NEWS - December 15, 2005

By Steven Deare, CNET News.com
Published on ZDNet News: December 14, 2005, 9:50 PM PT

The masterminds behind the Kazaa file-sharing software could face time behind bars after the record industry initiated contempt of court proceedings, claiming an earlier ruling wasn't adhered to.

Record companies allege that Sharman Networks, the owner of Kazaa, didn't comply with an Australian Federal Court order to modify the software to ensure 3,000 keywords would be filtered by Dec. 5.

However, Sharman disagreed since it managed to block Australian users from downloading Kazaa by identifying their Internet Protocol address.

"Contempt proceedings are fairly rare in this court and I've never yet sent anyone to jail," Justice Murray Wilcox said Thursday in the Federal Court in Sydney. "I've threatened to a few times, but there's always a first I suppose."

more here
http://news.zdnet.com/2100-9588_22-5995971.html?tag=zdnn.alert

Adobe "has decided to follow Microsoft's lead and begin releasing security patches on a predictable monthly basis". The regular updates will begin "within in the next six months and are expected to cover most, if not all, of Adobe's products". Although "most software companies have not moved to this kind of regular patching cycle" some analysts predict that "it is likely to become an industry standard".

http://www.techworld.com/security/news/index.cfm?NewsID=5010

Panda Software has released its list of 2005's most 'curious' malwares. The list includes such viruses as Assiral-A, a copycat of 2000's LoveLetter virus. Crowt-A delivered CNN headlines, Elitper-D disrupted 90 applications, including Word and Excel and Zar-A and Downloader-ENC exploited charitable impulses after the Indian Ocean tsunami and Hurricane Katrina. Rona-A kept highly organized logs of its malicious activity, including a timestamp of its installation. The list also includes social engineering attacks and viruses that targeted gaming platforms.

http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1152377,00.html

Julie Thorpe, a researcher at Carleton University in Ottawa, suggests it may be possible to develop technology to recognize 'passthoughts', passwords that users will need to only think to access a computer system. Brainwave patterns vary from person to person, allowing their use as a biometric identifier. Users could also use images or childhood memories as passthoughts. However, such a system requires better MMI (mind-machine interface) and proof that users would be able to generate the same thought on demand. Thorpe's research is primarily focused on developing computer interfaces for the paralyzed.

http://www.smh.com.au/news/breaking/from-passwords-to-passthoughts/2005/12/14/1134500895603.html

The Department of Defense (DOD) plans to "verify the identities of at least 25 million of its Internet-enabled devices, similar to how it authenticates human users". DOD's Public Key Infrastructure (PKI) Program Management Office hopes to "develop, deploy and operate a PKI system for devices on DOD networks", including laptops, desktop computers, cell phones, modems, routers, servers, firewalls and portable media players. Potential Vendors are invited to respond to the request, and must "identify existing DOD resources for tracking PKI certificates and use existing permissions to pass through DOD firewalls", among other requirements.

http://www.fcw.com/article91725-12-14-05-Web

Experts at SophosLabs have warned users about a new variant of the Bagle Trojan horse which has been spammed out to internet users. Sophos is advising users to ensure their anti-virus protection is up-to-date to protect against attacks.

Sophos has received reports of the Troj/BagleDl-AN Trojan horse being spammed out in emails as a ZIP file attachment containing a malicious file called S3700020.EXE. Some emails have been seen containing the message body "New Year's Day", but the hacker could send the malware out using different email characteristics.

Users opening their email may be at risk from infection if not properly protected. Once it has infected a computer, the Trojan horse attempts to download further malicious code from the internet.

More details in http://www.sophos.com/pressoffice/news/articles/2005/12/bagledlan.html

The gospel according to LUA (least-privileged user account) took center stage at Microsoft Corp.'s Security Summit East here with a pair of Redmond consultants pitching the idea of a well-funded security deployment repository to help developers create applications for non-admin users.

The LUA principle, which promotes the use of accounts with fewer access rights than Administrator accounts, has been largely ignored by end users, but if Aaron Margosis and Shelly Bird have their way, code writers will have a central place to get tools and training to create least-privilege applications.

Despite the fact that LUA is accepted within software security circles as a key to reducing damage from malicious hacker attacks, Margosis said a large percentage of customers still run Windows with full admin rights, making them sitting ducks for malware attacks that rely on "maximum privileges."

http://www.eweek.com/article2/0,1895,1901903,00.asp

eEye Digital Security may adopt and improve the open-source Clam AntiVirus technology to add to its intrusion-prevention product.

eEye's Blink intrusion-prevention product includes system- and application-level firewalls and protects computers against phishing, spyware and exploitation of known vulnerabilities. "Antivirus is the only missing piece," Ross Brown, eEye's chief operating officer, said in an interview with CNET News.com.

http://news.com.com/Open-source+antivirus+tech+may+get+commercial+help/2100-1029_3-5992194.html

Consumers

Microsoft Corp. today announced that it has filed 10 lawsuits against companies for allegedly pirating software and against people for allegedly selling not-for-resale software to unsuspecting purchasers. The actions, taken amid a technology landscape pocked by the fraudulent activities of those seeking to undermine fair business practices, are designed to help protect Microsoft's partners and consumers from those engaging in the illegal sale of Microsoft software - from counterfeit products to not-for-resale software deceitfully obtained and sold at retail.

Seven lawsuits filed against nine individuals from California, Maryland, New York, Texas and Virginia allege breach of a software agreement by which the individuals obtained a number of Microsoft Action Pack Subscriptions (MAPS). The MAPS Initiative is a program that provides eligible partners with discounted Microsoft software packages for product evaluation and internal use. The MAPS-related lawsuits, the first Microsoft has filed, allege egregious abuse of this program by people who have repeatedly and knowingly broken the terms of the agreement. Some of those named in the suits have allegedly attempted to sell software from their subscriptions to consumers through online auction sites.

http://www.microsoft.com/presspass/press/2005/dec05/12-15MAPSDecPR.mspx

By Joris Evers
Staff Writer, CNET News.com
Published: December 15, 2005, 4:28 PM PST

The Perl Foundation has toned down a warning on a type of vulnerability commonly found in applications written in the Perl programming language.

Two weeks after experts sounded an alarm on so-called "format string flaws" in Perl applications, changes have been made to Perl. These updates ensure that such flaws can't be used as a conduit to run malicious code on target systems, Andy Lester, a spokesman for the Perl Foundation and co-author of the book "Pro Perl Debugging," said on Thursday.

Perl is a popular open-source programming language that's widely used for Web applications, often on servers that run the Linux operating system. Format strings are a way programmers specify how output should be formatted in an application. A flaw occurs when a programmer uses the strings incorrectly.

It was always thought that format string vulnerabilities in Perl applications could lead only to denial-of-service attacks. However, late last month experts cautioned that an attacker could exploit a format string flaw to commandeer a system running a vulnerable Perl application.

more here
http://news.com.com/Warning+toned+down+on+Perl+app+flaws/2100-7349_3-5997378.html?tag=html.alert