Saturday, February 10, 2007

Internet Fraud Scheme, Guilty Plea

Via Technology News Daily.

On February 6, 2007, defendant Joseph John Vaquera, the third defendant in a $2 million scheme to defraud retail businesses throughout the United States, pled guilty to mail fraud charges. Co-defendants, Steven Michael May and Christopher William Cook pled guilty to mail fraud charges on Friday, February 2, 2007. May, Vaquera, and Cook are each facing a maximum statuary sentence of twenty (20) years' imprisonment. Defendants May and Cook are scheduled to be sentenced on April 13, 2007 at 1:30 pm, and Vaquera's sentencing is scheduled for April 18, 2007, at 1:30 pm, before U.S. District Court Judge Kenneth L. Ryskamp, in West Palm Beach.

According to the Indictment, the defendants established business lines of credit with more than thirty (30) businesses based on false and fraudulent financial information, and then used the fraudulently obtained lines of credit to obtain assorted high-end merchandise, which they subsequently sold on eBay.

In approximately 2003, the defendants began incorporating businesses located throughout the United States and leasing virtual office suites for these businesses. Each business had a virtual office in the state in which it was incorporated. The virtual office suites provided the defendants with addresses and telephone numbers so that it would appear as if the businesses were legitimate entities, when, in fact, they were not. Using e-mail and/or facsimiles, the defendants applied for business-to-business lines of credit with numerous retail companies throughout the United States. To date, the Government has identified 34 victim businesses.

More here.

SWIFT: A Security Researcher Gets Offered The Big Score

Larry Greenemeier writes on InformationWeek:

The stakes can get pretty high in the hacker economy.

A few years ago, a security researcher living overseas was contacted by a man with an intriguing offer: The researcher would get 2.2 million euros (more than $2.8 million) for each financial services firm he helped the man and his group of cybercriminals infiltrate. All the researcher had to do was provide the group with Windows Terminal Services access with administrative privileges for each bank, which the thieves would then penetrate via the Swift network. Swift, the Society for Worldwide Interbank Financial Telecommunication, manages a network owned by about 8,000 banks in 206 countries and territories to facilitate electronic transfers.

The thieves seemed to have deep knowledge of the Swift system and how it could be manipulated. After pilfering funds from a number of banks, the thieves planned to create a shell game that would transfer the money from one financial institution to another until they could shake the trail of anyone investigating the theft and access the money. Cracking into the Swift systems was made easier, the researcher claims, by the presence of a critical Microsoft bug that at the time left vulnerable Internet Information Services servers running Secure Sockets Layer transactions.

More here.

Background here, here, and here.

FTC Findings Undercut Industry Claims that Identity Theft Is Declining

Martin H. Bosworth writes on

The financial services industry, hoping to befuddle the new Congress, has been busily laying down a smokescreen claiming that identity theft is on the wane.

But the Federal Trade Commission's latest compilation of consumer complaints and a survey by the National Crime Prevention Council should do much to clear the air.

More here.

(Props, Flying Hamster.)

How Does The Hacker Economy Work?

Larry Greenemeier and J. Nicholas Hoover write on InformationWeek:

When retailer TJX disclosed Jan. 17 that the computer systems that store data related to credit card, debit card, check, and merchandise return transactions had been broken into, it said it had discovered the hack in December. But security officials at Visa had been seeing an increase in fraudulent activity on credit and debit cards related to TJX properties, such as T.J. Maxx, Marshalls, and HomeGoods stores, since mid-November. That means it's possible the purloined consumer data has been floating around the Internet, available for purchase on black market Web sites and chat rooms, for at least two months, maybe longer.

Hacking isn't a kid's game anymore. It's big business. Online black markets are flush with stolen credit card data, driver's license numbers, and malware, the programs that let hackers exploit the security weaknesses of commercial software. Cybercriminals have become an organized bunch; they use peer-to-peer payment systems just like they're buying and selling on eBay, and they're not afraid to work together.

More here.

U.S. Government Seeks To Halt Telecom Spying Suits

Ryan Singel writes on 27B Stroke 6:

Attorneys targeting the nation's largest telecommunications for their alleged participation in the government's warrantless wiretapping program argued today that their cases should also be subject to a landmark ruling in a related case against AT&T, allowing the case to proceed despite the government's protest that it would expose national security secrets.

That July ruling by Northern California District court judge, currently awaiting an appeal hearing in the Ninth Circuit, found that since the Bush Administration admitted the wiretapping program exists, the case can't simply be thrown out.

More here.

Taking the Bait On a Phish Scam

Annys Shin writes in The Washington Post:

The Web site for the "world's fastest growing news organization" looked good enough to fool Katherine Brinton, an aspiring journalist in Philadelphia. After posting her résumé on nine months ago, the 23-year old received an e-mail from USA Voice in November that said it was looking for reporters with "excellent writing skills" and an "innate ability to find the truth."

Brinton filled out an online application with her name, address and telephone number. But instead of job offers, she began receiving a stream of unsolicited e-mails hawking Viagra, payday loans and penny stocks.

"I felt like I was being scammed," she said.

Brinton fell victim to a sophisticated phishing scam, which, in recent months, targeted thousands of job seekers on such popular Web sites as and Phishers send out seemingly legitimate e-mail in an attempt to get people to reply with personal information then used in a variety of scams.

More here.

Hacker Gets Indiana State Credit Card Info

Niki Kelly writes in The (Ft. Wayne) Journal Gazette:

State technology officials sent letters Friday to 5,600 people and businesses informing them that a hacker obtained thousands of credit card numbers from the state Web site.

Although numbers are usually encrypted or shortened to the last four digits, the Office of Technology conceded a technical error allowed the full credit card numbers to remain on the system and be viewed by the intruder.

“Like thousands of web sites, the state’s web site is constantly under attack from hackers,” the letter said. “To repel these attacks, the state has implemented the highest levels of security and submitted itself to regular independent audits to ensure that data is safeguarded.

“Despite these efforts, the state’s web site recently experienced a security breach.”

Chris Cotterill, director of the site,, said the hacking occurred in early January but wasn’t discovered until Jan. 25.

More here.

(Props, Pogo Was Right.)

Friday, February 09, 2007

Hackers Create Snow Day for Ohio High School

Matthew Bozone writes on

Two Ohio high schoolers are accused of hacking into their school’s computer system and canceling school for a snow day.

Michelle Hopkins has the story from Trenton, Ohio.

“Right here where you see the red. That’s where the announcement comes out.”

The announcement Sunday night read “Edgewood Schools Closed” when it was really just a one-hour delay.

More here.

Wikipedia’s Anna Nicole Angst

Alexandra Berzon writes on Red Herring:

While still alive, Anna Nicole Smith dyed her hair blonde, got breast enhancements, and donned an up-swept skirt, but the Marilyn Monroe status she openly chased still eluded her. In death, she came closer.

By Thursday, the media couldn’t help noting that her seemingly sudden and mysterious collapse faintly echoed the demise of Ms. Monroe.
But in the minutes and hours after, Anna Nicole also got something a little extra, a little nerdier than Marilyn ever could have imagined: a Wikipedia battle.

The former Playboy model, former reality TV star, and former wife of a very old billionaire was quickly swept up into the online user-generated encyclopedia’s normal eruptions. It happens, to varying degrees, pretty much any time a sensational breaking news story hits: Rapid entry changes, defacements, and corrections—all while the headlines are still churning. Meanwhile, an army of core volunteer editors pound their keyboards, struggling to maintain accuracy and objectivity in the face of falsehoods, conspiracies, and mean jokes posted on the site.

More here.

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Friday, Feb. 9, 2007, at least 3,117 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,497 died as a result of hostile action, according to the military's numbers.

The AP count is eight higher than the Defense Department's tally, last updated Friday at 10 a.m. EST.

More here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Microsoft Takes Security Teams Global

This is good news.

John E. Dunn writes on TechWorld:

Microsoft has announced plans to open new security research centres in Europe and Asia, the first time such teams have been located outside the US.

The company plans to use the centres to monitor emerging security threats round the clock regardless of time zone limitations, and to bolster parts of its emerging security threat business such as the much criticised Windows Live OneCare.

More here.

Attack by Korean Hacker Prompts U.S. DoD Cyber Debate

Josh Rogin writes on

Defense Department computer networks are probed and attacked hundreds of time each day. But a recent attack on the civilian Internet is causing DOD officials to re-examine whether the policies under which they fight cyber battles are tying their hands.

“This is an area where technology has outstripped our ability to make policy,” said Air Force Gen. Ronald Keys, Commander of Air Combat Command. “We need to have a debate and figure out how to defend ourselves.”

Unlike in the war on terror, DOD can’t go after cyber attackers who plan or discuss crimes until they act, Keys said. Web sites in other countries are beyond DOD‘s reach, he added. “If they’re not in the United States, you can’t touch 'em.”

Keys said it would probably take a cyber version of the 9/11 attacks to make the U.S. realize that barriers to action in cyberspace should be re-evaluated.

More here.

U.S. Congress: We Want Our Porn Labeled and Our Data Retained

Yeah,? Well, people in Hell want ice water.

But really, the issues here are innumerable.

Timothy B. Lee writes on ARS Technica:

Republicans in Congress, still licking their wounds from November's losses, have unveiled a "law and order agenda" that they hope will prove more popular with voters than their 2006 campaigns. One of the bills introduced as part of the package, sponsored by Rep. Lamar Smith (R-TX), resurrects two proposals that have been strongly opposed by civil liberties groups.

Following the Congress's tradition of giving bills patronizing acronyms, the legislation is titled the Internet Stopping Adults Facilitating the Exploitation of Today's Youth Act—"Internet SAFETY" for short. Like the 2006 SAFETY Act introduced by Sen. John Kyl (R-AZ), the legislation requires the creators of commercial websites to include a warning if a site contains "sexually explicit material."

Civil liberties groups have raised free speech concerns about such proposals in the past. The official definition of "sexually explicit material" would appear to include non-pornographic sexual education materials. There's also ambiguity in the requirement that there be no "sexually explicit material" in the part of a website that is "initially viewable." That may simply refer to a site's homepage, but with deep linking, any content on a website can be the first content a visitor might see. Such ambiguity is troubling when the penalty for getting it wrong is up to five years in prison.

Also tucked away in this year's version of the SAFETY Act is an item from the FBI's wish list. The bill requires that e-mail and Internet service providers retain records about their customers' online activities for use in law enforcement activities. Failure to comply with regulations issued by the attorney general will get you a year in the slammer.

More here.

PSU Security Researchers Tout Zippier Way to Squash Computer Worms

Nothing really new here, but FYI...

Bob Brown writes on NetworkWorld:

Penn State University researchers have created technology they say can nab computer worms more quickly than traditional signature-based systems and speedily set free the traffic if it's determined to be harmless after all.

The Proactive Worm Containment technology [.pdf] watches for a packet's rate and diversity of connections to other networks to identify worms, rather than having to wait around for a signature to be generated to spot new malware.

More here.

ECU Mistakenly Posts Personal Info Online


East Carolina University plans to notify about 65,000 students, alumni and staff members about a security breach that could put them at risk for identity theft.

A programming error on the school's OnePass Web site created files that made it possible for anyone to view personal information of thousands of students, former students and faculty members. The information included names, addresses, Social Security numbers and, in some cases, credit card numbers.

More here.

(Props, the Data Loss mailing list.)

Despite a Ban, Chinese Youth Navigate to Internet Cafes

Edward Coty writes in The Washington Post:

There was no sign, but Gedong's teenagers knew the way. Down a dusty alley just off Jicui Park and a few minutes' walk from local schools, the curtained door beckoned. Inside, in a dingy back room off the kitchen, a clutch of adolescent boys crowded around six computers and stared at the images flickering on their screens.

For the equivalent of 35 cents an hour, the youths were playing computer games in an underground Internet cafe, one of a half-dozen information-age speak-easies in this little farming and coal-mining town in Shanxi province 220 miles southwest of Beijing. For those unable to afford their own computers -- the vast majority here -- going online in a clandestine dive has become the only option; the local Communist Party leader banned Internet cafes nine months ago as a bad influence on minors.

More here.

Storm-Worm Gang Attacking the Warezov Gang

Mikko Hyponnen writes on the F-Secure "News from the Lab" Blog:

Interesting developments going on. The P2P botnet created by Storm-Worm variants has been used to launch Distributed Denial-of-Service attacks. Targets include several domains used by the Warezov/Medbot gang – with names like,,, et cetera. Also, several antispam organizations have been attacked.

Joe Stewart has done a good write-up about this.

This is not a good development and reminds us of the Great Virus War fought in 2004.

More here.

Hackers Attack 92,000 Korean Computers


Some 1,000 Korean Internet sites were attacked, leaving 92,000 Korean computers infected with a malicious computer program, the Korea Information Security Agency (KISA) announced Thursday. The KISA said that it took emergency measures against a malicious computer program that steals the personal information of Korean gamers. The agency told 1,000 Internet sites that they had fallen victim to large-scale computer break-ins and advised them to delete the program.

Hackers aimed to obtain IDs and passwords of Korean gamers who use online games Hangame and MapleStory, targeting the Internet sites of the game companies. When users log into the hacked sites, the malicious program is stealthily installed on their computers, throwing the door open for hackers to steal their IDs and passwords.

The computer security agency said that 620,000 Korean computers were attacked and 92,000 of those with weak security protection were infected by the program. The agency believes that a group of Chinese hackers committed the attack, as Korea is often a target of Chinese cyber-thieves looking to steal personal information.

More here.

Call Records Suits Meet with Spying Suit in Court Today

Ryan Singel writes on 27B Stroke 6:

Telecoms, rights groups, and the government will square off today in an San Francisco court room in the continuing battle over whether telecoms are liable for helping the government spy on American's overseas phone calls and domestic phone records without getting warrants. It's the first hearing in the case after the government's surprise announcement in January that its efforts to eavesdrop on cross-border phone calls, when one party is suspected to have links to terrorist groups -- would be overseen by the very court it avoided getting warrants from since 2001.

While the action in San Francisco has mostly been about the Electronic Frontier Foundation's lawsuit against AT&T, some 46 other cases making similar allegations against other telecoms such as Bellsouth, Cingular, Sprint, and Verizon have been combined into 5 distinct, but related actions. Today, the court will decide if its landmark ruling in July, which said that the EFF suit could proceeded despite the government's assertion that it would damage national security because the government has admitted the program exists, applies also to the other cases.

More here.

Cisco Buys Into Vertical Social-Networking: Five Across

Nicholas Carlson writes on

Cisco Systems today bought privately held social-networking vendor Five Across, lending a hand to companies wanting to go the user-generated route. The terms of the acquisition were not disclosed.

San Francisco-based Five Across was founded in 2003 by former Apple director of engineering Glenn Reid. The company's first products were aimed at the business instant messaging market, but in a statement Cisco said it bought the company for its Connect Community Builder.

Connect Community Builder is a white-label platform that allows companies to augment their Web sites with communities and user-generated content, such as audio-, video- and photo-sharing, blogs, podcasts and profiles.

Cisco spokesman John Noh told his company made the buy because Five Across's services were relevant to Cisco's core business -- networking.

More here.

Federal Appeals Court Weighs Internet Phone Taxes

Anne Broache writes on C|Net News:

A federal appeals court panel on Friday heard a challenge against taxes that were extended last year to some Internet phone providers, but the judges did not clearly signal how they might rule.

Some members of the three-judge panel at the U.S. District of Columbia Circuit Court suggested the Federal Communications Commission had not fully justified certain requirements it imposed in an order last June. The panel appeared less swayed, however, by arguments that the FCC had overstepped its authority in setting the mandate.

At issue is a unanimous FCC decision to require all voice over Internet Protocol (VoIP) services that connect to the public-switched telephone network--as opposed to using peer-to-peer technology, such as Skype--to contribute a percentage of their long-distance revenues to the Universal Service Fund. The multibillion dollar pool of money subsidizes telephone service in rural and low-income areas, certain health care providers, and schools and libraries. Previously, specific contribution requirements existed only for wireless and wireline telephone carriers, leaving it less clear where VoIP fit in.

If the FCC's rules are upheld, Americans could continue to see taxes levied on their VoIP bills--and at a steeper rate than on their cell phone or wireline bills. That's a situation the relatively young VoIP industry fears will drive away business.

More here.

Cartoon Network Chief Resigns

Candace Lombardi writes on the C|Net Media Blog:

Turner Broadcasting has confirmed that Cartoon Network head Jim Samples resigned on Friday.

The general manager of the Cartoon Network said in a statement to colleagues that he was resigning in light of the Boston controversy over a marketing campaign gone awry.

The Cartoon Network is the television network owned by Turner Broadcasting responsible for the blunder in which devices for a guerilla marketing campaign for the Adult Swim cartoon show Aqua Teen Hunger Force were mistaken by Boston authorities for bombs.

More here.

Thursday, February 08, 2007

Quote of the Day: Marc Peyser

"She was a survivor—you don’t make it from Jim’s Krispy Fried Chicken to Hollywood semistardom without working every angle you can find."

- Marc Peyser, writing on, on The Life and Times of Anna Nicole Smith.

Picture of the Day: Anna Nicole Smith and Kiss - UPDATE

Image source: Robert Mecea / AP / MSNBC

Anna Nicole Smith (center) is surrounded by members of Kiss at the conclusion of the Lane Bryant show, featuring plus size fashions in New York, Tuesday, Feb. 5, 2002. The legendary rock band gave a live performance throughout the runway show, which kicked off new York Fashion Week.

UPDATE: 19:34 PST: Another (better) pic from the same gig [below]. (Props,

Canadian Parliament May Force Banks to Reveal Electronic Security Lapses

Personally, I'd like to see this type of enforcement globally, or else the confidence in banking and online commerce will force folks to start putting their cash in their mattresses (again).

Carly Weeks writes for CanWest News Service (via

A House of Commons committee is expected to propose new rules that would force banks and other institutions to publicly disclose when they lose customers’ personal information.

But the country’s major banks are fighting the idea, saying it would have a “significant negative impact” on consumers.

The issue is about to reach a boiling point in Parliament, where the House ethics committee is in the process of reviewing the Personal Information Protection and Electronic Documents Act, designed to protect personal information that is used by businesses, the government, as well as health information.

More here.

(Props, Flying Hamster.)

UK: Phishing Education 'Doesn't Work'

Michael Crawford writes on PC Advisor:

The failure of customers to secure their own money during internet transactions could potentially lead banks to pass off the responsibility of financial losses back to the customer.

User education for online banking customers on how to avoid phishing scams has failed, according to Paul Henry, senior vice president of Secure Computing. This form of commonsense defence has failed to work time and time again, he added.

More here.

Caught in the (Tor) Network

Paul Cesarini writes in The Chronicle of Higher Education:

At 9:15 one Thursday morning, there came a polite knock on my mostly closed office door. I was expecting the knock. A student was coming to talk to me about getting into one of my courses, which he needed to graduate.

So when I heard the knock, I said, "C'mon in, Kyle." Someone said, "Hello?" and came in, along with two smartly dressed men extending business cards to me.

I recognized the speaker as a network-security technician in my university's office of information-technology services. The other men were not familiar, but a quick glance at their cards told me they were detectives on our campus police force. They closed my office door behind them, sat down, took out notepads and pens, and asked if I had a few minutes to speak with them about Tor.

... and asked him to stop using it.

More here.

Dot-XXX and Tiered/Differential Pricing: Permitted?

George Kirikos writes on CircleID:

As folks will recall, there was a big debate about tiered/differential pricing in the .biz/info/org contracts. Eventually those contracts were amended to prevent that.

However, if folks read the .XXX proposed contract, Appendix S, Part 2, under “delegated authority”, appears to give the Registry Operator total control to make policy regarding pricing. Thus, it would appear they are in a position to re-price domains that later become successful under .xxx.

More here.

In Remembrance: Anna Nicole Smith

Anna Nicole Smith
November 28, 1967 - February 8, 2007

Microsoft Patch Tuesday Alert: February 2007 Advance Notification

Via The Microsoft Security Response Center Blog.

Next Tuesday, on February 13, 2007 at approximately 10:00 am PT we are slated to release:

  • Five Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. Some of these updates will require a restart.
  • Two Microsoft Security Bulletins affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. These updates may require a restart.
  • One Microsoft Security Bulletin affecting Microsoft Windows and Microsoft Visual Studio. The highest Maximum Severity rating for this is Important. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates will require a restart.
  • One Microsoft Security Bulletin affecting Microsoft Windows and Microsoft Office. The highest Maximum Severity rating for this is Important. These updates will be detectable using the Microsoft Baseline Security Analyzer. These updates may require a restart.
  • One Microsoft Security Bulletin affecting Step-by-Step Interactive Training. The highest Maximum Severity rating for this is Important. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates may require a restart.
  • One Microsoft Security Bulletin affecting Microsoft Data Access Components. The highest Maximum Severity rating for this is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates may require a restart.
  • One Microsoft Security Bulletin affecting Windows Live OneCare, Microsoft Antigen, Microsoft Windows Defender, and Microsoft ForeFront. The highest Maximum Severity rating for these is Critical. These products provide built-in mechanisms for automatic detection and deployment of updates. Some of these updates may require a restart.

We will also be making our regular monthly update to the Microsoft Windows Malicious Software Removal Tool.

More here.

Defense Tech: Booz Allen’s SBI-Net Role Draws Scrutiny

Alice Lipowicz writes on Washington Technology:

Rep. Henry Waxman (D-Calif.) today suggested that consulting firm Booz Allen Hamilton Inc. may have a significant conflict of interest in its role as a contractor hired to help oversee the Homeland Security Department’s $8 billion Secure Border Initiative Network surveillance system.

Waxman, chairman of the House Committee on Oversight and Government Reform, drew attention at a hearing for the DHS’ heavy reliance on outside contractors in planning, managing, administering and overseeing the ambitious SBI-Net program.

More here.

Note: This is not the first time that BAH's credibility has been called into question.

Hacker Breaks into Website of Canadian Nuclear Agency

Ian MacLeod writes in The Ottawa Citizen:

A brazen hacker attacked the Canadian Nuclear Safety Commission website yesterday, littering it with dozens of photographs of a nuclear explosion and raising concerns about the security of information held by the nation's nuclear watchdog.

The incident was discovered about 3 p.m. by a Citizen reporter. All of the commission's current and archived news releases, dating back to 1998, were renamed as "security breaches" and, when opened, a colour photograph of a fiery mushroom cloud appeared under the heading "For Immediate Release."

An accompanying caption read: "Please dont (sic) put me in jail......oops, I divided by zero."

The pages were disabled minutes after the newspaper contacted the agency.

More here.

(Props, p2pnet.)

Cybercrime Blame Game At RSA Conference

Thomas Claburn writes on InformationWeek:

"Despite progress, greater efforts are needed in the fight against cybercrime." That's how the Business Software Alliance summarized a town meeting that the software industry interest group hosted today at the 2007 RSA Security Conference in San Francisco.

It's a fair statement that deftly avoids disconnect that could been seen between federal officials and the security experts on the discussion panel. Greater efforts are needed, but from whom?

Clearly, something needs to be done. The Federal Trade Commission on Wednesday released its list of the top consumer complaints for 2006. For the seventh year in a row, identity theft led the list with 36% of the complaints, at least five times more than the next complaint-generating categories: shop-at-home/catalog sales; prizes, sweepstakes, and lotteries; Internet services and computer complaints; and Internet auction fraud.

More here.

U.S. Cyber Counter Attack: Bomb 'Em One Way or The Other

The operative word in the second paragraph below is "known"...

Ellen Messmer writes on NetworkWorld:

If the United States found itself under a major cyberattack aimed at undermining the nation’s critical information infrastructure, the Department of Defense is prepared, based on the authority of the president, to launch a cyber counterattack or an actual bombing of an attack source.

The primary group responsible for analyzing the need for any cyber counterstrike is the National Cyber Response Coordination Group (NCRCG). The three key members of the NCRCG, who hail from the US-CERT computer-readiness team, the Department of Justice and the Defense Department, this week described how they would seek to coordinate a national response in the event of a major cyber-event from a known attacker.

More here.

Cisco's Top Router Executive, Mike Volpi, Resigns

A Reuters newswire article, via CNN/Money, reports that:

Cisco Systems Inc. said senior executive Mike Volpi resigned Thursday, a move that appears to clear the way for Chief Development Officer Charles Giancarlo eventually to head the network equipment maker.

Volpi, head of Cisco's top-selling routers group, told reporters he resigned for personal reasons, effective immediately.

Giancarlo remains in his post, but will oversee more senior executives as part of a management reshuffle that Cisco announced along with Volpi's departure.

Volpi, 40, had reported to Giancarlo, 49, but both were widely viewed by analysts as the top candidates to succeed Chairman and Chief Executive John Chambers. Both have worked at Cisco for 13 years.

More here.

Wednesday, February 07, 2007

Cisco Going Open Source With NAC Client

Paul F. Roberts writes on InfoWorld:

As it develops the next generation of network security infrastructure, Cisco Systems Inc. is planning to cease development on its network admission control (NAC) client, the Cisco Trust Agent (CTA), and submit the source code for the software client to the open source community, Bob Gleichauf, CTO of Cisco's Security Technology Group, told InfoWorld.

Cisco has a goal of making the CTA open source within "a couple months," allowing the company to free up development resources for other areas of NAC, Gleichauf said. Cisco's decisionis more evidence that Cisco will cede control of the desktop to Microsoft Vista, following a deal in September to use the Microsoft's NAP (Network Access Protection Agent) as the client for both Cisco NAC and NAP.

More here.

UK Papers Spark Online Ratings War

Alexandra Berzon writes on Red Herring:

What's the top newspaper Web site in the United Kingdom? Why, that depends on who you ask.

Several top papers have recently engaged in a minor spat over which is the top trafficked "quality" newspaper Web site in the country. The Daily Telegraph recently began declaring as much in an advertising campaign. That led Guardian Unlimited executives and journalists to claim the top spot themselves.

The problem? Both claims are, possibly, legitimate. It depends on what measurement company you go to for information.

More here.

Mobile ESPN to Relaunch Through Verizon Wireless

An AP newswire article, via, reports that:

ESPN is relaunching its shuttered cell phone service through Verizon Wireless, this time delivering its flashy feed of sports scores, news and video highlights through a top industry player instead of competing for subscribers with its own full-blown wireless brand.

The multiyear agreement giving Verizon Wireless exclusive U.S. rights to offer the Mobile ESPN application on its V Cast phones was expected to be announced on Thursday, executives at both companies said on condition of anonymity because the deal had not yet been finalized.

More here.

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Wednesday, Feb. 7, 2007, at least 3,110 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,492 died as a result of hostile action, according to the military's numbers.

The AP count is 11 higher than the Defense Department's tally, last updated Wednesday at 10 a.m. EST.

More here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

VeriSign to Add Additional TLD DNS Servers

John Markhoff writes in The New York Times:

VeriSign servers, now in 20 regional centers around the world, will be expanded to 70 sites. The effort would not only improve response time, the company said, but would also make it possible to diagnose and contain Internet attacks more quickly.

VeriSign profits indirectly from the growth of Internet traffic from its business managing the .com and .net domains.

In addition to resisting cyber attacks, the enhancement of the root server system is made necessary by the rapid growth in new types of Internet devices, many of which can communicate among themselves without direct human intervention.

More here.

Telcos May Face New Anti-Pretexting Regulations

Anne Broache writes on C|Net News:

Under a new bill proposed in Congress, telephone companies would be required to alert customers if their private records are improperly accessed.

The Consumer Telephone Records Protection Act, sponsored by Rep. Jay Inslee (D-Wash.) and Rep. Marsha Blackburn (R-Tenn.), would also reiterate that it's unlawful for anyone to obtain confidential information about others through fraudulent means, popularly known as "pretexting."

It's already a crime, punishable by prison time, to buy, sell or obtain personal phone records under a bill signed into law last month by President Bush. An Inslee aide said her boss' bill is also necessary because it would give the Federal Trade Commission explicit authority to investigate and prosecute such incidents.

More here.

RIAA Fires Back at Apple

An AP newswire article by Alex Veiga, via The Globe and Mail, reports that:

A recording industry group fired back Wednesday at Apple Inc. CEO Steve Jobs, suggesting his company should open up its anti-piracy technology to its rivals instead of urging major record labels to strip copying restrictions from music sold online.

Mitch Bainwol, chairman and chief executive of the Recording Industry Association of America, said the move would eliminate technology hurdles that now prevent fans from playing songs bought at Apple's iTunes Music Store on devices other than the company's iPod.

More here.

California Awards Statewide Telecommunications Contracts

Via Government Technology.

The California Department of Technology Services and the California Department of General Services today announced the award of four statewide contracts for telecommunications services worth an estimated $350 million annually to AT&T Global Services and Verizon Business.

The competitively bid statewide contracts, better known collectively as CALNET II, will provide telecommunications services to state and local government agencies over the next five years, with an option of two additional one-year extensions, and is expected to provide an overall 10 percent cost savings to CALNET customers.

More here.

Evil Javascript: Web 2.0 As A Story To Be Destroyed by Hackers

If you read and absorb no other security-related story this week, you'd be well-advised to read and understand this one.

As Ryan mentions in this article, NoScript rocks as a Firefox plug-in.

Ryan Singel writes on 27B Stroke 6:

The best conference presenters have a story to tell, and this morning, Billy Hoffman -- the lead researcher at Web application security company SPI Dynamics, had a great story to tell Wednesday morning at the RSA security conference about how all your favorite new Web 2.0 applications are a boon to criminals.

Tradtional web applications have an input box that lets you send information to a webserver, which then passes the info to a datab ase or application in the background, and your browser waits for a response and then you are taken to a new page. Websites that use AJAX use a powerful combination of JavaScript and continual communication with the server in background, removing the lag associated with page refreshes and letting sites like Google Maps feel more like desktop applications.

The problem -- as many know is that JavaScript is a very powerful language -- and when developers aren't careful it's possible to insert other JavaScript into a website via a link that lets an attacker do bad things, like delete your account if you click on a link or visit an evil page.

More here.

German Court Decision Re-ignites Online Surveillance Debate

Scott M. Fulton III writes on BetaNews:

A decision Monday by the German Federal High Court (BGH) in Karlsruhe renders it illegal in that country –- for now -– for police and intelligence services to use clandestine tools such as Trojan horse routines, or what would normally be categorized as malware, for use in surveillance on federal suspects.

But the high court ruling did not set a legal precedent, which means that it didn’t actually find a new way for existing law to be interpreted to permanently prohibit the use of remote computer exploits for surveillance purposes.

As a result, it may now be up to the German parliament and the country’s Interior Minister - Wolfgang Schäuble, champion of the country’s new ruling, conservative Christian Democratic Union - to create new legal precedent for a new and separate class of police searches where clandestine logging of suspects’ activities is permitted.

More here.

U.S. Politicians Call for e-Voting Paper Trails by '08 Election

Anne Broache writes on C|Net News:

A push is under way by congressional Democrats to enact legislation that would require paper trails to accompany all electronic voting machines in time for the 2008 presidential election.

Sen. Dianne Feinstein (D-Calif.) said Wednesday that she expects to introduce a bill within the next week that would revive earlier calls for such a mandate.

More here.

The Dirty Little Secret About Global Warming

Robert J. Samuelson writes on

You could be excused for thinking that we'll soon do something serious about global warming. Last Friday, the Intergovernmental Panel on Climate Change (IPCC)—an international group of scientists—concluded that, to a 90 percent probability, human activity is warming the Earth.

Earlier, Democratic congressional leaders made global warming legislation a top priority; and 10 big U.S. companies (including General Electric and DuPont) endorsed federal regulation. Strong action seems at hand.

Don't be fooled. The dirty secret about global warming is this: We have no solution.

More here.

Yet Another Disingenuous FCC Broadband Report

Nate Anderson writes on ARS Technica:

The FCC released its most recent report [.pdf] on the US broadband market last week, and it paints a pleasant picture. According to the agency, the number of broadband lines increased by 52 percent over the last 12 months (measured from June 2005 to June 2006) and now totals 64 million connections.

That's remarkable growth, but critics complain that the FCC includes cellular broadband in its numbers, and that the "real" growth rate is only half of what the report claims.

More here.

Toon of the Day: 2 Million Dollar Man

Click for larger image.

Canada: 35,000 Credit Card Holders Compromised

John Stewart writes in The Mississauga News:

Confidential electronic credit card data for more than 35,000 individuals from all across North America was found by Peel Regional Police fraud investigators yesterday when they executed a search warrant at a Toronto residence.

As a result of the information obtained in the raid, a man who was arrested earlier by police at Pearson International Airport now faces a total of 36 fraud-related charges.

Police arrested a man at Pearson airport on Jan. 25 and charged him with possession of stolen credit cards and stolen identification, possession of counterfeit marks as well as possession of property obtained by crime.

More here.

(Props, Pogo Was Right.)

Root Name Server DoS Attacks Spur Exchange Between Government, Private Sector

William Jackson writes on

Tuesday’s denial-of-service attacks against three of the Internet’s root DNS servers did not rise to the level of a major cyberincident, but it did highlight the government’s efforts to coordinate responses with private-sector infrastructure providers.

“There was some minor degradation of service,” but no large impact, said Jerry Dixon, head of the Homeland Security Department’s National Cyber Security Division.

Dixon was joined Wednesday by Chris Painter of the Justice Department and Mark Hall of the Defense Department, his fellow co-chairmen on the National Cyber Response Coordination Group, at the RSA IT security conference. NCRCG is the government’s tool for organizing its response to the most serious cyberattacks, coordinating the efforts of federal departments and agencies with the private sector.

More here.

NATO, U.S. DoD to Sign Cyber Security Pact

Rutrell Yasin writes on

The Defense Department is on the verge of signing an agreement to share incident information with the North Atlantic Treaty Organization’s Computer Emergency Response Team (CERT), said Mark Hall, director, DOD International Information Assurance Program and co-chair of the National Cyber Response Coordination Group (NCRCG).

The agreement will involve the sharing of incident and threat information, Hall said today. There are 26 NATO countries and the organization’s CERT center is connected to all of those nations’ networks, he also said.

More here.

Johns Hopkins University Alerts 135,000 Employees, Patients to Data Loss

Tricia Bishop writes in The Baltimore Sun:

Backup computer tapes containing sensitive payroll and personal information on thousands of Johns Hopkins University employees, and basic information for even more hospital patients, have been missing for more than six weeks, officials announced today, causing concerns over identity theft.

Officials stressed that there was no patient medical information on these tapes.

Eight university tapes, routinely sent to a contractor who makes microfiche archives of the data, held Social Security numbers, addresses and direct-deposit bank account information for 52,567 former and current employees. A separate tape from the hospital contained names, dates of birth, sex, race and medical record numbers for 83,000 new hospital patients first seen between July 4 and Dec. 18, 2006, or those who updated their information during that period.

Hopkins officials said an "intensive investigation" by their staff as well as that of the contractor, Anacomp Company Inc., suggests that the tapes were likely misplaced by a courier, collected as trash and incinerated.

More here.

Defense Tech: Iran May Launch its Own Spy Satellite

Via UPI.

The Israeli Web site, which maintains a wide circle of sources within Israeli intelligence, has claimed that Tehran may soon launch its own surveillance satellite. The booster vehicle would be a BM25 ballistic missile, "18 of which were purchased from North Korea, notwithstanding Pyongyang's denials of aid to Iran's nuclear program," Debka said in a report published Jan. 28.

Allaeddin Boroujerdi, chairman of the Iranian parliament's national security and foreign policy commission, claimed last month that Iran had already constructed its own surveillance satellite and that it had already "converted a ballistic missile into a space launcher," Debka said.

"If this claim is correct, then Iran has a launcher able to put 300 kilograms (660 pounds) into earth orbit -- and by the same definition, an ICBM that could drop more than 300 kilograms anywhere in the world, including Washington DC," Debka said.

More here.

Wi-Fi Hacking - With a Handheld PDA

Ryan Naraine writes on the ZDNet "Zero Day" Blog:

The palm-sized PDA tucked away in Justine Aitel's pocketbook just might be the most scary device on display at this year's RSA security conference

Aitel is roaming the hallways here with Silica, a portable hacking device that can search for and join 802.11 (Wi-Fi) access points, scan other connections for open ports, and automatically launch code execution exploits from a built-in exploit platform.

More here.

Security 'Experts' Aren't So Secure At RSA Conference

Sharon Gaudin writes on InformationWeek:

For a group of people who should know better, attendees at the RSA Conference -- one of the biggest security conferences in the world -- are not following the advice they give their customers, co-workers, and friends. As a result, many are not as secure as they think they are.

Analysts at AirDefense Inc., a wireless monitoring company based in Atlanta, ran a scan on wireless devices at the conference Tuesday at the Moscone Center in San Francisco. Of the 347 laptops, smart phones, and hand-held devices they monitored between 9:30 a.m. and 5 p.m., 56% of them were insecure.

Those devices had been set up to link to insecure wireless access points, like those found at hotels and Starbucks cafes. The problem, says Richard Rushing, CSO of AirDefense, is that when they are done using the connection, they don't change the device's policy settings that let it connect to insecure access points. That means when their Blackberry or laptop is on at the conference center, it could easily hook up to a rogue access point set up by a hacker.

Last year at the RSA conference, AirDefense found that 35% of wireless devices were insecure. But not as many people had wireless devices at the show with them. This year, says Rushing, there are more computers at the show with wireless capabilities and more of them are at risk.

More here.

Nortel to Slash 2,900 Jobs

Dan Jones writes on Light Reading:

Nortel Networks Ltd. said this morning that it plans to cut 2,900 jobs in the next two years as it aims to become a leaner company that focuses on high-growth markets such as next-generation CDMA wireless equipment and cuts back on older GSM cellular technology.

The Canadian networking vendor says it will cut 70 percent of the positions this year and the rest in 2008. The company also plans to move around 1,000 positions to "lower-cost" locations, Toronto-based Nortel said in a statement. The cuts, which represent around 8.5 percent of the workforce, could reduce expenses by as much as $400 million a year, the company said in a statement.

More here.

U.S. DoJ Asks Maine PUC to Halt Contempt Hearing for Verizon in NSA Spying Case - UPDATE

An AP newswire article by Francis X. Quinn, via Foster's Online (Dover, New Hampshire), reports that:

The Justice Department asked a judge Tuesday to bar the Maine Public Utilities Commission from proceeding with a contempt hearing for Verizon that stems from telephone customer complaints related to allegations about domestic surveillance by the National Security Agency.

A multi-customer complaint filed with the Maine PUC last May effectively seeks to force Verizon to say whether it provided telephone call records to the government without a warrant.

The PUC has challenged the adequacy of Verizon responses to date and set a hearing for Friday.

In a federal court filing Tuesday, the Justice Department said PUC officials had been put on notice months ago that the federal government believes the information being sought about an alleged involvement of Verizon with the NSA ''cannot be disclosed.''

More here.

(Props, Pogo Was Right.)

UPDATE: 14:39 PST: Apparently, Verizon is asking the court to drop the suit, too.

Picture of the Day: RSA Kiosk Computer pwned

Sunbelt's Alex Eckelberry with his pwned machine.
Image source: 27B Stroke 6.

Via 27B Stroke 6.

My friend and colleague, Alex Eckelberry (Sunbelt Software), demonstrating that you should never trust an Internet kiosk, even at the RSA conference. :-)

Brian Krebs writes about this too, this morning over on Security Fix.


- ferg

U.S. DoD to Allocate its IPv6 Address Space

Jason Miller writes on

The Defense Department has acquired a block of 247 billion IP Version 6 addresses, about equal to 25 percent of the entire IPv4 address space.

Only a tiny percentage of those addresses will be used, however. As with the North American Numbering Plan for telephone numbers, DOD officials said addresses will be assigned to networks in a hierarchical model that will leave many untouched.

More here.

U.S. Senator to Propose Surveillance of Illegal Images

Declan McCullagh writes on C|Net News:

A forthcoming bill in the U.S. Senate lays the groundwork for a national database of illegal images that Internet service providers would use to automatically flag and report suspicious content to police.

The proposal, which Sen. John McCain is planning to introduce on Wednesday, also would require ISPs and perhaps some Web sites to alert the government of any illegal images of real or "cartoon" minors. Failure to do would be punished by criminal penalties including fines of up to $300,000.

More here.

Austrian Police Uncover Global Child Porn Ring


Austrian authorities said Wednesday they have uncovered a major international child pornography ring involving more than 2,360 suspects from 77 countries, including hundreds in the United States, who paid to view videos of young children being sexually abused.

The children were under the age of 14 and screams could be heard, said Harald Gremel, an Austrian police expert on Internet crime who headed the investigation.

Interior Minister Guenther Platter said the FBI was investigating about 600 of the suspects in the United States. German authorities were following leads on another 400 people, France was looking into about 100 others, and at least 23 suspects were Austrians, he said.

More here.

Tuesday, February 06, 2007

The Onion: Aqua Teen Payout Force

Via The Onion - America's Finest News Source.


Breaking: Tivo Boxes to Download Amazon Unboxed Videos

Brian Lam writes on Gizmodo:

Amazon and TiVo just made me wet my pants with what could be a killer app in the digital video distribution arms race: TiVo Series 3 and 2 set top boxes will be living room conduits for content from Amazon's Unbox video download service.

This is the first single box solution that intermingles downloadable broadband video and traditional TV in one place. With TiVo's amazing UI, user base (1.5 million), and Amazon's selection (4 out of the big 6 studios) these guys are going to have a serious setup.

More here.

And given that Comcast and TiVo are also planning to partner, this could be a Good Thing (although I would envision Comcast trying to unload their own pay-per-view stuff instead).

Australia: Send for the Search Party, Google Gives a Bum Steer

Heading in the right direction ... Google Maps shows a new way to get from one side of Sussex Street to the other. The marker with the triangle shows 200 Sussex Street. The one with the square shows 201 Sussex Street.
Image source: Sydney Morning Herald / Google Maps

Stephen Hutcheon writes in The Sydney Morning Herald:

For most people, the journey from the Shelbourne Hotel at 200 Sussex Street to Google's Sydney headquarters across the road at 201 Sussex Street would be a 30-step, 30-second trip.

But according to Google's new mapping service, the recommended route would see you take a 10.4-kilometre scenic detour that involves crossing the Harbour Bridge twice.

More here.

GOP Revives ISP-Tracking Legislation

Declan McCullagh writes on C|Net News:

All Internet service providers would have to keep track of what their customers are doing online to aid police in future investigations under legislation introduced Tuesday as part of a Republican "law and order agenda."

Employees of any Internet provider who fail to store that information will face fines and prison terms of up to one year, the bill says. The U.S. Justice Department could order the companies to store those records forever.

More here.

San Francisco: Josh Wolf Supporters Rally at City Hall

Josh Wolf

Neha Tiwari writes on C|Net News:

Dozens of supporters of jailed freelance video blogger Josh Wolf gathered at City Hall here Tuesday to rally for Wolf's release.

Those attending the demonstration held up signs with the words "Free Josh," and speakers were insistent on the unfairness of his imprisonment. Ross Mirkarimi, a San Francisco supervisor, said he was "angry as hell about this" and called for a "serious outcry, and not just only by us." In a statement, California state Assemblyman Mark Leno, who did not attend the rally, called Wolf's plight a "travesty of justice."

The afternoon gathering, which ran about an hour on the steps of City Hall, was organized by the Free Josh Wolf Coalition, with Wolf's friend Julian Davis acting as facilitator. "Basically, if Josh isn't released today, he'll be the longest-held journalist under contempt," Davis said. "We wanted to landmark the date by holding this rally."

Wolf, in fact, did on Tuesday become the longest-serving journalist behind bars in U.S. history for contempt.

More here.

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Tuesday, Feb. 6, 2007, at least 3,102 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,492 died as a result of hostile action, according to the military's numbers.

The AP count is three higher than the Defense Department's tally, last updated Tuesday at 10 a.m. EST.

More here.

And as always, keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Defense Tech: NSA Employee Charged With Giving Wife $340,000 Contract

Via (WBAL Radio and The Associated Press).

An NSA employee is accused of giving his wife's company a $340,000 contract for work on a computer security exercise he directed, the U.S. Attorney's office announced Tuesday.

Wayne J. Schepens, 37, of Severna Park is scheduled for an initial appearance Thursday in U.S. District Court on the conflict of interest charge. Schepens faces up to five years in prison and a $250,000 fine, said Marcia Murphy, a spokeswoman for the U.S. Attorney's office.

Schepens co-created the Cyber Defense Exercise in 2000 for the National Security Agency, the secretive Department of Defense spy agency.

The annual competition involved teams from participating military academies who tried to protect their computer networks from attacks by teams of hackers, generally NSA employees and military reservists, according to court documents.

More here.

Background here, here, here, here, and here.

UK: Chinese Suspected of Hacking into Ministry of Defence Networks

James Kirkup writes on The Scotsman:

Ministry of Defence computer networks have been repeatedly penetrated by hackers, raising fears that sensitive military information could have been obtained by foreign powers.

The MoD yesterday confirmed its systems have been hacked into at least nine times since 2002. Five of the successful "attacks" took place last year. Computer-security experts say the real number is likely to be even higher, as some hackers are skilful enough to leave no trace of their activities.

The ministry was unable to say where the attacks originated, but Western security officials are increasingly concerned that China is using hackers to target sensitive information.

More here.

(Props, Flying Hamster.)

Canada: Government Documents Suggest Tories Not Nervous About ISPs Interfering With Net

A Canadian Press article by Lee-Anne Goodman, via, reports that:

Internal documents suggest the Tory government is reluctant to impose consumer safeguards for the web because it wants to protect the competitive position of businesses that offer Internet access.

Documents obtained by The Canadian Press indicate that Industry Minister Maxime Bernier, who has previously declared a "consumer first" approach, is carefully heeding the arguments of large telecommunications companies like Videotron and Telus against so-called Net neutrality legislation.

More here.

Why Does FCC Spending Keep Growing?

Image source:

Adam Thierer writes on The Technology Liberation Front:

Time for a quick reality check. The Federal Communications Commission regulates older media sectors and communications technologies: broadcast radio, broadcast TV, telephones, satellites, etc.

These sectors and technologies are growing increasingly competitive and face myriad new, unregulated rivals. What, then, is wrong with this picture?

More here.

Telstra CIO Quits After Just 10 Months on the Job - UPDATE

Munir Kotadia writes on

Telstra announced to its staff on Tuesday that the company's chief information officer, Fiona Balfour, who only took up her position 10 months ago, had left to pursue "other opportunities".

Balfour, who had just returned to work after a vacation, moved to Telstra last April after spending the previous 14 years at Qantas. The news of her departure comes just six months after Telstra's deputy CIO Vish Padmanabhan also left the firm.

More here.

UPDATE: 20:44 PST: Renai LeMay has more details here.

Defense Tech: 'Floodgates of Fraud' at the NRO

David E. Kaplan writes on the U.S. News & World Report "Bad Guys" Blog:

The "floodgates of fraud reporting" have opened at the National Reconnaissance Office, the nation's top-secret builder and operator of spy satellites. This bit of news comes from no less a source than the NRO's inspector general, Eric Feldman. Yet Feldman and other NRO officials are mum about just how big the flood is over there.

This might not be such a big deal were the stakes at hand not so high. The NRO and its many contractors have grown notorious for massive cost overruns and quality control failures so serious they threaten the U.S. edge in high-tech reconnaissance satellites. Whether they're eavesdropping on al Qaeda communications or photographing Iranian nuclear facilities, these are the crown jewels of the U.S. intelligence community. But the current generation of spy satellites is burning out–and replacements are years away.

More here.