<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
[ECP] Educational CyberPlayGround NetHappenings Mailing List ©1989
*Link to the Educational CyberPlayGroundhttp://www.edu-cyberpg.com
*Link to the Educational CyberPlayGround Blog:
http://blog.edu-cyberpg.com/
*
Subscribe to the ECP Blog Feed:
http://feeds.feedburner.com/EducationalCyberPlayGround
*
Find your School in the ECP K-12 School Directoryhttp://www.edu-cyberpg.com/schools/
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Happy Reading for today
<Karen>
1)
ISPs' Error Page Ads Let Hackers Hijack Entire Web, Researcher Discloses
http://blog.wired.com/27bstroke6/2008/04/isps-error-page.htmlSeeking to make money from mistyped website names, some of the United
States' largest ISPs instead created a massive security hole that
allowed hackers to use web addresses owned by eBay, PayPal, Google and
Yahoo, and virtually any other large site.
The vulnerability was a dream scenario for phishers and cyber attackers
looking for convincing platforms to distribute fake websites or
malicious code.
The hole was quickly and quietly patched Friday after IOActive security
researcher Dan Kaminsky reported the issue to Earthlink and its
technology partner, a British ad company called Barefruit. Earthlink
users, and some Comcast subscribers, were at risk.
Kaminsky warns that the underlying danger lingers on.
*******************************************
ARE YOU CRANKY? SCANKY? ARE YOU INFECTED??
Everyone Needs
FREE Security InformationChecks your computer to see if you're
vulnerable and/or have been infected by a virus or Trojan Horse.
********************************************
2)
FBI organizes defense against cyber-attacksThe FBI quietly established last summer a task force involving U.S.
intelligence and other agencies to identify and respond to cyberthreats
against the United States.
Called the National Cyber Investigative Joint Task Force, the group has
"several dozen" personnel working together at an undisclosed location in
the Washington area, said Shawn Henry, the FBI's deputy assistant
director of its cyberdivision.
3)
Nation States' Espionage and CounterespionageNewspapers around the world regularly cover the leveling of the global
playing field, often called "the global marketplace," and highlight the
entrance of vibrant, new cultures and economies into the entrepreneurial
mix. In effect, more and more of our fellow citizens around the world
are developing increasing amounts of new and exciting intellectual
property and applying this intellect in ways never before imagined.
Thanks to readily available infrastructure, individuals, companies and
the countries and economies to which they contribute are able and
universally welcomed to step up and participate. In a level playing
field, these entrepreneurs compete with the ideas and capabilities of
others, not locally, but globally. That's the good news.
Unfortunately, not a month passed in 2007 without a reference to
intellectual property theft or a revelation that IP theft was being
sponsored by a nation-state. More frequently, we hear of yet another
government condoning, encouraging and creating a mandate for its
national intelligence and security resources to steal intellectual
property for competitive and national advantage.
*********************************************
LITERACY - WHY IS ENGLISH SO HARD TO LEARN?Integrate literacy (Language Arts), the arts (music) and
technology into the classroom using Interdisciplinary,
thematic, collaborative Online Curriculum, Readability Tools
Resources about American Dialects.
*********************************************
4)
The new byword in infosecurity:
Don't embarrass the bossHere's where things are getting interesting. That new sensitivity to
data loss has invited more high-level scrutiny from the business side
into how IT maps out its cyberdefenses. In fact, the percentage of
information security personnel reporting to executive management or
boards of director has climbed to 49 percent from 21 percent just four
years ago.
"Information security professionals are under increasing pressure to
secure not just the perimeter of the organization but all the data and
employees that belong to the organization," according to the report,
which was conducted at the behest of the International Information
Systems Security Certification Consortium.
5)
Microsoft: Finding flaws on our website is OKToorCon - In a first for a major company, Microsoft has publicly pledged
not to sue or press charges against ethical hackers who responsibly find
security flaws in its online services.
The promise, extended Saturday at the ToorCon security conference in
Seattle, is a bold and significant move. While researchers are generally
free to attack legally acquired software running on their own hardware,
they can face severe penalties for probing websites that run on servers
belonging to others. In some cases, organizations have pursued legal
action against researchers who did nothing more than discover and
responsibly report serious online vulnerabilities.
"This is actually really important because online services - that's our
stuff," Microsoft security strategist Katie Moussouris told several
hundred researchers. "The philosophy here is if someone is being nice
enough to point out your fly is down, they're really doing you a favor
and you should thank them rather than calling the cops and saying you're
a pervert."
6)
Book Review: The New School of Information SecurityAfter years of countless 1,000+ page massive security books, The New
School of Information Security succinctly spreads its message in a brief
160 pages. In those 160 pages, the author's detail at a high-level what
needs to be done to create this new school. Therein lays the books only
flaw, its brevity. The authors want to get the concept of the new school
out there, but they do not detail enough of the necessary requirement to
make it work. They show with clarity how things are broken, but don't do
enough to show how to fix it. Let's hope the authors are at work on a
follow-up writing those necessary additions.
**********************************************
Censorship, Text Book Publishers & The Money
Science Book Errors
Bill Bennett X Secretary of Education cashes in on education reform.
About Online Digital Curriculum
Currently a law going through the legislature that would change the
term for funding from "textbook" to "instructional materials."
President Bush's brother Neil Bush has a company.
**********************************************
7)
Rupert Murdoch Firm Goes on Trial for Alleged Tech Sabotage
http://www.wired.com/politics/law/news/2008/04/murdochDid a Rupert Murdoch company go too far and hire hackers to sabotage
rivals and gain the top spot in the global pay-TV war?
This is the question a jury will be facing in a spectacular
five-year-old civil lawsuit that is finally being tried this month in
California but which has, oddly, received little notice from U.S. media.
The case involves a colorful cast of characters that includes former
intelligence agents, Canadian TV pirates, Bulgarian and German hackers,
stolen e-mails and the mysterious suicide of a Berlin hacker who had
been courted by the Murdoch company not long before his death.
On the hot spot is NDS Group, a UK-Israeli firm that makes smartcards
for pay-TV systems like DirecTV. The company is a majority-owned
subsidiary of Murdoch's News Corporation. The charges stem from 1997
when NDS is accused of cracking the encryption of rival NagraStar, which
makes access cards and systems for EchoStar's Dish Network and other
pay-TV services. Further, it’s alleged NDS then hired hackers to
manufacture and distribute counterfeit NagraStar cards to pirates to
steal Dish Network's programming for free.
8)
Seventy colleges has begun using InCommon, an "identity management" program developed by Internet2, the university-networking organization. InCommon acts sort of like a bouncer at a nightclub, checking IDs at a central location and keeping out the riffraff. This allows the University of Virginia, which does have a fair amount of computer power, to host the videos on its servers and stream them out to only the VIVA members.
*******************************************
WIFI CAN BE DONE TO GET ALL SCHOOLS WIRED WITHOUT SPENDING ALL THE
MONEY THAT WE THE TAX PAYERS ARE SPENDING!
*******************************************
9)
Researchers find
hole in 'flawless' encryption technologyQuantum cryptography, a new technology until now considered 100 per cent
secure against attacks on sensitive data traffic, has a flaw after all,
Swedish researchers say.
"In computer terms, we've found a bug," said Jan-Aake Larsson, an
associate professor of applied mathematics at the Linkoeping University
in southern Sweden.
"It was surprising - we didn't expect to find a flaw," he said, adding
that he and another researcher at the university had also discovered a
way to fix the problem.
Many experts hope quantum cryptography will be the answer to growing
fears about data security on the Internet, providing a one-off code that
would be unbreakable for hackers.
10)
Hannaford to spend 'millions' on IT security upgrades after breach
Executives at Hannaford Bros. Co. said today that the grocer expects to
spend "millions" of dollars on IT security upgrades in the wake of the
recent network intrusion that resulted in the theft of up to 4.2 million
credit and debit card numbers from its systems.
**************************************
ECP
FREE SOFTWARE OPEN SOURCE EXPLAINEDWhat about changing over to Linux in Schools?
This is the tricky part.
**************************************
11)
LendingTree sues mortgage firms over security breach
http://www.news.com/8301-10784_3-9926007-7.htmlLendingTree on Monday told customers that their sensitive information
was leaked in a security breach and that it has sued three lending
companies as a result.
Several former employees of LendingTree are believed to have taken
company passwords and given them to a handful of lenders who then
accessed LendingTree customer data files, the company said.
The data includes customer names, Social Security numbers, addresses,
e-mail addresses, telephone numbers, and income and employment
information, but not credit card information, LendingTree said in an
e-mail to customers and on a frequently-asked-questions page on its Web
site.
The outside lenders are believed to have accessed LendingTree customer
loan request forms between October 2006 and early 2008. The lenders then
tried to market loans to the customers, LendingTree says.
12)
US court waves through border laptop searches
http://www.theregister.co.uk/2008/04/22/us_laptop_ruling/Contrary to what some of you may believe, one cannot live in a laptop,
according to the Court of Appeals for the Ninth Circuit in the US.
In a recent ruling [1], a three-judge panel of that court determined
that border agents could examine the contents of a laptop without
reasonable suspicion of wrongdoing. As part of that decision, the court
rejected the defendant's contention that his laptop was analogous to his
home or his mind because of the amount of storage and type of personal
content that could be held there.
The case began when Michael Arnold touched down at LAX after a trip to
the Philippines. While going through customs, a US Customs and Border
Patrol Officer selected him for secondary questioning.
Inside his luggage, Arnold had a laptop computer, a separate hard drive,
a USB flash drive and six CDs. The officer asked Arnold to turn the
computer on, then discovered pictures of naked women in folders on
Arnold's desktop.
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Educational CyberPlayGround NetHappenings ©1989
NetHappenings: the largest and oldest K-12 Education Mailing List
Email Preferences -- Subscribe - Unsubscribe - Digest
http://www.edu-cyberpg.com/Community/NetHappenings.html
Copyright FAIR USE Statements to be included when reproducing
annotations from NetHappenings.
The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format:
> EDUCATIONAL CYBERPLAYGROUND
> http://www.edu-cyberpg.com
> Educational CyberPlayGround NetHappenings ©1989
> http://www.edu-cyberpg.com/Community/Nethappenings.html
Advertise on NetHappenings http://www.edu-cyberpg.com/Community/Subguidelines.html
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>