[ECP] Educational CyberPlayGround: NetHappenings – Headlines and Resources

Virus Infection, industrial control systems vulnerabilities, Anonymous, Megaupload shutdown, PIPA/SOPA, Copyright pirate, Pirate Bay, Mr. Dodd personally lobbying Congress, Stop Online Piracy Act in the House, and the Protect I.P. Act in the Senate, data breaches still due to SQL injection, US bank source code swipe, RUPERT Murdoch caught lying and fined, paperless ticketing, The American Antitrust Institute.

NETHAPPENINGS

Happy Reading

Decade-Long Virus Infection Discovered
http://www.bankinfosecurity.com/articles.php?art_id=4418
Recently discovered viruses, consisting of Trojans and other malware, at
City College of San Francisco have stolen personal banking information
and other data from perhaps tens of thousands of students, faculty and
administrators, says John Rizzo, president of the board of trustees.
The college first noticed the infection in late November, when the IT
department saw gaps in the data logs of a server located in the Phelan
Avenue campus computer lab. Further investigation revealed that the
viruses had existed in the college’s systems since 1999, Rizzo confirms.
During the investigation, the college’s IT department saw transmissions
being sent to Russia and China, as well as other countries, Rizzo says.
The college has 100,000 students and 3,000 employees. So far, there’s
been one confirmed instance of personal banking information recorded by
a virus, he says. “We’re looking at the … central database to see if
anything was taken from there,” he adds.  […]
Hoping to Teach a Lesson, Researchers Release Exploits for Critical Infrastructure Software
http://www.wired.com/threatlevel/2012/01/scada-exploits/
A group of researchers has discovered serious security
holes in six top industrial control systems used in critical
infrastructure and manufacturing facilities and, thanks to exploit
modules they released on Thursday, have also made it easy for hackers to
attack the systems before they’re patched or taken offline.
The vulnerabilities were found in widely used programmable logic
controllers (PLCs) made by General Electric, Rockwell Automation,
Schneider Modicon, Koyo Electronics and Schweitzer Engineering
Laboratories.
Crack TSA staff, ever-vigilant, allow woman with loaded handgun to board plane
http://www.wltz.com/story/16555301/woman-boards-plane-with-gun
Anonymous retaliates for Megaupload shutdown, attacks DOJ, others
http://www.computerworld.com/s/article/9223566/Anonymous_retaliates_for_Megaupload_shutdown_attacks_DOJ_others
“The government takes down Megaupload? 15 minutes later Anonymous takes
down government and record label sites,” the Anonymous Twitter feed
read. The DOJ worked with authorities in New Zealand, who
arrested four of the seven people.
That note was followed shortly by this one: “Megaupload was taken down
w/out SOPA being law. Now imagine what will happen if it passes. The
Internet as we know it will end. FIGHT BACK.” The tweet referred to the
Stop Online Piracy Act, an Internet piracy bill being considered in the
U.S. Congress.
MegaUpload shut down by FBI — FBI Charges Seven With Online Piracy
http://online.wsj.com/article/SB10001424052970204616504577171060611948408.html#printMode
MegaUpload.com is already engaged in a legal fight with Vivendi SA’s Universal Music Group over a promotional video featuring some UMG artists, including Kayne West, Mary J. Blige, Kim Kardashian and others.
The site’s chief executive has been reported to be music producer Swizz Beatz, whose real name is Kaseem Dean and who is the spouse of Alicia Keys. Mr. Dean wasn’t named in the indictment. Rich Spears, an agent for Swizz Beatz, said he wasn’t sure whether the musician is a MegaUpload executive and declined to comment further.
Anonymous downs government, music industry sites in largest attack ever
http://rt.com/usa/news/anonymous-doj-universal-sopa-235/
Less than an hour after the DoJ and Universal sites came down, the website for the RIAA, or Recording Industry Association of America, went offline as well. Shortly before 6 p.m EST, the government’s Copyright.gov site went down as well. Thirty minutes later came the site for BMI, or Broadcast Music, Inc, the licensing organization that represents some of the biggest names in music.
Also on Thursday, MPAA.org returned an error as Anonymous hacktivists managed to bring down the website for the Motion Picture Association of America. The group, headed by former senator Chris Dodd, is an adamant supporter of both PIPA and SOPA legislation.
Universal Music Group, or UMG, is the largest record company in the United States and under its umbrella are the labels Interscope-Geffen-A&M, the Island Def Jam Motown Music Group and Mercury Records.
Brown adds that “more is coming” and Anonymous-aligned hacktivists are pursuing a joint effort with others to “damage campaign raising abilities of remaining Democrats who support SOPA.”
The Pirate Bay: PIPA/SOPA Won’t Stop Us!
http://torrentfreak.com/the-pirate-bay-pipasopa-wont-stop-us120117/
Indeed, recent history has shown that no matter what technical measures are put in use to block The Pirate Bay, the site and its users find ways around it. Whether it’s a backup domain, alternative DNS-servers or proxy sites, PIPA and SOPA can be easily circumvented. In addition, the site’s advertising partners don’t fall within reach of the US Government.
SOPA Getting a Face-Lift: How Evil Will It Be?
http://www.wired.com/threatlevel/2012/01/sopa-watering-down/
The key provision Smith is removing is one that had mandated DNS redirecting of websites deemed dedicated to infringing activity.
McConnell Calls for Senate Dems to Shelve PIPA, Study and Resolve ‘Serious Issues’ With the Bill
http://mcconnell.senate.gov/public/index.cfm?p=PressReleases&ContentRecord_id=395c3114-a1a5-4550-9080-ed412caf547d&ContentType_id=c19bc7a5-2bb9-4a73-b2ab-3c1b5191a72b&Group_id=0fd6ddca-6a05-4b26-8710-a0b7b59a8f1f
What A Difference A Day Makes!
http://t.co/IJcoILBp
In case you’re on a mobile phone or don’t have the patience to click through to the Internet, this is a chart showing the switch in position by Congressmen after yesterday’s web blackout. On January 18th SOPA/PIPA had 80 supporters and 31 opponents. On January 19 SOPA had 65 supporters and 101 opponents.
Neil Gaiman On Copyright
http://t.co/3Dffdxyf
Nobody’s got any time anymore so I don’t expect you to watch this four plus minute clip wherein author Gaiman talks about his head being turned around by seeing the benefits of the pirating of his books.
But Neil does say one thing incredibly fascinating. At his live appearances he asks, by a show of hands, how many people discovered their favorite author by being lent a book as opposed to going into a store and buying it. He finds 90-95% find out about something via lending from a friend. This has huge implications for music.
Duff McKagan on SOPA
http://bit.ly/wCcp1P
What I hate about America is everybody feels entitled to what they’ve got, their job is sacrosanct, they cannot move down the food chain. There’s little compassion for the little guy, everybody’s driven by self-interest.
So, let’s see.
We’ve got to eliminate Orbitz, et al, to put the travel agents back in business.
We’ve got to eliminate printers so print shops can flourish.
Hell, while we’re at it, let’s just eliminate computers so typewriters can come back!
Adjust or die.
Pirate Bay put out a press release on SOPA/PIPA, pointing out that Hollywood was founded on piracy and, ironicly, are now the ones claiming that pirates are what’s killing them.
https://static.thepiratebay.org/legal/sopa.txt
Dodd Calls for Hollywood and Silicon Valley to Meet

By Mr. Dodd’s account, no Washington player can safely assume that a well-wired, heavily financed legislative program is safe from a sudden burst of Web-driven populism.
“This is altogether a new effect,” Mr. Dodd said, comparing the online movement to the Arab Spring. He could not remember seeing “an effort that was moving with this degree of support change this dramatically” in the last four decades, he added.
That shift was exposed this week partly because Mr. Dodd found himself in a political knife fight while being forced to sheathe his most powerful weapon: 36 years of personal relationships with a Congress in which he had served as a representative and then senator since 1975, before joining the motion picture association last March.
Under legislation passed in 2007, Mr. Dodd is barred from personally lobbying Congress for two years after leaving office. Hired as the consummate Washington insider to carry the film industry’s banner on crucial issues like piracy, Mr. Dodd ended up being more coach than player. He helped devise a strategy that called for his coalition to line up a strong array of legislative sponsors and supporters behind two similar laws — the Stop Online Piracy Act in the House, and the Protect I.P. Act in the Senate — and then to move them through the Congress quickly before possible opposition from tech companies could coalesce.
The Congressional Record is now an iPad app! (Free of course.)
http://www.loc.gov/today/pr/2012/12-017.html
Research Works Act Could Challenge Public Access to Federally Funded Research
http://newsbreaks.infotoday.com/NewsBreaks/Research-Works-Act-Could-Challenge-Public-Access-to-Federally-Funded-Research-79994.asp
Barclays: 97 percent of data breaches still due to SQL injection
http://news.techworld.com/security/3331283/barclays-97-percent-of-data-breaches-still-due-sql-injection/
Speaking at the Infosecurity Europe Press Conference in London this
week, Jones said that hackers are taking advantage of businesses with
inadequate and often outdated information security practices. Citing the
most recent figures from the National Fraud Authority, she said that
identity fraud costs the UK more than £2.7 billion every year, and
affects more than 1.8 million people.
Decade-Long Virus Infection Discovered
http://www.bankinfosecurity.com/articles.php?art_id=4418
Recently discovered viruses, consisting of Trojans and other malware, at
City College of San Francisco have stolen personal banking information
and other data from perhaps tens of thousands of students, faculty and
administrators, says John Rizzo, president of the board of trustees.
The college first noticed the infection in late November, when the IT
department saw gaps in the data logs of a server located in the Phelan
Avenue campus computer lab. Further investigation revealed that the
viruses had existed in the college’s systems since 1999, Rizzo confirms.
During the investigation, the college’s IT department saw transmissions
being sent to Russia and China, as well as other countries, Rizzo says.
The college has 100,000 students and 3,000 employees. So far, there’s
been one confirmed instance of personal banking information recorded by
a virus, he says. “We’re looking at the … central database to see if
anything was taken from there,” he adds. […]
Feds cuff coder accused of US bank source code swipe
http://www.theregister.co.uk/2012/01/19/feds_arrest_programmer_for_software_theft/
Bo Zhang, a 32-year-old from Queens in New York, was cuffed on suspicion
of swiping the Government-wide Accounting and Reporting (GWA) software,
used to help keep track of the US government’s finances.
“Among other things, the GWA handles ledger accounting for each
appropriation, fund, and receipt within the Department of the Treasury,
and provides federal agencies with an account statement – similar to
bank statements provided to bank customers – of the agencies’ account
balances with the United States Treasury,” the US attorney’s office for
the Southern District of New York said in an official statement.
Zhang was hired as a contractor to work on the code where it’s held in
an access-controlled electronic repository in New York. During last
summer he allegedly stole the GWA code, which has so far cost the US
$9.5m to develop. […]
The National Security Agency has publicly released SE Android, a secure version of Google’s mobile operating system.
http://www.eweek.com/c/a/Security/NSA-Releases-SE-Android-With-Better-Sandboxing-Access-Control-Policies-324639/
RUPERT Murdoch’s British newspaper company yesterday agreed to pay damages to 37 high-profile victims of tabloid phone-hacking, including actor Jude Law, soccer player Ashley Cole and former British Deputy Prime Minister John Prescott.
http://www.msnbc.msn.com/id/46053202/ns/world_news-europe/
http://www.guardian.co.uk/media/2012/jan/19/news-group-phone-hacking-scandal
http://www.guardian.co.uk/media/2012/jan/19/jude-law-news-of-the-world
Apple: We want to reinvent the textbook (yet again!)
http://m.zdnet.com/blog/btl/apple-we-want-to-reinvent-the-textbook/67436?tag=nl.e539
A new “textbooks” category in iBooks is the seed for Apple’s new venture. a new, free iBooks Author app allows you to create interactive e-books. Will high school students now have to pay for their textbooks? Apple’s iTunes U service  offering of university lectures-as-podcasts allows for professor-to-student messaging. Will K-12 school districts use it?
OpEd: Who Owns My Ticket?

The practice is so-called paperless ticketing: tickets are purchased by credit card, and to gain entry to an event, the buyer must present the same credit card and a photo ID. You cannot readily give your paperless concert ticket to a friend or sell it to a colleague or buy one for your grandchild to use. In no other format — traditional paper ticket, printable e-ticket or digital ticket delivered on a smartphone — are live-event tickets subject to such transfer restraints, and no product other than airline tickets (for which there is a security rationale) involves such restrictions.
But in reality, the restrictions represent an effort to control the secondary-ticketing market and stifle competition from independent resellers and resale marketplaces like StubHub, where tickets are often sold for less than face value. (The American Antitrust Institute, of which I am president, received a modest contribution, in the form of sponsorship of a conference last year, from an advocacy group financed in part by StubHub.) Paperless tickets bought through Ticketmaster may be resold, for example, only through its own resale Web site, which often prohibits sales below face value, sets maximum sale prices and charges a fee for transfers.
 

One thought on “[ECP] Educational CyberPlayGround: NetHappenings – Headlines and Resources”

Leave a Reply

Your email address will not be published. Required fields are marked *