NEWS - January 6, 2005

A group of German privacy hackers have come up with a portable device that can wipe a passive RFID-Tag permanently.

While it is known that RFID tags could be wiped, it usually took some fairly cumbersome microwave gear to get the job done, and the result could damage whatever the tag was installed on.

http://www.theinquirer.net/?article=28737

By Tom Espiner, ZDNet (UK)
Published on ZDNet News: January 6, 2006, 11:11 AM PT

Critics have taken aim at a study published by the U.S. Computer Emergency Readiness Team that said more vulnerabilities were found in Linux/Unix than in Windows last year.

The report, Cyber Security Bulletin 2005, was released last week. It claimed that out of 5,198 reported flaws, 812 were found in Microsoft's Windows operating system, 2,328 were found in open-source Unix/Linux systems. The rest were declared to be multiple operating-system vulnerabilities.

The report has attracted criticism from some in the open-source community. Linux vendor Red Hat said the vulnerabilities had been wrongly tagged, and so could not be used to compare the relative security of Windows and Linux/Unix platforms.

"The study is confusing and misleading. When you look at the list, the vulnerabilities are miscategorized," Mark Cox, a consulting software engineer at Red Hat, said. "For example, Firefox is categorized as a Unix/Linux operating-system flaw, but it runs just as well on a Windows platform. Apache and PHP also run just as well on both platforms. There are methodological flaws in the statistics."

more here
http://news.zdnet.com/2100-1009_22-6021867.html?tag=zdnn.alert

By Tom Espiner, ZDNet (UK)
Published on ZDNet News: January 6, 2006, 12:11 PM PT

The Sober attack predicted for Friday has not yet happened, possibly because of publicity earlier this week about a potential onslaught.

Computers that were compromised by a variant of the Sober worm in November had the potential to download malicious code from certain Web sites and then launch a new wave of viruses on Jan. 6.

F-Secure confirmed on Friday that it has not seen any evidence of an attack.

"It's great! This is good news," Mikko Hypponen, chief research officer at the Finnish security company, said Friday. "We've been monitoring the locations of the files that infected machines are now trying to download. So far none of them have activated."

MessageLabs also confirmed that it had seen no successful attack.

more here
http://news.zdnet.com/2100-1009_22-6021988.html?tag=zdnn.alert

By Declan McCullagh, CNET News.com
Published on ZDNet News: January 6, 2006, 12:31 PM PT

Police blotter" is a weekly report on the intersection of technology and the law.

What: A Philadelphia man with a cable modem is sued by Paramount Pictures for alleged copyright infringement of a movie through the eDonkey file-sharing network.

When: U.S. District Judge Thomas O'Neill in the Eastern District of Pennsylvania ruled on Dec. 2.

Outcome: O'Neill denied each side's requests for summary judgment, clearing the way for an eventual civil trial.

Summary: Paramount detected a copy of its Jim Carrey movie "Lemony Snicket's A Series of Unfortunate Events" on the eDonkey network on Dec. 23, 2004. That was a week after it was released in theaters.

more here
http://news.zdnet.com/2100-9588_22-6022034.html?tag=zdnn.alert