Conference report "freedom of the media online"

On 27 and 28 August 2004, the OSCE Representative on Freedom of the Media, Mr Miklos Haraszti, organised a conference on 'freedom of the media online' in the Amsterdam city hall.
Two panels focussed on the problematic definition of harmful content and self-regulation. Yaman Akdeniz (director of the UK NGO Cyberrights), Sandy Starr (editor of the e-zine Spiked) and Matthew Berry, senior counsel at the U.S. Department of Justice all gave strong arguments against global regulation of hatespeech, as suggested by the additional protocol to the Cybercrime Convention (signed by 23 countries, amongst which 15 EU member states, and only just ratified by Slovenia on 8 September 2004).
Conference website with papers from speakers (27/28-08-2004) http://www.osce.org/events/conferences/fom/2004amsterdam/
Cybercrime convention additional protocol - chart of signatures http://conventions.coe.int/Treaty/Commun/ChercheSig.asp?NT=189&CM=8&DF=9/9/04&CL=ENG

Zambia Cybercrime Bill Set To Become Law

An Internet crime bill in Zambia has caused some controversy
in the country's IT community but is expected to become law soon. The
bill received parliamentary approval and is expected to be signed into
law by President Levy Mwanawasa within a month or two.
http://www.idg.com.sg/idgwww.nsf/0/BCF4433791E6F94D48256F07000F96A8?OpenDocument

The Asia Foundation: Utilizing ICT to Address Human Trafficking

Human trafficking seems to be the "political correct" modern day bureaucratic terminology to refer to slavery. If you refer to slavery, it's likely that people will think you're talking about something that ended a long time ago, so perhaps it's best to call it human trafficking. There are actually many forms of modern slavery, and human trafficking has been getting an increasing amount of attention from development agencies in the past few years.
The Asia Foundation started a program to look at how ICTs can be used to address human trafficking. The answers are not simple and there are numerous challenges and opportunities to explore. http://www.asiafoundation.org/ICT/trafficking.html

Polish cops bust 100-member computer piracy gang

Polish police have broken up a gang of more than 100 hackers who sold pirated music and films, using academic computer systems around the world to store their wares. International police and intellectual property experts say eastern European manufacturing centers are notorious for contributing to global software piracy. http://news.com.com/2100-1027_3-5322433.html

Indonesia Charges Hacker Under Telecommunications Law

In Indonesia's first cyber crime trial, the prosecution recommended that the Defendant be charged under the Telecommunications Law. The Defendant allegedly hacked into the General Elections Commission's (KPU) Web site in April and changed the names of several parties, whose tallies were then being counted and displayed on the web site. http://www.thejakartapost.com/detailcity.asp?fileid=20040818.G04&irec=3

Zambian Parliament Passes Cybercrime Law

Zambia's parliament has unanimously passed a tough law to
curb cybercrime that would see convicted computer hackers
and other offenders get jail sentences ranging from 15 to 25 years. The Computer Misuse and Crimes law was passed without debate on Tuesday.

http://www.smh.com.au/articles/2004/08/11/1092102488282.html?oneclick=true

Nigerian Cybercrime Legislation Nearing Completion

Nigeria's Minister of Justice has said that a draft Computer Security and Protection bill has been completed. The bill covers a wide range of issues including computer contamination, illegal communications, computer vandalism, cybersquatting, cyberterrorism, cyber-pornography, and online intellectual property infringement.

http://allafrica.com/stories/200408040282.html

Cyber Police to Start Monitoring Vietnam's Internet Next Month

The special unit, under the Ministry of Public Security, will focus on crimes such as credit card fraud, hacking, gambling and posting banned information online. About 2 million of Vietnam's 81 million people access the Web, mostly at inexpensive Internet cafes. The number of users is expected to triple by next year.

http://www.technologyreview.com/articles/04/08/ap_080404.asp?trk=nl

http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9317648.htm

New infection spread by business websites

CNET's Robert Lemos sums up what is known or surmised about the sophisticated new contagion first seen 2 days ago:

"Security researchers warned Web surfers on Thursday to be on guard after uncovering evidence that widespread Web server compromises have turned corporate home pages into points of digital infection. The researchers believe that online organized crime groups are breaking into Web servers and surreptitiously inserting code that takes advantage of two flaws in Internet Explorer that Microsoft has not yet fixed. Those flaws allow the Web server to install a program that takes control of the user's computer. Late Thursday, Microsoft advised customers to increase their browser security to the highest settings, although that could cause some Web site functions to stop working. The extent of the attacks is unknown, but the security community has seen numerous cases of personal computers infected when the user merely visits a Web site... [The] flaws affect every user of Internet Explorer, because Microsoft has not yet released a patch...

"The Internet Storm Center, which monitors Net threats, confirmed that the list of infected sites included some large Web properties... The group also pointed out that the malicious program uploaded to a victim's computer is not currently detected as a virus by most antivirus software...

"Researchers believe that attackers seed the Web sites with malicious [javascript] code by breaking into unsecured servers or by using a previously unknown vulnerability in Microsoft's Web software, Internet Information Server (IIS). When a victim browses the site, the code redirects them to one of two sites, most often to another server in Russia. That server uses the pair of Microsoft Internet Explorer vulnerabilities to upload and execute a remote access Trojan horse, RAT, to the victim's PC. The software records the victim's keystrokes and opens a back door in the system's security to allow the attacker to access the computer...

"Symantec believes that the attacks last fall and in April, which the current one most resembles, were conducted by online organized crime groups from Russia. The theory is supported not only by the fact that the server storing the malicious code is in Russia, but also by the sophisticated nature of the attacks, Symantec's Huger said. 'It's a group of people that have resources to bring to play,' he said, adding that the attack programs were not amateur material. 'The code wasn't pulled off a Web site; it was custom.'

"Meanwhile, the average Internet surfer is left with few options. Besides choosing the highest security settings for Internet Explorer, Windows users could download an alternate browser, such as Mozilla or Opera. Mac users are not in danger..."

Instant messaging ripe for malware

"Symantec, makers of Norton Antivirus, says the next big worm is likely to exploit flaws in instant messaging clients—and it will spread faster than any other worm on record," Cade Metz writes in PC Magazine. "'Code Red was able infect every vulnerable machine on the Internet in 14 hours. Slammer was able to do it in 20 minutes,' says Eric Chien, chief of research at Symantec Security Response. 'An instant-messaging threat could spread to a half a million machines in 30 or 35 seconds.'

"This is particularly worrying because IM clients are widely used on business machines. The Radicati Group estimates that 26 percent of American companies use instant messaging as an official corporate service and that another 44 percent would acknowledge that their employees use instant messaging on their own....

"The good news is that whenever you open your IM client and connect to your particular IM network, the vendor will automatically install patches for any known vulnerabilities. But there's always the risk that someone will exploit a hole before the vendor finds it. All it takes is 30 seconds...."