[no subject]

One arrest was made in the United States, the agency said. The government said
that three of the individuals being targeted in the investigation had been
members of the wonderland child pornography ring that was broken up in 1998.

At the same time, search warrants were issued by the United Kingdom, Canada,
France, Germany, Switzerland, Spain, Japan, Finland, Austria and Sweden,
Customs said.

The investigation, dubbed Operation Artus, began in November 2001, when agents
of the German National Police, using evidence gathered from a search warrant,
discovered that a German man had been exchanging child pornography over the
Internet, Customs said. The man provided nicknames of some members of a group
that German authorities believed were involved in the exchange of child
pornography.

As a result of the German investigation, law enforcement authorities were able
to identify eight people in the United States that the U.S. government believes
are involved in the child pornography ring, Customs said. Other people outside
the United States were also being targeted by other countries for their alleged
involvement in the ring.

Customs said that "a common aim of members was to find and exchange child
pornography in DVD quality movie file format. As a requirement, members had to
offer new child pornography material from time to time to remain part of the
group," Customs said.

Customs Commissioner Robert Bonner said the investigation "is yet another
example of how important international cooperation is to solving these types of
cases."

The action comes after the FBI (news - web sites) this week said it expects to
arrest at least 50 more people by week's end as it busts up an Internet
child-pornography ring that allegedly included two Catholic priests and six
other members of the clergy.

The agency said Monday its "Operation Candyman" sweep already had resulted in
criminal charges against more than 89 people in 26 states. The effort targeted
members of three Internet discussion groups on Yahoo Inc.'s Web site, including
one called "Candyman," apparently named after a song in the 1971 children's
movie "Willy Wonka and the Chocolate Factory."
****************
New York Times
Voice Recognition Leaps Into Appliances

BE careful what you say around the house. Your appliances may be listening.

Voice control, long the stuff of science fiction and computer lab experiments,
is popping up in more and more mundane household devices like clock radios, MP3
players, television remotes, telephones and light switches. You no longer have
to push buttons or twist dials to listen to music or brew coffee: you simply
tell your appliances what you want, and through built-in microphones and
microprocessors they understand and obey your commands. 

These low-end voice controls are not designed for space travel but rather to
make everyday devices easier to use. A voice- activated television remote, for
example, can spare you from having to remember hundreds of channel numbers. And
even relatively simple voice-controlled devices like light switches can be a
boon to people with physical disabilities or with poorly placed wall switches
in their basements.

And yes, voice control is also kind of fun. 

"Sometimes voice control doesn't really start from a need  it starts as a
feature," said William Meisel, the publisher of Speech Recognition Update, a
monthly newsletter. "Manufacturers say, `This is a feature that will make us
look high-tech and distinguish us from the other guys without costing us too
much.' "

It is a feature that could find its way into many more living rooms and
kitchens. Todd Mozer, chief executive of Sensory, a company based in Santa
Clara, Calif., that makes specialized speech recognition chips for appliances,
said that more than 15 million such devices had been sold worldwide. If you
include cellphones with voice-dialing, the estimate rises to 100 million.

After seeing ads for a number of voice- activated appliances, I started to
fantasize about never having to lift a finger around the house. I wanted to
give orders to my appliances. They would listen and obey. I would be king of
the house. The clock radio, the television set, the lamps  all would be my
trusty servants. 

Speech recognition existed at Bell Laboratories in the 1950's, but it did not
appear commercially feasible until 1967, when A. J. Viterbi, a professor of
engineering at the University of California at Los Angeles, introduced an
algorithm that helped digital signal processors match voice patterns to data
stored in a computer's memory.

In the 1970's, speech recognition appeared in systems built for the phone
company and the Defense Department, but it was not until the 1980's that
voice-controlled devices began to enter the home, at first in the form of toys.
For example, the Julie doll, released in 1987 by Worlds of Wonder, turned her
head when her name was spoken. 

Other voice-activated appliances were sold in the 1980's and 90's, but until
recently the digital signal processors remained expensive, about $20 a unit.
Today a general-purpose chip like the RSC-364 from Sensory costs as little as
$1. The prices have fallen so far so fast that some manufacturers can't resist
adding voice activation as a gee-whiz component. 

I sampled six such devices, all recently released. VOS Systems offers a
voice-operated dimmer switch for lamps for $35 and a voice-activated module for
appliances for $30 that can be used with any AC device. KashNGold's InVoca line
includes a voice-activated clock radio for $100 and a television remote control
for $100. Then there is the Gigaset 4215 voice-controlled wireless phone from
Siemens ($180) and a $239 voice- controlled MP3 player, the MXP 100 Sport from
e.Digital. 

I tried the VOS appliance module first. After glancing at the manual, I plugged
a lamp into the device and the module into a wall outlet. My wife came into the
room just as I said, "Lights." The lamp turned on! Buoyed by that success, I
hooked up the television remote and the lamp dimmer switch in the living room
and the clock radio in the bedroom. The appliance module was dispatched to a
boombox in the kitchen.

As it turns out, these devices have to be taught to respond to commands, and
the procedure is slightly different for each appliance. That typically involves
saying a keyword three or four times until the device is satisfied that it can
pick it out in a noisy room. For example, training the television remote
required punching in each channel number, then repeating the keyword I chose
for that channel. I also programmed macros, or single commands that trigger a
sequence of responses. For example, the phrase "Play tape" turned on the
television, tuned in Channel 3, turned on the VCR and pressed the Play button. 

The training process can be pretty humbling. First of all, you are talking to a
household appliance. Second, you are saying the same words over and over,
hoping to get your point across. It's embarrassing when you say something
important and somebody doesn't understand. It's even more embarrassing when
that somebody is your toaster.

I am not the first person to be taken aback by the training required for some
voice-controlled devices. "That's where a lot of people get into trouble," said
John Lockyer, a senior technical adviser at Smarthome, a home-automation and
smart-appliance retailer based in Irvine, Calif. "They expect it to be like
`Star Trek,' where voice recognition recognizes all voices, all languages, and
it knows what you want it to do. But there can be a great deal of setup time."

Even worse, some of the devices talk back. A synthesized female voice in the
television remote kept criticizing my delivery. I would utter a command like
"TV power," and she would reply, "Too soft." 

After completing the training with all of the devices, which took about three
hours, we had a peaceable kingdom. I would say, "Radio on," and the clock radio
would turn on. When I said "Sports," it would tune in a sports talk station I
had programmed. "TV power" turned on the television, and when I said
"Discovery" the cable box clicked over to the Discovery Channel.

Then the poltergeist struck. It started with the living room lamp, which would
turn on and off seemingly at will. The clock radio soon started doing the same
thing: we would come home to an empty house and find that the radio had turned
itself on and tuned in to an oldies station.

Then the sassy television remote started making programming decisions.
Something about the voice of Bernie Mac, star of the Fox sitcom of the same
name, kept making the remote switch channels. Once a movie commercial set off
the remote signal to turn up the volume. That triggered the remote again. The
set grew even louder. I managed to jump on the remote and turn it off before
the speakers exploded.

Right around that time, my wife went to visit her sister 3,000 miles away.

To find out how to control my appliances a little better, I called Mr. Mozer at
Sensory. The solution turned out to be voice spotting, a feature that Sensory
includes on its chips that involves using a keyword to get a particular
device's attention before uttering a command. 

"We had one customer who did a voice-activated fireplace," he said. "You don't
want your fireplace to accidentally go on, so there we used a gateway word. You
had to say `Superfireplace' or something like that first and then `Turn on.' "

Peace was restored in our house after I retrained the appliances by using voice
spotting. Instead of just saying "Sports" to my radio, I would first say,
"Radio." Pause. An L.E.D. on the radio turned from orange to green, showing
that it was ready to accept my command "Get sports." The radio might mistakenly
hear its keyword, but it would rarely follow that up by also mistakenly hearing
a command.

After that problem was fixed, I started to appreciate the convenience of using
voice interfaces. It's a lot easier to say "TV . . . HBO" than to remember and
punch in a two- or three-digit channel number for every channel. It's also nice
to be able to control the television while eating. 

Similarly, the Siemens Gigaset 4215 cordless telephone lets me call people
simply by pressing a button and saying a name into the mouthpiece. This is
helpful for people like me who can never remember phone numbers. The Gigaset
4215 can dial only 20 people by voice command, though; if another person in the
house trains the phone to his or her voice, the two of you get only 10 numbers
each. 

Voice dialing is being built into cellphones, too. Voice Signal Technologies,
for example, makes software for cellphone manufacturers that converts text
information into phonetic information without any user training. It can
recognize thousands of names in contact lists downloaded from your PC to your
cellphone, allowing you to dial by saying by saying "Pete Jenkins's home" or
"Maria Gonzales's cellphone."

The benefits of voice activation are most pronounced in devices that usually
require a lot of button-pushing. For example, E.digital's MXP 100 MP3 player
lets you play a song by simply uttering the title and then saying "Play." It
does this without any training by matching what you say to titles on its song
lists. I kept on trying to trip it up with song titles like "Mandolin Wind,"
but it almost always found the correct song.

People in the industry anticipate some problems as more voice-controlled
devices hit the market. The most obvious one is that such devices require their
human masters to remember dozens of commands for each device. 

"There aren't standards there in terms of the actual language that you're using
to control these devices," said Dr. Judith A. Markowitz, a speech-processing
industry analyst in Chicago. "You make up a command, and at the moment it is
the most logical command for that action. A day later you have no idea what
that command is."

Mr. Mozer said that a solution might be to have one device control all the
others. 

"Rather than having to learn a new interface and read a new manual every time
you buy a consumer electronic product, you can use this device as your
interface," he said. "So you tell it to set the microwave to high. You tell it
to record `Gilligan's Island' on TV. And it has the intelligence to come back
and say, `Hey, do you want "Gilligan's Island" with this episode or this other
episode because they're both playing today.' "

That technology may be closer than people think. Home automation products like
the HAL2000 voice control system from Home Automated Living use a Windows-based
PC and a home networking system to control appliances. HAL2000 recognizes the
owner's voice commands and even uses the PC's modem to accept voice commands
over the phone.

So not only will appliances listen to everything you say, they will even take
your phone calls.
***********************
Newsbytes
Hackers Deface Thousands Of Domains Parked At Verisign

A security breach Tuesday involving Verisign's Network Solutions unit disrupted
potentially thousands of domain customers, company officials confirmed today. 
Attackers compromised a system that hosted thousands of "parked" domains that
had been registered through Network Solutions and were still under
construction, according to a Verisign representative. 

Web surfers who typed in the address of any of the affected domains were sent
to a black page which featured an image of a mutilated rag doll and the words,
"Did Web Pirates domain your domain?" 

According to its Web server banner, the system was running Microsoft's Internet
Information Server (IIS) on Windows 2000. The server was operated by
Atlanta-based hosting firm Interland under an outsourcing agreement, according
to Verisign spokesperson Pat Burns. 

"At no time were there any issues with Verisign's domain name service," said
Burns. 

Interland officials said the problem was identified and corrected later
Tuesday, and the company is working with law enforcement to investigate the
incident. 

In an online interview Tuesday, a member of Web Pirates, a Brazilian Web
defacement group, said he only learned of the hacking incident after receiving
numerous angry e-mails from victims. 

According to the member, who uses the nickname Splash and whose ICQ profile
said he is 16, he was not aware that anyone from the group had defaced the
Interland server. 

The security incident came at a bad time for the organizers of an upcoming
conference for senior executives in Texas' technology industry, who planned to
launch their homepage at Texastechnologyconference.org Tuesday. 

"This is somewhat catastrophic to us, to tell you the truth," said conference
director Lisa Cohen, who noted that the summit is scheduled to begin April 4
and depends heavily on the Web site for publicity. 

Some Verisign customers who were affected by the hacking were surprised to
learn that the domain registration firm had outsourced the hosting of their
domains. 

"I wouldn't expect a company like Verisign to farm out domain parking. I would
think they would want to own that responsibility," said Matthew Caldwell, chief
security officer for GuardedNet, which owned an undeveloped domain affected by
the breach. 

Rick Forno, chief security advisor for Shadowlogic and the former head of
security for Network Solutions, said Verisign has begun relying on numerous
partners for services it bundles with domain sales. 

While Verisign has the ultimate responsibility to its domain customers, the
blame for the security breach falls squarely on Interland, he said. 

"Verisign may want to re-evaluate the clause in their contract that talks about
security  if there even is such a clause," said Forno. 

According to its Web site, Verisign's Network Solutions unit is the world
leader in domain name registration and related identity services. The company
said it has more than 6.2 million customers with over 13.6 million active
domains under its management. 
*****************
News Factor
'Social Engineering' Spreads New Plague of Web Chat Viruses

CERT said the reports it has received indicate intruders are using automated
tools to post messages to IRC or IM service users. 

The enticements of pornography, free software and security -- otherwise known
as "social engineering" -- that have been common among e-mail-borne computer
viruses now have spread to instant messaging (IM) and Internet Relay Chat
(IRC), according to CERT, a federally funded security center based at the
Software Engineering Institute of Carnegie Mellon University. 

CERT said it has received reports that "tens of thousands of systems have
recently been compromised" using "social engineering attacks" via IRC or
instant messaging. 

The attacks attempt to trick Internet chat users into downloading what purports
to be antivirus protection, improved music downloads or pornography but is
actually malicious code, the center reported. 

While use of social engineering among virus writers and hackers is nothing new,
the IRC and IM tricks have allowed thousands of computers to be taken over and
used in distributed denial-of-service (DDoS) attacks or infected with Trojan
horse or backdoor programs, according to CERT. 

"Although this activity is not novel, the technique is still effective, as
evidenced by reports of tens of thousands of systems being compromised in this
manner," CERT said in an incident note. 

CERT noted that the reports it has received indicate intruders are using
automated tools to post messages to IRC or IM users. The messages reportedly
offer the opportunity to download software but result in systems being
"co-opted by the attacker" for use in DDoS attacks or to spread malicious code.


"It's significant for a couple of reasons," CERT Internet security analyst
Allen Householder told NewsFactor. "First because of the sheer numbers -- we've
had tens of thousands of reports. 

"It's also an audience that doesn't tend to get our message," Householder
added. "This is a home user thing." 

Malicious Mainstay 

Senior director of Symantec Security Response Sharon Ruckman told NewsFactor
that both virus writers and hackers have long used social engineering to dupe
users. 

"What we've seen is that over the years, social engineering is one of the main
ways to spread any malicious activity," she said. "That's always been a method
hackers use to come in. On the virus side, it's about spreading." 

Ruckman said the best defense against falling victim to social engineering is
the transfer of "best practices" to all platforms with which users communicate,
including IRC and instant messaging. She warned users to "always be concerned
which people are giving you information." 

Social Engineering Setup 

McAfee research fellow Jimmy Kuo told NewsFactor that another trend in social
engineering with IRC networks involves picking out individuals, spamming them
with unsolicited messages, then offering a bogus spam solution that is actually
malicious code. 

Kuo said many IRC services increasingly are coming under attack as hackers try
to build "IRC bot nets," or networks of compromised systems, which are used by
hacker groups to attack one another. 

Be Suspect of Security 

While social engineering ploys have employed a number of ways of enticing users
-- pornography, personal greetings and playfulness - bogus security warnings
and advice are becoming increasingly prevalent. 

CERT said one example of recent social engineering attacks is this message:
"You are infected with a virus that lets hackers get into your machine and read
ur files, etc. I suggest you download (malicious URL) and clean ur infected
machine. Otherwise, you will be banned from (IRC network name)." 

CERT said other topics used recently to trick users include music downloads,
antivirus protection and pornography. Symantec's Ruckman noted that use of
links and files that look like legitimate URLs is also on the rise. 

New Tricks and Channels 

Ruckman added that as antivirus programs and other security measures have
improved, people spreading malicious code have had to become more creative in
their trickery or move beyond e-mail to other channels. 

He called the recent spate of social engineering attacks on IRC and IM services
an example of both possibilities. 

"It's the same idea with a slightly different spin on it on a new channel,"
Ruckman said. "We have seen more viruses trying to spread over IRC -- that's
been a trend in the last six months."  

*****************
Reuters Internet Reports
UK Publisher Plans Giant Research Web Site 

LONDON (Reuters) - Plans to create one of the biggest reference libraries on
the Internet were unveiled in Britain on Wednesday. 

  
Reference work publisher Oxford University Press hopes to publish 1.5 million
entries on 20 subjects on a subscription Web site by 2010. 

"For us to have a future as an information provider we have to be doing it on
the internet," David Swarbrick, the project director, told Reuters. 

The OUP says the Web site, http:/www.oxfordreference.com, will dwarf existing
general knowledge sources in print and could be the biggest on the Worldwide
Web.