The House of Representatives on Friday voted overwhelmingly in favor of a "compromise" spy law that would shield AT&T and other companies from pending lawsuits accusing them of opening their networks to the government in violation of wiretap laws.
The major sticking point in the contentious rewrite of a 1978 electronic-surveillance law known as the Foreign Intelligence Surveillance Act, or FISA, was whether to grant so-called retroactive legal immunity to telephone companies being sued for their participation in the warrantless surveillance program secretly begun by President George W. Bush after the September 11 attacks.
Touted by Republicans as a "compromise," the bill, passed on a 293-129 vote, would not provide retroactive immunity, per se. It would, however, shift the debate behind closed doors, allowing U.S. district courts to dismiss lawsuits if there was written documentation that the White House asked a company to participate and assured it the surveillance was legal.
While expected to pass in the Senate next week, the White House-backed bill could have a harder time in that chamber, where a small minority is better able to block legislation from proceeding. Time is of the essence, as Congress nears a planned July 4th-week recess.
Register.com is looking into the hijack of Photobucket's DNS records that redirected customers to an unrelated Web page this week.
"The Photobucket site was down for a very short time and was restored immediately when we became aware of the issue." Roni Jacobson, general counsel of Register.com, said in a statement on Thursday. "We are currently investigating the source of the problem."
On Tuesday afternoon, some Photobucket customers trying to access the site were temporarily redirected to a page that appeared to have been hacked by a Turkish group calling itself "NetDevilz."
Photobucket discovered the problem within about an hour of when it started and soon thereafter began rolling out a fix. Some customers were able to access the site within a few hours, but for others it took as long as two days, according to the site.
The company is urging customers to do a DNS Flush on their computer, as well as reboot the modem and/or the router if they are still having trouble reaching the site.
"If this does not resolve the issue, please try again later, as the redirect may still be cached in your ISP's DNS files. Depending on the ISP, it may take up to 72 hours (or longer) for their DNS cache to be cleared (or for it to expire), so you should consider contacting them to see if anything can be expedited," the company said in a blog post.
In May, Comcast's DNS records and site were hijacked.
Many customers of Photobucket were unable to reach the site for anywhere from hours to days this week after the site's DNS records were hijacked.
(Credit: Photobucket)Microsoft on Thursday re-released a security patch from earlier this month that was supposed to fix a Bluetooth stack problem that could allow an attacker to take complete control of a computer running Windows XP.
Security patch MS08-030 was originally released June 10. The new version of the update is now available for Windows XP SP2 and SP3 customers.
"After we released MS08-030 we learned that the security updates for Windows XP SP2 and SP3 might not have been fully protecting against the issues discussed in that bulletin," Christopher Budd, security response communications lead for Microsoft, explained in a blog entry. "As soon as we learned of that possibility, we mobilized our Software Security Incident Response Process (SSIRP) to investigate the issue."
"Our investigation found that while the other security updates were providing protections for the issues discussed in the bulletin, the Windows XP SP2 and SP3 updates were not," he added.
The company is investigating the situation and believes there may have been two separate "human issues" involved," Budd wrote, without elaborating.
If you want information about the earthquake in China get it from a news site and not from a link to a video that arrives in your e-mail inbox.
That's the message from the US-CERT (Computer Emergency Readiness Team) on Thursday.
The group has received reports of a new variant of the Storm worm that targets people interested in the May 12 earthquake that killed nearly 70,000 people and left 5 million homeless. Some of the e-mails also have subject lines that deal with the Olympic Games that China is hosting.
In the e-mail is a link that sends a recipient to a malicious Web site, US-CERT says. Opening the purported video link on the site runs executable code that infects the computer with malicious code that can be used to turn the machine into a zombie on a spam botnet.
Previous versions have used April Fools' Day and Valentine's Day themes, as well as masqueraded as a fix for another worm to lure victims to sites.
As always, computer owners and administrators are urged to install and update antivirus software and to not follow unsolicited Web links received in e-mail messages.
We are an industry of Three Letter Acronyms (TLAs). Everyone tries to categorize what they do with them.
Some like ERP stick around for years, while others like Enterprise Optical Networking (EON) come and go without much fanfare. On occasion, however, the industry creates a TLA to define an industry trend, but as the market and technology develop the TLA no longer fits.
This explanation aptly describes the situation with Data Loss Prevention (DLP). A few years ago, DLP vendors like Vericept and Vontu made hay by providing a network-based gateway appliance that would scan IP packets looking for confidential data "leakage." When evil Joe in accounting tried to send a spreadsheet of customer credit card numbers to his Hotmail account, DLP boxes could detect and prevent this type of malicious behavior.
Given this heritage, the DLP acronym was appropriate circa 2005, but not in 2008. Why? Gateway DLP packet filtering devices are only part of the story; today's DLP vendors do a heck of a lot more. Tablus is an expert at data discovery. Vericept excels in data classification. Orchestria is really good at policy management and enforcement. As part of Symantec, Vontu is focusing on integrating DLP functionality with other IT operations tasks. Finally, some vendors like Trend Micro and McAfee eschew the network altogether and focus on endpoints.
So if DLP doesn't fit anymore, what does? My colleague Charlotte Dunlap and I suggest we borrow another acronym and re-name this category Data Governance, Risk, and Compliance (DGRC). To us, this covers everything that's needed in the data lifecycle data including creation, classification, and policy management/enforcement. Typically, only Gartner acronyms stick, but Charlotte and I have our fingers crossed.
In all seriousness, many large organizations have no idea how much confidential and private data they have or where it is stored--a pretty scary thought. Given this problem, gateway filtering devices aren't enough. We need DGRC policies, processes, and technologies across all data around the enterprise. We need a new acronym that aptly describes this situation, even if it's actually four letters.
Secure Computing researchers have discovered a new variant of the DNSChanger Trojan in the wild that attacks routers, meaning any Web surfing computer on that network could be at risk of being redirected to a malicious Web site.
The DNSChanger Trojan changes the DNS settings to point to a host Web site address supplied by the attackers, Sven Krasser, director of data mining research at Secure Computing, said in an interview with CNET News.com on Tuesday.
"Your network is essentially reconfigured to do all the (domain) name resolutions over this malicious name server," he said.
The DNSChanger Trojan is able to access all the settings and functions on the router. It only knows about a few popular router Web interface URLs that it can use to change DNS settings at this time, but that is expected to change and more routers will be affected, according to a Secure Computing blog entry.
The Trojan is believed to be created by the creators of the family of malware called "Zlob," which masquerades as an ActiveX video codec.
A new variant of the DNSChanger Trojan attacks routers so that non-existing domain names are added by the malware. These rogue DNS servers, located in the Ukraine, resolve any domain name you provide and redirect to Web sites that look like the one in this screenshot.
(Credit: Secure Computing)An Australian man has discovered security vulnerabilities in his Internet-connected coffee maker that could allow a remote attacker to not only take over his Windows XP-based PC but also make his coffee too weak.
Craig Wright, a risk advisory services manager at professional services firm BDO, found several security holes, including a buffer overflow in the Internet Connection software that links his Jura F90 coffee maker to his PC.
This $2,000 Jura F90 coffee maker can be connected to the Internet for remote control of the settings. But it also can open up your PC to remote attacks, a security expert says.
(Credit: Jura)Wright posted the information on the vulnerabilities, and the fact that there is no patch available yet, to the BugTraq security e-mail list on Tuesday.
A U.S.-based public relations representative for the coffee maker said she would try to reach spokespeople in the Switzerland headquarters for comment.
The threat hasn't kept Wright awake at night, although the coffee does, he said in an interview with CNET News.com at 2:30 Wednesday morning Sydney time.
"I don't know if many people would target this particular vulnerability because there probably are not a lot of coffee makers at the moment that are Internet-connected, and in my case it's behind a firewall," he said.
However, Internet-connected appliances are the wave of the future. There is already an Internet-connected refrigerator, at least one prototype of a Web-enabled oven, and pilot tests for dryers and water heaters.
Eventually "you'll be able to turn on your oven with your mobile phone" and a malicious hacker could wind up burning the house down, Wright said.
A fired Massachusetts state worker has been exonerated of a charge of possessing child pornography after computer forensics showed that his work laptop was infected with malicious software that was surreptitiously visiting illegal Web sites.
Michael Fiola, 53, was fired as a worker's comp fraud investigator with the Massachusetts Department of Industrial Accidents in March 2007 after IT administrators found cached images of child porn in the temporary Internet files in his browser, according to the Dark Reading security news site.
Fiola, described as being "computer illiterate," hired a forensics expert who found the evidence that was used to convince the court to drop the case last week. He remains unemployed and plans to sue the agency over his firing.
"Our lives have been hell," Fiola, a former state park ranger now living in Rhode Island told the Boston Herald. "I hope to recover my reputation, but our friends all ran."
His laptop initially attracted attention because its wireless usage was four times higher than that of his co-workers. But because the IT department hadn't properly configured the agency laptop and antivirus software wasn't working on the machine, it was riddled with Trojans and viruses, in addition to the malicious software that was bringing up the porn sites.
(Credit: USCG)You can't really say you have a private beach until you've installed a SM 2000 Underwater Surveillance System by Kongsberg to keep out the riffraff.
The system is designed to protect commercial piers, government and military vessels, cruise ships, terminals, and other high-value assets, but it'll work just as well for your hideaway surf break. You know it's good if the oil sheiks buy it. Kongsberg installed an integrated system at a "High-Value Seaside resort" in the United Arab Emirates; the exact location is classified.
The U.S. Coast Guard just picked up $2 million of Kongsberg gear to enhance its Integrated Anti-swimmer Systems (IAS) program at the nation's ports. The purchase follows the initial IAS contract worth $3 million.
Using software and sonar the system can detect and differentiate between "malicious swimmers and divers" and other targets, such as marine life and debris, at up to 1000 meters, according to the British Columbia-based company. A processor "captures a wide acoustic swath" to positively identify and localize the threat, then notifies security (PDF).
You'll be relieved to know that the Coast Guard and the EPA have concluded that the system will not "adversely affect threatened or endangered species or critical habitat." Whether a diver could do enough damage to justify the multimillion-dollar investment is open to debate.
Someone poaching in your favorite abalone patch? A frogman can be warned that he is in a restricted area and should surface immediately by "underwater loudhailer." If that doesn't work, deploy the "nonlethal interdiction acoustic impulse," an underwater shockwave emitter--which, despite its name, can be set on stun or kill.
I'm a Firefox user, how about you? If you're part of the roughly 20 percent market share using Mozilla's free, open-source Web-browsing software, you're probably looking forward to Tuesday, June 17th's release of version 3. In fact, the company is hoping that 1 million of you are excited in hopes of setting a record for the most downloads in a 24-hour period.
In Friday's edition of the Daily Debrief, I chat with CNET Webware.com's Rafe Needleman about what to expect with this version. He's been using the release candidate for a few weeks and says we can look forward to faster browsing, the "awesome bar," and more security features.
