Recommendation
  • Internationalized Domain Names (IDN) Issues Update
  • Board Governance Committee's Proposal for a Compensation Committee
  • Redelegation of .TK (Tokelau)
  • Branch Office Approvals for ICANN's Brussels Office
  • Update on Proposed .XXX sTLD Registry Services Agreement Negotiations
  • Other Business

More soon.

Apple Adds Media Center to New iMac

Nate Mook writes in BetaNews:

At a special event for members of the press Wednesday morning, Apple CEO Steve Jobs took the stage to finally end the rumors about "One more thing..." First up on his list of announcements was a new iMac, which is thinner than previous models and includes a built-in iSight camera and Media Center-like capabilities.

A new application dubbed "Front Row" provides a 10-foot interface that lets iMac users control music, video and pictures while relaxing on a sofa. Text and graphics are enlarged for viewing at a distance.

The refreshed iMac comes also with an iPod-like remote control, which includes only 6 buttons and a slim design. In his keynote Jobs said the remote is much easier than Microsoft's 40-plus button remotes designed for Windows XP Media Center Edition.

Also included with the iMac is a new program called "Photobooth" for making fun pictures.

FTC Freezes Internet Kiosk Businesses

Roy Mark writes in

It seemed like a great idea: own fee-based, public Internet terminals located in malls and rake in the cash. Too good, in fact, according to the Federal Trade Commission (FTC).

Tuesday the agency announced it won a temporary restraining order to stop the allegedly illegal practices of an "Internet kiosk" business opportunity and froze the assets of the companies and their principals.

In court documents filed in the Southern District of Florida, the FTC alleges the companies' income claims and terminal location assistance offers are false. The FTC is in the process of seeking an order to permanently bar the defendants from selling Internet kiosk business opportunities.

The FTC's complaint names as defendants Transnet Wireless Corp. of Plantation, Fla., and its president Bradley Cartwright; Nationwide Cyber Systems of Hollywood, Fla., and its president Farris Pemberton; and Paul Pemberton, who directed day-to-day operations at the companies.

Vonage Hearing Buy-Out Bids

Via Light Reading.

VoIP pioneer Vonage Holdings Corp. has heard several acquisition offers in the last two weeks, a source close to the situation says, and has already rejected at least one worth more than $1.5 billion.

Vonage is ostensibly preparing for an IPO, but has been taking a dual-track approach toward liquidity that includes the possiblity of an acquisition. Sources say the N.J.-based company’s investment banker partners have been looking for buyers for some time.

EU/US Internet Governance Battle Heats Up

Ken Young writes on

Private sector parties, including Nominet and the Internet Corporation for Assigned Names and Numbers (ICANN), were asked to leave the room during a debate over the future of the internet in Geneva last week, sources attending the event have revealed to

The representatives were asked to leave on more than one occasion, and at times their comments, which are only allowed during the last five minutes of any debate, were drowned out by the stamping fists of government representatives.

The event was noteworthy because the European Union took a strong line against the US maintaining its control of internet management through ICANN.

Nominet, the .uk domain registry, appears somewhat at odds with government policy by standing alongside ICANN in seeking to protect the status quo.

Japan: Prankster caught for harrassing operators

I don't know exactly why, but this story tickled my funny bone. :-)


A man who called a telephone directory service for no reason more than 7,000 times was arrested Tuesday, Japanese police reported Wednesday.

Hideo Shimizu, a 63-year-old unemployed man, was taken into custody by the police in Mie prefecture, southern Japan, for allegedly calling NTT's directory services over 7,000 times between November 2004 and January 2005.

Shimizu would usually call when drunk and try to pick fights with phone operators who would take his calls. Of the 700 operators who worked at NTT's Nagoya service center where the calls were taken, 60 said that they felt ill as a result of his continued prank calls.

Shimizu said he made the calls because he felt lonely since his wife died three years ago. On the day of his arrest, he had already called the center 12 times.

FEMA Restricts Evacuee Data, Citing Privacy

John Pomfret writes in The Washington Post:

The Federal Emergency Management Agency is restricting the release of information on Hurricane Katrina evacuees, complicating efforts by families to find loved ones and by law enforcement officials searching for parolees and convicted sex offenders.

Citing privacy concerns, FEMA has rejected a request by Texas officials for access to its database of the more than 100,000 evacuees who have registered for state aid, according to the governor's office. FEMA has also declined requests from five states to cross-check a database of convicted sex offenders and parolees against a list of evacuees requesting federal assistance, law enforcement officials said.

FEMA officials have started prohibiting workers at a large shelter here from sharing information about evacuees even with family members unless the evacuees had signed release forms. In many cases, relief workers said, such forms were lost or never presented in the chaos of the exodus. FEMA authorities made similar restrictions last week when they took over management of shelters in Beaumont, Tex.

Internet Censorship Tools: A gift of Western technology?

A New York Times article by Tom Zeller Jr., via The International Herald Tribune, reports that:

It should come as no surprise that the Internet in Myanmar, which has been in the iron grip of a military cabal for decades, is heavily filtered and carefully monitored.

But a new report from the OpenNet Initiative, a human rights project linking researchers from the University of Toronto, Harvard Law School and Cambridge University, once again raises tough questions about the use of filtering technologies - often developed by Western companies - by autocratic governments seeking to control what their citizens see on the Web.

Myanmar "employs one of the most restrictive regimes of Internet filtering worldwide that we have studied," said Ronald Deibert, a principal investigator for the OpenNet Initiative and director of the Citizen Lab at the Munk Center for International Studies at the University of Toronto.

Myanmar, formerly known as Burma, now joins a group of nations, including China, Iran and Singapore, that rely on Western software and hardware to accomplish their goals, Deibert said.

Microsoft, Cisco Systems and Yahoo, for example, have all come under fire recently for providing technology to, or otherwise cooperating with, the Chinese government to enable it to monitor and censor Internet use.

UK: E-mail scam suspect made "threats to kill"

John Leyden writes in The Register:

Peter Francis-Macrae, the 23-year-old who is allegedly the UK's biggest spammer, faces a variety of charges ranging from threats to kill to fraudulent trading in a trial at Peterborough Crown Court this week.

Francis-Macrae allegedly threatened to slit the throats of trading standards officers investigating suspected scams that netted him an estimated £1.5m, a jury heard. He is also accused of telling a police switchboard operator, who'd recently been diagnosed with cancer, that he hoped she caught the disease.

Operating from a bedroom in his father's home in the village of of St. Neots, Cambs, Francis-Macrae allegedly made a small fortune through a series of domain registration scams, promoted using bulk email. He is accused of fraudulently selling unavailable .eu domains among other scams dating back five years. He's also accused of sending out fraudulent re-registration letters to UK domain owners.

User Friendly: Arrrgh! Pirates! More RIAA idiocy...


Click on image for enlargement.

Yahoo! to shut chat rooms promoting adult-child sex

A Reuters newswire article, via Yahoo! News, reports that:

Yahoo Inc. agreed to shut down Internet chat rooms designed to promote sex between adults and children, New York Attorney General Eliot Spitzer said on Wednesday.

The agreement is the first to institute systemwide controls over chat rooms likely to be frequented by child predators, the attorney general said.

New York and Nebraska this year began investigations after learning that children had unfettered access to adult chat rooms. Spitzer said Yahoo in June removed or barred the posting of 70,000 user-created chat rooms whose names suggested they facilitated illegal conduct, including the promotion of sex between adults and children.

Daily fix...

Via Enjoy!

EU says internet could fall apart

But only if they are the ones which fragment it. - ferg

Richard Wray writes in The Guardian UK:

A battle has erupted over who governs the internet, with America demanding to maintain a key role in the network it helped create and other countries demanding more control.

The European commission is warning that if a deal cannot be reached at a meeting in Tunisia next month the internet will split apart.

At issue is the role of the US government in overseeing the internet's address structure, called the domain name system (DNS), which enables communication between the world's computers. It is managed by the California-based, not-for-profit Internet Corporation for Assigned Names and Numbers (Icann) under contract to the US department of commerce.

A meeting of officials in Geneva last month was meant to formulate a way of sharing internet governance which politicians could unveil at the UN-sponsored World Summit on the Information Society in Tunis on November 16-18. A European Union plan that goes a long way to meeting the demands of developing countries to make the governance more open collapsed in the face of US opposition.

Viviane Reding, European IT commissioner, says that if a multilateral approach cannot be agreed, countries such as China, Russia, Brazil and some Arab states could start operating their own versions of the internet and the ubiquity that has made it such a success will disappear.

UK: Banks caught by €5m spy sting

Thanks to Bruce Schneier for pointing out this story on his blog.

Adam Sage writes in The Times Online UK:

An ingenious fraudster is believed to be sunning himself on a beach after persuading leading banks to pay him more than €5 million (£3.5 million) in the belief that he was a secret service agent engaged in the fight against terrorist money-laundering.

The man, described by detectives as the greatest conman they had encountered, convinced one bank manager to leave him €358,000 in the lavatories of a Parisian bar. “This man is going to become a hero if he isn’t caught quickly,” an officer said. “The case is exceptional, perfectly unbelievable and surreal.”

The fraudster, named as Gilbert C, slipped through the net when his wife and mother-in-law were arrested. He promptly telephoned the Paris detective squad to say that he would halt his operations in France while he spent some of his illicit gains. The call was traced to an Israeli resort.

Canada: PM Martin defends new wiretap bill

Brian Laghi writes in The Globe and Mail:

Prime Minister Paul Martin moved yesterday to reassure Canadians that new legislation aimed at giving law-enforcement authorities the right to monitor e-mail and Internet traffic will not violate civil rights.

Speaking in Toronto, Mr. Martin told reporters that the government will ensure that the bill, which will be unveiled next month, will shield Canadians from unlawful eavesdropping.

"In every instance, when the government brings forth this kind of legislation, obviously the question of civil rights is first and foremost in our minds, and they will be protected," Mr. Martin said.

The proposal would demand that the telecommunications industry build a capacity into their networks that allows for tapping the e-mail, Internet and phone use of more than 8,000 individuals at one time.

EU to Force Telecoms to Keep Records

An AP newswire article, via Yahoo! News, reports that:

The European Union agreed Wednesday to legally require telecommunications companies to keep records of phone and e-mail traffic for up to one year as part of the bloc's anti-terrorist campaign.

The decision by 25 EU justice ministers comes after years of European debate over the privacy and cost concerns of data retention. Officials said the ministers agreed phone companies must keep records for 12 months and Internet providers for six months.

Britain, which holds the rotating EU presidency, has pushed for a data retention order as part of anti-terror efforts in the wake of the deadly bombings in London in July.

Data retention laws vary from country to country within the bloc. Fifteen EU countries have no such laws. But Italy and Ireland require telecommunications data be kept for three and four years, respectively; those tougher standards will remain under Wednesday decision.

Sweden takes file sharer to court

John Oates writes in The Register:

A Swedish man made history yesterday as the first Swede charged with file sharing.

He is accused of having a copy of the movie Hip Hip Hora (The Ketchup Effect) which he allowed others to download. Swedish anti-piracy group Antipiratbyra(APB) tipped off the police. They contacted his ISP and used his IP number to track him down.

But there was confusion yesterday when the defendant withdrew an apparent confession that he did download, and then redistribute, the film. Police say he told them he had made the film available using the DC file sharing program. But in court yesterday the 28-year old man denied ever having the film.

Sweden's new copyright laws came into effect 1 July which is adding to the complexity of the case. The trial is seen as a test case for several others around Sweden.

Google Commits Funds to Philanthropic Arm

An AP newswire article by Michael Liedtke, via Yahoo! News, reports that:

Google Inc. is financing its promise to make the world a better place with an initial commitment of nearly $1 billion to a philanthropic arm devoted to causes that mesh with the online search engine leader's crusade.

The altruistic effort, formally announced late Tuesday under the umbrella of, follows through on a pledge that the Mountain View, Calif.-based company made last year as it prepared its ballyhooed initial public offering of stock.

At the time, Google co-founders Larry Page and Sergey Brin vowed to create a company "that does good things for the world even if we forgo short-term gains." Toward that end, the pair said they would earmark 1 percent of Google's stock and future profit for a charitable foundation.

But Brin and Page have since decided their company's ambition extended beyond the limitations of a traditional foundation, prompting them to pool all the company's philanthropy under

Tuesday, October 11, 2005

Ukraine: Government rescinds decree requiring online publications to register

Via Reporters sans Frontières.

Reporters Without Borders today welcomed the Ukrainian transport and telecommunication ministry’s decision to rescind a May 2005 decree requiring online publications to register with the authorities. The requirement was a threat to free expression and had been criticised by many local news media and organisations.

The ministry said the decree had been rescinded because it did not respect “the principles of state regulatory policy in the field of IT development."

Aside from a few repressive countries such as China, only Bahrain has made it obligatory for online publications to register. Reporters Without Borders and the representative on freedom of the media of the Organisation of Security and Cooperation in Europe (OSCE) took a clear position on this issue in a joint statement about online free expression in June.

Phishing Defense a Key Factor in eBay-VeriSign Deal

Via Netcraft.

Paypal will implement strengthened anti-phishing measures for up to 1 million users next year through a deal announced yesterday between VeriSign and eBay, which operates Paypal. While most of the headlines focused on eBay's purchase of VeriSign's payment processing unit for $370 million, the most widely-felt benefit of the deal will likely be the enhanced security for Paypal, which has been relentlessly targeted by phishing scams.

The agreement calls for eBay to buy up to 1 million two-factor authentication tokens from VeriSign. eBay and PayPal plan to begin the rollout of two-factor authentication to customers in 2006, including marketing and security programs designed to "promote customer adoption."

Two-factor authentication, which uses physical security devices to generate a single-use password, is being advanced as a way to reduce fraud losses from phishing. It is being used by a growing number of banks in both the US and UK. The token is typically a compact electronic card-like device which displays a number on a small screen. By entering this number into the online system when you login, you prove that that you are in possession of the card.

Vanishing pay phones in U.S. cause concern

A New York Times article by Katie Zezima, via The International Herald Tribune, reports that:

The pay phone in the dirt parking lot of the Acworth General Store here is not terribly impressive, its base coated in grime and a plastic-covered phone book hanging limply from its metal frame.

But to residents of this village of 150 people in southwestern New Hampshire, it is a phone worth fighting for. The town gets no cellphone reception, and there is no other pay phone for miles. The police and volunteer fire departments even have to use the phone sometimes when their radios do not work.

So townspeople were determined to keep the phone when the telephone company, Verizon, said in 2000 that it planned to remove the device because it was not making enough money.

"There's no other phone nearby," said Skip Auten, an electrician who volunteers shifts at the store. "It's all there is here."

The phone was the first in New Hampshire to be protected under a state law passed in July. The law sprang from the 1996 U.S. Telecommunications Act, which deregulated pay phones but allowed states to enact "public interest" laws to save phones that provide a crucial service. At least eight states have similar laws, including New York, California and Maine.

Microsoft Patches 'Critical' Win2K Worm Hole

With regards to the patches that Microsoft issued earlier today, we have this article by Ryan Narain over on eWeek:

Microsoft Corp.'s October batch of security patches comes with a terse warning for Windows 2000 users: Pay special attention to MS05-051, a critical bulletin that covers a worm hole in the operating system.

The bulletin, which addresses four different Windows vulnerabilities, creates a "remote, unauthenticated attack vector" on Windows 2000 systems, triggering fears that a network worm attack might be inevitable.

"This is the same attack vector that led to the Zotob worm," said Stephen Toulouse, program manager at the Microsoft Security Response Center.

In an interview with Ziff Davis Internet News moments after Microsoft shipped the monthly security updates, Toulouse underlined the need for businesses to apply the MS05-051 bulletin as the highest possible priority.

"It's hard to predict what will happen, but this is one of those vulnerabilities that could be really dangerous, especially for customers running older versions of the operating system," Toulouse said.

"If you're running Windows 2000, you want to apply this update as fast as possible. The concern is that we could be looking at another Zotob, because the attack vector is the same," he added.

Riding on Expiring Domains: Are Registrars Abusing Owners' Rights?

Talented Fool writes on CircleID:

The ICANN regulations for domain name registrars dictate a requirement for deletion and auto-renewal policies. However, if you've had a domain expire lately you may have noticed that your registrar has taken over your domain name's DNS and redirected YOUR domain to THEIR website. This is because of a clause in their Service Agreement that says you give them permission to do this.

This permission statement is usually buried so you won't find the clause or the opt-out provisions that are provided. (For example, the clause is in Section 14, on page 10 of the Network Solutions agreement.)

Before we go any further, it should be noted that this practice is widely employed by registrars. In fact almost all registrars have gotten on this gravy train. So be aware that while the facts in this article apply to Network Solutions, this is simply a representative sample of the findings and are provided as evidence of the article's accuracy and for no other reason.

In any event, this free use of a registrant's property rights is without compensation and entirely to the benefit of your registrar and any third party they may use to sell your domain (SnapNames in the case of Network Solutions). Even when they sell your domain you get only 15 to 20% of the sale proceeds.

Microsoft, Yahoo to Link IM Networks

Nate Mook writes in BetaNews:

Microsoft and Yahoo are set to announce Wednesday a blockbuster interoperability deal that will reshape the landscape of the fragmented instant messaging market. The companies will connect their IM networks so users on each can communicate with one another using text and voice chat free of charge.

The agreement marks the first time major players in the highly competitive IM industry have officially partnered up to enable cross-network communication. Interoperability has always been a hot topic among instant messaging providers, but had never yielded a compromise.

In 1999, Microsoft connected its MSN Messenger client to AOL's AIM network - without authorization. The move let to a cat-and-mouse game of AOL cutting off its new competitor and MSN re-establishing communication with each update. Microsoft eventually gave up and focused on improving its client.

Such disparate messaging networks led to the creation of third party clients with the ability to connect to each simultaneously. AOL and others were initially critical of applications like Trillian, but eventually backed down and ceased efforts to block the newcomers.

Technorati Top Ten Snapshot

Via Technorati.

Top Searches This Hour:

1. Iipm
2. Smurf
3. “Web 2.0”
4. “John Tierney”
5. Apple
6. “Bird Flu”
7. Flock
8. Ajax
9. Krugman
10. Ipod