Friday, February 20, 2004

----------------------------------------------------------------------
LinuxSecurity.com
----------------------------------------------------------------------
1.  Linux serves up triple threat
2.  NetBSD: OpenSSL Denial of service vulnerability
3.  NetBSD: Multiple Addendums to recent advisories
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
4.  New HP Security Services Automate Threat Prevention
5.  SCO Group: perl Safe.pm unsafe access
6.  News: U.S. info-sharing program draws fire
7.  WORM_AGOBOT.ME

11:29:52 PM    

----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
1.  Robosapien: Latest Toy Robot From Mark Tilden
----------------------------------------------------------------------
SecurityFocus News
----------------------------------------------------------------------
2.  News: U.S. info-sharing program draws fire. Critics take aim at a Department of Homeland Security vulnerability-sharing program that keeps security holes secret from the public.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
3.  WORM_DARKER.B

10:29:33 PM    

----------------------------------------------------------------------
Ars Technica
----------------------------------------------------------------------
1.  321 Studios loses DVD copying software lawsuit. Federal judge rules against DVD software maker. There still may be questions if the software actually violated the DMCA. By Fred "zAmboni" Locklear.
2.  UT2004 beatdown weekend. UT2004 has been out for a week or so now, and we've had an Ars server up and running most of the time. We thought we'd invite everyone to come play with the community. By Ken "Caesar" Fisher.
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
3.  iVast sale highlights MPEG-4 woes. The developer of next-generation multimedia products ceases U.S. operations, but finds buyers overseas.
4.  Company expands Linux-Centrino software
5.  Study: IT hiring to pick up
6.  Briefly: Company expands Linux-Centrino software. Linuxant releases new software that supports Intel's latest networking hardware...Study: IT hiring to pick up...CA readies utility software...PeopleSoft rethinks stock options.
7.  VoIP to get a voice in Washington. Microsoft, Texas Instruments, AT0T and other Net-phoning interests are set to launch an advocacy group for the Voice over Internet Protocol industry come Monday.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
8.  First Look at Apple's IPod Mini (PC World). PC World - Fashionable IPod Mini provides digital music in style at its debut.
9.  Film Studios Prevail Against Software Maker (AP). AP - A federal judge ruled Friday that a software program that copies DVDs illegally violates the copyrights of Hollywood studios.
10.  Size Is Not Biggest Cell Phone Factor (AP). AP - There are other ways to measure a cell phone company other than size. With the taste of freshly spilled banking fees chumming the waters, Wall Street's sharks are already preaching the lucrative gospel of "bigger is better" to the presumably hapless "little" guys like Sprint Corp., Nextel Communications Inc. and T-Mobile.
11.  Judge Blocks Sales of DVD Copying Program (PC World). PC World - 321 Studios is ordered to stop selling software within a week, but promises to appeal.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
12.  Court Endorses Ban on DVD Copy Technology

9:29:13 PM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  RIAA to face MyDoom's music?. A slow-spreading variant of the MyDoom virus is expected to target the recording industry's Web site with a deluge of data. But the RIAA may not feel the pain.
2.  NASA: 6.5 billion served on the Web. The agency says that during the past month and a half, the total number of visits to its home page, which hosted images from the Mars rover landings, was greater than the total number of humans on Earth.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
3.  Movie Industry Wins DVD Copying Suit (Reuters). Reuters - A federal court has ruled that privately held 321 Studios must stop making software that allows users to copy DVDs, handing Hollywood's movie studios a big victory in their ongoing battle against copyright piracy.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
4.  Tech Training Schools Going Bust
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
5.  DARPA creating a race of robo-grunts. Strong, tireless, and lacking all human appetites
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
6.  Microsoft code release - so what? - Infoworld Staff
7.  Spam on the edge - Infoworld Staff
8.  Code leaks and crooked creeks - Infoworld Staff
9.  La question (brûlante) du filtrage des pages personelles reposée par l'AFA
10.  communiqué : Mozilla prend pied en Europe
11.  Infocus: Automating Windows Patch Mngt: Part II
12.  RE:Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution)
13.  Traces of Guilt: computer crime from the front line
14.  Security Start-up Seeks to Spot, Solve Compromises
15.  A Progress Report on Windows' ASN.1 Vulnerability

8:28:53 PM    

----------------------------------------------------------------------
Penny Arcade!
----------------------------------------------------------------------
1.  High Employee Turnover.
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
2.  Oracle, feds tangle over market definition. The company and antitrust regulators are grappling with a key definition that would influence the direction of the government's review of Oracle's bid to merge with rival PeopleSoft.
3.  Microsoft rebuts RealNetworks charges. The software giant denies that it used its dominance in PC operating systems to unfairly control the streaming-media market.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
4.  Microsoft Takes Legal Aim at Lindows, RealNetworks (Reuters). Reuters - Microsoft Corp. (MSFT.O) took its trademark injunction case against Lindows.com Inc. to Canada, arguing that the distributor of Linux-based desktop software was capitalizing on its Windows brand name, the two companies said on Friday.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
5.  Free & OpenSource Software Weekend
----------------------------------------------------------------------
InfoWorld: Top News
----------------------------------------------------------------------
6.  Intel touts 64-bit extensions - Infoworld Staff. Intel’s next-generation Xeon processor and future versions of its Prescott Pentium 4 processors will come with 64-bit extensions technology, Intel CEO Craig Barrett announced at the Intel Developer Forum last week in San Francisco.
7.  IBM issues toolbox for autonomy. IBM launched the Autonomic Computing Toolkit to help developers build autonomic elements into their systems last week.
8.  Congressmen want benefits for laid-off IT workers. WASHINGTON - U.S. IT workers displaced when their companies outsource jobs overseas should have access to job training and other assistance programs, a group of U.S. congressmen said Friday.
----------------------------------------------------------------------
InfoWorld: Security
----------------------------------------------------------------------
9.  Microsoft code release - so what? - Infoworld Staff. The word last week that portionsof the source code for Microsoft Windows 2000 and Windows NT had been leaked to the public spread through the gossip sites like wildfire. There was a flood of e-mails (“What do you think?” they asked). CBS sent questions about the security implications. Clearly, people were getting really worked up over this.
10.  Spam on the edge - Infoworld Staff. Two weeks 'til I’m back in Honolulu, home of warm network testing labs, glorious sunrises and sunsets easily visible through test lab windows, and a statewide love of spam. Although I do confess that after visiting for so many years, I have developed a certain predilection for spam musubi. That’s basically a sushi roll with a spam center. Hey, it grows on you, believe me.
11.  Code leaks and crooked creeks - Infoworld Staff. Bored one night last week, I sneaked a peak at Pammy’s hard drive on our Wi-Fi network, where I discovered a folder of e-mails from her old college roommate at Smith — something about planning a wedding at San Francisco’s City Hall. Heck, I didn’t even know she was a bridesmaid.
----------------------------------------------------------------------
LinuxSecurity.com
----------------------------------------------------------------------
12.  Linux servers 'attacked more often'
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
13.  BugTraq: RE: Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution). Sender: Drew Copley [dcopley at eeye dot com]
14.  Vulnerabilities: ACLogic CesarFTP Remote Resource Exhaustion Vulnerability. CesarFTP is a freely available FTP server application built for the Windows platform.

It has been reported that CesarFTP is prone to a remote resource exhaustion vulner...
15.  Vulnerabilities: Snort Signature Mislabeling Weakness. A weakness has been identified in Snort that may cause an analyst or the correlation engine to improperly identify a signature that was triggered by the IDS. This issue ...
16.  Vulnerabilities: SmallFTPD Remote Denial Of Service Vulnerability. SmallFTPD is a freely available FTP server application built for the Windows platform.

It has been reported that SmallFTPD is prone to a remote denial of service vulner...
17.  Vulnerabilities: Microsoft Windows XP Help And Support Center Interface Spoofing Weakness. A weakness has been alleged in Microsoft Windows XP that could reportedly allow aspects of the Help and Support Center interface to be spoofed via a malicious link. By s...
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
18.  Traces of Guilt: computer crime from the front line. Book review Computer forensics dissected
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
19.  Rhode Island Withdraws Security Plan
20.  Enterprise Storage Snapshots
21.  XDI: Weaving the "Dataweb"
22.  Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution)
23.  LNSA-#2004-0002: Fetchmail 6.2.4 and earlier remote denial of service
24.  LNSA-#2004-0003: Linux Kernel

7:28:35 PM    

----------------------------------------------------------------------
Viewpoint of a Linux Technologist
----------------------------------------------------------------------
1.  Intel promises Centrino driver support. Intel promises more speedy Linux releases:ntel has committed to release Linux versions of essential supporting software at about the same time it releases Windows versions. The change in development plans, which Intel president Paul Otellini disclosed internally earlier this month,...
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
2.  IBM plans second Blue Gene supercomputer. IBM will install a second Blue Gene/L supercomputer as part of a radio telescope project in the Netherlands, the company plans to announce Monday.
3.  Program shields anonymous flaw sleuths. The Department of Homeland Security asks companies to send it security tips about the nation's tech infrastructure, assuring them the information will be protected from the public.
4.  Judge: Stop selling DVD copying software. A federal court says 321 Studios' software breaks copyright laws and that the company must stop selling the products.
5.  Xerox to license document software. The company is expected to announce new document processing software next week that could improve the efficiency of content management systems.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
6.  Software Piracy Still Big in Asia (PC World). PC World - Industry group estimates $1.19 billion in lost sales of games software.
7.  Web Site Details Low-Tech Hack of ITunes Promotion (Reuters). Reuters - Music fans have found a decidedly low-tech way to hack a promotion sponsored by soft drink company PepsiCo Inc. (PEP.N) in order to garner a high-tech treat: a download of a song from Apple Computer Inc.'s (AAPL.O) online music store.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
8.  Germany Begins Iris Scans at Frankfurt Airport
----------------------------------------------------------------------
SecurityFocus News
----------------------------------------------------------------------
9.  Infocus: Automating Windows Patch Mngt: Part II. In this segment of the Windows Patch Management series, you'll learn what happens on the client computers when SUS is active, how to monitor the client's patching activities, and how to fix or work around some common problems.
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
10.  BugTraq: Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution). Sender: http-equiv at excite dot com [1 at malware dot com]
11.  BugTraq: LNSA-#2004-0002: Fetchmail 6.2.4 and earlier remote denial of service. Sender: Vincenzo Ciaglia [ciaglia at netwosix dot org]
12.  BugTraq: LNSA-#2004-0003: Linux Kernel. Sender: Vincenzo Ciaglia [ciaglia at netwosix dot org]
13.  Vulnerabilities: Gallery Remote Global Variable Injection Vulnerability. Gallery is a web application designed to allow users to manage images on their web site, such as creating photo albums. Gallery is written in the PHP script language.

A...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
14.  OpenLinux: Perl Safe.pm unsafe access

6:28:15 PM    

----------------------------------------------------------------------
Ars Technica
----------------------------------------------------------------------
1.  Intel to bypass the IEEE with wireless USB spec. Intel has announced plans to push forward with the development of Wireless USB. This comes as the IEEE remains deadlocked over two competing standards. By Eric Bangeman.
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
2.  For the U.S., a 3G wake-up call in Cannes. U.S. carriers were once ahead of global rivals in the race to offer third-generation wireless broadband services. Now Europe and Japan are in the lead, say execs gathering for next week's 3GSM Congress.
3.  Route more smooth for networking gear in 2004. The market for service provider routers and switches took its lumps in 2003, but by the end of the year was showing signs of strength that bode well for this year, a new study says.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
4.  HP Shares Fall Despite Higher Earnings (AP). AP - Hewlett-Packard Co.'s shares fell 3 percent Friday after the company announced quarterly earnings that jumped 30 percent but analysts remained cautious about its ability to outperform technology rivals Dell Inc. and IBM Corp.
5.  Vodafone Chief Hints at Selling Verizon (AP). AP - Days after losing a bidding war for AT&T Wireless Services, Europe's biggest mobile phone operator Vodafone Group PLC said Friday that it saw no other likely takeover targets in the United States and might even consider selling its 45 percent stake in U.S. market leader Verizon Wireless.
6.  MPAA Prevails in DVD Copying Suit (Reuters). Reuters - Hollywood's major movie studios have won a widely-watched copyright lawsuit against the maker of computer software that allows users to make copies of DVDs, a spokeswoman for the Motion Picture Association of America said on Friday.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
7.  Internet Job Boards a Bunch of Hype?
8.  Electric Shavers Rot Your Brain
----------------------------------------------------------------------
LinuxSecurity.com
----------------------------------------------------------------------
9.  The Anti-Virus Industry Scam
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
10.  Vulnerabilities: Microsoft ASN.1 Library Length Integer Mishandling Memory Corruption Vulnerability. Microsoft Windows Abstract Syntax Notation 1 (ASN.1) handling Library (MSASN1.dll) is shipped as a part of the Microsoft Windows Operating System. The MSASN1 library prov...
11.  Vulnerabilities: Microsoft Windows ASN.1 Library Bit String Processing Integer Handling Vulnerability. Microsoft Windows Abstract Syntax Notation 1 (ASN.1) handling Library (MSASN1.dll) is shipped as a part of the Microsoft Windows Operating System. The MSASN1 library prov...
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
12.  TROJ_FEMAD.I
13.  [CLA-2004:821] Conectiva Security Announcement - XFree86
14.  article: Theft of Client Information at a Major Israeli Bank's "Information Fortress".
15.  Hotfix for new mremap vulnerability
16.  Re: SNMP community string disclosure in Linksys WAP55AG
17.  Re: SNMP community string disclosure in Linksys WAP55AG
18.  Re: Remote Administrator 2.x: highly possible remote hole or backdoor
19.  Bank of America contact
20.  RE: Remote Administrator 2.x: highly possible remote hole or back door
21.  is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution)
22.  Remote Buffer Overflow in PSOProxy 0.91
23.  RE: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution)

5:27:56 PM    

----------------------------------------------------------------------
Digital Identity World
----------------------------------------------------------------------
1.  XDI: Weaving the "Dataweb"
----------------------------------------------------------------------
Ars Technica
----------------------------------------------------------------------
2.  Et Cetera: Friday! Friday! Friday!. Late-week round up, including news from Microsoft, AMD, the FBI, and a few tips to boot. By Ken "Caesar" Fisher.
3.  Videogames... in gym class?. A plan to bring videogames into gym class raises ire, questions about gaming and its connection to obesity. By Ken "Caesar" Fisher.
4.  Linux servers targetted more often for attacks. A UK-based security firm has issued a report saying that Linux servers are successfully attacked and compromised more often than their Windows counterparts in the UK when one looks at "overt" attacks not brought on by proliferating malware. By Ken "Caesar" Fisher.
----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
5.  Decease: The 'zine people are dying to read!. Last summer, I posted that Boing Boing pal Meri Brin was seeking submissions for her new 'zine Decease, about the "cuture of death." This weekend, the first issue debuts at the Alternative Press Expo in San Francisco! APE is *the* gathering/conference/market for independent 'zine, comic, and book publishers. Congrats, Meri! Link
----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
6.  TiVo's watching you. But who's watching TiVo?. CNET News.com's Charles Cooper wants to know: If the Super Bowl snooping didn't constitute an egregious example of techno-trespassing, then what does?
7.  Dell asks PC buyers nuclear questions. The computer maker puts buyers on its Web site through a series of detailed questions about the intended use of the products.
8.  BT strikes up the broadband with WiMax. The telecom giant is testing emerging technology WiMax in four rural parts of the United Kingdom. Could it be a prelude to a full-scale launch?
9.  CA readies utility software
10.  Briefly: CA readies utility software. Computer Associates says its updated systems management software makes it easier to track resources and fix problems...PeopleSoft rethinks stock options...Ariba readies new applications.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
11.  Study shows Mac OS X Server among most secure in world (MacCentral). MacCentral - British cyber security firm mi2g recently announced the results of a study that names Mac OS X one of the most secure online server operating systems in the world, alongside the Berkeley Software Distribution (BSD) family of Open Source systems. The study also showed that Linux is currently the most-breached online server OS.
12.  Survey: Look Out for Enterprise I.T. Spending (NewsFactor). NewsFactor - After the corporate spending drought of the last two years, there finally is some good news for CRM vendors. A new Yankee Group survey found that 34 percent of I.T. spending this year will focus on outward-facing applications that improve customer and supplier interactions.
13.  FBI Ratchets Up Fight Against Music Piracy (NewsFactor). NewsFactor - The Federal Bureau of Investigation has launched the latest salvo in the war against digital piracy, joining forces with such organizations as the Recording Industry Association of America (RIAA), the Software and Information Industry Association (SIIA), and the Entertainment Software Association (ESA) to combat this multibillion dollar problem.
14.  Linux Vendors Warn of Flaws (NewsFactor). NewsFactor - Security experts are urging users of Linux servers and workstations to take immediate action to patch two flaws found in the kernel.
15.  How The Cingular Deal Helps Verizon (BusinessWeek Online). BusinessWeek Online - After winning an 11th-hour bidding war with Vodafone Group (NYSE:VOD - News) for AT&T Wireless Services (NYSE:AWE - News) on Feb. 17, the folks at Cingular Wireless professed themselves well pleased. For a cool $41 billion in cash plus $6 billion in debt, they had agreed to acquire the nation's No. 3 wireless operator. But as happy as Cingular's staff appeared to be, execs at rival Verizon Wireless may been even more pleased. ...
16.  Lindows Releases OS for Centrino Laptops (NewsFactor). NewsFactor - Lindows, the maker of Linux for personal computers, says it now has a version of the open-source operating system available for Centrino-equipped notebook computers. Though Linux on PCs has less than a 3 percent market share, Lindows continues to make small inroads on the territory now dominated by Microsoft (Nasdaq: MSFT) Windows.
17.  Web Site Details Low-Tech Hack of ITunes Promotion (Reuters). Reuters - Music fans have found a decidedly low-tech way to hack a promotion sponsored by soft drink company PepsiCo Inc. to garner a high-tech treat: a download of a single song from Apple Computer Inc.'s (AAPL.O) online music store.
18.  Firms Ignore Kids-Only Internet Domain (washingtonpost.com). washingtonpost.com - When Congress cordoned off an Internet playground for children, supporters hoped it would give young surfers the benefits of the World Wide Web without its many dangers. But more than a year after President Bush signed the "dot-kids" legislation into law, the online haven looks more like a ghost town than the theme park envisioned by its backers.
19.  Microsoft Planning New Xbox Live Features (Reuters). Reuters - Microsoft Corp. (MSFT.O) is planning a number of new features for its Xbox Live online gaming service this year, including limited data storage on its network, the company said on Friday.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
20.  Brine on Mars?
21.  Cheap Fast Eyeglasses from a Desktop Fabricator
22.  Price-Fixing Settlement Checks in the Mail
23.  Infinium Labs Threatens Gaming News Site
24.  HP Dumped Napster for Apple
25.  Brits Still Working on Stinky Email
26.  Morphing Code to Prevent Reverse Engineering?
27.  U.S. Air Force Plans for War In Space
28.  Singularity Sky
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
29.  Sony hints at '£99 PlayStation 2'. Catch up with the latest news from the world of video gaming.
----------------------------------------------------------------------
InfoWorld: Top News
----------------------------------------------------------------------
30.  HP posts profit, revenue gain for Q1. Hewlett-Packard Co. on Thursday reported first-quarter net income of $936 million, with earnings per share of $0.30.
31.  Microsoft takes case against Lindows to Canada. After suing in the U.S. and several European countries, Microsoft Corp. is taking its trademark infringement case against Linux vendor Lindows.com Inc. to Canada.
32.  IBM lands huge German mainframe contract. IBM Corp. will deliver 20 high-performance mainframe computers to a German financial IT service company in a deal worth over €100 million ($127 million), IBM spokesman Hans-Jürgen Rehm said Friday.
33.  China to finance $1.1B in telecom equipment exports. China's government this week extended export credit worth $1.1 billion to the country's two top vendors of telecommunications and networking equipment in a bid to boost their international sales.
34.  London's Met police plans $1.2B outsourcing deal. LONDON -- The London Metropolitan Police Service (the Met) is taking bids for an extensive IT outsourcing contract that could be worth over £650 million ($1.23 billion),  a police spokeswoman said Friday.
35.  China updates list of blocked spam servers. The Internet Society of China (ISC) is not giving up on its efforts to fight spam. On Wednesday it released an updated list of servers to be blocked as sources of spam by its members.
36.  FDA proposes RFID tagging to stop drug counterfeiting - Infoworld Staff. A Food and Drug Administration (FDA) report, Combating Counterfeit Drugs, published this week recommends the "adoption and common use of reliable track and trace technology," later referred to as RFID (Radio Frequency ID), as the best way to protect the public from prescription drug counterfeiters.
37.  Multimedia a major theme of 3GSM World Congress. With several mobile phone manufacturers recently launching "designer" models, it's little wonder that the organizers of the 3GSM World Congress in Cannes, France, have included a fashion show in this year's event. The show, intended to demonstrate how wearable technology can be fun and fashionable as well as functional, promises to be a far cry from the suit-and-tie image that the event has had in previous years, and will feature products from about 30 companies.
38.  Interview: Juniper focuses on securing government networks - Infoworld Staff. Juniper Federal Systems was created as an entity within Juniper Networks to address the specific needs of the federal government. InfoWorld Senior Analyst Wayne Rash spoke with Dubhe Beinhorn, senior vice president at Juniper Federal Systems, about the lessons learned from working with the federal government that can also be applied to other enterprises.
39.  Offshore outsourcing poses privacy perils. Washington - Outsourcing jobs to offshore destinations can sharply increase data privacy risks and the complexity of managing that risk, several experts at the Fourth Annual Privacy and Data Security Summit here warned this week.
----------------------------------------------------------------------
LinuxSecurity.com
----------------------------------------------------------------------
40.  A practical approach for defeating Nmap OS-Fingerprinting
41.  Leaky Windows
42.  SCO Group: sane Multiple vulnerabilities
43.  SCO Group: fetchmail Denial of service vulnerability
----------------------------------------------------------------------
SecurityFocus News
----------------------------------------------------------------------
44.  Elsewhere: US security arm makes bid for private sector data. The US Department of Homeland Security has unveiled a programme designed to persuade the private sector to share security information with the government.

The Protected ...
45.  Elsewhere: Low-tech 'hack' takes fizz out of Pepsi-iTunes promo. It doesn't take a code breaker or a math whiz to lift songs from Apple Computer's iTunes online music store--it just takes a good pair of eyes and a trip to the corner st...
46.  Columnists: Knock, Knock, Knock. If hundreds of thousands of people are still blindly clicking on attachments in their email, is there any hope of mitigating the threat of hundreds of thousands of compromised systems with open backdoors?
47.  News: Firewall VPN sales soar. The Register By John Leyden [john dot leyden at theregister dot co dot uk]
----------------------------------------------------------------------
SecurityFocus Vulnerabilities
----------------------------------------------------------------------
48.  BugTraq: [CLA-2004:821] Conectiva Security Announcement - XFree86. Sender: Conectiva Updates [secure at conectiva dot com dot br]
49.  BugTraq: RE: Remote Administrator 2.x: highly possible remote hole or backdoor. Sender: [mgotts at 2roads dot com]
50.  BugTraq: RE: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution). Sender: Drew Copley [dcopley at eeye dot com]
51.  BugTraq: OpenLinux: Perl Safe.pm unsafe access. Sender: [please_reply_to_security at sco dot com]
52.  Vulnerabilities: Ecommerce Corporation Online Store Kit More.PHP Multiple Vulnerabilities. Online Store Kit is a web based shopping cart application written in PHP.

Multiple vulnerabilities have been identified in the software due to improper sanitization of u...
53.  Vulnerabilities: Vizer Web Server Remote Denial of Service Vulnerability. Vizer Web Server is an open source web server application written in Visual Basic.

It has been reported that Vizer Web Server is prone to a remote denial of service vuln...
54.  Vulnerabilities: YaBB Information Leakage Weakness. YaBB (Yet Another Bulletin Board) is freely available web forum software that is written in Perl. YaBB will run on most Unix/Linux variants, Mac OS, and Microsoft Window...
55.  Vulnerabilities: TransSoft Broker FTP Server Denial of Service Vulnerabilities. Transoft Broker FTP Server is an FTP server for the Windows platform.

Multiple denial of service vulnerabilities have been identified in the software. These issues cou...
56.  Vulnerabilities: KarjaSoft Sami HTTP Server GET Request Buffer Overflow Vulnerability. KarjaSoft Sami HTTP server is a web server available for the Windows operating system.

A vulnerability has been reported for Sami HTTP server. The problem occurs due to ...
57.  Vulnerabilities: ShopCartCGI Remote File Disclosure Vulnerability. ShopCartCGI is a commercially available collection of CGI scripts implemented using Perl and intended to form the foundation for a web based shopping cart application. ..
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
58.  Q: What's the AV industry's definition of happy?. Analysis A: Debunking cybergeddonists during MyDoom viral pandemic
59.  Are Apples healthier than Pepsi?. Letters We got some mail in our spam!
60.  Infinium Labs gets litigious with HardOCP. News site accused of 'false and defamatory' piece
61.  Cisco VoIP kit open to 'snooping attacks'. DoS risks too
62.  Intel and HP color self-preservation as customer choice. Analysis Ignorance today, customer demand tomorrow
63.  EU thundering down information superhighway. Broadband roll-out on target for 2005, says EC report
64.  Dell plots cheap SAN attack. EMC to help?
----------------------------------------------------------------------
Help Net Security
----------------------------------------------------------------------
65.  US security arm makes bid for private sector data
66.  Outsourcing: danger to privacy
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
67.  Enterprise Storage Snapshots - 2/13/04
68.  IRC_HIPZBOT.A
69.  Security Innovations Debut at Demo Conference
70.  La compilation des correctifs Microsoft bientôt disponible
71.  [CLA-2004:820] Conectiva Security Announcement - kernel
72.  fix for recently disclosed Oracle interval conversion overflows?
73.  Linux Vendors Warn of Flaws
74.  TippingPoint Upgrades UnityOne IPS
75.  FBI Ratchets Up Fight Against Music Piracy
76.  FBI Ratchets Up Fight Against Music Piracy
77.  Linux Vendors Warn of Flaws
78.  BKDR_FEARLESS.12
79.  IRC_KNT2.A
80.  IRC_GETPASS.A
81.  ZoneAlarm Flaw Opens Firewalls To E-mail Attack
82.  Arsenal Of Security Tools Debuts At Demo Conference
83.  Elsewhere: US security arm makes bid for private sector data
84.  Elsewhere: Low-tech 'hack' takes fizz out of Pepsi-iTunes promo
85.  Columnists: Knock, Knock, Knock
86.  News: Firewall VPN sales soar

4:27:35 PM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  China threatens to block junk e-mailers. After months of investigation, the government cracks down on spammers worldwide and warns them to clean up their act.
----------------------------------------------------------------------
SecurityFocus News
----------------------------------------------------------------------
2.  Elsewhere: New level of security for FNB. First National Bank (FNB) and RMB Private Bank have added another level of security to Internet banking by introducing a new service using a DigiTag device for generating...
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
3.  Shrunken rods make batteries better. Grow your own
4.  Stob: Pirated 'Wron number yours for free. McDosh condemns Beard's 'numerical terrorism'
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
5.  Exel trials RFID in House of Fraser
6.  Firewall en secure VPN login zijn kern Wi-Fi security
7.  Linux servers vaker aangevallen dan Windows servers
8.  BAT_SDBOT.F
9.  WORM_SDBOT.OG

10:21:08 AM    

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  US-based firm to set up outsourcing facility in Bangalore (AFP). AFP - US-based enStage Inc., a software firm started in Silicon Valley by Indian entrepreneurs, said it would set up an outsourcing facility in the technology hub of Bangalore.
2.  Mel B Ex-Husband Puts Painting of Them Up for Sale (Reuters). Reuters - Former spice girl Mel B's ex-husband is selling a portrait of the two in a half-naked embrace on the Internet, his solicitor said on Friday.
3.  Mobile Operators to Shop in Cannes for 3G Build-Up (Reuters). Reuters - The world's mobile communications industry flocks to Cannes next week in their best spirits since 2000, buoyed by hopes that wireless pictures, music, even small-screen television, is primed to go mainstream.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
4.  Intel to Increase Linux Support, Release Centrino Drivers
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
5.  Firewall VPN sales soar. Minding the perimeter
6.  A million i-mode users in Europe. Slow uptake
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
7.  PunkBuster Input Validation Flaw Lets Remote Users Inject SQL Commands
8.  Films, CDs, Games Get New FBI Piracy Seal
9.  FTC Fines COPPA Violators
10.  TippingPoint Aligns With Dell On Security

9:20:49 AM    

----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
1.  FBI weighs into anti-piracy fight. CDs, DVDs, and video games in the US are to get an FBI seal to try and deter people from copying them.
2.  Top net villains and heroes named. The UK's net industry has chosen its heroes and villains for 2003 in is annual awards ceremony.
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
3.  Exel trials RFID in House of Fraser. Garments tracked from China to hanger
4.  Spamhaus crowned Internet heroes of 2003. ISPA awards: The good, the bad and the ugly
5.  Red-letter day for Microgen. Losses down, growth up
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
6.  McAfee AntiSpyware
7.  MyDoom en Bagle-B zijn slechts voorproefjes
8.  Verspreiding Bagle.B en Netsky.B over hoogtepunt heen

8:20:28 AM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  Growing pains hurt Dell's customer service. The company continues to win market share and turn out record quarterly profits, but two recent surveys show that it's slipped, when it comes to a more subjective measurement: customer service.
2.  Software to cut the digital fat. Legendary developer Charles Simonyi has a new focus: building software for building software.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
3.  New on DVD (USATODAY.com). USATODAY.com - As always, Mike Clark and his trusty DVD player are busy screening stacks of discs to bring you the best home video picks.
4.  Firms Ignore Kids-Only Internet Domain (washingtonpost.com). washingtonpost.com - When Congress cordoned off an Internet playground for children, supporters hoped it would give young surfers the benefits of the World Wide Web without its many dangers. But more than a year after President Bush signed the "dot-kids" legislation into law, the online haven looks more like a ghost town than the theme park envisioned by its backers.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
5.  Nerve Cells Successfully Grown on Silicon
6.  Previewing the Next Solaris OS
----------------------------------------------------------------------
LinuxSecurity.com
----------------------------------------------------------------------
7.  Linux Advisory Watch - February 20th 2004
8.  Linux Advisory Watch - February 20th 2004
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
9.  Comet chasers seek secret of life. ESA mission launches next week
10.  Enterprise security spend to hit $6bn. Big investment in firewalls and VPNs by 2007
11.  Intel downbeat about 64-bit extensions. No pyrotechnics at IDF
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
12.  Enterprise security spend to hit $6bn

7:20:08 AM    

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  IBM: German Computer Deal Biggest in Years (AP). AP - IBM Corp. said Friday that a computer hardware contract it won from a German technology company is the biggest deal of its kind for Big Blue in several years.
2.  Cingular ready to divest (TheDeal.com). TheDeal.com - AT&T Wireless said Thursday that Cingular must divest assets that would result in a net loss of up to $8.25 billion.
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
3.  BBC's Celebdaq wins Bafta award. The BBC's celebrity stock exchange website, Celebdaq, has picked up a Bafta for best online entertainment.
----------------------------------------------------------------------
LinuxSecurity.com
----------------------------------------------------------------------
4.  Information Security & Negligence
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
5.  Staff must have hotspot access - Gartner. No, you can't get off the hamster wheel
6.  TI claims phone power breakthrough. While Nokia frets over batteries
7.  MS Compact Framework squares up to Java. Battle to dominate the mobile platform
----------------------------------------------------------------------
Wired News
----------------------------------------------------------------------
8.  Russia Tests New Wonder Weapon. Short on details but long on hype, a Russian military chief claims the hypersonic prototype maneuvers so quickly that it renders all missile-defense systems 'useless.'
9.  Monsanto Grows a Money Tree. Critics claim the company unfairly uses its muscle to control the world's food supply. Still, the agriculture powerhouse is poised to reap a biotech bonanza: This year's gross profit is projected at $1.2 billion.
10.  RIAA's New Seal of Disapproval. The movie, music and software industries stick the FBI seal on their products in hopes that would-be pirates will think twice before distributing copyright content illegally. It's a big waste of time, critics say. By Katie Dean.
11.  Interreality Business Machines. All that commerce in online games like EverQuest demands serious business software -- which is where IBM comes in. The computer maker has an initiative to make bean-counting in virtual worlds much simpler. By Daniel Terdiman.
12.  Toymakers Bet Big on Microchips. The latest diversions for kids sing, chat and even puke at the American International Toy Fair, and most of the stuff depends on computing power to supply the fun. Michelle Delio reports from New York.
13.  Outsourcing: Danger to Privacy. Companies are shipping a lot of sensitive information about Americans overseas for processing by foreign clerks. Now, some lawmakers want safeguards from the companies to prevent misuse of the data. By Kim Zetter.
14.  Pentagon Preps for War in Space. An Air Force report sheds light on little-known plans by the U.S. military to develop space-based weapons. Some analysts fear the effort could spark a new arms race. By Noah Shachtman.

6:19:48 AM    

----------------------------------------------------------------------
New York Times: Technology
----------------------------------------------------------------------
1.  Mars Rover's Latest Find: Shiny Pebbles in a Crater. Since landing Jan. 25, the Opportunity has been exploring the same small crater, and the small, round pebbles it contains. By Kenneth Chang.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
2.  U.S. May Use New Theory to Block Oracle's Hostile Bid (Dow Jones). Dow Jones - Justice Department staff want to block Oracle Corp. (NasdaqNM:ORCL - News)'s hostile $9.4 billion bid for PeopleSoft Inc. (NasdaqNM:PSFT - News) with a novel legal theory that isn't part of the department's customary merger guidelines, Oracle executives told The Wall Street Journal.
3.  Microsoft Seeks to Quash Lindows in Canada (PC World). PC World - After forcing name change in Europe, software giant files another suit against Linux vendor.
4.  Free PDF: Eradicating Email Aggravations (PC World). PC World - offers tips for more enjoyable computing; here's the e-mail section.
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
5.  Intel to kill off Mobile Pentium 4 'around Q1 2005'. IDF Make way for Dothan...
6.  Chancellor under fire for IR591 tax terror. 'Fess up, Gordon
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
7.  Search and Seizure at the Supreme Court
8.  Is the CAN-SPAM Act Working?
9.  Spam: A Reality Check
10.  New Method of Spam Filtering
11.  Sorting e-mail friends from foes: Identifying networks of mutual friends helps filter out spam.
12.  Interview: Life, Liberty and Pursuit of Porn
13.  Roadblocks could slow RFID
14.  NetBSD announces bad pgp signatures in security advisories
15.  Updates voor kritieke Linux lekken
16.  Microsoft blij met vooruitgang in beveiligen produkten

5:19:28 AM    

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  Lab Notes: Research from Berkeley Engineering. * Weaving flexible transistors into textiles!
* Self-diagnosing buildings!
* Swarm mechanics!
* The father of electronic art, RIP!

All of it, right this way.... Link
----------------------------------------------------------------------
Dilbert
----------------------------------------------------------------------
2.  Dilbert for 20 Feb 2004.
----------------------------------------------------------------------
New York Times: Technology
----------------------------------------------------------------------
3.  Sex Industry Is No Longer Men's World. Demand by women is driving the growth of all sorts of sex-related ventures, from stores and sex toy companies to adult Web sites, also run by women. By Mireya Navarro.
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
4.  Hewlett Packard sees rising sales. The computer maker reports a jump in profit and forecasts rising sales, indicating the tech sector is recovering.
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
5.  HP prints its way to profit in Q1. Servers and PCs do their part
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
6.  BAT_IROFFER.D

4:19:08 AM    

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  IBM Signs Deal with Sparkassen Informatik (Reuters). Reuters - International Business Machines Corp. (IBM.N)> said on Friday that German technology services company Sparkassen Informatik had ordered 20 giant mainframe computers in a deal worth several hundred million dollars over four years.
2.  AWOL on Spam? (washingtonpost.com). washingtonpost.com - News yesterday that two of the nation's leading Internet service providers were refiling civil fraud suits against spam operations prompts an important question: Six weeks after the federal anti-spam law went into effect, what exactly has Uncle Sam been doing to can spam?
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
3.  Oracle Lite Mobile Server Lets Remote Authenticated Users Access the Oracle Database Server
4.  Oracle Database Server Lets Remote Authenticated Users Hijack User Sessions
5.  Oracle9i Database Server XML SOAP Processing Flaw Lets Remote Users Deny Service
6.  Oracle9i Application Server XML SOAP Processing Flaw Lets Remote Users Deny Service
7.  E-mail alert!
8.  The 'Swiss Army knife' approach to network defense

3:18:47 AM    

----------------------------------------------------------------------
New York Times: Technology
----------------------------------------------------------------------
1.  Cost Controls Help Hewlett Improve Quarterly Results. Hewlett-Packard reported solid quarterly results, helped by strong sales in consumer markets and tight cost controls. By Steve Lohr.
2.  Ericsson Plan Would Give Public Investors More Voice. Ericsson, the Swedish telecommunications equipment company, unveiled a long-awaited plan that would give more voting power to public investors. By Floyd Norris.
3.  F.C.C. Begins Rewriting Rules on Delivery of the Internet. The F.C.C. is preparing rules that would allow delivery of the Internet through power lines and make online phone calls cheaper. By Stephen Labaton.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
4.  AT&T Wireless to See Options Gains (Dow Jones). Dow Jones - Executives at AT&T Wireless Services Inc. (NYSE:AWE - News) stand to reap millions from stock options and shares granted during the past two years, when the company's stock languished in the $6-to-$9 range, Friday's Wall Street Journal reported, citing Securities and Exchange Commission filings.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
5.  The 'Swiss Army knife' approach to network defense

2:18:28 AM    

----------------------------------------------------------------------
Ars Technica
----------------------------------------------------------------------
1.  How good is TV over a cell phone?. Two reviews pan TV service on cell phones. The bigger question may be: "Why would anyone want to watch?" By Fred "zAmboni" Locklear.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  Rob Enderle Announces Death of Bluetooth
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
3.  Serious Linux security holes uncovered and patched
4.  TROJ_POTPOR.A
5.  LiveJournal Input Validation Hole in Background Image URL Permits Cross-Site Scripting Attacks

1:18:07 AM    

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  Yahoo Begins Rolling Out Its Own Search Technology (Reuters). Reuters - Internet media company Yahoo Inc. (YHOO.O) on Wednesday said it was switching to its own Web search technology and dropping its use of competitor Google Inc.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  Hamster-controlled MIDI
----------------------------------------------------------------------
InfoWorld: Top News
----------------------------------------------------------------------
3.  FBI, industry groups team on anti-piracy seal. The U.S. Federal Bureau of Investigation (FBI) said Thursday it is teaming with several entertainment and software industry organizations to launch a new antipiracy seal and warning text for vendors to display on piracy-prone products like CDs and software.
4.  BEA grows profit, revenue in Q4. SAN FRANCISCO - BEA Systems Inc. grew both revenue and profits in its fiscal fourth quarter, citing strong sales of its WebLogic server software.
----------------------------------------------------------------------
Help Net Security
----------------------------------------------------------------------
5.  Serious Linux security holes uncovered and patched
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
6.  Antipiracy law heads for EU vote

12:17:48 AM    

© Copyright 2004 Gregg Doherty .
Last update: 3/2/2004; 3:36:18 AM .

Click here to visit the Radio UserLand website. Valid CSS! Subscribe to "Gregg's Security News Aggregator" in Radio UserLand. Click to see the XML version of this web page. Click here to send an email to the editor of this weblog.