Free Republic

I have created a public register of "bump lists" here on Free Republic. I define a bump list as a name listed in the "To" field used to index articles. Free Republic Bump List Register

SAN FRANCISCO (AP) - Google Inc. hails its new e-mail service as a breakthrough in online communication, but consumer watchdogs are attacking it as a creepy invasion of privacy that threatens to set a troubling precedent. Although Google's free "Gmail" service isn't even available yet, critics already are pressuring the popular search engine maker to drop its plans to electronically scan e-mail content so it can distribute relevant ads alongside incoming messages. Privacy activists worry that Gmail will comb through e-mail more intensively than the filters widely used to weed out potential viruses and spam. Gmail opponents also want Google...

SAN FRANCISCO (Reuters) - Prosecutors looking to throw the book at accused computer hackers have come across a legal defense expected to become even more widespread in an era of hijacked PCs and laptops that threatens to blur the lines of personal responsibility: the computer did it. In one case that was being watched as a bellwether by computer security experts, Aaron Caffrey, 19, was acquitted earlier this month in the United Kingdom on charges of hacking into the computer system of the Houston Pilots, an independent contractor for the Port of Houston, in September 2001. Caffrey had been charged...

Your patient records are out in the open... so you better track that person and make him pay my dues." A woman in Pakistan doing cut-rate clerical work for UCSF Medical Center threatened to post patients' confidential files on the Internet unless she was paid more money.To show she was serious, the woman sent UCSF an e-mail earlier this month with actual patients' records attached.

A severe DoS (Denial of Service Attack) has been launched by several sites/persons unnamed against a lone American site. This American site was considered important enough to attack regardless of the consequences.  The attacks brought down many other internet sites in the process.  The 'packet storm' has been incredible. Quoting Aaron: "This is not a matter of political opinion. When I say that a site is affiliated with such and such a group, I mean it, and I'm backed up by some of the world's leading experts in Islamic extremism (who are also fluent in Arabic)." Background press on Haganah...

Stolen Computer Search October 14, 2003 — The search goes on for a stolen laptop computer, a computer that contains sensitive information about security at all the commercial airports in the U.S. It happened during an airport security training seminar at the Embassy Suites near Philadelphia International. Police and the FBI have not located that computer nor have they made any arrests. I am told it contains sensitive information about security at the nation's 429 airports. A source tells Action News they do not believe this was the job of a professional who knew what was on the computer, but...

A computer hacker brought the systems of a major American port to a halt during a revenge attack on a fellow internet chatroom user, a court has heard. Aaron Caffrey, 19, allegedly hacked into the computer server at the Port of Houston in Texas in order to target a female chatroom user following an argument. It was claimed that the teenager intended to take the woman's computer offline by bombarding it with a huge amount of useless data, and he needed to use a number of other servers to be able to do so. Mr Caffrey, of Fairlane, Shaftesbury, Dorset,...

Fri September 26, 2003 08:00 PM ET By Elinor Mills Abreu SAN FRANCISCO (Reuters) - Security holes in Microsoft's Internet Explorer browser have been exploited by hackers to hijack AOL instant messaging accounts and force unsuspecting Web surfers to run up massive phone bills, computer experts cautioned on Friday. Some Internet Explorer users are also finding that malicious Web sites are secretly slipping trojan programs onto their computers, which could prove an even more dangerous exploit, said Drew Copley, a research engineer at Aliso Viejo, California-based eEye Digital Security, who discovered the original security vulnerability. Such stealth programs can include...

Computer Virus Cripples State Department's Visa-Checking System for About Nine Hours The Associated Press WASHINGTON Sept. 24 — A computer virus disrupted systems at the State Department for checking every visa applicant for terrorist or criminal history, leaving the U.S. government unable to issue visas for roughly nine hours. The virus crippled the department's Consular Lookout and Support System, known as CLASS, which contains more than 15 million records from the FBI, the State Department and U.S. immigration, drug-enforcement and intelligence agencies. Among the names are those of at least 78,000 suspected terrorists. In an internal message sent late Tuesday...

Hidden malware in offshore products raises concerns Story by Mark Willoughby SEPTEMBER 11, 2003 ( COMPUTERWORLD ) - "You've go to be a little paranoid to survive in this business." -- Andrew S. Grove, chairman and founder, Intel Corp., ca. 1980 The extreme difficulty in discovering a back door hidden deep within a complex application, buried among numerous modules developed offshore in a global software marketplace, is forcing those assigned to protect sensitive national security information to take defensive actions. The threat of hidden Trojan horses and back doors surfaced this summer when the governments of the U.S. and China...

The US Nuclear Regulatory Commission this week warned nuclear power plant operators to implement safeguards against the Slammer worm, which took systems at one such plant offline in January. The advisory details exactly how the Davis-Besse power plant in Ohio, operated by FirstEnergy Corp, had its "safety parameter display system" and "plant process computer" made unavailable for several hours by the worm. The news of the outage came to light after a report by SecurityFocus.com two weeks ago. It is particularly concerning as Slammer was preventable - it exploited a vulnerability in SQL Server that Microsoft Corp had issued a...

On the night of Wednesday, August 27, two men dressed as computer technicians and carrying tool bags entered the cargo processing and intelligence centre at Sydney International Airport. The men, described as being of Pakistani-Indian-Arabic appearance, took a lift to the third floor of the Charles Ulm building in Link Road, next to the customs handling depot and the Qantas Jet Base. They presented themselves to the security desk as technicians sent by Electronic Data Systems, the outsourced customs computer services provider which regularly sends people to work on computers after normal office hours. After supplying false names and signatures,...

September 1, 2003 Digital Vandalism Spurs a Call for OversightBy AMY HARMON he teenager accused of creating a version of the Blaster worm that infected computer systems across the world last week has been arrested. SoBig.F, an e-mail virus unleashed on the Internet just as Blaster was being stamped out, is expected to expire next week. But all is far from quiet on the electronic frontier. Security experts are already preparing for SoBig.G. Another worm may already be squirming through newly discovered flaws in computer operating systems. And in the moments between epidemics, the Internet's more run-of-the-mill annoyances — spam,...

The Slammer worm penetrated a private computer network at Ohio's Davis-Besse nuclear power plant in January and disabled a safety monitoring system for nearly five hours, despite a belief by plant personnel that the network was protected by a firewall, SecurityFocus has learned. The breach did not post a safety hazard. The troubled plant had been offline since February, 2002, when workers discovered a 6-by-5-inch hole in the plant's reactor head. Moreover, the monitoring system, called a Safety Parameter Display System, had a redundant analog backup that was unaffected by the worm. But at least one expert says the case...

Microsoft warns of fake security alertBy Mike Tarsala, CBS.MarketWatch.comLast Update: 6:50 PM ET Aug. 15, 2003SAN FRANCISCO (CBS.MW) -- Microsoft warned late Friday that a fake security alert contains malicious code that can attack PCs.The bogus instructions purport to tell the software maker's customers how best to handle the dreaded Blaster computer worm that hit this week The fake Microsoft e-mail, first spotted early Friday, looks "very official," said Sean Sundwall, Microsoft spokesman. The fake e-mail includes instructions to check Microsoft's (MSFT: news, chart, profile) security Web site for a software patch and updates. It also suggests steps that home...

<p>Referred to by her spy masters only as "Mrs. Galt," she is by day an unremarkable American housewife and mother. But after her two children go to bed, she plunges into a secret world of Internet chat rooms and Web sites populated by some of the most dangerous people on earth.</p>

To: BugTraq Subject: Cracking windows passwords in 5 seconds Date: Jul 22 2003 8:37PM Author: Philippe OechslinAs opposed to unix, windows password hashes can be calculated in advance because no salt or other random information si involved. This makes so called time-memory trade-off attacks possible. This vulnerability is not new but we think that we have the first tool to exploit this. At LASEC (lasecwww.epfl.ch) we have developed an advanced time-memory trade-off method. It is based on original work which was done in 1980 but has never been applied to windows passwords. It works by calculating all possible hashes in advance and storing some...

Microsoft Pulls Update for WindowsWed May 28, 2003 12:08 AM ETSEATTLE (Reuters) - Microsoft Corp. said on Tuesday it has withdrawn a security update for its Windows XP software after discovering that it switched off Internet connections for some of the 600,000 users who downloaded and installed it. The update, a small software addition that is used to fix and add features to existing software programs, was originally aimed at improving the security of Internet connections. But after releasing the update on May 21, Microsoft discovered it was incompatible with other security firewall software used to protect home computers from...

SEATTLE (Reuters) - Upgraded to Windows XP (news - web sites) yet? If not, you might miss your chance, because Microsoft Corp. (Nasdaq:MSFT - news)is already working on the newest version of its operating system, code-named Longhorn, due for release in 2005. Although Windows XP, the most current version of Windows, is just 20 months old, the world's largest software maker is betting that users will be ready to upgrade within the next couple of years as personal computers become more powerful, faster and affordable. Details about the new operating system remain scant, but Microsoft has already started soliciting feedback...

Security Flaw Shows Microsoft Passport Identities Can't Be Trusted15 May 2003John Pescatore | Avivah LitanA serious security flaw shows that Microsoft Passport identities could be easily compromised. Financial institutions and other enterprises should replace or augment Passport until at least November 2003. EventOn 8 May 2003, Microsoft acknowledged a major security flaw in its Passport Internet user-authentication service. An independent researcher in Pakistan first identified the flaw. It could theoretically have enabled unauthorized access to any of the more than 200 million Passport accounts used to authenticate e-mail, and e-commerce and other transactions. Microsoft indicates it has resolved the problem...