An execution, damp squibs and stealing time

Welcome to the first Security Patrol column in which I highlight some of the week`s more interesting or intriguing security-related stories around the globe.

It`s becoming increasingly difficult to separate the true nasty viruses from the damp squibs.

Ian Melamed, Columnist, ITWeb

• They really take cyber crime seriously in China! After manipulating computer records to divert money into his own accounts, Shen Weibiao, the former bank manager of a Bank of China branch in Shaoguan City, was executed, apparently by gunshot, after the Supreme People`s Court rejected his appeal. Wonder what they would have made of Allan Boesak?

• It is now a crime to spread viruses in Pennsylvania. Legislation signed last week will enforce a seven-year jail sentence, and those found guilty will be liable for the damages caused by the virus. Can you imagine being made to pay the damages bill for I Love You virus?

• Still in international spaces, a 24-year-old computer engineer has been arrested by the Indian police for stealing over 100 hours of Internet time. After being called to activate the account of a retired army officer, the service engineer changed the account`s password and later accessed it from 10 different locations.

• Who says firewalls are secure? What has been dubbed "The world`s most secure" firewall was breached last week during a routine security audit at Garrison Technologies in Austin, Texas. Jim N Stickley, a Garrison employee, simply breezed through a hole in the firewall. The hole, a modified buffer overflow attack, could allow an intruder to control the firewall box. Network Associates has issued a patch for the problem, but you can bet the farm that there will be more breaches and vulnerabilities reported.

• It`s becoming increasingly difficult to separate the true nasty viruses from the damp squibs. On paper, the Resume worm carried the potential to do a lot of damage but this Melissa variant died a quiet death last weekend, causing very little damage. It had been feared that the Killer Resume would spread extremely fast in the US when people returned to work after the long holiday weekend. Now anti-virus specialists are being accused of scare tactics.

• The world`s top anti-virus vendors are calling for an established unified grading system to categorise viruses. They say they want to prevent the media from getting into a feeding frenzy and spreading hype and misinformation (or FUD - fear, uncertainty, doubt). They cite the recent Resume scare as an example of what they are trying to prevent. I`m all in favour of getting some standards in place, but can you imagine trying to obtain consensus from a dozen competing vendors, while a virus is flying around the world at warp speed?

• With all the publicity surrounding the Melissa, I Love You and Resume viruses, the aptly named Kak worm seems to have avoided the headlines. But it really has been a nuisance and is spreading fast, typically through signature files in Outlook Express. Most importantly, it slips through many traditional protection mechanisms, and can be propagated without Microsoft Word attachments - in plain HTML text, for instance. E-business site ShoppingPlanet.com accidentally infected 50 000 customers with the Kak worm when it mailed its newsletter out. The company quickly sent out a follow-up e-mail warning users not to open the previous e-mail. Kak requires no user intervention other than opening e-mail. It can modify registry files and shut down Windows. Anti-virus software vendors have included the virus in their definition files so ensure you`re updated.

• A New Zealand man claims to have stumbled onto the biggest hole in Outlook yet. The hole would allow malicious Java code to be executed on a Windows/Outlook machine without any user intervention. The Kiwi says that soon after he contacted Microsoft, the information was stolen off his computer by someone who broke into it. Microsoft says it never received his initial communication and after reviewing his information claims there is no security breach involved. Does this indicate the future is All Black for Outlook users?

• Worried about corporate PCs being used for porn? Help could be at hand. Oklahoma company Heartsoft Include is developing software that scans photos for flesh tones and curves to detect nudity. The software is in beta test, and Heartsoft has applied for a patent for this technology. It will be used in conjunction with the company`s Internet Safari browser for children. I can think of a few other good uses as well.

• And now for the Hacked Page of the Week. It boggles the mind that someone could have gone to the effort of hacking the Web site of US-based The Relativistic Heavy Ion Collider at Brookhaven National Laboratory (prod.rhic.bnl.gov), but hacked it was. Some of the text left behind (including: "The government is something bad... everything you do against it is good!") provides a frightening insight into the minds of the youngsters that do these things.