- Email: [email protected]
Fast lobbies MPs to fight piracy
ISSN: 0142-0496
JULY 1994
Editor: HELEN COLLINSON American Editor: CHARLES CRESSON WOOD InformationIntegrityInvestments Sausalito,California,USA Australasian Edftor: BILL J. CAELLI Queensland Universityof Technology Australia Europaan Editor: KEN WON0 PA ConsultingGroup London,UK
Editorial Advisors: Chris Amety, UK: Hans Giiss, Germany; David Herson, CEC, DGXIII; Les Lawrence, New South Wales, Australia; P.Kraaibeek, Germany; Gordon Lennox, Belgium; Wayne Madsen, Virginia, USA; Beiden Menkus, Tennessee, USA; Bill Murray, New Canaan, USA; Siivano Ongetta, Italy; Donn B. Parker, California, USA: Peter Sommer, UK; Mark Tantam, UK; Peter Thingsted, Denmark; Hank Wolfe, New Zealand. Correspondents:
Frank Rees, Melbourne, Australia. John Steriicchi,
California, USA, Paul Gannon, Brussels, Belgium
FAST lobbies MPs to fight piracy ..... ......... .. .I
SECURITY ASPECTS IN IT SYSTEMS BASED ON MOBILE MICRO COMPUTERS ....... .... ......v............. 13
$40 000 fine for software piracy.. .,.. .,.. ...... ... 2
EVENTS .,........,...............,.............,,.,........ 19
FRAUD/HACKING NEWS
STOP PRESS ._.............._........,......,.........._20
SOFTWARE PIRACY NEWS
Credit card losses finally decline . .. ......... .... .. 2 School
plagued
by hackers ,.*.*....*.......*.......r2
New spy-proof screen . ....*....*....................... 3 One person’s litter is another’s scam.. .. .. .. .. .3 VlRUS NEWS Junkie - extremely difficult to detect .... ..... . 3 DATA PRIVACY NEWS liiV records - confidentiality breached ...... -3 LAN/WAN NEWS Experts to tackle computer security. .... .. .. . .. . 4 MARKETPLACE ......... ..... .,...... ......... .. v....... 5 REPORTS ACLU Fronts US Direct Marketing Interests ,,...*................................. . ...L.‘......6 The Final Days of Reusable Passwords .. . .. .7 Up-to-the-minute Network Security... ....... .... 8 BUSINESS RECOVERY PUNNING
..<......8
SOFTWARE PIRACY NEWS FAST lobbies MPs to fight piracy The Federation Against Software Piracy (FAST) has lobbied senior MPs in the UK on behalf of the computer industry to tighten existing copyright legislation. The computer industry in the UK is estimated to lose over f300 million annually through illegal software and recent new developments such as CD-ROMs, bulletin boards and sophisticated copying devices are set to dramatically increase these losses unless further legislation is set in place. The MPs attending the meeting were asked to consider the negative financial, cultural and commercial effects of piracy within Europe’s governments,
01994 Eisevier Science Ltd., Engiand./94/$7.00 per item No part of this publication may be reproduced, stored in a retrieval syster$ or transmitted by any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permlssion of the publishers. (Readers In the U.S.A. -please see special regulations listed on back cover.)
Computer Fraud & Security Bulletin
July 1994
are declining for the first time. According to the Investor’s Business Daily, the declines can be attributed to card security features, educational efforts and new technology. A spokesman for Mastercard said that losses worldwide had dropped by 2% in 1992, a dramatic improvement over the rise of 23% for the previous year. In 1992, Mastercard’s fraud figures reached their peek. Fraud equalled 0.18% of sales volume, however, in 1993 that dropped to 0.14%. Four out of five of the major categories of fraud declined. Of the four categories-which include cards that are lost, stolen or never received, and mail and telemarketing fraud the never-received category experienced the greatest decline, at 25%.
$40 000 fine for software piracy In Canada, Duncan Computer Corp is the first company to be fined for software piracy. The company was ordered to pay $32 000 in compensation to Microsoft Corp for illegally distributing software. The Globe and Mail reports that the company’s founder, John Duncan, said that the company was convicted of distributing portions of Microsoft’s MS-DOS software and failing to deliver MS-DOS manuals to customers. Mr. Duncan was ordered to personally pay a fine of $5000 and to pay Microsoft $10 000 in compensation. Mr. Duncan said that the employees at his company, which assembled and sold computers, would install MS-DOS in the computer’s memory at the time of assembly.
FRAUD/HACKING
NEWS
Credit card losses finally decline Mastercard International and Visa International have reported that credit card losses
2
In early 1993 cards never received accounted for $650 000 of losses daily. Whilst the number has dropped this category is still a problem. The industry is fighting against thieves who steal cards that have not been activated and use them in countries where it is difficult to authorize a sale electronically. Since January this year, all new reissued Mastercard cards are required to have a package of enhanced security features, such as indent printing of the account number on the tamper-evident signature panel. Mastercard hopes that this measure will reduce counterfeit fraud by $35 million annually. Visa’s counterfeit problem began to decline in 1993, when it implemented several prevention programmes, including Card Verification Value, which verifies information in a card’s magnetic strip, and Payment 2000, which is a risk-control system.
School plagued by hackers A school in Salt Lake City, Utah has been plagued by hackers. The Salt Lake Tribune reports that four boys broke into the school’s computer system and planted a virus in its memory. A computer technician at the school destroyed the virus and other files that the boys had created. Apparently, there were no losses of school files and the system’s memory was not damaged. In a separate incident, two other boys told fellow students that they could change
01994
Elsevier Science Ltd
JULY 1994
Editor: HELEN COLLINSON American Editor: CHARLES CRESSON WOOD InformationIntegrityInvestments Sausalito,California,USA Australasian Edftor: BILL J. CAELLI Queensland Universityof Technology Australia Europaan Editor: KEN WON0 PA ConsultingGroup London,UK
Editorial Advisors: Chris Amety, UK: Hans Giiss, Germany; David Herson, CEC, DGXIII; Les Lawrence, New South Wales, Australia; P.Kraaibeek, Germany; Gordon Lennox, Belgium; Wayne Madsen, Virginia, USA; Beiden Menkus, Tennessee, USA; Bill Murray, New Canaan, USA; Siivano Ongetta, Italy; Donn B. Parker, California, USA: Peter Sommer, UK; Mark Tantam, UK; Peter Thingsted, Denmark; Hank Wolfe, New Zealand. Correspondents:
Frank Rees, Melbourne, Australia. John Steriicchi,
California, USA, Paul Gannon, Brussels, Belgium
FAST lobbies MPs to fight piracy ..... ......... .. .I
SECURITY ASPECTS IN IT SYSTEMS BASED ON MOBILE MICRO COMPUTERS ....... .... ......v............. 13
$40 000 fine for software piracy.. .,.. .,.. ...... ... 2
EVENTS .,........,...............,.............,,.,........ 19
FRAUD/HACKING NEWS
STOP PRESS ._.............._........,......,.........._20
SOFTWARE PIRACY NEWS
Credit card losses finally decline . .. ......... .... .. 2 School
plagued
by hackers ,.*.*....*.......*.......r2
New spy-proof screen . ....*....*....................... 3 One person’s litter is another’s scam.. .. .. .. .. .3 VlRUS NEWS Junkie - extremely difficult to detect .... ..... . 3 DATA PRIVACY NEWS liiV records - confidentiality breached ...... -3 LAN/WAN NEWS Experts to tackle computer security. .... .. .. . .. . 4 MARKETPLACE ......... ..... .,...... ......... .. v....... 5 REPORTS ACLU Fronts US Direct Marketing Interests ,,...*................................. . ...L.‘......6 The Final Days of Reusable Passwords .. . .. .7 Up-to-the-minute Network Security... ....... .... 8 BUSINESS RECOVERY PUNNING
..<......8
SOFTWARE PIRACY NEWS FAST lobbies MPs to fight piracy The Federation Against Software Piracy (FAST) has lobbied senior MPs in the UK on behalf of the computer industry to tighten existing copyright legislation. The computer industry in the UK is estimated to lose over f300 million annually through illegal software and recent new developments such as CD-ROMs, bulletin boards and sophisticated copying devices are set to dramatically increase these losses unless further legislation is set in place. The MPs attending the meeting were asked to consider the negative financial, cultural and commercial effects of piracy within Europe’s governments,
01994 Eisevier Science Ltd., Engiand./94/$7.00 per item No part of this publication may be reproduced, stored in a retrieval syster$ or transmitted by any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permlssion of the publishers. (Readers In the U.S.A. -please see special regulations listed on back cover.)
Computer Fraud & Security Bulletin
July 1994
are declining for the first time. According to the Investor’s Business Daily, the declines can be attributed to card security features, educational efforts and new technology. A spokesman for Mastercard said that losses worldwide had dropped by 2% in 1992, a dramatic improvement over the rise of 23% for the previous year. In 1992, Mastercard’s fraud figures reached their peek. Fraud equalled 0.18% of sales volume, however, in 1993 that dropped to 0.14%. Four out of five of the major categories of fraud declined. Of the four categories-which include cards that are lost, stolen or never received, and mail and telemarketing fraud the never-received category experienced the greatest decline, at 25%.
$40 000 fine for software piracy In Canada, Duncan Computer Corp is the first company to be fined for software piracy. The company was ordered to pay $32 000 in compensation to Microsoft Corp for illegally distributing software. The Globe and Mail reports that the company’s founder, John Duncan, said that the company was convicted of distributing portions of Microsoft’s MS-DOS software and failing to deliver MS-DOS manuals to customers. Mr. Duncan was ordered to personally pay a fine of $5000 and to pay Microsoft $10 000 in compensation. Mr. Duncan said that the employees at his company, which assembled and sold computers, would install MS-DOS in the computer’s memory at the time of assembly.
FRAUD/HACKING
NEWS
Credit card losses finally decline Mastercard International and Visa International have reported that credit card losses
2
In early 1993 cards never received accounted for $650 000 of losses daily. Whilst the number has dropped this category is still a problem. The industry is fighting against thieves who steal cards that have not been activated and use them in countries where it is difficult to authorize a sale electronically. Since January this year, all new reissued Mastercard cards are required to have a package of enhanced security features, such as indent printing of the account number on the tamper-evident signature panel. Mastercard hopes that this measure will reduce counterfeit fraud by $35 million annually. Visa’s counterfeit problem began to decline in 1993, when it implemented several prevention programmes, including Card Verification Value, which verifies information in a card’s magnetic strip, and Payment 2000, which is a risk-control system.
School plagued by hackers A school in Salt Lake City, Utah has been plagued by hackers. The Salt Lake Tribune reports that four boys broke into the school’s computer system and planted a virus in its memory. A computer technician at the school destroyed the virus and other files that the boys had created. Apparently, there were no losses of school files and the system’s memory was not damaged. In a separate incident, two other boys told fellow students that they could change
01994
Elsevier Science Ltd