Saturday, July 22, 2006

HOPE Speaker Arrested by the Feds

Brian Krebs writes on Security Fix:

Security Fix just learned that Steven Rambam, the owner of a company that bills itself as the largest privately held online investigative service in the United States, was arrested this afternoon by FBI agents just moments before he was to lead a panel discussion on privacy here at the HOPE hacker conference in New York City.

Details are sketchy at the moment, but Rambam's fellow panelists said four men clad in dark blue FBI jackets quietly entered the auditorium, asked Rambam if he had any weapons on him, and then escorted him out the door along with his laptop and other equipment that contained the PowerPoint slides that were to make up the bulk of his scheduled two-hour presentation.

More here.

Two Suspects in Craigslist Robbery Arrested

A Bay City News article, via, reports that:

Two men suspected of armed robbery after responding to an advertisement posted on the Web site are in police custody, the Walnut Creek Police Department reported today.

Walnut Creek police arrested the men on Wednesday for their alleged involvement in the armed robbery that took place on Sunday.

Police were called to the covered parking lot of the Target store located at 1871 N. Main St. in Walnut Creek at 8:21 p.m. Sunday, according to Walnut Creek police Lt. Mark Covington.

Covington said the victims, who were from the Livermore-Pleasanton area, had posted some hooded sweatshirts for sale on the Web site. They arranged to meet with the suspects to sell the items at the Walnut Creek Target store parking lot.

More here.

Backdoor Software Being Developed to Regain Control of Hijacked Aircraft

An AFP newswire article, via Yahoo! News, reports that:

Some 30 European businesses and research institutes are working to create software that would make it possible from a distance to regain control of an aircraft from hijackers, according to the German news magazine.

The system "which could only be controlled from the ground would conduct the aircraft posing a problem to the nearest airport whether it liked it or not," according to extracts from next Monday's Der Spiegel released Saturday.

"A hijacker would have no chance of reaching his goal," it said.

The project costs 36 million euros (45 million dollars), of which the European Commission is contributing 19.5 million euros, and involves aircraft maker Airbus, electronics giant Siemens and the Technical University of Munich.

The first results should be presented in Britain in October, the magazine said.

The system would be designed in such a way that even a computer hacker on board could not get round it.

More here.

American Bar Association Blasts the Specter NSA Bill

Via Crooks and Liars.

Michael Greco from the American Bar Association came out hard against the Specter bill.

"...their awesome power to penetrate communication is too great a power to be held solely by the executive branch of Government. To restore public confidence in our government and to safe guard the people’s cherished constitutional rights. There is now a pressing need for Congress to oversee these issues with the authority and the responsibility that the constitution mandates. The ABA urges Congress to assert its proper role as a co-equal member of our government. As a co-equal to the executive branch..."

More, plus video snippet, here.

YouTube's Blogger Brouhaha

John Boudreau writes in The Mercury News:

Some bloggers created a minor uproar this week when they noticed the viral video site's user's agreement included what they thought was a suspicious clause.

But while the digital era poses possibilities and perils, in this case it was much ado about a little legalese.

The YouTube user's agreement said people, by submitting content, give the company "a worldwide, non-exclusive, royalty-free, sublicenseable and transferable license to use, reproduce, distribute, prepare derivative works of, display, and perform the user submissions in connection with the YouTube Web site and YouTube's (and its successor's) business . . . in any media formats and through any media channels."

In short, some took this to mean YouTube could take the video you post and sell it to someone else.

More here.

American DNS Providers Continue Services to UK Betting Sites

Via Netcraft.

The U.S. crackdown on online gambling company BetOnSports appears unlikely to spark dramatic shifts in the geography of the online gambling industry in the short term. American DNS service providers and DDoS mitigation companies are continuing to provide services to UK betting sites, while initial fears about the British government's extradition policy have eased somewhat. But some international betting services are barring U.S. residents, and up-and-coming offshore "data havens" are likely to be of growing interest to UK-based gambling operations.

It will take time for the broader implications of the U.S. charges against to become clear. CEO David Carruthers was arrested Sunday in Dallas/Fort Worth airport as he changed flights on his way from London to Costa Rica (where BetOnSports is based) and charged with conspiracy, fraud and racketeering. Also named in the indictment were Florida companies that provided marketing services to BetonSports. While those charges dealt specifically with the transport of gambling equipment to offshore sites, the inclusion of the companies has raised concern among U.S. companies providing services to international gambling sites.

Neustar Ultra Services (formerly UltraDNS), provides DNS management services to and several other UK gambling sites, and said Friday that the U.S. action against the company has not changed its practice. "We will continue to support our partners, and will do so according to U.S. government law, however it shapes up," said a spokesman for the company, which is based in Sterling, Va. "We support plenty of gambling sites, but also many customers in other industries as well." Prolexic, a Florida provider specializing in mitigation of DDoS attacks, also counts offshore gambling web sites as customers. Gambling sites are frequest targets of attacks from DDoS blackmail schemes.

More here.

India Calls It a Error, But Blog Filtering Continues

Somini Sengupta writes in The New York Times:

After two days of angry inquiries and charges of government censorship, the Indian government took a step Thursday toward explaining a mysterious blockade on personal blogs, calling it “a technological error” that would be repaired soon.

In an e-mail message sent early on Thursday, India time, an official at the office of the Consulate General of India in New York said the order to block a handful of Web sites, including the popular, which plays host to thousands of personal blogs, had been prompted by the discovery of a site that contained what the official called “two impertinent pages” rife with material considered to be “extremely derogatory references to Islam.”

In an effort to stave off potential sectarian violence, the official said, the government’s Department of Telecommunications instructed Internet service providers to block access to the two pages. “Because of a technological error, the Internet providers went beyond what was expected of them, which in turn resulted in the unfortunate blocking of all blogs,” the official explained.

As of Friday, however, the sites remained blocked.

More here.

DOD Selling Sensitive Military Equipment

Rich Gardella writes on MSNBC:

Government Accountability Office investigators posing as private citizens were able to buy sensitive excess military equipment from a Department of Defense logistics agency, a GAO report obtained by NBC News shows.

The equipment included two launcher mounts for shoulder-fired guided missiles, two guided missile radar test sets, ceramic body armor inserts currently used by deployed troops in Iraq and Afghanistan, a digital signal converter used in naval surveillance, an all-band antenna used to track aircraft and 12 digital microcircuits used in F-14 fighter aircraft.

GAO identified at least 79 buyers of 2,669 sensitive items between November 2005 and June 2006.

More here.

22 July 1587: Roanoke Colony Established for the Second Time


Sir Francis Drake returned the first Roanoke colonists back to England.
Image source: Wikipedia

Via Wikipedia.

In 1587, Raleigh dispatched another group of colonists. These 91 men, 17 women, and 9 children were led by John White, an artist and friend of Raleigh's who had accompanied the previous expeditions to Roanoke. The new colonists were tasked with picking up the fifteen men left at Roanoke and settling farther north, in the Chesapeake Bay area. Upon arrival at Roanoke, however, the fleet's navigator, Simon Fernandez, refused to transport the colony further than the Outer Banks, claiming that continuing to the bay would delay his return to England into the North Atlantic storm season, thereby risking the fleet. This was probably an excuse; it is highly likely that Raleigh's captain was merely impatient to leave in search of Spanish prizes.

Forced to accept this reasoning, which was unveiled by Fernandez only after forty of the colony's men had already been shipped to Roanoke Island to search for the fifteen men stationed there, the Roanoke settlement was re-established. Of the fifteen men left the year before, only the bones of a single man were found. The one local tribe still friendly towards the English, the Croatans on present-day Hatteras Island, reported that the men had been attacked, and the nine survivors had taken their boat and sailed up the coast.

The settlers landed on Roanoke Island on July 22, 1587. On August 18, Governor White's daughter had the first English child born in the Americas: Virginia Dare. Before her birth, White reestablished relations with the neighboring Croatans and tried to reestablish relations with the tribes that Ralph Lane had attacked a year previously. The aggrieved tribes refused to meet with the new colonists.

Shortly thereafter, George Howe was killed by natives as he crabbed alone in Albemarle Sound. Knowing what had happened during Ralph Lane's tenure in the area and fearing for their lives, the colonists convinced Governor White to return to England to explain the colony's situation and ask for help. There were approximately 117 colonists—115 men and women who made the trans-Atlantic passage and 2 new-born babies (including Virginia Dare)—when White returned to England.

More here.

Friday, July 21, 2006

Group Appeals U.S. Government Eavesdropping Ruling

Declan McCullagh writes on C|Net News:

A coalition of civil liberties groups and technology companies, including and Sun Microsystems, is appealing a federal court ruling that forces Internet service providers to create backdoors for government wiretapping.

The coalition on Friday asked the full U.S. Court of Appeals in Washington, D.C., to review a June 9 ruling that sided with the Bush administration.

That 2-1 ruling said that Internet providers must rewire their networks and follow a complex scheme of eavesdropping regulations. The deadline is set for May 2007.

The groups behind the appeal, called an "en banc" rehearing, say they're happy to comply with legitimate court orders.

More here.

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Friday, July 21, 2006, at least 2,559 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,026 died as a result of hostile action, according to the military's numbers.

The AP count is the same as the Defense Department's tally, last updated Friday at 10 a.m. EDT.

More here.

Google Tool Bar Seekers Tricked into Downloading Botnet Backdoor

An AFP newswire article, via Yahoo! News, reports that:

Computer hackers built a fake Google Tool Bar website to trick people into downloading a malicious program that could turn machines into "zombies," a US Internet security firm said.

E-mails containing Internet links to the bogus website and invitations to download Google tool bar software began circulating this week, according to SurfControl of northern California.

More here.

19 July 2006: R.I.P. Jack Warden

The late, great Jack Warden, 1920 - 2006.

I have just learned that one of my very favorite character actors has died at the age of 85.

Rest in Peace, old dog.

Via Wikipedia, et. al.

Jack Warden (September 18, 1920 – July 19, 2006) was an American actor.

Born John Lebzelter in Newark, New Jersey, and was raised in Louisville, Kentucky, his early jobs included lifeguard and nightclub bouncer. He also fought as a professional boxer under the name Johnny Costello. He served in the 101st Airborne Division during World War II.

Warden decided to pursue an acting career after leaving the military, and moved to New York City. He joined the company of the Dallas Alley Theater and performed on stage for five years. He made his television debut in 1948 in The Philco Television Playhouse and Studio One. He had an uncredited film debut in 1951 in You're in the Navy Now, a movie which also featured the debuts of Lee Marvin and Charles Bronson.

Warden had his first credited film role in The Man with My Face in 1951. In 1952, he began a three year role in the television series Mr. Peepers. Warden's breakthrough role was his appearance in 12 Angry Men in 1957.

Warden appeared in over one hundred movies during a career which lasted six decades. He received an Emmy Award for his performance as George Halas in Brian's Song (1971), and was nominated for Academy Awards as Best Supporting Actor for his performances in Shampoo (1975) and Heaven Can Wait (1978). He also appeared in Problem Child (1990) and its sequel (1991).

More here.

Google Crushes the Search Competition Yet Again

Juan Carlos Perez writes in InfoWorld:

Google retained its commanding lead of the U.S. search engine market in June, when it handled almost half of all queries, leaving competitors such as Yahoo and Microsoft to fight for the remaining usage share, Nielsen/NetRatings said Friday.

Google processed almost 2.67 billion queries, or 49.4 percent of June's total, while Yahoo followed in a distant second place with 1.24 billion, for a 23 percent market share.

Microsoft's MSN unit (10.3 percent), Time Warner Inc.'s AOL LLC (6.9 percent) and IAC/InterActiveCorp's (2.3 percent) rounded out the top five.

More here.

Programmers Guild Pushes for H-1B Transparency

Deborah Rothberg writes on eWeek:

A request for the public release of data containing the names of the companies requesting H-1B temporary workers and the positions they are being hired for was filed in a public letter to the Department of Labor July 18 by the Programmers Guild, an IT advocacy group.

In the open letter to William Carlson, chief of the Division of Foreign Labor Certification, Programmers Guild President Kim Berry requested on behalf of the "displaced, unemployed, and underemployed U.S. tech workers" that the FY 2007 LCA (Labor Conditions Applications) database be made publicly viewable, so that U.S. tech workers can apply for these positions while they are still open.

More here.

Since When Did Phone Service Cost $13,000 Per Year?

Carlo writes over on

The Universal Service Fund is a rather mysterious thing, its only visible effect for most people being the 10% or so tax on their phone bills that funds it. The idea behind the fund is that it's supposed to subsidize phone service in rural areas or to people who couldn't otherwise afford it, but unsurprisingly, taxpayers don't look to be getting much value for the $7 billion they pay into the fund each year.

A new study says that the government is paying up to $13,345 per telephone line for subsidized USF service -- meaning it would be far cheaper to simply buy people cell phones to use and pay for the service.

More here.

CDT, Groups Oppose Vote on Weak Data Breach Bill

Via The Center for Democracy and Technology (CDT).

CDT has joined with a group of public interest advocates to oppose a reported attempt by the House of Representatives to pass a weak data breach bill that would roll back important consumer protections.

In a letter sent to House leaders, CDT, Consumers Union, the Consumer Federation of America, the U.S. Public Interest Research Group, Consumer Action and the Privacy Rights Clearinghouse, urged lawmakers not to vote on H.R. 3997, a Financial Services Committee bill which does more to protect banks than consumers.

Instead the groups urged lawmakers to vote on H.R. 4127, an Energy and Commerce Committee bill which contains stronger provisions for notifying consumers after data breaches and enables consumers to find out what is in their data broker files.

More here.

Dilbert: The Eternal Facade

Click for larger image.

Convicted Rapist Cites Juror's Blog in Appeal

An AP newswire article, via The Boston Globe, reports that:

New Hampshire's Supreme Court is considering whether a convicted rapist got a fair trial after a man who posted disparaging comments about the case on the internet later became foreman of the jury that voted for the conviction.

Stephen Goupil is serving at least 35 years in prison after being found guilty of leading a home invasion in Laconia in April 2004 and repeatedly raping a 24-year-old woman at knifepoint. He was convicted of five counts of rape and one of theft.

Goupil's lawyer, Mark Sisti, said the trial court should have set aside the verdicts after learning that Scott Vachon, a member of the Laconia School Board, referred to defendants as "local riff raff" on a personal Web blog four days before jury selection.

More here.

The Daily Show: Stem Cell Redux

Via Crooks and Liars.

Jon Stewart follows up on yesterday’s stem cell segment by digging in and exposing the real hypocrisy behind Bush’s veto—Iraq. Stewart also highlights Tony Snow’s statements and justifications that are amazingly insipid.

Bush: I think it’s important to promote a culture of life…A society where every being counts, every person matters.

Stewart: Every. Being. Counts. Every. Person. Matters.

Bush: How many Iraq citizens have died in this war? Umm. I would say 30,000 more or less…

Stewart: Each one precious…

More here.

Websense: Traffic Phines

Via the Websense Security Labs Blog.

Over the last couple days we seen a few emails with links that are using the Collections Department City of London Congestion Charge as a lure to defraud users from confidential information.

The emails are spoofed and claim that the user was identified as someone who needs to pay a congestion charge of 80 pounds. The domain's are hosted in the U.K.

More here.

BellSouth Shareholders OK Sale to AT&T

An AP newswire article by Harry R. Weber, via, reports that:

BellSouth Corp. shareholders approved Friday the proposed sale of their company to AT&T Inc. for $67 billion in stock, a deal that would expand the reach of the nation's largest telecommunications provider and put the two companies' wireless joint venture under one roof.

The vote during a special meeting in Atlanta was 97 percent in favor of the deal, which was announced March 5 and is expected to close by the end of the year.

AT&T shareholders were scheduled to vote later Friday in San Antonio on whether to issue new stock in the combined company.

Federal and state regulators also must approve the deal.

More here.

25,000 New Yorkers Are Without Power

An AP newswire article by David B. Caruso, via, reports that:

A mysterious electrical problem blamed for subway delays, flight cancellations and power outages on the hottest days of the year persisted for a fifth day Friday, leaving 25,000 customers without power.

Power company Con Edison initially said that only 2,500 customers were affected, but it increased that number tenfold Friday morning. "Previous estimates were based on the number of customers who had called the company to say they were without electricity," the utility said in a statement.

The blackouts started Monday in a handful of neighborhoods in Queens. Two LaGuardia Airport terminals lost power Tuesday. Hundreds of businesses have since been idle, and the city's jail complex on Rikers Island had to operate on backup generators.

More here.

User Friendly: Best Viewed at...


Click for larger image.

BetOnSports CEO Stays in Jail

An AP newswire article, via Yahoo! News, reports that:

The chief executive of BetOnSports PLC, a major online sports-betting operation, remained in custody Friday on racketeering and conspiracy charges after his lawyer asked to postpone a bail hearing.

The hearing for David Carruthers will be held instead in federal district court in St. Louis. No date was set.

The executive was arrested Sunday at Dallas-Fort Worth International Airport as he waited to board a flight to Costa Rica, where the company has a major operation.

More here.

Interesting Stats: The Worst Week in the History of Broadcast TV

Via Boing Boing.

Last week was the least-viewed week in the history of broadcast network television in the USA.

CBS, ABC, NBC and Fox averaged 20.8 million viewers during the average prime-time minute last week, according to Nielsen Media Research. That sunk below the previous record, set during the last week of July in 2005.

TV keeps losing to gaming, the Internet, youtubing, etc, and yet our elected representatives are willing to kill innovation and open source with a Broadcaast Flag that is intended only to assuage the fears of the broadcasters and studios, but which will have no impact at all on file-sharing.

More here.

Why Telcos Hate Innovation

Via BusinessWeek.

Welcome to Telco Land, a strange country where the biggest players talk more and more about innovation yet approach new ideas with baby steps, build little themselves, and when they think about technology are apt to believe it's a threat they have to fight.

In case you haven't been keeping score, after the original phone company, American Telephone & Telegraph, was broken up in 1984, the country was left with eight major regional telcos. Over the past decade these companies proceeded to gobble one another up. Now there are four: AT&T, Verizon, BellSouth, and Qwest.

Just keeping track of the mergers and names is an endless challenge: The "new" AT&T is actually the rechristened SBC, based in Austin, Tex., which acquired the venerable name last year -- and it's in the process of buying BellSouth. That will leave two phone giants, Verizon and AT&T, and the much smaller Qwest. The biggest wireless carriers are Verizon Wireless, majority owned by Verizon, and Cingular, which is soon to be wholly owned by AT&T. It's not exactly the return of the old Ma Bell monopoly -- the world has gotten way too complicated for that -- but that's a lot of power in the hands of just two companies.

One way in which these companies are very different from the old phone monopoly is that while the original AT&T had a world-class research operation, its successors don't.

More here.

CIA Contractor Is Fired When Blog Post Crosses the Line

Dana Priest writes in The Washington Post:

Christine Axsmith, a software contractor for the CIA, considered her blog a success within the select circle of people who could actually access it.

Only people with top-secret security clearances could read her musings, which were posted on Intelink, the intelligence community's classified intranet. Writing as Covert Communications, CC for short, she opined in her online journal on such national security conundrums as stagflation, the war of ideas in the Middle East and -- in her most popular post -- bad food in the CIA cafeteria.

But the hundreds of blog readers who responded to her irreverent entries with titles such as "Morale Equals Food" won't be joining her ever again.

More here.

Gapingvoid: Married to the Blogosphere

Via Enjoy!

Silicon Labs Acquires Wirelss Software Firm StackCom for $7M

Via The Austin Business Journal.

Austin's Silicon Laboratories Inc. has acquired StackCom, a California-based provider of wireless protocol stack software, in an all-cash deal worth $7 million.

Privately-held StackCom developed its stacked software for Global System for Mobile Communication, which enables international roaming among mobile phone operators, and General Packet Radio Service, a mobile data service.

The acquisition provides Silicon Laboratories with internal software for future versions of its AeroFONE single-chip phone.

More here.

RFK Jr. Blows the Whistle on Diebold

John Ireland writes on AlterNet:

The environmental lawyer-turned voting-rights advocate has found Diebold employees who may link the company to election fraud.

On July 13, the Pensacola, Fla.-based law firm of Robert F. Kennedy Jr. filed a "qui tam" lawsuit in U.S. District Court, alleging that Diebold and other electronic voting machine (EVM) companies fraudulently represented to state election boards and the federal government that their products were "unhackable."

Kennedy claims to have witnesses "centrally located, deep within the corporations," who will confirm that company officials withheld their knowledge of problems with accuracy, reliability and security of EVMs in order to procure government contracts. Since going into service, many of these machines have been linked to allegations of election fraud.

More here.

Australia: Optus Prepares to Launch Communications Satellite

Via UPI.

Australia's Optus has taken possession of a new communications satellite that will be launched sometime in September.

The company said Thursday the D1 satellite had been delivered by U.S. manufacturer Orbital Sciences and was on track for liftoff from French Guiana on a date subject to change depending on slot availability.

The D1 spacecraft will replace the Optus B1 and provide fixed communications and broadcast coverage to Australia and New Zealand, in particular in-orbit backup for high-value services such pay television.


21 July 1984: First Robot-Related Human Death in U.S.


Excerpt from "The Lion's Cage", Forbes, via RISKS Digest, Volume 1, Issue 20, 9 October 1985.

On July 21, 1984, at about 1 p.m., a worker at Diecast Corp. in Jackson, Mich. found Harry Allen, 34, a diecast operator pinned between a factory pole and the back of an industrial robot. But Allen's co-worker couldn't come to his aid. Using the robot's controller, the company's director of manufacturing finally unpinned Allen, who was alive but in cardiac arrest. He died in a hospital five days later. Allen had entered a restricted area, presumably to clean up scrap metal from the floor. While there, he got in the way of the robot's work, and thus became the first - and so far only - U.S. victim of an industrial robot-related accident.

More here.

Thursday, July 20, 2006

Bogus Private Investigator Pleads to ID Theft Charges

John Leyden writes on The Register:

A US man who fraudulently accessed the details of thousands on a credit reference database pleaded guilty this week to ID theft-related charges. Brian Dill, 33, of Simi Valley, California, claimed to be a private investigator in order to access privileged information on the Merlin Information Services database.

As part of a plea bargaining deal, Dill admitted he conducted at least 1,873 queries through the Merlin system obtaining information on over 5,875 people. He used this data fraudulently obtain a credit card and make unauthorised purchases of more than $2,000 on his own behalf. Dill also used the information he gained from the Merlin system to supply friends and acquaintances with fraudulently obtained credit cards before he was collared by the Feds.

More here.

U.S Toll in Iraq

Via The Boston Globe (AP).

As of Thursday, July 20, 2006, at least 2,557 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,021 died as a result of hostile action, according to the military's numbers.

The AP count is the same as the Defense Department's tally, last updated Thursday at 10 a.m. EDT.

More here.

Point and Click DDoS Attacks

Brian Krebs writes on Security Fix:

Seems like the Internet's bad guys have automated all their attacks these days. A good friend of mine pointed me to a blog post by security blogger and anti-spyware ninja Chris Boyd -- a.k.a "Paperghost" -- about adware from Zango serving up pornography to a targeted teen audience.

The first screenshot in Boyd's post includes the Web address of a site that delivers said treachery, and if you scour some of pages at that site you might come across one that appears designed to let cyber criminals conduct Web site-crippling denial-of-service attacks with the click of a mouse.

Hmm... Wonder what would happen if we put the Web address of that site into the "DDoS target site:" field? Not that I'm advocating that or anything, mind you; that would be illegal.

More here.

Sling Takes Notes From Content Industry On Making Content Less Useful

Over on, Joe writes:

Since the inception of the Sling Media's Slingbox, the company has been at odds with content owners who aren't comfortable with flexibility that place shifting offers consumers. Now Sling Media has found itself in the position of battling with another company selling a product that extends the functionality of the Slingbox.

A company called Applian Technologies released its own device that allowed Slingbox users to make recordings of television content.

In response, Sling Media has started encrypting its data, which not only blocks out Applian's device, but also disables some functionality to its users, such as the ability to use a Slingbox along with file-sharing apps.

More here.

Man Sues Over Sperm Bank Hidden Camera

Via The Smoking Gun.

Claiming that he found a video camera hidden in the ceiling of a sperm bank's "donation room," a Los Angeles man is suing the firm for negligence and emotional distress. Ken Rigberg, 27, charges that he discovered the pinhole camera during a June 2005 visit to Pasadena's Pacific Reproductive Services.

According to Rigberg's Los Angeles Superior Court complaint, a copy of which you'll find below, he "noticed an unusual hole in the ceiling tile" of a private donation room, where he had just finished masturbating into a cup. Upon inspection, Rigberg realized that "there was a hidden surveillance camera on top of the ceiling tile, with the lens of the camera positioned to...capture the activity within the private donor room."

More here.

Man Hangs Dead From the Ceiling, Yet Remains Online

Via NetworkWorld.

A play about a man who hangs dead from the ceiling of his apartment while his computer program maintains the façade that he is still alive was among the top entries in a new competition for plays about science and technology.

That play, titled "On-line" and submitted by Minneapolis playwright Mark Steven Jensen, earned finalist status in the first Scientists, Technologists, and Artists Generating Exploration (STAGE) competition. The contest, which featured a $10,000 first prize, was organized by the Professional Artists Lab and California NanoSystems Institute at the University of California, Santa Barbara.

Another network-oriented play earning special recognition was called "Bot," and is the story of a teenage computer genius obsessed with how technology can blur the line between humans and machines. It was written by C. Michele Kaplan.

More here.

'Hacker Watchers' Pass Along Security Secrets

An AP newswire article, via MSNBC, reports that:

Federal scientists who study how hackers try to break into computer-based controls for nuclear reactors and other automated industrial systems are passing the secrets on to the private operators of such facilities.

The U.S. Department of Energy and U.S. Department of Homeland Security will sponsor free classes in protecting remote controls of critical infrastructure during an international cybersecurity summit in Las Vegas Sept. 28-30.

Researchers from the Idaho National Laboratory will demonstrate cybersecurity attacks on Supervisory Control and Data Acquisition, or SCADA, networks that regulate electrical-supply systems and other automated industrial controls of potential terrorist targets, such as railroads, chemical plants and hydroelectric dams.

More here.

South Bay: Hot Weather Causing Hiccups in Service, Comcast Says

Leslie Griffy writes in The Mercury News:

Some Comcast cable television and Internet customers in San Mateo and Santa Clara counties may have lost service this morning because of a power interruption, spokesman Andrew Johnson said.

"I just know that I've heard that there have been occasional blips in power" especially with the hot weather, he said.

The cable service interruption started around 11:10 a.m. and was corrected about 30 minutes later, Johnson said.

More here.

Microsoft's Tenets: Old Words in New Bottles

Mary Jo Foley writes on Microsoft Watch:

Don't be fooled: There are no real concessions in Microsoft's ballyhooed golden rules of engagement.

For Microsoft historians who've kept tabs on Microsoft's dealings with its PC and software partners during the past decade, the words "Microsoft" and "principle" make strange bedfellows.

It was ten years ago this coming October that the U.S. Department of Justice filed its antitrust lawsuit of Microsoft, based on what the DOJ considered a breach of terms outlined by a 1994 consent decree with Microsoft. After years of damning testimony, via which Microsoft's unscrupulous business practices involving its OEM partners came to light, Microsoft was found guilty of abusing its desktop Windows monopoly. Since then, Microsoft has been slapped with a number of additional antitrust suits, here and abroad.

More here.

San Jose Police Launch Cold Case Web Site

Leslie Griffy writes in The Mercury News:

Searching for new clues to old homicides, San Jose police today launched a Web site featuring 17 cold cases.

Through the site,, Lt. J.R. Gamez hopes to get help from public in cracking some of the city's 205 unsolved homicides dating back to 1962.

People with information on crimes featured on the site can e-mail or call cold case detectives. Information can also be left anonymously for officers on the Crime Stoppers tip line at (408) 947-STOP (7867).

Seeing the pictures of the dead or reading about the crimes will, Gamez hopes, convince people to tell what they may know.

More here.

Texas Judge Briefed by EFF Affirms Phone Privacy

Via The EFF.

In the first ruling of its kind, a federal magistrate judge has held that the government must obtain a search warrant to collect the content of a telephone call, even when that content is dialed digits like bank account numbers, social security numbers or prescription refills. The decision from Magistrate Judge Smith in Houston closely follows the reasoning outlined in an amicus brief from the Electronic Frontier Foundation (EFF) and the Center for Democracy and Technology (CDT).

The Texas judge invited EFF to file the brief in response to requests from government investigators to use a "pen register" or "trap and trace device" to collect all numbers dialed on a phone keypad after a call has been connected. Investigators can typically get "pen/trap" orders under a legal standard much lower than the "probable cause" required for a typical phone-tapping warrant, because only phone numbers used to connect the call are collected, not the content of the phone call itself.

More here.

University of Texas Supercomputer Gets an Upgrade

Via The Austin Business Journal.

Lonestar, the supercomputer based at the Texas Advanced Computing Center, is getting an upgrade that researchers say will put the computer on the fast track to becoming one of the most powerful supercomputers in the world.

Lonestar's server is being upgraded to a Dell PowerEdge 1955 blade server, meaning it'll have improved performance and scalability of applications that run on Lonestar. The supercomputer will possess a peak performance of more than 55 teraflops once the system achieves full production status on October 1. The fastest supercomputer in the world, called BlueGene, has been clocked at 280 teraflops.

By the end of September, all current blades on Lonestar will be replaced with new blades containing dual-core Intel processors. Members of the national community are encouraged to apply for allocations through the National Science Foundation TeraGrid initiative at:

More here.

Judge Denies Government and AT&T Motions to Dismiss NSA Case

Kevi Poulsen writes on 27B Stroke 6:

A federal judge in San Francisco has rejected the Bush administration's bid to kill the EFF's class action lawsuit alleging that AT&T is cooperating in an illegal NSA surveillance program that monitors Americans' internet activities.

In a 72-page written decision issued Thursday, U.S. District Court chief judge Vaughn Walker rejected the government's argument that merely allowing the case to proceed would cause critical harm to U.S. national security -- a ruling that marks a significant victory for EFF, and puts a rare limitation on the reach of the president's "state secrets privilege" to sweep alleged illegal government activities under the cloak of national security.

More here.

Verizon Wireless Obtains Permanent Injunction Against Telemarketer

An AP newswire article, via Yahoo! News, reports that:

Verizon Wireless has obtained a permanent injunction blocking a Miami telemarketer from making automated calls to its customers, the cellular phone company said Thursday.

The injunction comes after Verizon Wireless reached an agreement with All Star Vacations and Marketing Group Inc., which Verizon sued in February, along with another Florida travel company, for illegally soliciting wireless phone customers.

Verizon Wireless, jointly owned by Verizon Communications Inc. and Vodafone Group PLC, said more than 500,000 of its customers received telephone calls in Spanish from All Star on behalf of the two travel companies. The customers were told they had won a trip to one of several resorts and then directed to call a toll-free number to claim the prize.

More here.

Political Toon: Dr, Bush, Resident Quack

Click for larger image.

The Daily Show Revisits Net Neutrality

John Hodgman
Image source: Comedy Central


On Wednesday night, the Daily Show revisited Senator Ted Stevens’ comments on Net Neutrality to comment on the what the Internet would look like without this guiding principle.

Daily Show correspondent John Hodgman uses several envelopes or “packets” to illustrate to host Jon Stewart and his audience how information travel across a Neutral Internet. He then describes a world without Net Neutrality.

Video clip here.

Ex-UBS Sys Admin Found Guilty, Prosecutors To Seek Maximum Sentence

Sharon Gaudin writes on InformatonWeek:

The systems administrator found guilty Wednesday of launching an attack on UBS PaineWebber four years ago now faces a maximum of 6-1/2 to eight years in federal prison. And federal prosecutors say they will be asking for the maximum sentence.

After about 20 hours of deliberation, the jury returned a guilty verdict on two out of four charges for Roger Duronio, 63, of Bogota, N.J. Duronio was found guilty of computer sabotage and securities fraud. He was acquitted on two counts of mail fraud. He will be sentenced at a later date.

More here.

U.S. Victim of 419 Scam Shoots Preacher Husband

Wow -- I had been aware of most of this story for a couple of months now, but this is the first that I've heard of a link to a 419 scam.

Lester Haines writes in The Register:

A row over money which provoked a US woman to shoot dead her husband may have been exacerbated by the couple's fleecing by 419 scammers, AP reports.

Mary Winkler, of Selmer, Tennessee, allegedly shot her preacher husband in the back with a 12-gauge shotgun as he lay in bed on 22 March. The body of Matthew Winkler, described as "the popular minister at the Fourth Street Church of Christ", was discovered later that evening by members of his church.

His wife had fled the scene with her three young daughters but was arrested the following day in Orange Beach, Alabama.

More here.

Vandenberg Test-Launches Unarmed ICBM

An AP newswire article, via The Mercury News, reports that:

The Air Force successfully launched an unarmed intercontinental ballistic missile early Thursday. The Minuteman III dummy warheads were fired at 3:14 a.m. and traveled about 4,200 miles before hitting a water target in the Marshall Islands.

The launch was delayed by a day because of a power outage at a radar facility that handles flights in and out of Southern California.

The purpose is to test the defense system's reliability and accuracy.
Earlier this month, North Korea shook up the world by firing several missiles into the Sea of Japan, including a failed long-range type believed to be capable of reaching the United States.

More here.

747 Aircraft Freighter Crash Linked to Laptop Tool Miscalculation

Peter B. Ladkin writes in RISKS Digest:

The Canadian TSB have issued the report on the 14 October 2004 crash of a Boeing B747 freighter on takeoff at Halifax airport, Nova Scotia.

According to a Flight International report by David Kaminski-Morrow (4-10 July 2006, p4), the TSB "says that the crew's misunderstanding of a laptop computer tool for calculating take-off performance led to the accidents. It concludes that the crew unwittingly transferred and used weight data from the aircraft's previous flight while calculating performance criteria for the next take-off. The obsolete data misled the crew to derive incorrect thrust settings and critical speeds for take-off."

The aircraft failed to lift off after rotation and overran the end of the runway by 250 meters, briefly lifting off but then striking an earth berm, severing the tail section and bringing the aircraft to earth again. All seven crew were killed.

More here.

Belgian Police Harassing Online Journalist in Brussels

Via The Brussels Journal.

This morning, a police officer from the "Projectcel Mensenhandel en Vreemdelingen" (Project Cell Human Trafficking and Foreigners) came to my door to question me about alledged "racist" articles on this website. I was not in. My son was told to tell me to contact the police asap in order to make an appointment for interrogation.

Apparently crime statistics in Belgium are so low that the police have nothing better to do than harrass journalists. However, since my lawyer is on vacation they will have to wait. The Belgian regime has decided to intimidate me in the hope to close down this website. I am becoming quite a regular at the local police station. Last month they questioned me for homeschooling my children. I will keep you posted.

More here.

Fail-Safe Fails: FAA Looks for Answers

Jennifer Oldham and Ricardo Alonso-Zaldivar write in The Los Angeles Times:

When radar screens suddenly went dark at Palmdale's regional air traffic center on Tuesday, controller Bruce Bates and his colleagues knew instinctively what to do: They grabbed their cellphones and started calling for help.

The simple solution to a high-tech problem played out as pilots flying at high altitudes over Southern California and much of Nevada and Arizona tried in vain to reach controllers in the Los Angeles Air Route Traffic Control Center, where even the radios were dead.

More here.

Gapingvoid: Channel Your Greed

Via Enjoy!

Is SETI Barking up the Wrong Tree?

Seth Shostak writes on

It’s been 46 years since Frank Drake aimed an antenna at the stars in the first modern SETI experiment. His hope was to hear a deliberate signal – guided into space by intelligent beings – rather than the natural, noisy dance of hot electrons.

Since then, SETI has expanded its search space, bettered its equipment, and refined its strategies. But the bottom line hasn’t budged: still no confirmed chitter from the cosmos.

Some people mistakenly confuse a long search with a thorough one, and figure that the lack of a SETI detection indicates that we’re alone in the Galaxy. This, however, is nonsense.

More here.

AT&T Settles Customer Information Investigation

K.C. Jones writes on TechWeb News:

AT&T will pay a $550,000 settlement to end an investigation into third-party access to information about customers' telephone calls.

The company recently agreed to pay the money on behalf of recently-acquired SBC. Both companies cooperated with the enforcement bureau of the Federal Communications Commission during an investigation into whether customer confidentiality was breached. The payment, due within 30 days, does not constitute an admission of wrongdoing, according to language in the agreement.

The company agreed to supervision and review of its opt-out processes for releasing proprietary customer network information (CPNI). The company also agreed to monitor customer complaints and identify violations of the FCC's opt-out rules.

More here.

Zango Up To Its Old Tricks: Now Serving Up Porn and Exploits

paperghost writes over on

As you may have seen in the update I just made to the post regarding Zango and the site called Teenlaughs, I was informed by a good colleague of mine that some of its pages appear to serve up a couple of nasty exploits, HTML/Exlpoit.Mht Trojan and Win32/TrojanDownloader.

Bad enough - but I decided to go check out where these exploits are coming from.

The answer isn't good, and now more questions need to be asked about the validity of this latest Zango affiliate (like his site isn't dubious enough already!)

Much, much more here.

PayPal XSS Exploit Available for Two Years?

Via Netcraft.

The cross-site scripting (XSS) vulnerability, which was harnessed by fraudsters to execute a convincing phishing attack against PayPal users, may have been exploitable for two years previously.

Despite the prompt action taken by PayPal to address the security flaw after it was reported by Netcraft last month, it became apparent that the very same flaw had been discovered and documented two years earlier. The page - cached by the Wayback Machine - describes a cross site scripting attack that affected donation pages for suspended users, and is the exact method exploited by the phishing attack in June 2006.

Chris Marlow tried to warn PayPal about the flaw in June 2004, but claims the PayPal representative he spoke to did not understand what cross-site scripting was, and - due to company policy - was unable to provide an email address to allow a proof-of-concept exploit to be demonstrated. Frustrated at being unable to convey the seriousness of the issue, Mr Marlow then posted details about the exploit to his web site but did not receive any response from PayPal.

More here.

Amnesty Accuses U.S. Firms over China Web Censorship

Ben Blanchard writes for Reuters:

Microsoft Corp, Google Inc, and Yahoo Inc have breached the Universal Declaration on Human Rights in colluding with China to censor the Internet, Amnesty International said on Thursday.

The three publicly traded companies are ignoring their own stated commitments -- which in Google's case includes corporate motto "Don't be evil" -- and are in denial over the human rights implications of their actions, the group said.

"All three companies have, in one way or another, facilitated or concluded in the practice of censorship in China," London-based Amnesty said in a report.

"All three companies have demonstrated a disregard for their own internally driven and proclaimed policies. They have made promises ... which they failed to uphold in the face of business opportunities and pressure from the Chinese government," it said.

More here.

20 July 1976: Viking 1 Successfully Lands on Mars


This Mars surface image was acquired at the Viking Lander 1 site.
Image source: Wikipedia

Via Wikipedia.

The Viking 1 was the first of two spacecraft sent to Mars as part of NASA's Viking program.

Following launch using a Titan/Centaur launch vehicle on 20 August 1975 and a 10 month cruise to Mars, the orbiter began returning global images of Mars about 5 days before orbit insertion. The Viking 1 Orbiter was inserted into Mars orbit on 19 June 1976 and trimmed to a 1513 x 33,000 km, 24.66 h site certification orbit on 21 June. Landing on Mars was planned for July 4, 1976, the United States Bicentennial, but imaging of the primary landing site showed it was too rough for a safe landing. The landing was delayed until a safer site was found. The lander separated from the orbiter on 20 July 08:51 UT and landed at 11:56:06 UT.

More here.

20 July 1969: Apollo 11 Lands on the Moon


Neil Armstrong takes his first step onto the Moon.
Image source: Wikipedia

Via Wikipedia.

Apollo 11 was the first manned mission to land on the Moon. It was the fifth human spaceflight of the Apollo program, and the third human voyage to the moon. Launched on July 16, 1969, it carried Commander Neil Armstrong, Command Module Pilot Michael Collins and Lunar Module Pilot Edwin 'Buzz' Aldrin. On July 20, Armstrong and Aldrin became the first humans to set foot on the Moon, while Collins orbited above.

The mission fulfilled President John F. Kennedy's goal of "landing a man on the moon and returning him safely to the Earth" by the end of the 1960s.

On July 20, 1969, while on the far side of the Moon, the lunar module, called Eagle, separated from the Command Module, named Columbia (Some internal NASA planning documents referred to the callsigns as Snowcone and Haystack; these were quietly changed before being announced to the press.). Collins, alone aboard Columbia, inspected Eagle as it pirouetted before him to ensure the craft was not damaged. Armstrong and Aldrin used Eagle's descent engine to right themselves and descend to the lunar surface.

More here.

Wednesday, July 19, 2006

Update: U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Wednesday, July 19, 2006, at least 2,556 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,021 died as a result of hostile action, according to the military's numbers.

The AP count is two higher than the Defense Department's tally, last updated Wednesday at 10 a.m. EDT.

More here.

Defense Tech: Specter Hearts NSA Spying

Via Defense Tech.

Patrick Radden Keefe originally wanted to call his examination of Sen. Arlen Specter's so-called "compromise" bill on NSA spying, "Don't Shit in my Hand and Call it a Sundae." His editors at Slate declined, alas. Luckily, they seem to have left Patrick alone for the rest of his analysis of Specter's 18-page legal ejecta. Here's a chunk:

Review by the FISA court is optional. Whereas under the 1978 law, the president could authorize surveillance without seeking a warrant for up to 15 days after a declaration of war, Specter's bill eliminates the declaration-of-war provision and expands that 15-day grace period — to a year.

And Specter is just getting warmed up. Toward the end of the bill, a few sly additions demonstrate that everything else, accommodating though it seemed, was mere preamble. Section 801 proposes to amend FISA by inserting the phrase, "Nothing in this Act shall be construed to limit the constitutional authority of the President to collect intelligence with respect to foreign powers and agents of foreign powers." In other words, none of the constraints just outlined should be interpreted as absolute, because nothing in the preceding pages counts!

More here.

Black Hat: Cisco to be Under Scrutiny Again

Robert McMillan writes on NetworkWorld:

Cisco's products will again come under scrutiny again at this year's Black Hat USA 2006 conference, which kicks off later this month in Las Vegas.

Conference organizers say that 15 new exploits will be discussed at this year's event and that two of them target Network Admission Control and VoIP vulnerabilities that affect products from a number of vendors, including Cisco.

Security researchers, no longer as focused on digging up bugs in core Windows components, are looking for green fields, said Black Hat Director Jeff Moss.

More here.

Ex-NASA Manager Guilty in Child Porn Case

Patience Wait writes on

A former NASA manager who was arrested in March on charges of distributing child pornography from both his government and home computers pleaded guilty yesterday in U.S. District Court in Alexandria, Va.

James R. Robinson, who had been a GS-15 employee at NASA’s In-Space Propulsion, Mission and Systems Management Division, based at the agency’s Washington headquarters, faces a prison sentence of five to 20 years for sending digital pornographic movies involving children to three undercover U.S. postal inspectors.

Robinson was remanded to custody; sentencing is set for October 13.

More here.

Lockheed Reveals New Research UAV

Via UPI.

Lockheed Martin announced Wednesday its famed "Skunk Works" research team was developing a high-altitude unmanned aerial vehicle called "Polecat."

Also known as the P-175, the UAV was produced in about 18 months using Lockheed internal funding as a means of testing next-generation designs and composite materials that could find their way into future unmanned bombers.

More here.

Pentagon Studies Blogs as Terror-Fighting Tool

Rory O'Conner writes on AlterNet:

The Defense Department is seeking to create a powerful and sophisticated new weapon to help win the Global War on Terror -- a blog search engine. "We're out to make a machine that will analyze blogs in real-time," says Dr. Brian E. Ulicny, a senior scientist for the defense contractor charged with development of the new terror-fighting tool.

Can blogs really help "information analysts and warfighters" combat terrorism? The Air Force Office of Scientific Research is betting nearly half a million dollars that the answer is "Sir, Yes Sir!"

The money will go to a Massachusetts firm called Versatile Information Systems Inc., to pay for a 3-year project entitled "Automated Ontologically-Based Link Analysis of International Web Logs for the Timely Discovery of Relevant and Credible Information."

In plainer English, that translates into the creation of a "topic-specific blog search and analytic tool that will apply novel metrics" to analyze links and patterns within the blogosphere, according to Ulicny. Those patterns include the content of blogs as well as hyperlinks contained within them. "The focus will be on those that are part of the national security and foreign relations domain," Ulicny explains. "After all, the Air Force is not particularly interested in blog postings about Lindsay Lohan.

More here.

Security Honeymoon Over For VoIP

Luc Hatlestad writes on VARBusiness:

Last month's FBI arrest of a man in Miami for allegedly hacking into the networks of Internet service providers has ushered in a new era for voice over IP technology (VoIP).

Naturally, VoIP inevitably was going to have to deal with the same type of security concerns that other data networks have faced. But the security space moves fast, and in recent months VoIP security has gone from an impending issue to a top-of-mind problem for vendors, VARs and users.

The Miami case, in which the alleged offender is accused of tapping into IP telephony networks to fraudulently sell more than 10 million minutes of calls, represents an escalation from simple denial- and loss-of-service threats to more serious theft-of-service attacks. Commenting on the case, Nemertes Research said that "converged networks lead to converged threats," and that such attacks are likely to continue, if not become more prevalent.

More here.

Om Malik: NSF Backs Open Source Wireless Mesh Project

Om Malik writes over on his GigaOm blog:

Earthlink and Tropos might be looking to make millions off of muni wireless, but members of the open source community are hard at work trying to make wireless networking free. And they just got some funds to help their cause. Sascha Meinrath, of the Champaign-Urbana Community Wireless Network, CUWIN, just called me this morning to say his open source wireless mesh project received a $500,000 grant from the National Science Foundation. Sascha says he plans to use the money to add staff, scour the globe for open source partners, and boost research and testing.

The organization had been applying to the NSF for 4 years now, and previously Sascha had been paying much of the research fees out of pocket–so the news is good for him on a lot of levels! A project like this could help make wireless broadband available for communities that can’t afford it and address the real digital divide. Not just recreate the economics of the traditional phone and cable operators with a slightly less monthly subscriber fee.

More here.

Forgent Gets Court Date for DVR Lawsuit

Via The Austin Business Journal.

Austin software and intellectual property licensing company Forgent Networks Inc. is going to court.

In July 2005, the company initiated litigation against 15 companies in the Eastern District of Texas, Marshall Division, for the alleged infringement of its '746 patent, a computer controlled video system that allows playback during recording -- similar to a digital video recorder.

Recently, Judge Leonard Davis of the U.S. District Court for the Eastern District of Texas, Tyler Division, set a preliminary hearing for Nov. 9 and a trial date of May 14, 2007.

The court also ordered mediation among the parties to occur prior to the preliminary hearing. Mediation is scheduled to begin on September 11.

More here.

DARPA Awards Tactical Network Deal

Doug Beizer writes on

With the hope of being able to form networks free of fixed infrastructure, the Defense Advanced Research Projects Agency awarded an 18-month contract worth $7.8 million to BAE Systems Inc.

The contract to develop the next generation in wireless tactical network protocols for the military includes an option that would extend it to 30 months at a cost of $13.3 million.

The objective of DARPA’s initiative, known as Control-Based Mobile Ad-hoc Network, is to create a new protocol for networks of autonomous mobile communication devices called mobile ad-hoc networks. Within an ad-hoc network, each node operates not only as an end system but as a router capable of forwarding traffic and forming a network free of any fixed infrastructure.

More here.

Eighty Percent of New Malware Defeats Antivirus

Munir Kotadia writes on ZDNet Australia:

The most popular antivirus applications on the market are rendered useless by around 80 percent of new malware, according to AusCERT.

At a security breakfast hosted by e-mail security firm Messagelabs in Sydney on Wednesday, the general manager of the Australian Computer Emergency Response Team (AusCERT), Graham Ingram, told the audience that popular desktop antivirus applications "don't work".

"At the point we see it as a CERT, which is very early on -- the most popular brands of antivirus on the market … have an 80 percent miss rate. That is not a detection rate that is a miss rate.

"So if you are running these pieces of software, eight out of 10 pieces of malicious code are going to get in," said Ingram.

Ingram, who refused to name any specific companies, was quick to point that this was due to cybercriminals designing their Trojans and viruses to bypass detection rather than a defective product.

More here.

London Man Indicted on Terroism Charges

An AP newswire article, via The Boston Globe, reports that:

A London man was indicted on terrorism charges Wednesday for helping run Web sites that U.S. authorities said raised money for terrorism.

Syed Talha Ahsan was arrested at his home in London on a federal indictment in Connecticut charging him with conspiracy to support terrorists and conspiracy to kill or injure people abroad.

Ahsan is accused in the same case as Babar Ahmad, a British computer specialist who was indicted in Connecticut in October 2004. Both are accused of running several Web sites including, which investigators say was used to recruit members for the al-Qaida network, Afghanistan's ousted Taliban regime and Chechen rebels.

The case was brought in Connecticut because authorities say an Internet service provider here was used.

More here.

Hacked Ad Seen on MySpace Served Spyware to a Million

Brian Krebs writes on Security Fix:

An online banner advertisement that ran on and other sites over the past week used a Windows security flaw to infect more than a million users with spyware when people merely browsed the sites with unpatched versions of Windows, according to data collected by iDefense, a Verisign company.

Michael La Pilla, an iDefense "malcode" analyst, said he first spotted the attack Sunday while browsing MySpace on a Linux-based machine. When he browsed a page headed with an ad for, his browser asked him whether he wanted to open a file called exp.wmf. Microsoft released a patch in January to fix a serious security flaw in the way Windows renders WMF (Windows Metafile) images, and online criminal groups have been using the flaw to install adware, keystroke loggers and all manner of invasive software for the past seven months.

More here.