Nethappenings Headlines

**************************************************************
NetHappenings Mailing List ©1993
Subscribe - Unsubscribe - Email Preferences
http://www.edu-cyberpg.com/Community/NetHappenings.html

Educational CyberPlayGround Community Mailing Lists
http://www.edu-cyberpg.com/Community/
Advertise NetHappenings Guidlines
http://www.edu-cyberpg.com/Community/Subguidelines.html
**************************************************************


Here are my selected Nethappenings Headlines for you

enjoy,

<karen>


**************************************************************
Educational CyberPlayGround
http://www.edu-cyberpg.com
The main purpose of the Educational CyberPlayGround is to help all teachers,
parents, librarians, home schoolers and regular folks, even those with
little or no on-line experience, to use the Internet effectively and aid
teaching.  Find  high-quality material for grades K?12 in the subject areas
for Teachers, Administrators, Online Curriculum, Art, Music, Literacy,
Interent, Security, Technology, Linguistics, National Children's Folksong
Repository Project, Mailing Lists and the Hotlist of Schools Online.
**************************************************************

1) What are the 3 top problems?
Health, Money & Education
http://www.edu-cyberpg.com/News/problems.htm

2)
Itunes is Watching, Spys on you
http://since1968.com/article/153/itunes-is-watching
iTunes update spies on your listening and sends it to Apple?
http://www.boingboing.net/2006/01/11/itunes_update_spies_.html

3)
CRS Report finds govt whistleblowers lack adequate protections
http://www.pogo.org/m/gp/gp-crs-nsw-12302005.pdf
http://www.govexec.com/dailyfed/0106/011006c1.htm
Report finds government whistleblowers lack adequate protections
By Chris Strohm
The agencies and laws created to protect government workers who
report wrongdoing from retaliation have been ineffective, a new
report concludes.
The Congressional Research Service report describes a power
struggle between the executive branch and Congress that has lasted
for several decades.
"Enacting statutory rights for whistleblowers and establishing new
executive agencies to protect those rights has not produced the
protections that some expected," CRS stated. "As explained in this
report, the Office of Special Counsel, the Merit Systems Protection
Board, and the [U.S. Court of Appeals for the] Federal Circuit --
the agencies created by Congress to safeguard the rights of
whistleblowers -- have not in many cases provided the anticipated
protections to federal employees." [...]

4)
Bank loses tape with personal information on 90,000 customers
http://tinyurl.com/8oz7q
By John Christoffersen, AP Business Writer  |  January 11, 2006
STAMFORD, Conn. --A tape containing the Social Security numbers and
other confidential data of 90,000 People's Bank customers was lost
recently while en route to a credit reporting bureau, state and bank
officials said Wednesday.
Millions of people around the country have been affected by a recent
string of data losses and thefts involving major financial
institutions and businesses including Citigroup Inc., Time Warner
Inc. and Ameritrade Holding Corp.
People's has no reason to believe the data has been used
inappropriately and has received no reports of unauthorized activity,
officials said. Customers do not need to close accounts because the
information is not sufficient to allow unauthorized access, the bank
said.

5)
BlackBerry squeezed by DoS security bugs
http://www.theregister.co.uk/2006/01/04/blackberry_security_bugs/
By John Leyden 4th January 2006
Research In Motion (RIM) has warned of a trio of vulnerabilities in
its popular BlackBerry software that create a means for hackers to
launch denial of service attacks. Patches are available to defend
against only one of the vulnerabilities, but RIM has issued advice on
how to guard against attack from the other two.
The most serious unfixed risk stems from a flaw in processing Server
Routing Protocol (SRP) packets. This security bug creates a possible
means to disrupt communication between BlackBerry Enterprise Server
and BlackBerry Router, potentially disrupting service. A separate
unpatched security bug in the handling of malformed Tiff image
attachments creates a means for a remote hacker to launch denial of
service attacks against the BlackBerry Attachment Service, providing
an internal user is duped into viewing malicious files on a BlackBerry
handheld.
The vulnerabilities have been reported in BlackBerry Enterprise Server
4.0 as well as later versions. Domino, Exchange and Novell GroupWise
versions of the platform are all affected. Exploitation of the first
vulnerability means a hacker needs to be able to connect to the
BlackBerry Server or Router via port 3101/TCP. Shielding BlackBerry
servers behind a firewall ought to thwart these attacks. Additionally,
RIM advises users to exclude the processing of Tiff images as a
workaround against the second threat, pending the availability of a
more complete fix.

6)
Hackers Use Yale Name
http://www.yaledailynews.com/article.asp?AID=31167
BY ROSS GOLDBERG Staff Reporter January 9, 2006
A forged Yale e-mail address has been used to spread a security
exploit that infected over one million computers in the last two
weeks, including some on the University network.
The exploit, which attacks a weakness in the Windows operating system,
can allow hackers to remotely control a computer that downloads it. In
one version circulating in the United Kingdom, victims are tricked
into clicking on a link in an e-mail purportedly sent by a Yale
professor.
Yale Information Security Officer Morrow Long said the University
received about 30 complaints from British citizens, but given that
victims of hackers rarely bother to complain, many more were likely
infected.

7)
Two new WMF bugs found
http://www.networkworld.com/news/2006/010906-microsoft-wmf-bug.html
By Robert McMillan IDG News Service 01/09/06
Just days after Microsoft patched a critical vulnerability in the way
the Windows operating system renders certain types of graphics files,
a hacker has published details of two new flaws that affect the same
part of the operating system.
The new vulnerabilities were posted to the Bugtraq security mailing
list on Monday by a hacker going by the name of "cocoruder."
All three flaws concern the way Windows renders images in the Windows
Metafile (WMF) format used by some computer-aided design applications,
but these latest flaws are far less serious than the vulnerability
that Microsoft patched last week, according to security experts. That
vulnerability was serious enough to cause Microsoft to take the
unusual step of releasing an early patch to the problem, ahead of its
monthly security software update.
Also see: http://www.eweek.com/article2/0,1895,1909647,00.asp

**************************************************************************

Educational CyberPlayGround links to Technology
<http://www.edu-cyberpg.com/Technology/Home_TECHNOLOGY.html>

Find Information on Security for
Teachers, Administrators, Ed. Tech, and Classroom Resources
http://www.edu-cyberpg.com/Technology/SECURITY.html


DOES PODCASTING ACTUALLY MATTER?
Journalists vs. Blogger War
Podcast Information and How To AudioBlog by Phone, and RSS Instructions.
http://www.edu-cyberpg.com/Technology/podcast.html
**************************************************************************

8)
Homeland Security helps secure open-source code
http://tinyurl.com/aesla
By Joris Evers  Staff Writer, CNET News.com January 10, 2006
The U.S. Department of Homeland Security is extending the scope of its
protection to open-source software.
Through its Science and Technology Directorate, the department has
given $1.24 million in funding to Stanford University, Coverity and
Symantec to hunt for security bugs in open-source software and to
improve Coverity's commercial tool for source code analysis,
representatives for the three grant recipients told CNET News.com.
The Homeland Security Department grant will be paid over a three-year
period, with $841,276 going to Stanford, $297,000 to Coverity and
$100,000 to Symantec, according to San Francisco-based technology
provider Coverity, which plans to announce the award publicly on
Wednesday.
In the effort, which the government agency calls the "Vulnerability
Discovery and Remediation, Open Source Hardening Project," Stanford
and Coverity will build and maintain a system that does daily scans of
code contributed to popular open-source projects. The automated system
should be running by March, and the resulting database of bugs will be
accessible to developers, they said.

9)
Bank tape lost with data on 90,000 customers
http://www.networkworld.com/news/2006/011106-bank-tape.html
By Stephen Lawson IDG News Service 01/12/06
A computer tape from a Connecticut bank containing personal data on
90,000 customers was lost in transit recently, the bank reported
Wednesday.
People's Bank, based in Bridgeport, Conn., is sending letters to the
affected customers, it said in a press release. The tape contains
information such as names, addresses, Social Security numbers and
checking account numbers. It was bound for the TransUnion credit
reporting bureau, based in Woodlyn, Pa., via UPS, the release said.
UPS is investigating the incident along with all involved parties,
said UPS spokeswoman Heather Robinson. She would not disclose when the
package was lost.

10)
Symantec provides hiding place for hackers
<http://news.com.com/Symantec+provides+hiding+place+for+hackers/2100-1002_3-6026203.html>
By Joris Evers Staff Writer, CNET News.com January 11, 2006
Symantec has released an update to its popular Norton SystemWorks to
fix a security problem that could be abused by cybercriminals to hide
malicious software.
In the PC-tuning application, a feature called the Norton Protected
Recycle Bin creates a hidden directory on Windows systems. The feature
is meant to help people restore modified or deleted files, but the
hidden folder might not be scanned during scheduled or manual virus
scans, Symantec said in an advisory released Tuesday.
"This could potentially provide a location for an attacker to hide a
malicious file on a computer," Symantec said. The Cupertino, Calif.,
security provider is not aware of any attempts by hackers to conceal
malicious code in the folder. "This update is provided proactively to
eliminate the possibility of that type of activity," it said.
Symantec's alert has echoes of Sony BMG Music Entertainment's recent
PC security fiasco. http://www.edu-cyberpg.com/Music/drm.html

<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
The Educational CyberPlayGround
http://www.edu-cyberpg.com/

National Children's Folksong Repository
http://www.edu-cyberpg.com/NCFR/

Hot List of Schools Online and
Net Happenings, K12 Newsletters, Network Newsletters
http://www.edu-cyberpg.com/Community/

7 Hot Site Awards
New York Times, USA Today , MSNBC, Earthlink,
USA Today Best Bets For Educators, Macworld Top Fifty
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<> 

<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Copyright statements to be included when reproducing
annotations from NetHappenings the largest
and oldest K12 Education Mailing List
exploring and using the World Wide Web.

The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format:

EDUCATIONAL CYBERPLAYGROUND
http://www.edu-cyberpg.com
NetHappenings copyright
http://www.edu-cyberpg.com/Community/NetHappenings.html


FREE EDUCATION VENDOR DIRECTORY LISTING
http://www.edu-cyberpg.com/Directory/

HOT LIST REGISTRY OF K12 SCHOOLS ONLINE
http://www.edu-cyberpg.com/Schools/
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>

Other related posts: