|
News for
012500
contributed by no0ne
A group of teenagers have discovered a way to take over any AOL Instant
Messenger account as long as they know the person's screen name. A staff
tool that was picked up from AOL's proprietary online service lets them
exploit a hole in AOL 5.0's registration process, allowing them to reset
users' passwords. During the AOL 5.0 registration process, AOL asks for
a person's screen name. The teenagers enter the screen name they want to
have, when prompted for a password they make one up to get the "invalid
password" message. AOL 5.0 then buffers the screen name within the
registration process. The perpetrators then jump to another part of the
registration process where AOL thinks the intruder is the rightful owner
of the AIM screen name and permits the password to be reset. AOL says it
is working to correct the problem.
C|Net
ZD
Net
MSNBC
Wired
|
contributed by Evil Wench
By changing the order number in the URL users at Outpost.com are able to
view the personal information, including the type of credit card used,
of other users. An Outpost spokesperson said that the problem would be
fixed immediately. (This type of problem is extremely old, it is
surprising that such a large company such as Outpost has this problem.
This just further illuminates the need for effective e-commerce
security.)
Wired
|
contributed by Zorro
The National Authority for Investigation and Prosecution of Economic and
Environmental Crime in Norway has raided the home of Jon Johansen of
Steinsholt Norway. Jon is the author of the controversial software
DeCSS. Authorities confiscated his computer and cellphone, they also
questioned him for up to seven hours. Both Jon and his father have been
charged with breaking the copyright act and the penal law which could
result in up to 3 years in prison.
Slashdot
VG -
Norwegian
TV
2 - Norwegian
|
contributed by Jay
When Solaris 8 is unveiled Wednesday in New York it is expected that Sun
will also announce that the software will be free as well opening access
to the software's source code. Solaris 8 is expected to ship in
February.
ZD
Net
|
contributed by
Brian Oblivion
For years DoD officials have claimed that the global eavesdropping
network known as Echelon was nothing more than a myth fabricated by
journalists. Now recently declassified papers by the NSA actually
confirm the existence of the operation.
The
NSA Declassified
|
contributed by Evil Wench
On Monday Japan's Science and Technology Agency and Japan's Management
and Coordination Agency had their web sites defaced. This is con
in the first-ever defacement of a Japanese government computer
system. Japanese officials have said that they will be seeking
assistance from US officials in tracking down the perpetrators.
Reuters
- via Yahoo
|
contributed by Evil Wench
Originally developed as a means to gather real time Radio ratings
information, technology created by Alabama based MobilTrak is now being
used by marketers. The road side devices hone in on emissions from car
radios to determine exactly what station they are turned to. Now concert
promoters are using the technology to determine what station concert
attendees listen to as they park cars their cars when attending
concerts.
Wired
|
contributed by dave
HNC has released a new Crypto Tool which supports a wide variety of
cryptography methods. It has the ability to encrypt/decrypt whole
files or passages of text. with the use of custom keys and pass
phrases.
HNC Networks -
Warning: the site is awfully slow
|
|
|