Security Web Digest: 9-11 Viruses All The Rage ... and More

Romanian man to busted for releasing Blaster variant House passes anti-identity theft legislation Iceberg Systems system blocks imaging in camera phones California electronic voting data makes its way to the Internet


Internet virus writers marked the two-year anniversary of the September 11 attacks in their own inimitable style, releasing Internet contagions that prey on peoples sentimentality and fears. Two Internet infections have surfaced in the past week -- "Neroma" and "Vote.K" -- that carry September 11 references, computer experts said. Meanwhile, British security firm Sophos Anti-Virus said a two-year-old e-mail that warns about a fictitious file-deleting virus called "WTC Survivor" is once again one of the most popular e-mail hoaxes in circulation.

A Romanian man will be charged with violating that countrys cybercrime laws by releasing a version of the W32.Blaster Internet worm, according to a source involved in the investigation. Dan Sumitru Ciobanu of Iasi, Romania, may face up to 10 years in prison for allegedly releasing the Blaster-F worm variant, according to Mihai Radu of Softwin SRL, a computer security company in Bucharest, Romania. Ciobanu was arrested last week and initially denied having released the worm. However, he eventually acknowledged doing so, saying the release occurred by accident as he was testing it on a home computer connected to the Internet, according to the statement. Authorities are still scrambling to determine whether the worm variant he released has infected any computers in his own country, according to Radu.


Americans would gain access to free credit reports and the ability to thwart identity thieves with a single phone call under bipartisan legislation overwhelmingly approved by the House. The House on Wednesday voted 392-30 to reauthorize the Fair Credit Reporting Act, and along with the legislation to institute uniform credit-reporting requirements nationwide, lawmakers added what they called some of the toughest anti-identity theft legislation to come out of Congress. But some consumer protection groups said the House legislation takes away from states the ability to set stronger privacy laws than the federal government does. For example, California just passed a law allowing California consumers to block banks, insurance companies, and other institutions from sharing their personal information.

A product now in testing could automatically switch off camera phones to protect industrial secrets and private areas. Iceberg Systems is beta-testing Safe Haven, which combines hardware transmitters with a small piece of control software loaded into a camera phone handset. Although the technology is designed only for disabling the imaging system, it could be adapted for a wide number of uses, such as blocking loud or annoying ring tones in a theater or even disabling text messaging in a school. However, Snow said that for now, his company is focused solely on controlling the imaging side of handsets.

Electronic Voting

The strange case of an election tally that appears to have popped up on the Internet hours before polls closed is casting new doubts about the trustworthiness of electronic voting machines. During San Luis Obispo Countys March 2002 primary, absentee vote tallies were apparently sent to an Internet site operated by Diebold Election Systems Inc., the maker of the voting machines used in the election. At least thats what timestamps on digital records showed. Silicon Valley computer experts have long criticized touch-screen voting machines, which do not normally provide a paper receipt and which send digital votes directly to a computer server. Programmers say software bugs, power outages or clever hackers could easily delete or alter data -- and recounts would prove impossible without paper backups.