Free Republic

I have created a public register of "bump lists" here on Free Republic. I define a bump list as a name listed in the "To" field used to index articles. Free Republic Bump List Register

SAN FRANCISCO (AP) - Google Inc. hails its new e-mail service as a breakthrough in online communication, but consumer watchdogs are attacking it as a creepy invasion of privacy that threatens to set a troubling precedent. Although Google's free "Gmail" service isn't even available yet, critics already are pressuring the popular search engine maker to drop its plans to electronically scan e-mail content so it can distribute relevant ads alongside incoming messages. Privacy activists worry that Gmail will comb through e-mail more intensively than the filters widely used to weed out potential viruses and spam. Gmail opponents also want Google...

SAN FRANCISCO (Reuters) - Prosecutors looking to throw the book at accused computer hackers have come across a legal defense expected to become even more widespread in an era of hijacked PCs and laptops that threatens to blur the lines of personal responsibility: the computer did it. In one case that was being watched as a bellwether by computer security experts, Aaron Caffrey, 19, was acquitted earlier this month in the United Kingdom on charges of hacking into the computer system of the Houston Pilots, an independent contractor for the Port of Houston, in September 2001. Caffrey had been charged...

Your patient records are out in the open... so you better track that person and make him pay my dues." A woman in Pakistan doing cut-rate clerical work for UCSF Medical Center threatened to post patients' confidential files on the Internet unless she was paid more money.To show she was serious, the woman sent UCSF an e-mail earlier this month with actual patients' records attached.

A severe DoS (Denial of Service Attack) has been launched by several sites/persons unnamed against a lone American site. This American site was considered important enough to attack regardless of the consequences.  The attacks brought down many other internet sites in the process.  The 'packet storm' has been incredible. Quoting Aaron: "This is not a matter of political opinion. When I say that a site is affiliated with such and such a group, I mean it, and I'm backed up by some of the world's leading experts in Islamic extremism (who are also fluent in Arabic)." Background press on Haganah...

Stolen Computer Search October 14, 2003 — The search goes on for a stolen laptop computer, a computer that contains sensitive information about security at all the commercial airports in the U.S. It happened during an airport security training seminar at the Embassy Suites near Philadelphia International. Police and the FBI have not located that computer nor have they made any arrests. I am told it contains sensitive information about security at the nation's 429 airports. A source tells Action News they do not believe this was the job of a professional who knew what was on the computer, but...

A computer hacker brought the systems of a major American port to a halt during a revenge attack on a fellow internet chatroom user, a court has heard. Aaron Caffrey, 19, allegedly hacked into the computer server at the Port of Houston in Texas in order to target a female chatroom user following an argument. It was claimed that the teenager intended to take the woman's computer offline by bombarding it with a huge amount of useless data, and he needed to use a number of other servers to be able to do so. Mr Caffrey, of Fairlane, Shaftesbury, Dorset,...

Fri September 26, 2003 08:00 PM ET By Elinor Mills Abreu SAN FRANCISCO (Reuters) - Security holes in Microsoft's Internet Explorer browser have been exploited by hackers to hijack AOL instant messaging accounts and force unsuspecting Web surfers to run up massive phone bills, computer experts cautioned on Friday. Some Internet Explorer users are also finding that malicious Web sites are secretly slipping trojan programs onto their computers, which could prove an even more dangerous exploit, said Drew Copley, a research engineer at Aliso Viejo, California-based eEye Digital Security, who discovered the original security vulnerability. Such stealth programs can include...

Computer Virus Cripples State Department's Visa-Checking System for About Nine Hours The Associated Press WASHINGTON Sept. 24 — A computer virus disrupted systems at the State Department for checking every visa applicant for terrorist or criminal history, leaving the U.S. government unable to issue visas for roughly nine hours. The virus crippled the department's Consular Lookout and Support System, known as CLASS, which contains more than 15 million records from the FBI, the State Department and U.S. immigration, drug-enforcement and intelligence agencies. Among the names are those of at least 78,000 suspected terrorists. In an internal message sent late Tuesday...

Hidden malware in offshore products raises concerns Story by Mark Willoughby SEPTEMBER 11, 2003 ( COMPUTERWORLD ) - "You've go to be a little paranoid to survive in this business." -- Andrew S. Grove, chairman and founder, Intel Corp., ca. 1980 The extreme difficulty in discovering a back door hidden deep within a complex application, buried among numerous modules developed offshore in a global software marketplace, is forcing those assigned to protect sensitive national security information to take defensive actions. The threat of hidden Trojan horses and back doors surfaced this summer when the governments of the U.S. and China...

The US Nuclear Regulatory Commission this week warned nuclear power plant operators to implement safeguards against the Slammer worm, which took systems at one such plant offline in January. The advisory details exactly how the Davis-Besse power plant in Ohio, operated by FirstEnergy Corp, had its "safety parameter display system" and "plant process computer" made unavailable for several hours by the worm. The news of the outage came to light after a report by SecurityFocus.com two weeks ago. It is particularly concerning as Slammer was preventable - it exploited a vulnerability in SQL Server that Microsoft Corp had issued a...

On the night of Wednesday, August 27, two men dressed as computer technicians and carrying tool bags entered the cargo processing and intelligence centre at Sydney International Airport. The men, described as being of Pakistani-Indian-Arabic appearance, took a lift to the third floor of the Charles Ulm building in Link Road, next to the customs handling depot and the Qantas Jet Base. They presented themselves to the security desk as technicians sent by Electronic Data Systems, the outsourced customs computer services provider which regularly sends people to work on computers after normal office hours. After supplying false names and signatures,...

September 1, 2003 Digital Vandalism Spurs a Call for OversightBy AMY HARMON he teenager accused of creating a version of the Blaster worm that infected computer systems across the world last week has been arrested. SoBig.F, an e-mail virus unleashed on the Internet just as Blaster was being stamped out, is expected to expire next week. But all is far from quiet on the electronic frontier. Security experts are already preparing for SoBig.G. Another worm may already be squirming through newly discovered flaws in computer operating systems. And in the moments between epidemics, the Internet's more run-of-the-mill annoyances — spam,...

The Slammer worm penetrated a private computer network at Ohio's Davis-Besse nuclear power plant in January and disabled a safety monitoring system for nearly five hours, despite a belief by plant personnel that the network was protected by a firewall, SecurityFocus has learned. The breach did not post a safety hazard. The troubled plant had been offline since February, 2002, when workers discovered a 6-by-5-inch hole in the plant's reactor head. Moreover, the monitoring system, called a Safety Parameter Display System, had a redundant analog backup that was unaffected by the worm. But at least one expert says the case...

Microsoft warns of fake security alertBy Mike Tarsala, CBS.MarketWatch.comLast Update: 6:50 PM ET Aug. 15, 2003SAN FRANCISCO (CBS.MW) -- Microsoft warned late Friday that a fake security alert contains malicious code that can attack PCs.The bogus instructions purport to tell the software maker's customers how best to handle the dreaded Blaster computer worm that hit this week The fake Microsoft e-mail, first spotted early Friday, looks "very official," said Sean Sundwall, Microsoft spokesman. The fake e-mail includes instructions to check Microsoft's (MSFT: news, chart, profile) security Web site for a software patch and updates. It also suggests steps that home...

<p>Referred to by her spy masters only as "Mrs. Galt," she is by day an unremarkable American housewife and mother. But after her two children go to bed, she plunges into a secret world of Internet chat rooms and Web sites populated by some of the most dangerous people on earth.</p>

To: BugTraq Subject: Cracking windows passwords in 5 seconds Date: Jul 22 2003 8:37PM Author: Philippe OechslinAs opposed to unix, windows password hashes can be calculated in advance because no salt or other random information si involved. This makes so called time-memory trade-off attacks possible. This vulnerability is not new but we think that we have the first tool to exploit this. At LASEC (lasecwww.epfl.ch) we have developed an advanced time-memory trade-off method. It is based on original work which was done in 1980 but has never been applied to windows passwords. It works by calculating all possible hashes in advance and storing some...

Microsoft Pulls Update for WindowsWed May 28, 2003 12:08 AM ETSEATTLE (Reuters) - Microsoft Corp. said on Tuesday it has withdrawn a security update for its Windows XP software after discovering that it switched off Internet connections for some of the 600,000 users who downloaded and installed it. The update, a small software addition that is used to fix and add features to existing software programs, was originally aimed at improving the security of Internet connections. But after releasing the update on May 21, Microsoft discovered it was incompatible with other security firewall software used to protect home computers from...

SEATTLE (Reuters) - Upgraded to Windows XP (news - web sites) yet? If not, you might miss your chance, because Microsoft Corp. (Nasdaq:MSFT - news)is already working on the newest version of its operating system, code-named Longhorn, due for release in 2005. Although Windows XP, the most current version of Windows, is just 20 months old, the world's largest software maker is betting that users will be ready to upgrade within the next couple of years as personal computers become more powerful, faster and affordable. Details about the new operating system remain scant, but Microsoft has already started soliciting feedback...

Security Flaw Shows Microsoft Passport Identities Can't Be Trusted15 May 2003John Pescatore | Avivah LitanA serious security flaw shows that Microsoft Passport identities could be easily compromised. Financial institutions and other enterprises should replace or augment Passport until at least November 2003. EventOn 8 May 2003, Microsoft acknowledged a major security flaw in its Passport Internet user-authentication service. An independent researcher in Pakistan first identified the flaw. It could theoretically have enabled unauthorized access to any of the more than 200 million Passport accounts used to authenticate e-mail, and e-commerce and other transactions. Microsoft indicates it has resolved the problem...

(CNSNews.com) - The sponsors of at least two different websites chronicling the anti-war statements and activities of Hollywood celebrities, say they're being inundated with death threats from "anti-war pacifist" supporters of the celebrities. The sponsor of one of the sites, who would only identify himself as Tim C., said he has received nearly 100 death threats since starting www.famousidiot.com less than two months ago. Tim's mother and wife want him to stop exposing Hollywood's liberal activists out of fear for his personal safety. "If they are anti-war pacifists, they're the most violent people I have ever met in my life....

A brace of Microsoft security vulns pose risks for both home users and corporates. The more serious problem, involving Microsoft's virtual machine (Microsoft VM), which enables Java programs to run on Microsoft Windows, provides a mechanism for attackers to run amok on Windows PCs. Microsoft has released a fix designed to address the problem, which affects users of Windows 98, NT 4, Windows 2000, XP and Windows Me. Attacks including "changing data, loading and running programs, and reformatting the hard disk", might be possible, according to the low-fat version of Microsoft's alert. Well if that doesn't get consumers patching, what...

Over the past 18 months, the U.S. government has bought access to data on hundreds of millions of residents of 10 Latin American countries -- apparently without their consent or knowledge -- allowing myriad federal agencies to track foreigners entering and living in the United States. A suburban Atlanta company, ChoicePoint Inc., collects the information abroad and sells it to U.S. government officials in three dozen agencies, including immigration investigators who've used it to arrest illegal immigrants. The practice broadens a trend that has an information-hungry U.S. government increasingly buying personal data on Americans and foreigners alike from commercial vendors...

Bug leaves Windows open to Java attack12:30 Thursday 10th April 2003Matthew Broersma  Microsoft said that its Virtual Machine fails to catch certain malicious code in Java applets, allowing an attacker to take control of a PC Microsoft has warned of three new flaws affecting its software, the most serious of which would allow an attacker to gain full control of a user's PC using a Java applet. The three warnings, all issued on Wednesday, involve the Microsoft Virtual Machine for running Java applets on Windows; a cross-site scripting bug in a component of Windows 2000 and Windows NT 4.0; and a...

SEATTLE (Reuters) - Three-fourths of computer software security experts at major companies surveyed by Forrester Research Inc. (Nasdaq:FORR - news) do not think Microsoft Corp.'s (Nasdaq:MSFT - news) products are secure, the technology research company said on Monday. Related Quotes FORRMSFTDJIANASDAQ^SPC 14.0924.318018.751344.56851.68 -0.02+0.10+26.62+3.39+3.50 delayed 20 mins - disclaimerQuote Data provided by Reuters   While 77 percent of respondents in the information technology (IT) field said security was a top concern when using Windows, 89 percent still use the software for sensitive applications, Cambridge, Massachusetts-based Forrester said in a report titled "Can Microsoft Be Secure?" The survey polled 35 software security...

A MUSLIM militant group is believed to have hacked into the Hereford Diocese web-site and left pictures of dead and wounded children. Four video stills, two showing fatally injured children, possibly taken from Middle East TV war coverage, appeared on the site on Monday afternoon. Anyone visiting the church web-site would have found themselves on the Muslim Allah Akbar page, which means `Allah is the greatest'. Diocese director of communications, Anni Holden, said she presumed a militant Muslim Arab organisation was behind the sabotage. "It was very dramatic. The page said Allah Akbar and there was also a line of...

Vulnerability hits NT 4, Windows 2000 and XP By James Middleton [28-03-2003] 'Important' RPC flaw cannot be patched on NT 4, warns Microsoft Microsoft has warned of a vulnerability affecting Windows 2000 and XP systems and that is especially bad news for NT 4. Labelled 'important', the vulnerability was discovered in the Remote Procedure Call (RPC) Endpoint Mapper protocol, which could allow denial of service (DoS) attacks to be carried out against systems. Although patches have been issued for Windows 2000 and XP, NT 4's architecture makes one impossible, according to Microsoft. "Due to the fundamental differences between Windows...

SAN JOSE, CALIF. - Robert Beck suspended his distrust of online auctions last month and went for a top-of-the-line speaker system. He cast a winning bid of $1,900, paid by credit card and waited for his first eBay purchase. The speakers never arrived. Last week, detectives confirmed to the 25-year-old engineer that the sellers, an Arizona couple, had cashed out their bank account and fled town. The couple allegedly stole more than $100,000 from more than 500 bidders. The case has cast suspicion on eBay Inc.’s anti-fraud software, which the San Jose-based company installed nearly a year ago to counter...

<p>LONDON, March 21 -- As bombs continue to fall in Iraq, protesters and patriotic hackers alike have stepped up their war of words on the Internet, defacing hundreds of U.S. and UK corporate and government Web sites, a security expert said on Friday.</p>

HAMBURG, Germany, March 20 (AFP) - Attacks by computer hackers against company Internet sites have been increasingly focusing on US firms, with many of the incidents clearly aimed at protesting the US-led war against Iraq, a specialist British consultancy said on Thursday. So far this month, two thirds of all attacks launched on the Internet have hit the sites of companies from the United States and Canada; double the number recorded for March last year, according to British specialists mi2g. By comparison, says the company specialising in information intelligence, Web sites in Europe have been the target of only 21...

WASHINGTON -- Microsoft Corp. on Wednesday warned about a serious flaw in almost every version of its popular Windows software that could allow hackers to seize control of a person's computer when victims read e-mails or visit Web sites. Microsoft assessed the problem's urgency as critical, its highest level, and urged customers to download a free repairing patch immediately from its Web site, www.microsoft.com/security.

Accounting Web: Leading tax preparation software companies Intuit (TurboTax) and H&R Block (TaxCut) may be producing software that puts customer tax data at risk, according to some data security experts. Both TurboTax and TaxCut leave taxpayer data files unencrypted and thus unprotected from hackers, and some people are concerned about the possibility of identity theft. Security Firm PivX Solutions has issued a warning about the hacker potential. Here's how the tax information is stored: TurboTax stores taxpayer information in files that end in a .tax extension. These files, while not readable by a standard word processing program, can be opened...

This below is the work of the Bildenberg/Fabian group...After corrupting the banking system, and therefore having a never ending supply of money with which to achieve any oyher corruption they want...They corrupted our democracies..This vote fixing goes on in most democracies of the world.......DO NOT TRUST THE COMPUTER COUNTING..IT IS UNACCOUNTABLE News Release Let it be known to all I am sending you this document entitled “Remedy for our stolen democracy” In hopes that you’ll realize that this is information that all Free Canadians need to know, to insure the protection of our democracy. This statement has previously been released...

<p>Oddly enough, Silicon Valley has been a laggard when it comes to applying the technology it's famous for to the election process. Now it's finally beginning to catch up, and it has suddenly become the locus of an overdue -- and profoundly important -- debate about the mechanics of democracy in the 21st century.</p>

The following is a private e-mail from a World Economic Forum attendee that was inadvertantly released for general public viewing: -- With apologies for the group email... I thought this was interesting enough to pass along. These are the notes from a friend of a friend who writes for Newsday. Adam Davis Director, EPRIsolutions Environment Division 1299 4th Street, Suite 307 San Rafael, CA 94901 Main Office:415-454-8800 Direct:415-257-4631 Cell: 415-305-4786 Hi Guys. OK, hard to believe, but true. Yours truely has been hobnobbing with the ruling class. I spent a week in Davos, Switzerland at the World Economic Forum. I...

<p>Using a combination of trade tricks and clever programming, hackers have thoroughly compromised security at America Online, potentially exposing the personal information of AOL's 35 million users.</p> <p>The most recent exploit, launched last week, gave a hacker full access to Merlin, AOL's latest customer database application. As a security measure, Merlin runs only on AOL's internal network, but savvy hackers have found a way to break in.</p>

I need to know if there is any way a URL could show up in the IE 5.5 history list without the browser having actually visited that page. I also need to know if a document URL could show up in the recent Document folder without the browser having browsed to that URL.

By Brian Livingston Windows XP, which has been marketed by Microsoft as "the most secure version ever," has been found to have a flaw so bone-headed that it renders passwords ineffective as a means of keeping people out of your PC. Reader Tony DeMartino alerted me to the problem, which all administrators of Windows XP machines should immediately take to heart: Anyone with a Windows 2000 CD can boot up a Windows XP box and start the Windows 2000 Recovery Console, a troubleshooting program. Windows XP then allows the visitor to operate as Administrator without a password, even if the...

Microsoft finds more glitches in XP and IE By Nick Farrell [06-02-2003] Fifth security advisory this year warns of IE and XP bugs Two more Microsoft security advisories have appeared concerning Windows XP and Internet Explorer (IE). The latest Windows XP bug brings the total number of Microsoft security advisories issued this year to five. The XP vulnerability has been caused by an unchecked buffer in the Windows Redirector function on the operating system, Microsoft said. The company explained that an attacker exploiting the vulnerability could crash the system or run their own code with system privileges. This could...

US Customs and the Federal Bureau of Investigations are looking into the possible transfer of thousands of Sony PlayStation 2s from US retail stores to Iraq, military intelligence sources have reported. An astounding 4,000 PlayStation 2s have apparently been shipped to Iraq in the last two to three months, according to a secret Defense Intelligence Agency report. With the under-whelming shipment of PS2s that have hit North American shores, this recent news makes strange sense. But is this the real reason that Sony can't meet US gamers' demand? Or is the news really real at all? According to the news...

A computer worm attack that shut down bank ATM terminals and disrupted Internet servers throughout the world may have been part of an al Qaeda terrorist threat to test the vulnerability of computer systems that serve U.S. financial interests, computer security experts say."Like the 9-11 attacks, the 'Slammer' worm was aimed at the heart of the U.S. financial community," says Leo Roth, a computer security analyst who advises the federal government. "For at least part of the weekend, a number of U.S. financial institutions were virtually shut down."Those affected include the giant Bank of America, whose nationwide ATM network went...

ThomasRegional.com ®  Industrial Market Trends U.S. Power Grid Vulnerable to Cyberattacks It’s a frightening scenario—a hacker getting into the U.S. electrical grid to cut off millions of people—and it’s far from inconceivable. In fact, it’s easy for a terrorist, a vindictive employee or even a bored teenager to tap into and disrupt the control systems that operate industrial facilities. And this vulnerability is widespread—from natural gas pipelines to nuclear plants and water systems. The country’s utilities and factories all run on similar industrial control systems, none of which were designed with security as a consideration. What’s more, their very...

Senate Blocks Funding for Pentagon Database WASHINGTON (Reuters) - Saying they feared government snooping against ordinary Americans, U.S. senators voted on Thursday to block funding for a Pentagon (news - web sites) computer project that would scour databases for terrorist threats. By a voice vote, the Senate voted to ban funding for the Total Information Awareness program, under former national security adviser John Poindexter, until the Pentagon explains the program and assesses its impact on civil liberties. The measure, introduced by Sen. Ron Wyden, an Oregon Democrat, also said the computer dragnet being developed could not be deployed without congressional...

Just thought I'd give this little PSA since I'm such a nice guy.Many of you are already familiar with Lavasoft's AdAware, but you may not be familiar with SpyBot Search & Destroy, which is actually more powerful and more up-to-date. Lavasoft hasn't updated their definition file since September because they're working on a new release, so it won't clean newer spyware creations like CommonName. I would keep AdAware however. It's still very useful. SpyBot also has a lot of other cool functionality built into it, like a clean on startup in case you are unable to remove the spyware's .exe...

Opinion A lot has happened since my Right to Defend column in SecurityFocus Onlinr last July, and the subsequent presentation I made at the Blackhat Security Briefings in Las Vegas. The idea has withstood a lot of criticism. To refresh, I believe you should have the right to neutralize a worm process running on someone else's infected system, if it's relentlessly attacking your network. I've even written code to demonstrate the process. Though the initial news coverage of the concept was grossly inaccurate in conveying my ideas, it has stirred up a constructive dialog. I knew my idea was...

CBSNEWS: Haunted By Ghosts Of Hard Drives PastSimson Garfinkel, a graduate student at the MIT's Laboratory for Computer Science, holds a used hard drive he bought containing personal information. (AP)Haunted By Ghosts Of Hard Drives Past CAMBRIDGE, Mass., Jan. 16, 2003 "People will think they have deleted the file, they can't find the file themselves and that the file is gone when, in fact, forensically you may be able to retrieve it." Tom Aleman Deloitte & Touche (AP) So, you think you cleaned all your personal files from that old computer you got rid of? Two MIT graduate students suggest...

Money machine error leads to endless flow of free cash. Then the police came.   Nick Britten The Daily Telegraph Thursday, January 16, 2003 A British financial institution lost more than $2.5-million after a computer error on its cash machines allowed customers to withdraw unlimited amounts of money. As word spread about the giveaway at the building society -- a sort of credit union -- lineups formed outside some of the machines and the blunder went undiscovered for five days, allowing people to return up to 20 times and take thousands of pounds in illegal withdrawals. When police caught up...

CAMBRIDGE, Mass. -- Computer hard drives are a lot tougher than you might think. Two grad students at the Massachusetts Institute of Technology say they've been able to retrieve a lot of data from dozens of second-hand computers. In a study, they bought dozens of used hard drives at computer shops and on eBay. They say 49 of the hard drives contained information ranging from credit-card numbers to love letters and pornography. They say merely deleting files from a hard drive -- or even taking a sledgehammer to it -- doesn't necessarily do the trick. Experts say the only sure...

HELEN JUNG, AP Business WriterTuesday, January 14, 2003 ©2003 Associated Press URL: http://www.sfgate.com/cgi-bin/article.cgi?f=/news/archive/2003/01/14/financial2108EST0385.DTL (01-14) 18:08 PST SEATTLE (AP) -- Microsoft Corp. said Tuesday it will make its prized source code for its Windows operating system available to several governments and governmental agencies, as it tries to stem defections to competitors' software. The software company has already signed agreements with the Russian government and NATO to allow them to review for free the underlying programming instructions that Microsoft has long guarded as secret intellectual property. The decision will let governments evaluate for themselves the security of the Windows platform, Microsoft said....

CBS) It could be one of the largest identity thefts ever. The Federal Trade Commission says sometime earlier this month computer hard drives containing more than 500,000 medical records were swiped at an Arizona company that does health care work for the Pentagon. The Defense Department is computerizing the medical records of all military personnel and their families, but just as the project gets past the experimental phase officials are grappling with the theft of thousands of records from a Pentagon health care contractor. Those records include Social Security numbers, medical claims histories, some credit card numbers, and other private...