NY Comcast To Block Child Pornography

New York ISP, Comcast, is planning to sign an agreement stating that they will block access to all newsgroups and websites that have been found to distribute child pornography. The agreement was drafted by NY Attorney General, Andrew Cuomo and has been signed by all the big ISP's in the NY area. Comcast was one of the last ones to come on board. According to Mike Sachoff at WPN "...internet service providers including Verizon, Sprint, AOL, AT&T and Time Warner Cable, all signed an agreement to block access to Web sites that distribute child porn."

This is a significant step forward in policing our Internet and keeping it safe. However, the problem that I have with all this is that it's a misguided effort and isn't eliminating the source of the problem. All the sicko criminals have to do is put up a new site and it's business as usual. Evidently the Cuomo camp has done an extensive, undercover, investigation and identified numerous sites and newsgroups. Though these are identified now, this doesn't identify and block the new sites that will crop up. I appreciate all the hard work that everyone went through but it really seems ineffective to me. Again this is not cutting the snakes head off, just a small portion of it's tail.

Here's another thing that I didn't necessarily agree with. Cuomo apparently sent a letter to Comcast saying that they would take legal action if they didn't sign the agreement within 5 days. OK, here's where I have a problem. Comcast is NOT the one distributing the porn yet they were going to seek legal action against them. I DO agree with the blockade but holding an ISP accountable for what is on the Internet is absolutely asinine. It's like holing the Diamond Match Company liable for forest fires or gun manufacturers liable for gun crime (the anti-gun crowd actually tried this).

Now, if a hosting company is knowingly hosting a child porn site, then that is a different story and they SHOULD be held accountable. Granted we do a lot already to police the internet and try and protect our children, but what good did this last bit really do? Yeah, it blocked the other sickos from accessing the porn and potentially re-distributing it but were the dollars spent on the undercover investigation really effective? Did they really accomplish something significant here?

What say you?

 

The Valentines Day Virus

Here's a little bit of info that I picked up via WebProNews and I thought that I would pass along.

"In an email to WebProNews, a Kaspersky Lab spokesperson wrote, "Kaspersky Lab has detected a large-scale, global mass mailing of Valentine's Day spam. The spam was first identified by Kaspersky Lab on the morning of February 12, and as of the morning of February 13, the number of spam messages of this type have still not decreased. The message currently accounts for about 5% of all mail traffic checked by Kaspersky Hosted Security Services."

The problem is pretty big, in other words, and going into the 14th, is only likely to become worse.

We don't have any special malware-beating tips to share; just try to be a little more careful than usual. That special someone isn't going to love it if you turn your computer into a big doorstop."

Just make sure you know who it's coming from and above all make sure you are not opening any .exe files. Oh yeah, and wait till next month to buy roses.

Have a safe and happy Valentines Day!

 

Hacking For Dummies

This post is being guest blogged by
computer engineer and published
author Steve Clark.

An interview with a pair of well-known security researchers uncovered an extraordinary view of the ecosystem that supports the phishing effort that plagues modern day financial institutions and their customers.

http://www.net-security.org/article.php?id=1110&p=1

"The reality is pre-made, ready-to-deploy, turnkey sites are already created for practically every major organization that you can think of.
All a phisher has to do is purchase the latest kit and deploy, no technical expertise or coding skills are really required. All the phisher typically has to do is place their email address into one line of code and they have a ready to deploy phishing site."

Once the 'turnkey' code has been modified with the correct email address, the whole site is simply uploaded to a compromised host on the internet.

Users receive an email that looks like it comes from a well known company (paypal.com for example) requesting the user to update their account status or whatever. Instead of going to the real website, the link leads them to the compromised website (which looks identical to the real one due to the turnkey phishing software that has become readily available), and are tricked into entering their account info which then gets emailed back to the hacker.

There are other ways to trick people going to the phishing sites that do not even involve sending emails, such as modifying the user's 'host' file located in C:\Windows\system32\drivers\etc. This is a fairly easy hack is possible to do through back doors or vulnerabilities in many peer-to-peer file sharing programs (used for sharing mp3's and avi's). Still other methods involve monitoring the user's internet port itself and intercepting and bypassing a user's DNS queries - what's known as a 'man-in-the-middle' type of attack.

The good news is that there are ways to protect yourself. Microsoft has even started adding support for phishing attacks in its latest internet explorer version 7.0.

Microsoft Phishing Filter

It is alarming to me the ease and relative lack of computer skill that is needed to create one of these phishing websites - as well as how hackers are trading around our 'private' information like some kind of commodity.

I guess the bottom line is be careful of where you are going on the internet, it might not be where you think you're going!

Thanks for the information Steve!

 

MySpace Cleans Up Sex Offenders

In July, MySpace decided to to a little house cleaning. MySpace deleted the accounts that had been created by registered sex offenders. Apparently there were over 29,000 registered sex offenders that had created profiles. A figure 4 times more than the original estimate offered by MySpace. This number reflects the sex offenders that signed up using their real names. The number is expected to be higher as individuals may have used fake names or other identies.

A July 24th release from North Carolina Attorney General Roy Cooper proposes 6 changes in social networking sites to better protect our children from sexual predators. As always, parents are strongly encouraged to police their children's Internet activities but the rules proposed in this new release would require parents to authorize an account before a child would be able to post. It would also allow parents to see what their children are posting.

MySpace does not want to see its younger user base threatened, but also resists such verification measures likely because they could push current and potential users away from MySpace to competing websites. I wonder how they will feel when legal action is brought against them like what happened to the tobacco companies?

For more information on how to keep your kids safe on the Internet, visit some of these sites:

Internetchildsafety.net
ProtectKids.org
SafeKids.com
The FBI's Safe Kids Guidelines
LoveOurChildrenusa.org
CyberPatrol.com
NetNanny.com
CyberAngels.org
Microsoft's Family Internet Safety Guidelines
WiredSafety.org

There are many more available by looking through the Child Safety and Internet Safety for Kids Google Directories.

 

Internet Safety

According the US Department of Justice, the month of June has been designated as National Internet Safety Month.

There are over 1 billion Internet users worldwide and in the United States alone, 35 million children, k-12 have Internet access. More stats that contributed to the development of this resolution can be found here.

"According to the U.S. Department of Justice, the Internet “provides unparalleled opportunities for socially beneficial endeavors—such as education, research, commerce, entertainment, and discourse on public affairs—in ways that we may not now even be able to imagine. By the same token, however, individuals who wish to use a computer as a tool to facilitate unlawful activity may find that the Internet provides a vast, inexpensive, and potentially anonymous way to commit unlawful acts …” (Credits, 2000).


"Fortunately, despite all of the opportunities for criminals to use the Internet to prey on their victims, there are also many techniques and precautions that Internet users can take to avoid victimization." Make sure you are aware of your child's Internet use and do your diligence in implementing the Internet safety protocols you have at your disposal.