Crypto-Gram: June 15, 2004:
"A Must Read! Newsletter
Breaking Iranian Codes
Biometric IDs for Airport Employees
Crypto-Gram Reprints
Microsoft and SP2
News
Cell Phone Jamming and Terrorist Attacks
Photographing Subways and Terrorist Attacks
Counterpane News
The Witty Worm
Comments from Readers "
http://www.schneier.com/crypto-gram-0406.html
Friday, June 18, 2004
Antipiracy bill targets tech. ReplayTV, peer-to-peer, even the VCR could be outlawed.
Antipiracy bill targets technology - News - ZDNet:
"A forthcoming bill in the U.S. Senate would, if passed, dramatically reshape copyright law by prohibiting file-trading networks and some consumer electronics devices on the grounds that they could be used for unlawful purposes.
The proposal, called the Induce Act, says 'whoever intentionally induces any violation' of copyright law would be legally liable for those violations, a prohibition that would effectively ban file-swapping networks like Kazaa and Morpheus. In the draft bill seen by CNET News.com, inducement is defined as 'aids, abets, induces, counsels, or procures' and can be punished with civil fines and, in some circumstances, lengthy prison terms.
The bill represents the latest legislative attempt by influential copyright holders to address what they view as the growing threat of peer-to-peer networks rife with pirated music, movies and software. As file-swapping networks grow in popularity, copyright lobbyists are becoming increasingly creative in their legal responses, which include proposals for Justice Department lawsuits against infringers and action at the state level. "
Originally, the Induce Act was scheduled to be introduced Thursday by Sen. Orrin Hatch, R-Utah, but the Senate Judiciary Committee confirmed at the end of the day that the bill had been delayed. A representative of Senate Majority Leader Bill Frist, a probable co-sponsor of the legislation, said the Induce Act would be introduced "sometime next week," a delay that one technology lobbyist attributed to opposition to the measure.
Though the Induce Act is not yet public, critics are already attacking it as an unjustified expansion of copyright law that seeks to regulate new technologies out of existence.
"They're trying to make it legally risky to introduce technologies that could be used for copyright infringement," said Jessica Litman, a professor at Wayne State University who specializes in copyright law. "That's why it's worded so broadly."
Litman said that under the Induce Act, products like ReplayTV, peer-to-peer networks and even the humble VCR could be outlawed because they can potentially be used to infringe copyrights. Web sites such as Tucows that host peer-to-peer clients like the Morpheus software are also at risk for "inducing" infringement, Litman warned.…
http://zdnet.com.com/2100-1104_2-5238140.html
"A forthcoming bill in the U.S. Senate would, if passed, dramatically reshape copyright law by prohibiting file-trading networks and some consumer electronics devices on the grounds that they could be used for unlawful purposes.
The proposal, called the Induce Act, says 'whoever intentionally induces any violation' of copyright law would be legally liable for those violations, a prohibition that would effectively ban file-swapping networks like Kazaa and Morpheus. In the draft bill seen by CNET News.com, inducement is defined as 'aids, abets, induces, counsels, or procures' and can be punished with civil fines and, in some circumstances, lengthy prison terms.
The bill represents the latest legislative attempt by influential copyright holders to address what they view as the growing threat of peer-to-peer networks rife with pirated music, movies and software. As file-swapping networks grow in popularity, copyright lobbyists are becoming increasingly creative in their legal responses, which include proposals for Justice Department lawsuits against infringers and action at the state level. "
Originally, the Induce Act was scheduled to be introduced Thursday by Sen. Orrin Hatch, R-Utah, but the Senate Judiciary Committee confirmed at the end of the day that the bill had been delayed. A representative of Senate Majority Leader Bill Frist, a probable co-sponsor of the legislation, said the Induce Act would be introduced "sometime next week," a delay that one technology lobbyist attributed to opposition to the measure.
Though the Induce Act is not yet public, critics are already attacking it as an unjustified expansion of copyright law that seeks to regulate new technologies out of existence.
"They're trying to make it legally risky to introduce technologies that could be used for copyright infringement," said Jessica Litman, a professor at Wayne State University who specializes in copyright law. "That's why it's worded so broadly."
Litman said that under the Induce Act, products like ReplayTV, peer-to-peer networks and even the humble VCR could be outlawed because they can potentially be used to infringe copyrights. Web sites such as Tucows that host peer-to-peer clients like the Morpheus software are also at risk for "inducing" infringement, Litman warned.…
http://zdnet.com.com/2100-1104_2-5238140.html
New worm terminates antivirus apps - News - ZDNet
New worm terminates antivirus apps - News - ZDNet:
"A new worm variant that can terminate antivirus applications was discovered last Friday, prompting Internet security vendor F-Secure to issue a level two warning.
The variant, called Zafi.B, is spread through e-mail attachments in PIF, EXE or Com attachments, and according to F-Secure, the worm 'terminates all applications that have 'firewall' or 'virus' in their file-name'.
The worm is capable of transmitting in several languages, including English, Italian, Spanish, Russian, Swedish, German or Finnish, said F-Secure, and spreads itself by collecting e-mail addresses from the recipient's address book.… "
http://zdnet.com.com/2100-1105_2-5236264.html
"A new worm variant that can terminate antivirus applications was discovered last Friday, prompting Internet security vendor F-Secure to issue a level two warning.
The variant, called Zafi.B, is spread through e-mail attachments in PIF, EXE or Com attachments, and according to F-Secure, the worm 'terminates all applications that have 'firewall' or 'virus' in their file-name'.
The worm is capable of transmitting in several languages, including English, Italian, Spanish, Russian, Swedish, German or Finnish, said F-Secure, and spreads itself by collecting e-mail addresses from the recipient's address book.… "
http://zdnet.com.com/2100-1105_2-5236264.html
Judge tosses online privacy case - News - ZDNet
Judge tosses online privacy case - News - ZDNet:
"In a decision dated June 6, U.S. District Court Judge Paul Magnuson ruled that seven consolidated class action lawsuits against Northwest had no merit--in part because the privacy policy posted on the airline's Web site was unenforceable unless plaintiffs claimed to have read it. The plaintiffs had contended that the airline, in giving passenger information to the government in the wake of the Sept. 11, 2001, terrorist attacks, violated laws and its own privacy policy.
'Although Northwest had a privacy policy for information included on the Web site, plaintiffs do not contend that they actually read the privacy policy prior to providing Northwest with their personal information,' Magnuson noted. 'Thus, plaintiffs' expectation of privacy was low.'"
Privacy advocates assailed that part of the decision, saying it rendered Web site privacy policies all but unenforceable.
"I don't think it's relevant whether or not they actually read the privacy policy first," said Lee Tien, senior staff attorney for the Electronic Frontier Foundation (EFF) in San Francisco. "Think of all the 'fine print' we run into every day--warranties and the like. Rather than focus on what the plaintiffs actually read, we should focus on what Northwest said it would do."
"The rationale the court uses calls into question the assurances of any policy posted on any Web site," said David Sobel, general counsel for the Electronic Privacy Information Center (EPIC) in Washington, D.C.…
http://zdnet.com.com/2100-1104_2-5234971.html
"In a decision dated June 6, U.S. District Court Judge Paul Magnuson ruled that seven consolidated class action lawsuits against Northwest had no merit--in part because the privacy policy posted on the airline's Web site was unenforceable unless plaintiffs claimed to have read it. The plaintiffs had contended that the airline, in giving passenger information to the government in the wake of the Sept. 11, 2001, terrorist attacks, violated laws and its own privacy policy.
'Although Northwest had a privacy policy for information included on the Web site, plaintiffs do not contend that they actually read the privacy policy prior to providing Northwest with their personal information,' Magnuson noted. 'Thus, plaintiffs' expectation of privacy was low.'"
Privacy advocates assailed that part of the decision, saying it rendered Web site privacy policies all but unenforceable.
"I don't think it's relevant whether or not they actually read the privacy policy first," said Lee Tien, senior staff attorney for the Electronic Frontier Foundation (EFF) in San Francisco. "Think of all the 'fine print' we run into every day--warranties and the like. Rather than focus on what the plaintiffs actually read, we should focus on what Northwest said it would do."
"The rationale the court uses calls into question the assurances of any policy posted on any Web site," said David Sobel, general counsel for the Electronic Privacy Information Center (EPIC) in Washington, D.C.…
http://zdnet.com.com/2100-1104_2-5234971.html
'Zombie' PCs caused Web outage, Akamai says - News - ZDNet
'Zombie' PCs caused Web outage, Akamai says - News - ZDNet:
"The attack that blacked out Google, Yahoo and other major Web sites earlier this week involved the use of a 'bot net'--a large network of zombified home PCs--Internet infrastructure provider Akamai Technologies said Wednesday.
The attack, which blocked nearly all access to Apple Computer, Google, Microsoft and Yahoo's Web sites for two hours on Tuesday, took aim at the key domain name system (DNS) servers run by Akamai. These servers translate word-based URLs, such as www.microsoft.com, into the numerical addresses used by the Internet. Using compromised home computers, the attackers sent a flood of data to the DNS servers, preventing them from providing that translation and effectively shutting surfers out of the four companies' pages, according to Akamai.
The deluge of data that hit the infrastructure provider was 'so large that it (couldn't have) come from a couple of servers,' said Tom Leighton, chief scientist and co-founder of Akamai. 'Working with our network partners, we were able to identify a bot network that appeared to be operating and managed to shut it down, which resulted in stopping the attack.' "
Bot networks are collections of computers that have been compromised by software specifically designed to create a network of systems for attack. A bot--also known as remote-access Trojan horse program, or RAT--seeks out and places itself on vulnerable PCs. It then runs silently in the background, letting an attacker send commands to the system while its owner works, oblivious. The computers are essentially turned into zombies, controllable from afar.…
http://zdnet.com.com/2100-1105_2-5236403.html
"The attack that blacked out Google, Yahoo and other major Web sites earlier this week involved the use of a 'bot net'--a large network of zombified home PCs--Internet infrastructure provider Akamai Technologies said Wednesday.
The attack, which blocked nearly all access to Apple Computer, Google, Microsoft and Yahoo's Web sites for two hours on Tuesday, took aim at the key domain name system (DNS) servers run by Akamai. These servers translate word-based URLs, such as www.microsoft.com, into the numerical addresses used by the Internet. Using compromised home computers, the attackers sent a flood of data to the DNS servers, preventing them from providing that translation and effectively shutting surfers out of the four companies' pages, according to Akamai.
The deluge of data that hit the infrastructure provider was 'so large that it (couldn't have) come from a couple of servers,' said Tom Leighton, chief scientist and co-founder of Akamai. 'Working with our network partners, we were able to identify a bot network that appeared to be operating and managed to shut it down, which resulted in stopping the attack.' "
Bot networks are collections of computers that have been compromised by software specifically designed to create a network of systems for attack. A bot--also known as remote-access Trojan horse program, or RAT--seeks out and places itself on vulnerable PCs. It then runs silently in the background, letting an attacker send commands to the system while its owner works, oblivious. The computers are essentially turned into zombies, controllable from afar.…
http://zdnet.com.com/2100-1105_2-5236403.html
Spying on spyware - News - ZDNet - one of every three computers scanned was infected.
Spying on spyware - News - ZDNet:
"EarthLink and Webroot Software released a report Wednesday, revealing that nearly one of every three computers scanned in April for Trojan horse programs or system monitor spyware was infected.
Internet access provider EarthLink and security software maker Webroot scanned nearly 421,000 computers for their April Spy Audit report. Trojan horses and system monitors accounted for 133,715 pieces of the spyware found on those computers--representing almost one in three machines.
System monitors track users' computer activity, capturing virtually everything they do online. Trojan horses appear to be software programs a user has requested but actually aid hackers in stealing computer data. That information is then used to gain unrestricted access to users' computers while they are online.…"
http://zdnet.com.com/2100-1104_2-5236735.html
"EarthLink and Webroot Software released a report Wednesday, revealing that nearly one of every three computers scanned in April for Trojan horse programs or system monitor spyware was infected.
Internet access provider EarthLink and security software maker Webroot scanned nearly 421,000 computers for their April Spy Audit report. Trojan horses and system monitors accounted for 133,715 pieces of the spyware found on those computers--representing almost one in three machines.
System monitors track users' computer activity, capturing virtually everything they do online. Trojan horses appear to be software programs a user has requested but actually aid hackers in stealing computer data. That information is then used to gain unrestricted access to users' computers while they are online.…"
http://zdnet.com.com/2100-1104_2-5236735.html
Thursday, June 17, 2004
Flaw pops up in the core component of Linux kernel
Flaw pops up in Linux kernel - News - ZDNet:
"Linux users have been urged to fix a flaw in the core component of the open-source operating system, following the public release of code that could be used to crash Linux systems.
The flaw, found by two software programmers, could give a user with access to a Linux system the ability to crash the system using two dozen lines of code written in the C programming language, said an advisory posted over the weekend on linuxreviews."
"Assume your kernel is (vulnerable) unless you have good reason to believe it is safe," Oyvind Saether, one of the discoverers of the flaw, said in the advisory.
The program, dubbed "evil.c," causes problems with the code sent to the floating-point unit, the part of the processor that handles noninteger calculations, according to a note in a source code patch published by Linux founder Linus Torvalds.
The open-source Linux operating system has fallen prey to its share of flaws and attacks this year. Several flaws were found in the Concurrent Versions System, CVS, a commonly used application for managing open-source code under development. In March and April, online attackers targeted Linux and Solaris systems at many academic high-performance computing centers.…
http://zdnet.com.com/2100-1105_2-5235028.html
"Linux users have been urged to fix a flaw in the core component of the open-source operating system, following the public release of code that could be used to crash Linux systems.
The flaw, found by two software programmers, could give a user with access to a Linux system the ability to crash the system using two dozen lines of code written in the C programming language, said an advisory posted over the weekend on linuxreviews."
"Assume your kernel is (vulnerable) unless you have good reason to believe it is safe," Oyvind Saether, one of the discoverers of the flaw, said in the advisory.
The program, dubbed "evil.c," causes problems with the code sent to the floating-point unit, the part of the processor that handles noninteger calculations, according to a note in a source code patch published by Linux founder Linus Torvalds.
The open-source Linux operating system has fallen prey to its share of flaws and attacks this year. Several flaws were found in the Concurrent Versions System, CVS, a commonly used application for managing open-source code under development. In March and April, online attackers targeted Linux and Solaris systems at many academic high-performance computing centers.…
http://zdnet.com.com/2100-1105_2-5235028.html
Wednesday, June 16, 2004
Yahoo Mail Popped Instead of Pumped.
Yahoo Chokes Upon Offering Additional User Storage:
"Yahoo Inc., which on Tuesday meant to pump up users' free e-mail accounts to 100MB, popped instead.
On the morning of its splashy debut, Yahoo users were greeted with notices of the upgrade, which boosted standard accounts from 4MB of e-mail storage to 100MB.
However, the vastly popular e-mail service was sluggish, if it worked at all. Starting Tuesday morning, users began complaining about the site's groggy response time—if, in fact, they could even get the www.yahoo.com site to load at all.
Predictably enough, postings on Slashdot show that Yahoo users are looking the gift horse in the mouth.…"
http://www.eweek.com/article2/0,1759,1612683,00.asp?kc=ewnws061504dtx1k0000599
"Yahoo Inc., which on Tuesday meant to pump up users' free e-mail accounts to 100MB, popped instead.
On the morning of its splashy debut, Yahoo users were greeted with notices of the upgrade, which boosted standard accounts from 4MB of e-mail storage to 100MB.
However, the vastly popular e-mail service was sluggish, if it worked at all. Starting Tuesday morning, users began complaining about the site's groggy response time—if, in fact, they could even get the www.yahoo.com site to load at all.
Predictably enough, postings on Slashdot show that Yahoo users are looking the gift horse in the mouth.…"
http://www.eweek.com/article2/0,1759,1612683,00.asp?kc=ewnws061504dtx1k0000599
Tuesday, June 15, 2004
Yahoo Expands E-Mail Storage
Yahoo Expands E-Mail Storage, in Nod to Google:
"Starting today, Yahoo will offer users of its free e-mail service 100 megabytes of storage. That is one-tenth of what Google offers but is still far more than the four megabytes Yahoo previously offered. It will also introduce a premium e-mail service, called Yahoo Mail Plus, with two gigabytes of storage for $19.99 a year.…"
http://www.nytimes.com/2004/06/15/technology/15mail.html
"Starting today, Yahoo will offer users of its free e-mail service 100 megabytes of storage. That is one-tenth of what Google offers but is still far more than the four megabytes Yahoo previously offered. It will also introduce a premium e-mail service, called Yahoo Mail Plus, with two gigabytes of storage for $19.99 a year.…"
http://www.nytimes.com/2004/06/15/technology/15mail.html
A bug in fully patched versions of Microsoft's Internet Explorer Invites Phishing Attacks
URL Parsing Bug in IE Invites Phishing Attacks:
"A bug in fully patched versions of Microsoft's Internet Explorer Web browser allows violations of the browser's security zones, with the result that an unknown malicious site could assume the privileges of more trusted zones.
Researchers on several security mailing lists have been discussing the bug since yesterday and appear still to be learning about it.… "
http://www.eweek.com/article2/0,1759,1611102,00.asp?kc=ewnws061404dtx1k0000599
"A bug in fully patched versions of Microsoft's Internet Explorer Web browser allows violations of the browser's security zones, with the result that an unknown malicious site could assume the privileges of more trusted zones.
Researchers on several security mailing lists have been discussing the bug since yesterday and appear still to be learning about it.… "
http://www.eweek.com/article2/0,1759,1611102,00.asp?kc=ewnws061404dtx1k0000599
ZDNet AnchorDesk: Is your antivirus app working? Are you sure?
Is your antivirus app working? Are you sure?:
"You have a desktop antivirus app installed now, and you know the signature file subscription is current with the vendor, but still you're seeing viruslike symptoms or perhaps you actually know that you have a virus. Since the first of this year, many new viruses have been shutting down antivirus and firewall apps, or, in other cases, disabling the software's automatic update feature, leaving your system vulnerable to future attack.
It's actually an old trick. The virus MTX, for example, released in 2000, blocks access to antivirus software Web sites. But these recent antivirus-disabling attacks are more effective because of their sheer volume: with some 30-odd variations of Bagle appearing within a 10-week period, each one better than the last, you might have been hit and not even realized it."
http://reviews-zdnet.com.com/AnchorDesk/4520-7297_16-5138927.html?tag=adss
"You have a desktop antivirus app installed now, and you know the signature file subscription is current with the vendor, but still you're seeing viruslike symptoms or perhaps you actually know that you have a virus. Since the first of this year, many new viruses have been shutting down antivirus and firewall apps, or, in other cases, disabling the software's automatic update feature, leaving your system vulnerable to future attack.
It's actually an old trick. The virus MTX, for example, released in 2000, blocks access to antivirus software Web sites. But these recent antivirus-disabling attacks are more effective because of their sheer volume: with some 30-odd variations of Bagle appearing within a 10-week period, each one better than the last, you might have been hit and not even realized it."
http://reviews-zdnet.com.com/AnchorDesk/4520-7297_16-5138927.html?tag=adss
Subscribe to:
Posts (Atom)
Posts
