***************************************************** Edupage is a service of EDUCAUSE, a nonprofit association whose mission is to advance higher education by promoting the intelligent use of information technology. *****************************************************
TOP STORIES FOR FRIDAY, APRIL 22, 2005 Penn to Head Study of Cyberattacks Carnegie Mellon Discloses Possible Data Breach Europe Introduces .eu Domain Judge Rejects RIAA's Expedited Subpoenas PENN TO HEAD STUDY OF CYBERATTACKS A new program sponsored by the Department of Homeland Security will attempt to collect real-time data on cyberattacks in the private sector, with the goal of using such data to prevent future attacks. Led by the University of Pennsylvania, the Cyber Incident Detection Analysis Center will install monitors on corporate networks. In the event of an attack on the network, the monitors, which will cost companies $10,000 annually, will transmit data to the Institute for Strategic Threat Analysis and Response at the university, where it will be analyzed and made available to researchers at other institutions. Those with access to the data will not be able to see which company it came from, and researchers will not be directly involved in prosecuting individuals responsible for cyberattacks. Charles Fleming, executive director of the center, said a pilot program will be carried out before the monitors become widely available. Chronicle of Higher Education, 21 April 2005 (sub. req'd) http://chronicle.com/prm/daily/2005/04/2005042101t.htm CARNEGIE MELLON DISCLOSES POSSIBLE DATA BREACH Officials from Carnegie Mellon University are notifying about 5,000 students, graduates, and staff that their personal information may have been compromised on the university's network. The exposed information concerns graduates of the Tepper School of Business from 1997 to 2004; current graduate students; applicants to the doctoral program from 2003 to 2005; applicants to the MBA program from 2002 to 2004; and administrative employees. Officials said information about faculty and undergraduate students was not affected. Mike Laffin, spokesperson for the university, said the problem was discovered on April 10 and that there is currently no evidence that any of the exposed personal information has been used for fraudulent purposes. MSNBC, 21 April 2005 http://msnbc.msn.com/id/7590506/ EUROPE INTRODUCES .EU DOMAIN The long-awaited .eu Internet domain will be operational by the end of 2005, according to officials of the European Union. Supporters of the domain name have been working for six years to reach an agreement under which the domain can be launched. Representatives of the European Union believe the new domain will provide a sense of identity on the Internet for organizations based around Europe, though it will not replace existing country-specific domains, such as .uk or .de. In an effort to limit cybersquatting of names in the domain, new domain names will only be granted to companies and trademark owners for the first four months. Members of the European Commission, the executive arm of the European Union, advised that all offers of early registration for the domain could well be fraudulent and should be treated with skepticism. BBC, 21 April 2005 http://news.bbc.co.uk/2/hi/europe/4470797.stm JUDGE REJECTS RIAA'S EXPEDITED SUBPOENAS A federal judge in North Carolina handed the Recording Industry Association of America (RIAA) a legal defeat in its effort to learn the identities of two students accused of illegal file sharing. The RIAA had sought the identities from the students' universities, the University of North Carolina at Chapel Hill and North Carolina State University, under an expedited subpoena process the group has since abandoned. In a December 2003 decision, another federal judge had rejected the expedited subpoenas, which did not require a judge's signature, ruling that Verizon could not be forced to disclose identities of its customers. In their capacity as Internet service providers (ISPs) for students, universities were given similar protection from the expedited subpoenas. In this case, Judge Russell A. Eliason ruled that an ISP that does not store information but merely transmits it cannot be compelled under the Digital Millennium Copyright Act to reveal identities of its users. After the 2003 decision, the RIAA began filing individual "John Doe" lawsuits for illegal file sharing. Under that process, which costs the RIAA more time and money than the other, ISPs can be forced to turn over identities of users. Chronicle of Higher Education, 22 April 2005 (sub. req'd) http://chronicle.com/prm/daily/2005/04/2005042201t.htm ***************************************************** EDUPAGE INFORMATION To subscribe, unsubscribe, change your settings, or access the Edupage archive, visit http://www.educause.edu/Edupage/639 Or, you can subscribe or unsubscribe by sending e-mail to [EMAIL PROTECTED] To SUBSCRIBE, in the body of the message type: SUBSCRIBE Edupage YourFirstName YourLastName To UNSUBSCRIBE, in the body of the message type: SIGNOFF Edupage If you have subscription problems, send e-mail to [EMAIL PROTECTED] ***************************************************** OTHER EDUCAUSE RESOURCES The EDUCAUSE Resource Center is a repository for information concerning use and management of IT in higher education. To access resources including articles, books, conference sessions, contracts, effective practices, plans, policies, position descriptions, and blog content, go to http://www.educause.edu/resources ***************************************************** CONFERENCES For information on all EDUCAUSE learning and networking opportunities, see http://www.educause.edu/31 ***************************************************** COPYRIGHT Edupage copyright (c) 2005, EDUCAUSE
