This newsletter has been designed to maintain links with customers and provide an information service for internet users generally.

Please visit us at http://www.engadineweb.com.au and signup for this monthly newsletter.

Editorial

Internet fathers get presidential medal

Robert Kahn and Vint Cerf, who developed the TCP/IP protocols used to transmit traffic across the Internet, will this week receive the Presidential Medal of Freedom, America’s highest civil award.

President George Bush recently announced the recipients. The Net's founders are two of several recipients of the award, including such prominent figures as Muhammad Ali, the three-time heavyweight-boxing champion and gold medallist at the 1960 Olympic Games; Carol Burnett, actress and comedian; and Alan Greenspan, chairman of the Federal Reserve for the past 18 years.

This months edition is a little long as we have included several stories about the major problems caused by Sony's anti-piracy software on music CDs. Make sure you read this article and be warned...

I have been asked a few times for access to details from previous newsletters; these archive newsletters are available on my website.

Bruce Beresford, Manager & Editor

In this Issue:

• Featured Site
• Virus Watch
• Trojan masquerades as Skype updates
• Telstra dropped as ACT goes VoIP
• 'Spear phishing' hooks e-mail bait
• Big Pond makes new push
• Antivirus firms target Sony 'rootkit'
• Quotes of the day

Featured Site  

Driveaway Australia

Driveaway Australia is an East Coast based Campervan Rental Company. We provide you with the opportunity to independently explore Australia.

Driveaway's Campervans are fully equipped and self contained and ready for your adventure. Our Campervans are safe, reliable, and well maintained and serviced by our own staff.

All your living equipment and camping kit will be supplied free - there are no "add-on" costs at Driveaway.

Visit the Driveaway Australia website...

Virus Watch  

Latest Threats - from Symantec

19-11-05 W32.Sober.X@mm

17-11-05 Linux.Plupii.B

Trojan masquerades as Skype updates  

Cybercriminals are spreading a malicious Trojan horse under the guise of an update to Skype, e-mail security firm MessageLabs said on Monday.

The Trojan horse, a variant of IRCbot, arrives in an e-mail purporting to be an update to Skype, the popular Internet telephony application. Once opened the malicious software displays a phoney installation error message. It then blocks access to security updates and installs a back door on computers, MessageLabs said in a statement.

The e-mail can have one of five different subject lines, which always refers to Skype. One, for example, reads: "Skype for Windows 1.4 - Have you got the new Skype?"

The e-mail body text advertises the Skype voice-over-IP application and urges the user to run the attached file to find out more, MessageLabs said. ZDNet >>>more

Telstra dropped as ACT goes VoIP  

The ACT government is in the midst of transferring 12,000 employees from Telstra fixed lines to a voice over Internet protocol service provided by Canberra-based carrier TransACT.
The move to TransACT will dramatically reduce government costs, according to Richard Hart, project director for the government's technology agency, InTACT.

"They are very significant cost savings. It lets us move calls around at near-zero cost," he said. TransACT has previously estimated it will cut a third off its telecommunications bill as a result of VoIP.

The agency already used TransACT for off-network calls, such as long-distance calls and those to mobiles.

The rollout is about to ramp up with installations at two major sites -- Canberra Hospital and Canberra Institute of Technology -- in the next few weeks, Hart said.

Around 1,700 handsets have so far been installed across 11 major sites. The complete implementation will see over 12,000 VoIP handsets across 200 sites. InTACT will soon start deploying 500 VoIP handsets per week, according to Hart, who expects the territory-wide deployment of the VoIP network to be in place by March 2006.

As each new handset is connected to the network, the agency saves on access charges for Telstra's copper network. In addition, the flexible nature of VoIP has already helped realise both financial and operational savings.

"If a department moved buildings in the past, we'd have to cable it up, and there'd have to be carrier engineers deployed… Now, you can log into your phone from anywhere on the network," Hart said.

He gave a recent example of one ACT government department that had recently relocated from several buildings to one. The lack of work required for InTACT meant an estimated AU$300,000 cost saving.

Other user benefits will be the ability to search the network directory via the phone, rather than use a book, and having a listing of missed calls, according to Hart. ZDNet...

'Spear phishing' hooks e-mail bait  

The marriage between electronic mail spoofing and social engineering has resulted in a new, malicious tactic dubbed 'spear phishing', which security experts say can diminish users' trust in e-mail.
The art of phishing is traditionally a two-pronged approach -- a Web site, usually one from the financial sector, is spoofed. Then, hundreds to millions of e-mail messages are distributed, inviting users to visit a particular Web page and provide information such as user names and passwords.

However, spear phishing is directed at a specific individual with the purpose of corporate espionage.

Alyn Hockey, director of global research and design at e-mail security firm Clearswift, said the spear phishing approach is relatively new but its impact could be significant because the attacks are well targeted.

Hockey explained that because spoofing the 'from' address in an e-mail is so easy, fraudsters are using the technique to try and fool corporate executives into replying to seemingly innocent requests for information from people they trust. ZDNet >>> more

Big Pond makes new push  

TELSTRA will launch a fresh assault on the booming $1 billion-a-year broadband market this Friday, slashing prices for its Big Pond services as the telecoms group seeks to lift its market share above 50 per cent.

The company will enter the market for fully bundled telecommunications services for the first time by offering new customers discounts when they take broadband, fixed-line, mobiles and pay-TV services together.

In a letter to its dealers, Telstra outlined new price plans that would see new customers get half-price services for up to 12 months if they used internet billing. The offer could see new customers save up to $660 for high-speed internet access alone in the first year.

Telstra confirmed the new offers in an announcement today, 3 Nov 2005. AustralianIT >>> more

Antivirus firms target Sony 'rootkit'  

Antivirus companies are releasing tools this week to identify, and in some cases remove, copy protection software contained on recent Sony BMG Music Entertainment CDs. The software has been identified as a potential security risk.

The Sony software, found on several of the company's recent albums, is triggered by playing one of the CDs in a PC. From the CD drive, the software installs itself deeply inside a hard drive and hides itself from view. This cloaking technique could be used by virus writers to hide their own malicious software, security experts have said.

There is a range of opinion among security companies about how much risk the software poses, from those who consider it no worse than an adware pest to those who view it as potentially dangerous spyware.

Symantec said Wednesday that its antivirus software would identify the Sony software, but would not remove it. Instead, it will point to Sony's own Web site, where users can get instructions for uninstalling the software or download a patch that will expose the hidden components. TechRepublic >>> more

This is an insidious Spyware/VIRUS - refer to Newsletter 17 - 21 Sep 2005. Suffering the unsuspected installation of this anti-piracy software on your computer can cause serious damage to your computer software/operating system requiring a possible operating system re-installation. I find it hard to believe a 'supposedly reputable' company would deliberately attempt to compromise their customer's computer property. Ed

Sony hit with DRM lawsuit

RECORD company Sony BMG has been hit with a class-action lawsuit by consumers claiming their computers have been harmed by anti-piracy software on music CDs.

The claim states that Sony BMG's failed to disclose the true nature of the digital rights management system it uses on its CDs and thousands of computer users have unknowingly infected their computers, according to court documents. The suit, filed November 1 in Los Angeles Superior Court asks the court to stop Sony BMG from selling additional CDs protected by the anti-piracy software and seeks monetary damages for California consumers who purchased them.

A spokesman for Sony BMG declined to comment.

Sony BMG is a joint venture of Sony Corp and Bertelsmann.

The lawsuit claims that around June 2005, Sony BMG began to issue some CDs that install digital rights management software that continuously monitor for rights problems, depleting a computer's available resources. The suit says the technology cannot be removed without damage to the system and that Sony BMG does not advise consumers of the existence or true nature of the program.

Reuters

Bots for Sony CD software spotted online

A first wave of malicious software written to piggyback on Sony BMG Music Entertainment CD copy protection tools has been spotted online, computer security companies said on 11 November in the United States.

Sony's software, installed when playing one of the record label's recent copy-protected CDs in a computer, hides itself on hard drives using a powerful programming tool called a "rootkit." But the tool leaves the door open behind it, allowing other software--including viruses--to be deeply hidden behind the rootkit cloak.

The first version of a Trojan horse spotted early Thursday, which aims to give an attacker complete remote control over an infected computer, didn't work well. But over the course of the day, several others emerged that apparently fixed early flaws.

"This is no longer a theoretical vulnerability, it is a real vulnerability," said Sam Curry, vice president of Computer Associates' eTrust Security Management division. "This is no longer about digital rights management or content protection, this is about people having their PCs taken over." ZDNet >>> more

Sony halts production of 'rootkit' CDs

Sony BMG Music Entertainment said on Friday that it will suspend production of CDs with copy-protection technology that has been exploited by virus writers to try to hide their malicious code on PCs.

The decision by the music label comes after 10 days of controversy around the technology, which is designed to limit the number of copies that can be made of the CD and to prevent a computer user from making unprotected MP3s of the music. ZDNet >>> more

Sony BMG recalls copy-protected CDs

BARCELONA (Reuters) - Music company Sony BMG (6758.T), yielding to consumer concern, said on Wednesday it was recalling music CDs containing copy-protection software that acts like virus software and hides deep inside a computer. >>> more

So as you can see Sony has become just a little more responsive to it's customers, maybe fearing a bottom line backlash? Ed.

Quotes of the Day  

It is impossible to travel faster than the speed of light, and certainly not desirable, as one's hat keeps blowing off. Woody Allen (1935 - )

It has been said that man is a rational animal. All my life I have been searching for evidence which could support this. Bertrand Russell (1872 - 1970)

A synonym is a word you use when you can't spell the word you first thought of. Burt Bacharach (1928-)

Misquotation is, in fact, the pride and privilege of the learned. A widely- read man never quotes accurately, for the rather obvious reason that he has read too widely. Hesketh Pearson, Common Misquotations (1934), Introduction

Brought to you by The Quotations Page

Have any questions relating to the internet or your computer? Let me know and I will research an answer and use this for future entries in our newsletter. Pass on your questions via the Enquiry Form on our Web-Site or send me an email.

If you have a friend or associate that you feel would benefit from receiving this newsletter please forward it to them for their review...

You have received this newsletter as you are an Engadine Web Services Customer or you have subscribed via our web-site.

To Unsubscribe from this newsletter 'click' the link and send an empty email...