Viral Peer-to-Peer Programs; Congress Passes Anti-Spam Bill; Experts Worried After Worm Hits Windows-Based ATMs; Immigrant Database Draws Fire

Viral Peer-to-Peer ProgramsAccording to a story in yesterdays New York Times, a researcher has determined that a new kind of Trojan horse could be virtually unstoppable. Joe Stewart, a computer expert at the LURHQ Corporation, a security company based in Chicago, found that the new method uses commandeered machines to form a peer-to-peer network like the popular Kazaa program used to trade music files. Each machine on the network can share resources and provide information to the others without being controlled by a central server machine. The Times Bruce Schneier, the founder and chief technical officer of Counterpane Internet Security Inc.: "A self-replicating peer-to-peer network is kind of scary," he said, not just because a less easily detectable network is bad news, but because it offers proof that hackers, once primarily interested in breaking into systems for thrills, now have a profit motive. Congress Passes Anti-Spam BillThe Register, the bill criminalizes common spamming tactics, such as using false return address. But it overrides stricter Californian laws which had allowed spam recipients to sue their tormentors. In its coverage of the bills passage, todays New York Times notes, antispam laws made little legislative progress until this year, when pressure from companies like Time Warner and Microsoft and an emerging body of state laws prompted marketing groups to drop their opposition to any regulation of e-mail and join negotiations for a national law. The bill would create a single set of rules for all commercial e-mail, both junk and solicited, that forces the senders to include a valid postal address and an opt-out mechanism in the body of the e-mail. Companies are prohibited from using deceptive subject lines and false return addresses, and the most serious violators could receive fines of as much as $6 million and prison terms of up to five years, reports the Times. The laws opt-out aspect is much less strict than the opt-in approach adopted by European Union legislation, which means e-marketers must seek the permission of consumers before they send out commercial e-mails, the Register says.

Congress yesterday passed a much-criticized anti-spam bill, after the House voted to approve minor Senate amendments. According to

Experts Worried After Worm Hits Windows-Based ATMsReuters report today, automatic teller machines at two banks running Microsoft's popular Windows software were infected by a computer virus in August, the maker of the machines said yesterday. An unknown number of ATMs running Windows XP Embedded were shut down during the spread of the so-called "Nachi" worm, said officials at Diebold Inc., which made the ATMs and refused to name the customers affected. Gartner analyst John Pescatore says, "It's a horrendous security mistake," to have specific-purpose machines like ATMs running Windows, written for general purpose computers and for which Microsoft Corp. releases security fixes on a regular basis

According to a

Immigrant Database Draws On Thursday, Sen. Joe Lieberman (D-Conn.) accused the Department of Homeland Security of breaching federal law by failing to issue a required report on the program's privacy impact. Rep. Tom Davis (R-Va.) also wrote to Ridge in late November, questioning whether the system will negatively affect tourism and international trade. Immigration advocacy groups and biometrics experts have also expressed concerns about the plan, reports.

On Jan. 15, the massive project US Visit will be deployed in 115 airports, replacing a patchwork of disparate immigration databases and paper-based files and requiring that almost all visitors be digitally fingerprinted and photographed. Some in Congress are already questioning the plans effectiveness and privacy protections, according to a story in

Copyright © 2003 IDG Communications, Inc.

Subscribe today! Get the best in cybersecurity, delivered to your inbox.