EDUCATIONAL CYBERPLAYGROUND NETHAPPENINGS
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
[ECP] Educational CyberPlayGround NetHappenings Mailing List ©1989
*Link to the Educational CyberPlayGround
http://www.edu-cyberpg.com
*Link to the Educational CyberPlayGround Blog:
http://blog.edu-cyberpg.com/
*Subscribe to the ECP Blog Feed:
http://feeds.feedburner.com/EducationalCyberPlayGround
*Find your School in the ECP K-12 School Directory
http://www.edu-cyberpg.com/schools/
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Happy Reading for Today.
<Karen>
DDoS Packets are Two Percent of Net Traffic, Report Says
http://blog.wired.com/27bstroke6/2008/04/ddos-packets-ar.htmlOne out of every 50 packets on the internet is malicious junk intended
simply to clog the tubes, according to a high level traffic analysis by
Arbor Networks.
BLACK HAT - Analyst: Money will fuel mobile spying programs
http://www.pcworld.idg.com.au/index.php/id;1126249158One of the latest tools on the market is Mobile SpySuite, which Niemela
believes is the first spy tool generator for mobiles. It sells for
US$12,500 and would let a hacker custom-build a spy tool aimed at
several models of Nokia phones, Niemela said.
Pentagon analyst admits espionage
http://news.bbc.co.uk/2/hi/americas/7323698.stmA US defence department analyst has admitted giving classified
information about military communication systems to a businessman
working for China.
RCMP computer security breached, documents reveal
KAMLOOPS -- The security of RCMP computers used to process evidence for
a looming multimillion-dollar trial was breached from outside the
agency, exposing sensitive files to the possibility of theft and
tampering, Crown documents reveal.
Teenager guilty of million-dollar hacking campaign
http://www.guardian.co.uk/technology/2008/apr/01/hitechcrime.hackingA New Zealand teenager accused of leading an international ring of
computer hackers which skimmed millions of dollars from bank accounts
was today convicted of illegal computer hacking.
Student charged with hacking into OU accounts
http://www.normantranscript.com/localnews/local_story_093235818.htmlA University of Oklahoma student has been charged with violation of the
Oklahoma Computer Crimes Act for allegedly hacking into and causing
havoc with other students. computer accounts.
Black Hat: new operating systems security metric
http://www.heise.de/english/newsticker/news/105717At the Black Hat Security Conference [1] currently taking place in
Amsterdam, researchers from the Zurich ETH (Swiss Federal Institute of
Technology) have reported a new model for determining the security of
operating systems. They don't just count the number of holes and how
critical they are, but also determine what they call the zero-day patch
rate. This indicates the ability of a vendor to make a patch available
on the day a vulnerability becomes known. In order to stay independent
of vendor information, they looked at many independent sources including
Secunia, Milw0rm, The Open Source Vulnerability Database (OSVDB),
National Vulnerability Database (NVD) and CVE.
Stolen laptop reveals security gap
http://www.fcw.com/online/news/152075-1.htmlDespite federal security policy established two years ago, the National
Institutes of Health failed to encrypt a laptop that contained sensitive
information and was stolen Feb. 23.
Estonia to drill NATO's future cyber-war defenders
Almost a year after falling victim to a "cyber-war" blamed on Russian
hackers, the Baltic state of Estonia is now piloting NATO's efforts to
ward off future online attacks on alliance members.
Beijing to set up 24-hour anti-hacking department during Olympics
http://english.people.com.cn/90001/90776/90882/6385582.htmlIn order to meet the city.s demand for information security during the
Olympic Games, the first municipal Information Security Emergency
Response and Disposal Centre was set up in Beijing on April 1; and it
will operate 24 hour a day, according to the Beijing Times.
Biometric hack tool released
http://www.techworld.com/A British security researcher has demonstrated a "biologging" system for
intercepting biometric authentication data, warning that attacks on
biometric systems could become relatively straightforward if current
practices don't change.
US auto parts store spills data to hackers
http://www.theregister.co.uk/Hackers targeted Syrian media during Damascus Summit
http://www.menassat.com/DAMASCUS, April 1, 2008 (MENASSAT) . Journalists covering the Arab
summit from the Damascus media center on Saturday morning were
astonished to find access to many official Syrian websites blocked.
Access was denied to the official Syrian news agency, SANA, newspapers
like al-Thawra and Tishrine and news websites such as Syria News, Sham
Press and Zaman al-Wasel.
Rumors quickly spread among journalists that Syria was under a computer
attack, probably originating in France, Turkey or Lebanon.
Wikipedia-reading boffins jimmy keyless door to entire universe
http://www.theregister.co.uk/2008/04/03/keeloq_master_key_found/A team of German scientists say they have cracked the encryption of a
device widely used in keyless entry systems that electronically secure
cars, garages and office buildings.
The finding by the scientists from Ruhr University in Bochum, Germany,
means it is now relatively straightforward to clone the remote control
devices that act as the electronic keys that unlock these restricted
areas.
In a paper published earlier this week, they demonstrated a method they
say completely breaks the encryption used in the Keeloq security system,
which is used by manufacturers of cars, garage door openers and other
devices.
AT&T Asks Colleges for New Cellphone Ideas
As colleges push to integrate mobile-phone technology into the college experience, the AT&T Corporation has announced a
contest to develop mobile-phone applications for campus use. Students and faculty members from any four-year institution are eligible to compete for the $10,000 prize. Students would get the money as scholarship funds.
Students and faculty members can develop applications across three categories—social networking, academics, and safety and security—for any type of mobile phone. The contest closes August, 31. The winner in each category will be announced in October.
So what happens with the applications after the winners are selected?
Mark Williams, a spokesman for AT&T, says that each application will remain the developer’s intellectual property (or the university’s, in some cases). If the company decides to distribute the applications on its network, it will enter a revenue-sharing agreement with the winners.
Bush Library Loses Internet Home, Opening the Door to PrankstersThe George W. Bush Presidential Library Foundation has found a brick-and-mortar home for the president's library.
But settling on an Internet home could be more problematic.
The foundation has let slip from its control the domain name www.GeorgeWBushLibrary.com.
Monday inThe Dallas Morning News. It states that Illuminati Karate, a software and Web design company in Raleigh N.C., grabbed the name for less than $10, but it won't say what it will do with the address.
Meanwhile, critics of the president have ownership of http://www.georgewbush.org/ GeorgeWBushLibrary.org, and http://thegeorgewbushlibrary.com/ TheGeorgeWBushLibrary.com. According to the article, that leaves these sites available to the library foundation: GWBPresidentialLibrary.com, GWBPresidentialLibrary.org, and GeorgeWBushPresidentialLibrary.com
Adobe claims it knew of '
Pwn to Own' bugSecurity researchers at Adobe Systems Inc. claimed that they knew of a
Flash bug before it was used to crack a Windows Vista laptop last week
in the "Pwn to Own" hacker challenge.
Will Online Book Piracy Drive Authors to Stop
interview with Tracy Chevalier, author of Girl With a Pearl Earring, in Monday's Timesof London suggests that digital book piracy may discourage authors from writing. Unless, that is, the publishing industry can come up with a different business model.
Echoing arguments made by the music industry, the article cites freewheeling digital reproductions of Harry Potter novels, cookbooks, travel guides, and other fiction and nonfiction texts as a possible disincentive for writers to continue practicing their (occasionally profitable) craft. Ms. Chevalier, chair of the UK's Society of Authors, says "writers who write books that you dip in and out of" will suffer the most.
"[The payment structure] is a dam that’s cracking,” she told the Times. “We are trying to plug the holes with legislation and litigation but we need to think radically. We have to evolve and create a very different pay system, possibly by making the content available free to all and finding a way to get paid separately.”
At a recent industry discussion on copyright law, the article says, she offered several alternative income sources for the publishing industry to consider: government, business, rich patrons, and the public.--Catherine Rampell
Eine Kleine File Musik Researchers at the University of Rochester have found a way to
digitally reproduce music in files that are
1,000 times smaller than an MP3 file.
The music, a 20-second clarinet solo encoded in less than a single kilobyte, is not a recording but a reproduction. Researchers led by Mark Bocko, a professor of electrical and computer engineering, recreated via computer "both the real-world physics of a clarinet and the physics of a clarinet player," according to a school press release.
The computer uses everything it knows about how clarinet music is produced--fingerings, force of breath, and pressure of the player's lips--to recreate the sounds.
The sound quality is not yet identical to that of a real performance, though. Download the sound clips and compare for yourself: click http://www.rochester.edu/news/audio/Clar_orig.wav for the human-made music and http://www.rochester.edu/news/audio/Clar_synth.wav for the computer-made reproduction.
Justice, Commerce warn of Web 2.0 - and 3.0 - security riskshttp://www.gcn.com/online/vol1_no1/46063-1.html
Defense-in-depth protection for agency Web sites is the recommendation
from Justice and Commerce department representatives who spoke during
the FOSE 2008 Conference and Exposition about the dangers of targeted
attacks.
[The] Web is a collaboration method, but the benefits of collaboration
will not be realized unless that collaboration is done securely,. said
Michael Castagna, Commerce.s chief information security officer.
We must understand the promise and peril of technology,. he added.
Criminal syndicates are targeting intellectual assets such as credit
card data and personal information and then are selling that
information.
Castagna also spoke about Web 2.0 risks. He described the three
components of Web 2.0 as service-oriented architecture, application
program interfaces, and rich Internet applications that use technologies
such as Flash, Really Simple Syndication, and Asynchronous JavaScript
and Extensible Markup Language.
Web 2.0 is about the user experience, with an emphasis on
user-contributed content. In Web 2.0, the Web has become the
application, but in Web 3.0, the Web becomes a database. Castagna
asserted that although Web 2.0 presents its own security risks, he is
also looking ahead to Web 3.0 and the risks it might present. .Web 3.0
will consist of a database of machine-to-machine content,. he said.
.Search moves from contextual to semantic where it is interactive and
powerful and must be secured..
Mischel Kwon, deputy director of IT security at Justice, spoke about the
danger of the relatively new IFrame attacks.
An IFrame (short for inline frame) is an HTML element that makes it
possible to embed another HTML source inside the main document. In an
IFrame attack, malicious code is injected into Web pages that redirect
visitors to third-party malware sites.
Despite the persistence of such attacks, Kwon acknowledged the power of
Web applications. .To be effectively used, Web applications require ease
of access, connectivity to other applications and rich functionality,.
she said. .The last thing you want to do is inhibit it via security. You
must balance security with mission necessity and do risk analysis to
decide what risks we are willing to take to allow that rich
functionality.hat electronically secure.
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Educational CyberPlayGround NetHappenings ©1989
NetHappenings: the largest and oldest K-12 Education Mailing List
Email Preferences -- Subscribe - Unsubscribe - Digest
http://www.edu-cyberpg.com/Community/NetHappenings.html
Copyright FAIR USE Statements to be included when reproducing
annotations from NetHappenings.
The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format:
> EDUCATIONAL CYBERPLAYGROUND
> http://www.edu-cyberpg.com
> Educational CyberPlayGround NetHappenings ©1989
> http://www.edu-cyberpg.com/Community/Nethappenings.html
Advertise on NetHappenings
http://www.edu-cyberpg.com/Community/Subguidelines.html
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>