Wiseguys Indicted in $20 Million Online Ticket Ring: Via Threat Level.

A ring of ticket brokers was indicted Monday in connection to an elaborate hacking scheme that used bots and other fraudulent means to purchase more than 1 million tickets for concerts, sporting events and other events.

The defendants made more than $28 million in profits from the re-sale of the tickets between 2002 and 2009.

According to the federal indictment (.pdf) in New Jersey, the defendants set up a nationwide network through which they were able to impersonate thousands of individual ticket buyers, defeating the security and fraud measures that online ticket vendors such as Ticketmaster, Musictoday and Tickets.com put in place to thwart automated ticket buying.

The defendants did business as Wiseguy Tickets and Seats of San Francisco, and used two shell companies called Smaug and Platinum Technologies to purchase IP blocks and rent servers to conduct the attacks. [ Read more ... ]

Italian Court Finds Google Violated Privacy: Via NYT > Privacy.

Google said the case, involving a video of bullying, could undermine freedom of expression on the Internet.

MILAN — Three Google executives were convicted Wednesday of violating Italian privacy laws in a ruling that the company denounced as an “astonishing” attack on freedom of expression on the Internet.

The case involves online videos showing an autistic boy being bullied by classmates in Turin, which were posted in 2006 on Google Video, an online video-sharing service that Google ran before its acquisition of YouTube.

Prosecutors charged that the videos violated Italian personal privacy protections. They said the clips were removed only after complaints from Vivi Down, an Italian organization representing people with Down syndrome, whose name was mentioned in the videos.

“We are definitely satisfied that someone has to take responsibility for this violation of privacy,” said Guido Camera, a lawyer for Vivi Down. [ Read more ... ]

Feds Can Search, Seize P2P Files Without Warrant: Via Threat Level.

The authorities do not need court warrants to view and download files trading on peer-to-peer networks, a federal appeals court says.

Wednesday’s 3-0 ruling by the 9th U.S. Circuit Court of Appeals concerned a Nevada man convicted of possessing child pornography as part of an FBI investigation. Defendant Charles Borowy claimed the Fourth Amendment required court authorization to search and seize his LimeWire files in 2007.

The San Francisco-based appeals court, however, cited the nation’s legal standard, reiterating that warrants are required if a search “violates a reasonable expectation of privacy.” (.pdf)

Borowy, the court noted, “was clearly aware that LimeWire was a file-sharing program that would allow the public at large to access files in his shared folder unless he took steps to avoid it.”

The defendant, however, claimed he had a reasonable expectation of privacy because he thought he had turned off LimeWire’s share feature. [ Read more ... ]

Sweden Probing Cisco, NASA Hacks: Via Threat Level.

Swedish investigators are probing a hacker U.S. authorities accuse of unlawfully intruding into Cisco Systems, NASA’s Ames Research Center and NASA’s Advanced Supercomputing Division, the authorities said Monday.

Philip Gabriel Pettersson, known in the hacking world as “Stakkato,” allegedly seized computer code that controls internet traffic. After the 2004 breach of Cisco, the proprietary source code for Cisco’s IOS operating system was discovered on a Russian website.

Pettersson was indicted in the United States in May on five hacking counts, (.pdf) but could not be brought from Sweden to the United States for trial. Sweden does not extradite its own citizens, but said it was examining whether to prosecute him in Sweden after U.S. authorities in San Francisco initiated that request. [ Read more ... ]

Court Reduces ‘Shocking’ File Sharing Award: Via Threat Level.

A federal judge on Friday reduced a $1.92 million file sharing verdict to $54,000 after concluding the award for infringing 24 songs was “shocking.”

A federal jury in June found Jammie Thomas-Rasset liable in what at the time was the nation’s only Recording Industry Association of America file sharing case against an individual to go to trial. The Minnesota federal jury dinged her $1.92 million for infringing 24 songs. She asked the judge to set aside or reduce that $80,000 per song in damages.

U.S. District Judge Michael Davis agreed on Friday, and said the RIAA may have a retrial if it does not accept his ruling.

“The need for deterrence cannot justify a $2 million verdict for stealing and illegally distributing 24 songs for the sole purpose of obtaining free music,” Davis wrote. “Moreover, although plaintiffs were not required to prove their actual damages, statutory damages must bear some relation to actual damages.” [ Read more ... ]

Albert Gonzalez Enters Plea Agreement in Heartland, Hannaford Cases: Via Threat Level.

Albert Gonzalez, who has admitted hacking into TJX and other companies, has filed a plea agreement in charges that he breached Heartland Payment Systems, Hannaford, 7-Eleven and two other companies.

Under the terms of the agreement, Gonzalez, a former Secret Service informant, will plead guilty to two counts of conspiracy to gain unauthorized access to computers, and to commit wire fraud. Prosecutors have agreed to seek a sentence of no more than 25 years, to run concurrent with his sentence in two other pending cases. Gonzalez had agreed to ask the court for no less than 17 years in prison.

Gonzalez is currently facing a sentence of between 15 and 25 years in two combined cases out of Massachusetts and New York, involving the hacks of TJX and Dave & Buster’s restaurants. The New Jersey agreement would add two years to the minimum time he could seek. [ Read more ... ]

FBI Linguist Guilty of Leaking Classified Documents to Blog: Via Threat Level.

An Israeli-American lawyer who worked as an FBI linguist pleaded guilty Thursday to providing an unidentified blogger with classified documents derived from U.S. communications intelligence.

Shamai Kedem Leibowitz, 39, of Silver Spring, Maryland, pleaded to one felony count of disclosing to an unauthorized party five documents that were classified “secret” that he obtained through his work with the FBI.

Leibowitz leaked the documents to the unnamed blogger in April 2009. The blogger — identified as “Recipient A in court filings — then wrote a post based on the classified documents.

“As a trusted member of the FBI ranks, Leibowitz abused the trust of the FBI and the American public by using his access to classified information for his own purposes,” said FBI Special Agent in Charge Richard A. McFeely in a press release. [ Read more ... ]

Dawn Teo: Top Arizona Republican Accused of Using Voter Database to Stalk Woman: Via Huffington Post.

PHOENIX, AZ -- More misconduct has been alleged against Arizona Republican Party executive director Brett Mecum, who is now the subject of a criminal complaint alleging he used the Republican's voter database to stalk a young female graduate student.

The affidavit, filed last month with the local sheriff's office, alleges that Mecum "is using Voter Vault to stalk." Voter Vault is used by the Republican Party to micro-target the party's message and to canvas specific demographics. The complainant was celebrating her acceptance into an East Coast graduate school on August 29 at her home when Mecum showed up uninvited. She reveals details about Voter Volt in her sworn affidavit: [ Read more ... ]

The extreme secrecy of the federal courts: Via Salon: Glenn Greenwald.

Once conservatives became embarrassed by their cowardly warnings that we would all be killed if we held a 9/11 trial in New York, they switched to a new argument:  trials in a real court would lead to the disclosure of classified information that would help the Terrorists.  In advancing this claim, they relied on the always-unhinged rantings of National Review's Andy McCarthy -- who has also suggested that Bill Ayers was the real author of Barack Obama's "Dreams from my Father"; attacked his own editors for pointing out the falsehoods of Sarah Palin's "death panel" claims, which McCarthy insisted were true; defended the Birther movement and dissented from NR's editorial rejection of it; and was excoriated by Rich Lowry for claiming that Obama "rather likes tyrants and dislikes America."  This person -- someone who is often too fringe, hysterical and delusional even for National Review -- is the "legal expert" on which the Right is relying to claim that real trials will jeopardize classified information. [ Read more ... ]

Setback for malicious prosecution lawsuit against RIAA: Via Law & Disorder Section - Ars Technica.

Although the RIAA has decided to stop initiating new legal actions against music fans as part of its war on piracy, there are still a few cases in which the wheels of justice are rolling ahead slowly. One such case is Andersen v. Atlantic, where exonerated former RIAA defendant Tanya Andersen is suing the record labels for malicious prosecution, negligence, and conspiracy. That lawsuit hit a speed bump when a federal judge dismissed some of the claims in Andersen's lawsuit. [ Read more ... ]

4 Hackers Indicted in $9.5 Million Bank Card Attack: Via Threat Level.

Four men have been indicted in Georgia on charges that they hacked into the Atlanta-based bank card processing company RBS WorldPay. They allegedly used an army of flunkies to steal $9.5 million in cash from ATM machines around the world in a span of hours.

Sergei Tsurikov, 25, of Tallinn, Estonia; Viktor Pleshchuk, 28, of St. Petersburg, Russia; Oleg Covelin, 28, of Chisinau, Moldova; and a fourth person identified only as “Hacker 3″ were indicted by a federal grand jury in what’s being described as “perhaps the most sophisticated and organized computer fraud attack ever conducted.”

The hack involved reverse-engineering PINs for payroll debit card accounts — the holy grail of bank card hacking. Another four people based in Estonia were also indicted on access-device fraud charges in connection with the hack. [ Read more ... ]

Passenger Advocate Sues Delta for Allegedly Hacking Her E-Mail: Via Threat Level.

An airline passenger advocate has accused Delta Airlines of hacking her e-mail accounts and computer in order to sabotage her organization’s lobbying efforts to pass federal legislation to help stranded fliers, according to a lawsuit filed in Texas Tuesday.

Kate Hanni, the executive director and founder of the Coalition for an Airline Passengers’ Bill of Rights , also known as FlyersRights.org, recently learned from America Online that her organization’s AOL e-mail — which included spreadsheets, lists of donors and other data — was being redirected to an unspecified location. [ Read more ... ]

Attorneys Can See Classified Info in Coffee Table Spy Suit: Via Threat Level.

A federal judge in Washington has ordered the government to grant security clearances to lawyers on both sides of a lawsuit claiming illegal spying against a DEA agent, in a ruling that challenges the government’s long-held claim that the executive branch alone has the authority to determine who can access classified material.

The attorneys in the case, which was noted by Secrecy News, need the security clearances to obtain classified knowledge held by their clients so they can adequately argue the lawsuit, the judge said, in an August 26 ruling supported by attorneys on both sides of the lawsuit, but bitterly opposed by the government.

On Thursday, a federal appeals court ordered an emergency stay of the order pending an appeal by the Justice Department. [ Read more ... ]

‘The Analyzer’ Pleads Guilty in $10 Million Bank-Hacking Case: Via Threat Level.

Ehud Tenenbaum, aka “The Analyzer,” quietly pleaded guilty in New York last week to a single count of bank-card fraud for his role in a sophisticated computer-hacking scheme that federal officials say scored $10 million from U.S. banks.

The Israeli hacker was arrested in Canada last year for allegedly stealing about $1.5 million from Canadian banks. But before Canadian authorities could prosecute him, U.S. officials filed an extradition request to bring him to the States.

Prosecutors alleged in an extradition affidavit that Tenenbaum hacked into two U.S. banks, a credit- and debit-card distribution company and a payment processor, in what they called a global “cash-out” conspiracy. But he was only charged with one count of conspiracy to commit access-device fraud and one count of access-device fraud. [ Read more ... ]

Real Black Hats Hack Security Experts on Eve of Conference: Via Threat Level.

LAS VEGAS — Two noted security professionals were targeted this week by hackers who broke into their web pages, stole personal data and posted it online on the eve of the Black Hat security conference.

Security researcher Dan Kaminsky and former hacker Kevin Mitnick were targeted because of their high profiles, and because the intruders consider the two notables to be posers who hype themselves and do little to increase security, according to a note the hackers posted in a file left on Kaminsky’s site.

The files taken from Kaminsky’s server included private e-mails between Kaminisky and other security researchers, highly personal chat logs, and a list of files he has purportedly downloaded that pertain to dating and other topics. [ Read more ... ]

RIAA File Sharing Trial Begins — Update: Via Threat Level.

Trial for the nation’s second file sharing defendant to go before a jury is beginning Monday in Massachusetts. The outcome is already shaping up to resemble the only other file sharing trial, which ended in a judgment in favor of the Recording Industry Association of America.

That’s because hours before opening statements were scheduled for late Monday, a federal judge in the case effectively gutted defendant Joel Tenenbaum’s defense. The 25-year-old Boston University student, represented by Harvard University professor Charles Nesson, claimed he had a fair use right to share copyrighted music on the file sharing network Kazaa.

U.S. District Judge Nancy Gertner, ahead of jury selection, rejected that defense. “It seems clear that some portion of paying consumers would shift to free downloads if this activity were deemed a fair use,” Gertner ruled. [ Read more ... ]

Chinese Spying Claimed in Purchases of NSA Crypto Gear: Via Threat Level.

A Chinese national was indicted this week for conspiring to violate U.S. export law, following a nearly three-year investigation into his alleged efforts to acquire sensitive military and NSA-encryption gear from eBay and other internet sources.

Chi Tong Kuok, of Macau, told Defense Department and Customs investigators that he had been “acting at the direction of officials for the People’s Republic of China,” according to a government affidavit in the case. “Kuok indicated he and PRC officials sought the items to figure out ways to listen to or monitor U.S. government and military communications.” [ Read more ... ]

Pirate Bay Says It Can't Be Sunk, Servers Scattered Worldwide - Via Threat Level:

The world's most notorious BitTorrent tracking site, The Pirate Bay, won't be going to Davy Jones' Locker, even if its four operators are convicted of facilitating copyright infringement, one of the defendants said in an interview Friday with THREAT LEVEL.

Peter Sunde Kolmisoppi, one of the four Swedes charged in Sweden on Thursday, said in a telephone interview that the site has set up a clandestine, double-blind operation with its servers spread throughout the world -- and out of reach of the Swedish authorities. [ Read more ... ]

Pirate Bay Future Uncertain After Operators Busted - Via Threat Level:

The world of illegal downloading suffered a severe blow Thursday when Swedish authorities charged four people for operating the world's most popular BitTorrent site -- The Pirate Bay-- which allows users to retrieve free movies, music and video games, much of which is copyrighted.

Those charged include Hans Fredrik Neij, Per Svartholm Warg, Peter Kolmisoppi and Carl Lundstroem. According to charges lodged in Stockholm, the four are accused of "promoting other people's infringements of copyright laws."

The four face a potential year in jail.

The Bay has been on the authorities' watchlist for years. [ Read more ... ]

Government Busts Identity Theft Ring That Targeted Forbes 400 Richest -- ID Theft:
A 24-year-old Russian and four co-conspirators are accused of stealing $1.5 million by obtaining victims' personal identifying information.

[...]

Government authorities arrested and indicted five members of an alleged identity theft ring that was targeting billionaires from Forbes magazine's ranking of the 400 richest Americans.

Manhattan District Attorney Robert M. Morgenthau announced on Thursday that the defendants -- four of whom were arrested Thursday and are in custody in Michigan, Texas, Florida, and Kentucky -- have been charged with stealing $1.5 million and attempting to steal another $10.7 million from their victims' financial accounts. Another defendant, Igor Klopov, was arrested in May and is in custody in New York. [ Read more ... ]

RIAA backtracks after embarrassing P2P defendant: When the RIAA filed a file-sharing lawsuit against a sergeant in the US Army earlier this year, it included the customary exhibits with screenshots of what it alleges are the defendant's Kazaa library. Along with the 367 sound recordings that Sgt. Nicholas Paternoster is accused of illegally sharing, the exhibit also contained over 4,200 other files--including pornographic images--that had nothing to do with the labels' case. Recognizing its latest gaffe, the RIAA filed a motion asking that the original exhibit be removed from the public record and replaced with a modified exhibit without the superfluous file names. [ Read more ... ]

Innocent RIAA Defendant Fights Back, Wins $70,000 Fee Award: "

After more than three years of litigation, a single mom who was improperly swept up in the RIAA's P2P litigation 'driftnet' has finally been vindicated. An Oklahoma court has ordered the RIAA to pay nearly seventy thousand dollars in fees and costs to defendant Debra Foster. EFF, Public Citizen, the ACLU, and the American Association of Law Libraries filed an amicus brief in the case, supporting Foster's motion for fees.

Soon after the RIAA brought suit against Foster in 2004, it became clear that the the recording industry was pursuing the wrong person. But the RIAA not only refused to dismiss the case, it brought additional, unsupported claims of secondary infringement. Finally, two years after filing suit, the RIAA dropped the claims and attempted to walk away scot-free. [ Read more ... ]

Woman Registers Dog to Vote, Demonstrates Ease of Fraud: "

A woman in Seattle registered her dog to vote, and submitted absentee ballots in three elections on the dog’s behalf, according to an AP story.

The woman, Jane Balogh, said she did this to demonstrate how easy it would be for a noncitizen to vote. She put her phone bill in her dog’s name (’Duncan M. MacDonald’) and then used the phone bill as evidence of residency. She submitted absentee ballots in Duncan’s name three times, each ballot ‘signed’ with a paw print. She says the ballots did not designate any candidates and only had ‘void’ written on them, so the elections were not affected.

Nevertheless, she broke the law and now faces charges. [ Read more ... ]

E-Commerce News: Privacy: Carving Out New Privacy Rights for E-Mailers: "A Circuit Court ruling handed down this week 'marks a major recognition of the status of e-mail communications under the search and seizures requirements of the U.S. Constitution' by placing e-mail on par with wireline communications and postal mail, said Jeffrey D. Neuburger, partner with Thelen Reid Brown Raysman & Steiner.

The three-judge panel of the Sixth Circuit Court has upheld a ruling that grants extensive new privacy protections for e-mail users. It is an ambitious decision -- said to be the first for the Circuit Courts -- and one that is almost surely headed to the Supreme Court for review.

In Warshak v. United States, the federal court upheld the finding that e-mail users are entitled to the same expectation of privacy as persons using the telephone. The decision clarifies a gray area that has been exploited by law enforcement officials in federal -- and some state -- criminal investigations.

The federal law in question is the 1986 Stored Communications Act, which amended the 1960s-era Wiretap Act -- both of which were amended by the Patriot Act in 2001. [ Read more ... ]

Michigan Man Charged for Using Free WiFi: "Nichole writes 'Sam Peterson II was charged with unauthorized use of computer access for using a coffee shop's free WiFi. He is facing a 5 year felony charge and a $10,000 fine but apparently got off lucky and received only a $400 fine and 40 hours of community service because he was a first time offender. [ Read more ... ]