Freenet Raises Security Fears By Martin Stone, Newsbytes March 24, 2000 A report by a British scientific magazine suggests that an anonymous Internet system designed to guarantee free speech online could be used by child pornographers, terrorists and others with less-than-pristine purposes. A Reuters report today said a New Scientist magazine article on the Freenet program, which was created by Edinburgh University graduate Ian Clarke and others to make tracing file originators impossible, thereby giving dissidents in countries without free speech a voice, could be misused by those with sinister designs. The report stated that the Internet Watch Foundation, an independent body monitoring Web sites in Britain, fears the decentralized system could make policing the Net and tracking down computer crimes even more difficult. FULL STORY: http://www.currents.net/newstoday/00/03/24/news5.html ********************************************************************* ********************************************************************* ********************************************************************* Internet task force rejects wiretap proposal By Carolyn Duffy Marsan, Network World AS EXPECTED, THE Internet Engineering Task Force (IETF) has rejected a proposal to develop protocols that would make it easier for law enforcement agencies to intercept communications over the Net. The IETF Monday announced that its leadership has approved a policy against building a wiretapping capability into its protocols. The new policy states that the international standards development group is the wrong forum for designing protocols to meet the wiretapping or privacy laws of specific countries. The group also voiced concern that a built-in wiretapping capability would lessen the security and increase the complexity of its protocols. The IETF's decision is a boon to corporate network managers, many of whom feared that any hole built into the Internet for legitimate law enforcement purposes would be abused by hackers. FULL STORY: http://www.infoworld.com/articles/en/xml/00/03/21/000321enwiretap.xml ********************************************************************* ********************************************************************* ********************************************************************* FBI computer security consultant busted Posted 27/03/2000 10:38am by Thomas C. Greene in Washington A so-called 'ethical hacker' from California who had been a computer crimes consultant with the FBI appeared in federal court last week to face fifteen counts of computer trespass. Max Ray Butler, who once worked as an FBI source in computer crime, offers network penetration testing to clients interested in learning how a malicious hacker might break into their systems. A useful and essential service to be sure, but Butler, apparently, took it a bit too far. He has been charged with breaking into systems at NASA, the US Departments of Energy, Defence and Transportation, and the University of California at Berkeley. FULL STORY: http://www.theregister.co.uk/000327-000006.html ********************************************************************* ********************************************************************* ********************************************************************* Insurance site exposes personal data By Mike Brunker, MSNBC March 22, 2000 3:07 PM PT Consumers who requested online life insurance quotes from the SelectQuote Web site on Tuesday and Wednesday got more than they bargained for: Thanks to an apparent software glitch, their personal information was left on the company's Web site for all the world to see. The problem occurred when a form that consumers fill out to request a quote failed to clear the contents at the end of the process. This left everything from the previous user's name and address to information on current coverage and parents' health histories plainly visible to the next person requesting a quote. Officials of San Francisco-based SelectQuote Insurance Services did not immediately return calls seeking comment on the problem. FULL STORY: http://www.zdnet.com/zdnn/stories/news/0,4586,2472277,00.html?chkpt=zdhpnews01 ********************************************************************* ********************************************************************* ********************************************************************* Encryption Keeps E-Mail Private by Tom Spring, PC World March 27, 2000, 5:50 p.m. PT So you thought that tasteless joke you e-mailed to Mike in accounting would never see the light of day again? Guess again, and beware the life span of e-mail. Last December, 23 New York Times employees lost their jobs for swapping bawdy e-mail messages. In February Northwest Airlines began court-authorized searches of the home PCs of more than a dozen flight attendants. The company was looking for evidence the workers organized a "sick-out" over holidays. As employers grow wary of workers cyberloafing and worry about litigation over offensive and incriminating e-mail, many companies are cracking down with strict e-mail use policies and software to monitor network usage. A booming market for employee snoopware is expected to grow from $31 million in 1998 to $259 million in 2003, according to market researcher IDC. FULL STORY: http://www.pcworld.com/pcwtoday/article/0,1510,15943,00.html ********************************************************************* ********************************************************************* ********************************************************************* FORGET YOUR PASSWORD... END UP IN JAIL Sunday People 26/3/2000 BIG Brother wants to know your computer password - and he'll throw you in jail if you don't tell him. Home Secretary Jack Straw aims to make it a criminal offence to refuse to tell police or secret services the way into your personal computer. And you could go down for two years, even if you've only forgotten the vital word. Under the Regulation of Investigatory Powers Bill, any data you have stored will be presumed to be incriminating unless you can prove otherwise. Civil liberties groups are furious over the controversial new legislation, which is part of the Government's bid to crack down on computer fraud, internet terrorism and child porn. FULL STORY: http://www.people.co.uk/shtml/NEWS/P28S1.shtml ********************************************************************* ********************************************************************* ********************************************************************* FBI tracks Bill Gates credit card hackers to Welsh village Posted 27/03/2000 8:28am by Drew Cullen The FBI and British police expected to find professional criminals when they descended on a small village in west Wales last Thursday. Instead, they got two 18-year old hackers armed with nothing more than a �700 computer. Raphael Gray, 18, is accused of stealing 23,000 credit card details, including the credit card number of the world's richest man, Microsoft boss Bill Gates, from "eight banking Web sites". Another unnamed youth was arrested in the swoop in Clynderwen, Pembrokeshire, part of an FBI-led investigation into a suspected $3 million fraud. Gates' credit card number and others were recently sent to NBCi by a hacker called Curador (Welsh for custodian). Gray, the self-styled Saint of E-commerce, began his hacking spree just six weeks ago, according to the Sunday Telegraph. FULL STORY: http://www.theregister.co.uk/000327-000003.html ********************************************************************* ********************************************************************* ********************************************************************* MI5 laptop containing top secret data stolen Fri, 24 Mar 2000 09:56:09 GMT Will Knight Security at MI5 is stepped up as agent has laptop stolen at Paddington station An MI5 agent has admitted losing a laptop notebook containing sensitive government information at Paddington train station earlier this month. Security has been stepped up at MI5 following the theft, which has caused extreme embarrassment for the security agency and the government. The Police Special Branch has launched an investigation into the theft of the �2,000 computer, which took place on 4 March. A spokeswoman from the Home Office said that while the government does not perceive the crime as a threat to national security because the data was encrypted, she admitted there is some "concern". The representative confirmed to ZDNet that both the Home Secretary and the Prime Minister have been informed directly. FULL STORY: http://www.zdnet.co.uk/news/2000/11/ns-14318.html ********************************************************************* ********************************************************************* ********************************************************************* Second spy loses laptop An urgent inquiry is under way into how an MI6 officer mislaid a laptop computer containing classified material. The incident was revealed days after the news that an MI5 laptop computer with classified information on Northern Ireland was stolen at a London Underground station. The Foreign Office has confirmed that the MI6 laptop was lost on 3 March. The incident was reported to the Metropolitan Police and following a police investigation, the computer was recovered on 16 March. "We were assured by the police that the laptop was not compromised," a Foreign Office spokeswoman said. FULL STORY: http://news2.thls.bbc.co.uk/hi/english/uk/newsid_693000/693011.stm ********************************************************************* ********************************************************************* ********************************************************************* Experts disagree on government encryption Mon, 27 Mar 2000 10:36:43 GMT Will Knight The theft of an MI5 officer's laptop last week, has left one expert wondering whether the government has developed a new form of encryption. At least one security expert believes the government is looking at a new form of strong encryption, while another says hardware encryption should be used as a rule by government officials. The Home Office, understandably, refused to discuss the type of encryption used to protect the officer's computer prompting one security pundit to suggest a new cryptographic technique could be in use. Other government officials have been quoted saying the current encryption technique is "one of the strongest types of encryption the government uses". FULL STORY: http://www.nikkeibp.asiabiztech.com/wcs/leaf?CID=onair/asabt/moren/97312 IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages. Get your FREE, totally secure email address at http://www.hushmail.com.
