<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
[ECP] Educational CyberPlayGround NetHappenings Mailing List 1993

*Link to the Educational CyberPlayGround http://www.edu-cyberpg.com

*Link to the Educational CyberPlayGround Blog: http://blog.edu-cyberpg.com/

*Find your School in the ECP K-12 School Directory http://www.edu-cyberpg.com/schools/
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>


Greetings NetHappenings

Happy reading for today.

<Karen>


1)
Congressional Report Slams TSA For Security Breach
http://www.informationweek.com/news/showArticle.jhtml?articleID=205602931

2)
Army marches toward VOIP
http://www.gcn.com/online/vol1_no1/45655-1.html

3)
Polish teen derails tram after hacking train network
http://www.theregister.co.uk/2008/01/11/tram_hack/

4)
Oracle set to issue new bunch of patches
http://www.techworld.com/security/news/index.cfm?newsID=11100

5)
The University of California's eScholarship Repository has recently exceeded five million full-text downloads, according to the university.
The eScholarship Repository, a service of the California Digital Library, allows scholars in the University of California system to submit their
work to a central location where any users may easily access it free of charge. The idea is to ease communication between researchers.
Catherine Mitchell, acting director of the CDL publishing group, says the number shows that both content seekers and creators have embraced
the service, allaying concerns among researchers that others wouldn't contribute to the repository.--Hurley Goodall


Andrea L. Foster:

Beware of faculty members who are clueless about whether they hold the copyrights to their research papers,
Trisha Davis, a librarian at Ohio State University, told a group of librarians today at the midwinter conference of
the American Library Association. She made the remark while discussing the challenges Ohio State faced in building
an institutional repository. The university has over 21,000 articles--including conference papers, teaching materials,
photographs, and multimedia works--in the archive. Faculty members will submit research papers to the repository
often unaware that they have signed away the rights to their work to a journal publisher, Ms. Davis said.
"They are stunned that they have not retained the copyrights," she said. "They're vehemently adamant" that
they still have rights to the work. Also, she added, faculty members sometimes add other scholars' material to
the repository, incorrectly assuming that this is allowed under fair use.

Advice for Librarians Who Want to Write
At a discussion Saturday morning during the midwinter American Library Association conference, young librarians
and those still in library school were offered tips from their colleagues on how to get published. Here are some of the
recommendations:
* Write book reviews.
* Find a publication that covers your area of expertise, and pitch an article to its publisher.
* Find a topic no one's written about. * Check out Web sites -- such as Beyond the Job and A Library Writer's Blog -- that regularly put out calls for papers.
* Pair up with a more experienced colleague and offer to help him or her write a paper.

Librarians at for-profit academic institutions are serving notice: They're real librarians and they're tired of being ignored.
A group for librarians who work at for-profit institutions recently formed within the Association of College & Research Libraries,
and members gathered Sunday morning at the midwinter conference of the American Library Association to share their concerns.
One problem the librarians have is that state library consortia exclude their institutions from membership. The librarians say
that's unfair, especially since their students -- as state taxpayers -- help to pay for these consortia. In addition, many libraries
at trade schools and other for-profit institutions have unusual collections, in areas like cooking or art, that could be shared more
broadly if the institutions were members of consortia. Another concern: Some library vendors -- such as JSTOR, the nonprofit
digital archive of scholarly publications -- are barred from selling their services or products to for-profit colleges. Why do for-profit
colleges face these hurdles? The librarians at the morning discussion said state rules and previously-negotiated contracts may
require the state consortia and the nonprofit vendors to deal exclusively with libraries at nonprofit institutions. Still, the librarians
at for-profit colleges are hoping they can work together to become more accepted within academe.

The bulk of the more than 10,000 librarians attending the midwinter conference of the American Library Association in Philadelphia over
the past four days have packed up and gone home. But some committed ALA members were still around this morning. About half a dozen
of them--on the Committee on Status of Women in Librarianship--gathered to discuss gender-equity and other issues affecting librarians.
One issue the librarians discussed was pay. They want the ALA to allow job advertisements in the group's American Libraries magazine
and other publications only if the postings include minimum and maximum pay offered. The librarians said it's difficult for their colleagues
to negotiate with employers for higher salaries without this information. But many employers, particularly academic institutions,
refuse to include this information in their job postings. Some of the librarians said the ALA is reluctant to force colleges to include
salary ranges for fear they will pull their ads, thus reducing the library association's advertising revenue. The women's group wants
to push the ALA's governing body, though, not to cowed by higher-education institutions on this issue. The women's group also is
concerned that speakers at ALA conferences are more often men than women. The group wants to gather data for the past several
years on the gender of conference speakers and see if its suspicion is true.

6)
Convicted Hacker Charged With Extortion After Attack On Model's MySpace Account
http://blog.wired.com/27bstroke6/2008/01/convicted-hacke.html

7)
Browser vulns and botnets head threat list
http://www.theregister.co.uk/2008/01/14/sans_threat_list/

8)
Barclays chairman has identity stolen
http://www.pcw.co.uk/vnunet/news/2207085/barclays-chairman-identity

9)
Dancing Spychief Wants to Tap Into Cyberspace
http://blogs.wsj.com/washwire/2008/01/13/dancing-spychief-wants-to-tap-into-cyberspace/
Spychief Mike McConnell is drafting a plan to protect Americas
cyberspace that will raise privacy issues and make the current debate
over surveillance law look like a walk in the park, McConnell tells The
New Yorker in the issue set to hit newsstands Monday. This is going to
be a goat rope on the Hill. My prediction is that were going to screw
around with this until something horrendous happens.
At issue, McConnell acknowledges, is that in order to accomplish his
plan, the government must have the ability to read all the information
crossing the Internet in the United States in order to protect it from
abuse. Congressional aides tell The Journal that they, too, are also
anticipating a fight over civil liberties that will rival the battles
over the Foreign Intelligence Surveillance Act.

10)
Hacking Toolkit Compromises Thousands Of Web Servers
http://www.informationweek.com/news/showArticle.jhtml?articleID=205603044

11)
Closing enemy windows of opportunity
http://www.af.mil/news/story.asp?id=123082185
The team is huddled around a laptop outside an enemy compound. One of
the team members adjusts the image on the laptop and the picture becomes
clear. Now the team can see the display of the enemy's computer, on a
secure network, on the fifth floor of the building.
After a decade of information warfare and Air Force leaders' recognition
of cyberspace as a war fighting domain, this kind of 'hack' may not seem
revolutionary.
However, this network intrusion occurred because the team was able to
detect emissions from a computer monitor inside the building. They were
then able to turn radiated energy into a live feed on their laptop, just
as if they had plugged a second monitor into the computer inside.

12)
Wireless LAN scan finds big security holes in NYC retailers wireless nets
http://www.networkworld.com/news/2008/011508-retailer-wlan-security.html

13)
Many Oracle Users Don't Apply Security Patches
http://www.informationweek.com/news/showArticle.jhtml?articleID=205603104

14)
New law eyed to counter industrial spies / Stealing secrets  alone to be punishable
http://www.yomiuri.co.jp/dy/national/20080115TDY01305.htm

15)
Cyber-espionage moves into B2B
http://www.infoworld.com/article/08/01/15/Cyber-espionage-moves-into-B2B_1.html

16)
Follow-up: ORNL hacking
http://blogs.knoxnews.com/knx/munger/2008/01/followup_ornl_hacking.html
ORNL communications chief Billy Stair said the lab has not received a
single call or e-mail indicating that anyone has had their personal
information used or abused as a result of the hacking that took place
last fall and was revealed [1] in early December.
Hackers gained access to a database with the stored personal information
(Social Security numbers, etc.) of thousands of people who visited the
lab over a period of years (1990-2004). ORNL sent letters to 12,000
potential victims, and the "sophisticated cyber attack" gained worldwide
attention.
Stair said he's still extremely limited in the information he can
release and said the lab may never be able to release some details, but
he did discuss a few issues in general terms.

17)
Mystery web infection grows, but cause remains elusive
http://www.channelregister.co.uk/2008/01/16/mysterious_web_infection_continues/
The mystery over a cluster of poisoned websites distributing a toxic
malware cocktail may be better understood but it's still not solved.
Five days ago, we wrote about the infection of several hundred websites
[1] that was unlike anything seasoned researchers had seen before. Mary
Landesman, a cyber gumshoe who first brought it to public attention,
asked for help from other security pros in figuring out how the unusual
new technique worked. And help is what many of her peers have provided.

18)
Microsoft confirms Excel bug, hacks; recommends blocking files
Ongoing attacks are exploiting a flaw in most versions of the popular
Excel spreadsheet application, Microsoft Corp.'s security group said
late Tuesday.
The attacks, which the Microsoft Security Response Center (MSRC)
downplayed as "targeted, and not widespread," are using a bug found in
Excel 2000, Excel 2002, Excel 2003 Service Pack 2, Excel Viewer 2003 and
Excel 2004 for Mac. Newer editions -- Excel 2003 SP3, Excel 2007 and
Excel 2008 for Mac -- are not vulnerable, Microsoft claimed. That last
version, Excel 2008 for Mac, launched earlier Tuesday at the Macworld
Conference & Expo in San Francisco.
"Microsoft is aware of specific targeted attacks that attempt to use
this vulnerability," said Tim Rains, the security response
communications lead at Microsoft, in an e-mail forwarded by the
company's public relation firm. "Microsoft is aggressively investigating
the public reports and customer impact."

19)
British Muslim computer geek, son of diplomat, revealed as al Qaeda's top cyber terrorist
http://www.dailymail.co.uk/pages/live/articles/news/news.html?in_article_id=508543
A computer nerd from Shepherd's Bush, West London, became al Qaeda's top
internet agent, it can be revealed today.
Younes Tsouli, 23, an IT student at a London college, used his top-floor
flat in W12 to help Islamist extremists wage a propaganda war against
the West.
Under the name Irhabi 007 -- combining the James Bond reference with the
Arabic for terrorist -- he worked with al Qaeda leaders in Iraq and came
up with a way to convert often gruesome videos into a form that could be
put onto the Web.
Videos he posted included messages from Osama bin Laden and images of
the kidnapping and murder of hostages in Iraq such as American Nick
Berg.

20)
Prize for zero-day Windows flaws set at $20,000
http://www.networkworld.com/news/2008/011608-prize-for-zero-day-windows-flaws.html
A security research company is offering $20,000 for information on
undisclosed security flaws in Microsoft's Windows OS.
Digital Armaments, which doesn't list a phone number or a headquarters
address on its Web site, is offering the money as part of the "Hacker's
Challenge" through midnight EST, Feb. 29. The company is also soliciting
for flaws in what they term "Windows Diffuse Applications."
Submitters need to illustrate a working exploit and document it,
according to the company's Web site, which is filled with misspelled
words.
There's nothing illegal about paying security researchers for flaws, but
it does tend to annoy software companies whose products are affected.

<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Educational CyberPlayGround NetHappenings  ©1989
NetHappenings: the largest and oldest K-12 Education Mailing Lists
Email Preferences -- Subscribe - Unsubscribe - Digest
http://www.edu-cyberpg.com/Community/NetHappenings.html

Copyright FAIR USE Statements to be included when reproducing
annotations from NetHappenings.

The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format:

***
EDUCATIONAL CYBERPLAYGROUND http://www.edu-cyberpg.com
NetHappenings Mailing List ©1989
http://www.edu-cyberpg.com/Community/Nethappenings.html
Blog: http://blog.edu-cyberpg.com/
***

Advertise on NetHappenings
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>