Security Web Digest: New Cloudmark Antispam Reputation System ... and More

Minn. High School Student Charged with Blaster Offense New OpenSSH Buffer Overflow widely exploitable Morpheus and Grokster respond to music industry appeal New BIND patch blocks new Verisign "service"


Cloudmark Inc. on Thursday launched software designed to differentiate trashy E-mail sent by spammers from bulk E-mail sent by legitimate businesses, which lose billions of dollars a year from undelivered messages. So-called "false positives" are expected to cost companies $3.5 billion this year in lost business, according to Ferris Research. Lost productivity, bandwidth usage, and other problems caused by spam itself cost nearly $10 billion annually, the market-research firm said. Cloudmark Rating is a new module to the companys SpamNet software, which lets users determine whether an E-mail sender is a spammer or trying to sell a book from a customers favorite author. Because Cloudmark doesnt verify that registered senders are whom they claim, critics have questioned Ratings effectiveness. However, Karl Jacob, chief executive of Cloudmark, said spammers disguised as legitimate businesses will be found out soon enough through user response.


A high school senior pleaded innocent Wednesday to a federal charge alleging he crippled more than 7,000 computers by modifying a version of the "Blaster" worm. Jeffrey Lee Parson, 18, of Hopkins, Minn., appeared briefly before U.S. Magistrate Mary Alice Theiler and left the courthouse without speaking to reporters. A trial was tentatively set for Nov. 17 in Seattle. Parson has been placed under home detention, but is allowed to attend school.


The CERT Coordination Center is warning users about a serious security vulnerability in the OpenSSH (Secure Shell) that could enable a remote attacker to run malicious code or launch a denial of service attack against machines running the popular suite of secure network connectivity tools. The exploitable flaw is in the buffer management function of OpenSSH software prior to version 3.7 and could make it possible for remote attackers to cause a buffer overflow on vulnerable machines, according to a CERT advisory. Many of the leading Unix and Linux operating systems ship with OpenSSH and are vulnerable to attack. In addition, an unknown number of hardware devices such as network routers and switches use the popular package and will need to be patched, according to Dan Ingevaldson, engineering manager of Internet Security Systems Inc.s (ISSs) X-Force security group.

Intellectual Property

Two file-sharing services Morpheus and Grokster on Wednesday filed responses to a closely-watched appeal by film and music studios of a court ruling that found the services were not liable for massive copyright infringement. The copyrights holders said U.S. District Court Judge Stephen Wilson in Los Angeles in April had dramatically departed from well-established copyright law when he ruled the file-sharing services should not be closed because they cannot control what songs are traded over their systems.


The Internet Software Consortium (ISC), the nonprofit group that publishes BIND (Berkeley Internet Name Domain) software, which runs 80 percent of domain name servers, has released a patch that will block VeriSign Inc.s new Site Finder service. According to VeriSign, Site Finder is a navigation tool that improves the users Web browsing experience by directing users who mistype a Web address ending in .com or .net to its own search pages. Site Finder offers users alternatives to the incorrect address, some of which are owned by companies that have paid VeriSign to be placed on Site Finder.