International Telecommunication Union   ITU
Site Map Contact us Print Version
 Tuesday, 11 December 2007

PC Tools recently discovered a social-engineering attack that uses trickery rather than a software flaw to access victim's valuable information. It is a new program that can mimic online flirtation and then extract personal information from its unsuspecting conversation partners. The program is believed to be making the rounds in Russian chat forums such as CyberLover. According to PC Tools, the "bot" cannot be easily distinguished from a real potential suitor, and the software can work quickly establishing up to 10 relationships in 30 minutes. It then compiles a report on every person it meets complete with name, contact information, and photos, which then may be made available for fraudulent activities. "Although the program is currently targeting Russian Web sites, PC Tools is urging people in chat rooms and social networks elsewhere to be on the alert for such attacks. Their recommendations amount to just good sense in general, such as avoiding giving out personal information and using an alias when chatting online."

Read the full article here.

Tuesday, 11 December 2007 10:00:31 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 03 December 2007

Kelly Jackson Higgins, Senior Editor of Dark Reading wrote on how cyberwarfare has evolved into a growing underground market. According to experts, international cyber-spying is considered as the biggest threat for 2008 with the malware economy mimicking legitimate software markets. Malware suppliers are reportedly offering tools that make it easy for criminals with little technical know-how to commit their crimes, and many now advertise their 'products,' and offer support services as a value-add. These, as well as cyber-spying trends, are among the many findings of McAfee's annual Virtual Criminology Report released on 29 November 2007. The report was based on input from more than a dozen security experts from NATO, the FBI, SOCA, The London School of Economics, and the International Institute for Counter-Terrorism.

"What struck me through most of this report is the threat is more evolutionary than revolutionary -- things we've talked about as potentially developing are now status quo," says David Marcus, senior research and communications manager for McAfee. "That's the disturbing part. Cyberwarfare, or state-sponsored malware, is business as usual." According to the report, what further concerns governments is that this malware, as well as the burgeoning market for zero-day exploits, sold in the black market can also be used for targeting government, banks or other sensitive infrastructures, such as the power grid.

Read the full article here.

Monday, 03 December 2007 11:25:11 (W. Europe Standard Time, UTC+01:00)  #     | 

The CSI Survey 2007, the 12th of its kind, by the Computer Security Institute, aims to raise the level of security awareness, as well as help determine the scope of computer crime in the United States. The survey strongly suggests in this year’s results that mounting threats are beginning to materialize as mounting losses. The survey results are based on the responses of 494 computer security practitioners in U.S. corporations, government agencies, financial institutions, medical institutions and universities.

Among the key findings from this year’s survey are:

  • The average annual loss reported in this year’s survey shot up to $350,424 from $168,000 the previous year. Not since the 2004 report have average losses been this high.
  • Almost one-fifth (18 percent) of those respondents who suffered one or more kinds of security incident further said they’d suffered a “targeted attack,” defined as a malware attack aimed exclusively at their organization or at organizations within a small subset of the general population.
  • Financial fraud overtook virus attacks as the source of the greatest financial losses. Virus losses, which had been the leading cause of loss for seven straight years, fell to second place. If separate categories concerned with the loss of customer and proprietary data are lumped together, however, then that combined category would be the second-worst cause of financial loss. Another significant cause of loss was system penetration by outsiders.
  • Insider abuse of network access or e-mail (such as trafficking in pornography or pirated software) edged out virus incidents as the most prevalent security problem, with 59 and 52 percent of respondents reporting each respectively.
  • When asked generally whether they’d suffered a security incident, 46 percent of respondents said yes, down from 53 percent last year and 56 percent the year before.
  • The percentage of organizations reporting computer intrusions to law enforcement continued upward after reversing a multi-year decline over the past two years, standing now at 29 percent as compared to 25 percent in last year’s report.

For the complete detailed survey results, click here.

Monday, 03 December 2007 10:28:54 (W. Europe Standard Time, UTC+01:00)  #     | 

A Taxonomy of Privacy by Daniel J. Solove, an associate professor at the George Washington University Law School, won the Privacy Enhancing Technologies award 2006. This paper attempts to identify privacy problems in a comprehensive and concrete manner, and it aims to guide the law toward a more coherent understanding of privacy and to serve as a framework for the future development of the field of privacy law.

“Privacy is a concept in disarray,” Solove says. “Abstract incantations of ‘privacy’ are not nuanced enough to capture the problems involved. The law has often failed to adequately protect privacy, and privacy problems are frequently misconstrued or inconsistently recognised. Without an understanding of what the privacy problems are, how can privacy be addressed in a meaningful way?”

His taxonomy defines threats to privacy from the perspective of the individual, in four categories of potentially harmful activities — information collection, information processing, information dissemination and invasion. With the help of this more comprehensive taxonomy, Solove hopes that privacy considerations can be better recognised and balanced against opposing interests.

Read the full paper here.

Monday, 03 December 2007 10:02:12 (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, 29 November 2007

The United Nations Children’s Fund (UNICEF) reported on 26 November about the launch of 20 broadband-enabled teacher resource centres in the Maldives to help the Ministry of Education to provide quality education to every child of a population spread across 1,000 small islands.

Using information and communication technologies (ICTs) enables administrators and teachers to be part of one learning community across the country. Teachers can simultaneously receive online training, access and exchange information through the common network. Moreover, the internet and state-of-the-art technologies are aimed to enhance interactive education and to increase motivation of both students and teachers, as UNICEF noted.

Thursday, 29 November 2007 12:16:27 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 28 November 2007

ITU, in collaboration with the Ministry of Communications and Information Technology of the Republic of Indonesia, is hosting a workshop on 28-30 November 2007 entitled ITU Regional Workshop on ICT Applications for Rural Communication Development. The workshop is held in Bali, Indonesia.

The description of the event, draft agenda, invitation letter, and practical information for meeting participants are available on the event website.

Wednesday, 28 November 2007 13:52:34 (W. Europe Standard Time, UTC+01:00)  #     | 

Information and communications technologies (ICTs) are contributing to climate change, but can also provide problem-tackling tools, as the United Nations News Centre reported from a conference on the impact of ICTs on climate change organized by the UN Global Alliance for ICT and Development and AIT Global Inc., a global association of management and information technology professionals,on 27-28 November.

Experts and industry leaders highlighted that servers, personal computers and monitors account for more that 60 per cent of global ICT-related carbon emissions, and that product design, manufacturing and internal operations would be essential to minimizing emissions. Even though the paperless office environment has not yet been achieved, industry could develop energy-efficient appliances that shut down automatically when not being used. ICT could also improve the energy efficiency of all economic sectors, for example diagnosing the carbon emissions of products or processes and suggesting their redesign.

To read the full article, click here.

Wednesday, 28 November 2007 10:55:57 (W. Europe Standard Time, UTC+01:00)  #     | 

ENISA recently launched its latest Position Paper, "Botnets - The Silent Threat", a 12-page paper identifying roles and structures of criminal organizations for creating and controlling botnets, and trends in this type of cyber crime as well as online tools to identify and counter malicious code. ENISA points out that browser exploits account for more than 60% of all infections, email attachments for 13%, operating system exploits for 11%, and downloaded Internet files for 9%. It also emphasizes that the main problem is uninformed users. ENISA, thus, calls for "a more coordinated, cross country cooperation among multi-national law enforcement agencies, Internet Service Providers (ISPs) and software vendors" to combat botnets, and further adds that education of the everyday user is a key measure.

For further information, read ENISA's press release or access the full ENISA Position Paper.

Wednesday, 28 November 2007 10:00:12 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 27 November 2007

USA Today reports on the current spam statistics, and reiterates how spam continues to exponentially increase despite anti-spam softwares, filters and legislations. According to market researcher IDC, "the total number of spam e-mail messages sent worldwide, 10.8 trillion, will surpass the number of person-to-person e-mails sent, 10.5 trillion." Spam sent is also said to have reached 60 billion to 150 billion messages a day. As for phishing, the Anti-Phishing Working Group said new phishing sites soared to 30,999 as of July 2007, from 14,191 in July 2006. MessageLabs adds that one in 87 e-mails is tagged as phishing scams now, compared with one in 500 a year ago.

The fight against spam has nonetheless expanded and grown too. Built-in spam defenses of Google's Gmail, social-networking sites such as Facebook and MySpace which enable users to control who has access to their personal profile, to exchange e-mail with friends, family and business associates, and phishing filters provided by Microsoft on its Internet Explorer browser are some of the common filters made available to users. In the same effort to stop spam, Yahoo, eBay and PayPal recently announced their use of DomainKeys, an e-mail-authentication technology. Other anti-spam technologies include CertifiedEmail from Goodmail Systems, a new breed of e-mail services, and Boxbe. "The multilayered-defense approach has worked to stop such scourges as image spam, which varied the content of individual messages — through colors, backgrounds, picture sizes or font types — to slip through spam filters. Image spam made up half of all spam in January. Since software makers came up with a solution, image spam has dropped to 8% of all spam, Symantec says."

Read the full article here.

Tuesday, 27 November 2007 14:23:14 (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, 23 November 2007

A new research paper on the Russian Business Network (RBN), Russian Business Network - Additional Analysis, by David Bizeul has recently been published online. Bizeul spent the past three months researching the RBN, a virtual safe house for Russian criminals responsible for malicious code attacks, phishing attacks, child pornography and other illicit operations.

To read the paper, visit
This paper is also available at the SANS Internet Storm Center website.

Friday, 23 November 2007 09:52:59 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 19 November 2007

A presentation on Infrastructure and Applications for Large-Scale DNS Data Collection by Keith Mitchell, OARC Programme Manager, Internet Systems Consortium, AusCERT given on 21 May 2007 is now available online. This presentation provides an introduction to Internet Domain Name System (DNS), background information on OARC, and a wealth of domain statistics from OARC. The "Day in the Life of the Internet" (DITL) research project which aims to improve "network science" by building up baseline of regular Internet measurement data over 48-hour periods was also discussed as well as a case study on the Root Server DDoS Attack on 6 February 2007. For more information, visit the OARC website.

Monday, 19 November 2007 09:34:22 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 14 November 2007

The Background Information on ITU Botnet Mitigation Toolkit is now available online and may be accessed on the ITU ICT Applications and Cybersecurity (CYB) Division's Botnet page. A Powerpoint presentation of the Project Overview is also available. For more relevant information, visit the CYB website.

Wednesday, 14 November 2007 16:17:51 (W. Europe Standard Time, UTC+01:00)  #     | 

The UN International Strategy for Disaster Reduction (ISDR) on 15 November 2007 is launching, a new website for increasing knowledge-sharing on natural disaster risk reduction issues. The website will feature news reports, publications, fact sheets, examples of best practices and country reports targeted to both the general public and specialists. Users can also search for information related to disaster risk reduction such as early warning, climate change, health, education, etc.

For more information, please click here.

Wednesday, 14 November 2007 14:53:11 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 13 November 2007

The U.S. Center for Information Technology Leadership (CITL) conducted a study on The Value of Provider-to-Provider Telehealth Technologies. Assuming some specific healthcare settings such as emergency departments, correctional institutions, nursing homes and physician offices the cost-benefit analysis focused on three technology systems, i.e. store-and-forward, real-time video, and a hybrid model combining the first two.

The CITL study found that benefits outweighed costs for all three systems, but the research organization recommends the hybrid model as the most cost-effective one for the U.S. The report is available at

Tuesday, 13 November 2007 17:04:34 (W. Europe Standard Time, UTC+01:00)  #     | 

John Kenneth Schiefer, a 26-year-old computer security consultant from Los Angeles has admitted to hacking into computers entrusted to him to create a botnet of as many as 250,000 PCs, which he used to steal money from and identities of unsuspecting consumers and corporations. "Schiefer agreed to plead guilty to four felony charges in connection with the case and faces up to 60 years in prison and a $1.75-million fine, according to court documents filed Friday in federal court in Los Angeles." According to Assistant U.S. Atty. Mark Krause in Los Angeles, Schiefer is the first person to be accused under federal wiretapping law of operating a botnet.

Schiefer stole user names and passwords for EBay Inc.'s PayPal online payment service to make unauthorized purchases and passed the stolen account information on to others. According to the plea agreement, a conspirator named "Adam" who is allegedly a minor was involved in Scheifer's scam. Scheifer and his accomplices were reported to have used illicit software which they planted on people's PCs to spirit account information from a storage area in Windows-based computers. A Dutch Internet advertising company also hired his services to install its programs on people's computers when they consented, but he installed it on more than 150,000 PCs without permission, earning more than $19,000 in commissions.

The federal investigation began in 2005, and the indictment includes "four counts of accessing protected computers to commit fraud, disclosing illegally intercepted electronic communications, wire fraud and bank fraud." Schiefer's initial appearance in Los Angeles will on Nov. 28 and his arraignment on Dec. 3. There is a similar case in May 2006 involving a Downey man, Jeanson James Ancheta who was sentenced to almost five years in federal prison after pleading guilty to four felony charges for using botnets to spread spyware and send spam.

To read the full article, visit the Los Angeles Times.
Related article also availabe here.

Tuesday, 13 November 2007 14:22:48 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 12 November 2007

Microsoft releases the Asia Pacific Legislative Analysis: Current and Pending Online Safety and Cybercrime Laws, a study providing a high-level snapshot of the status of computer security, privacy, spam and online child safety legislation in the Asia Pacific region. Detailed analyses of these laws specific to Australia, China, Hong Kong, India, Indonesia, Japan, Malaysia, New Zealand, The Philippines, Singapore, South Korea, Taiwan, Thailand and Vietnam are also provided in this paper. For more information regarding this document, contact Julie Inman Grant, Regional Director, Corporate Affairs of Internet Safety and Security at Microsoft Asia Pacific. More Cybersecurity Legislation and Enforcement related resources are available at the CYB website.

Monday, 12 November 2007 09:57:14 (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, 09 November 2007

The International Telecommunication Union (ITU) organizes the first conference in the ITU Arab region on "Sharing experience on best practices in ICT services for persons with disabilities", in cooperation with the Regional Office for the Eastern Mediterranean of the World Health Organization (WHO/EMRO). The conference will take place in Cairo (Egypt) on 13 - 15 November 2007 under the auspices of the Ministry of ICT of the Government of Egypt and H. E. the Minister Dr. Tarek Kamel.

The conference is open to administrations, policy makers, regulators, and all industries involved in the development of dedicated information and communication technologies (ICTs) for persons with disabilities in addition to physicians and doctors from the public health sector. The main objective of the conference is to raise awareness on the importance of accessibility to all, including persons with disabilities, to ICTs.

For more information, please click here.

Friday, 09 November 2007 10:18:41 (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, 08 November 2007 reports on Bush's announcement of a plan to prevent cyberspace attacks on U.S. interests. A $154 million budget was requested as preliminary funding for the initiative, which current and former government officials say is expected to become a seven-year, multibillion-dollar program to track threats in cyberspace on both government and private networks. Lawmakers who recently received briefings on the initiative, however, continue to have many questions, and some remain concerned about the legality of the program and whether it provides sufficient privacy protections. According to a former government official familiar with the proposal, the total start-up costs of the program are about $400 million. "The proposal 'will enhance the security of the Government's civilian cyber networks and will further address emerging threats,' Bush wrote to Congress as part of his request for additional money for cyber security and other counterterrorism measures. The initiative would first develop a comprehensive cyber security program for the government and then do the same for private networks, the former government official said."

Read the full article here.

Thursday, 08 November 2007 11:29:37 (W. Europe Standard Time, UTC+01:00)  #     | 

Email Submission Operations: Access and Accountability Requirements by Carl Hutzler, Dave Crocker, Pete Resnick, Eric Allman, and Tony Finch has recently been released as Best Current Practice (BCP) 134. This document provides recommendations for constructive operational policies between independent operators of email submission and transmission services to mitigate the propagation of spam and worms. Its goal is to improve lines of accountability for controlling abusive uses of the Internet mail service. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. For more information, click here.

Thursday, 08 November 2007 09:41:50 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 06 November 2007

According to the Government Accountability Office (GAO), the government's infrastructure sectors' plans lack protection against cyberattacks and disaster, pointing out that none of the sectors included all 30 cybersecurity criteria, such as key vulnerabilities and measures to reduce them. Among the 17 sectors of the government, information technology and communications had the strongest cybersecurity plans, and the agriculture, food and commercial sectors were the least comprehensive, according to David Powner, director of GAO's information technology management issues.

The Homeland Security Department provided a national plan last year for the sectors as a guide for their individual plans. Greg Garcia, DHS’ assistant secretary for cybersecurity and communications, said that DHS acknowledged the shortcomings based on GAO's findings, but he explained that these sector plans, released in May, represent only early efforts. Garcia further added that "sectors are not meant to be uniformly comprehensive in their cybersecurity efforts, and they must balance cybersecurity risk against other risk management efforts and unique aspects of their infrastructure 'based on its dependence on cyber elements.'" GAO recommended that DHS fully address the cybersecurity criteria by September 2008.

Read full article here.

Tuesday, 06 November 2007 16:32:43 (W. Europe Standard Time, UTC+01:00)  #     | 

Roger A. Grimes of InfoWorld interviewed Paul Laudanski, founder and leader of CastleCops which is a volunteer organization dedicated to fighting malware, spam, and phishing. Paul talked about the effects of DDoS and provided pointers on how to mitigate and ride the attack. He said that the primary thing to be decided in cases of attacks is whether the company wants to stay in business during the attack or not. If so, all the attack traffic need to be absorbed along with the legitimate traffic, meaning the broadband connection, routers, firewall, Web servers, and back-end databases have to be able to deal with the attack. He also suggested knowing ahead of time how the company's ISP handle DDoS events. They further discussed how to possibly pursue criminal charges after the attacks. "To be honest, being able to locate and prosecute the DDoS attacker is a long shot. The lack of cohesive communications between all the parties that need to be involved in an investigation, the legal implications of the global nature of the assault, and the growing sophistication of bot nets all fight against a successful prosecution. But as Paul and CastleCops can tell you, it can be done."

Read the full article on InfoWorld.

Tuesday, 06 November 2007 10:17:27 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 05 November 2007

"Buses equipped with wi-fi are being used to deliver web content to remote rural villages in the developing world. In rural India and parts of Rwanda, Cambodia and Paraguay, the vehicles offer web content to computers with no internet connection." United Villages is an initiative that provides communties in Asia, Africa, and Latin America with a digital access to locally-relevant products and services using a low-cost, store-and-forward "drive-by WiFi" technology. Mobile Access Points (MAPs) are installed on existing vehicles (e.g. buses and motorcycles) and automatically provide access for WiFi-enabled Kiosks along the roads. Whenever a MAP is within range of a real-time wireless Internet connection, it transfers the data from and for those Kiosks. The United Villages project also allows users to request specific information or content for a few additional rupees. The wi-fi vehicles also deliver as well as collect e-mails, and brings e-Commerce to the villagers.

Read the full article on BBC News.
More on United Villages on their website.

Monday, 05 November 2007 16:33:37 (W. Europe Standard Time, UTC+01:00)  #     | 

The article, Myth of privacy busted; Web advertisers scan e-mails, by Louise Story published on the International Herald Tribune, reports on the issue of online advertisers probing on privacy for marketing puposes. "At a meeting of the U.S. Federal Trade Commission about online privacy Thursday, the regulator's commissioner, Jon Leibowitz, said the agency would be exerting a tighter grip over online advertising. Leibowitz said that rules about the privacy policies of sites may need to be established... But some people from the online industry said the FTC should stay out." According to Randall Rothenberg, president and chief executive of the Interactive Advertising Bureau, if the FTC regulates online advertising, this could limit recent ''extraordinary pattern of innovation.''

After eight years since the FTC's public workshop on the use of consumer data in online ads, a lot of the hypothetical scenarios described back then are now a widespread reality. However, many executives in the advertising industry do not see anything wrong with online targeting, arguing that the practice benefits consumers, who see more relevant ads. They add further that for consumers, providing some innocuous personal data is a small trade-off for free access to the rich content of the Internet, much of which is ad-supported. A growing concern, even among online companies, about what information is being used to deliver ads to people is quite evident however.

''The market is getting edgier and edgier, and what is accepted in the marketplace gets dodgier and dodgier,'' said Martin Abrams, the executive director of the Center for Information Policy Leadership. ''We have really moved to a world where we say consumers need to police the market, and, increasingly, it is a harder world to police.''

Read the full article here.

Monday, 05 November 2007 12:37:03 (W. Europe Standard Time, UTC+01:00)  #     | 

After the infamous Estonian cyberattack early this year, CyTRAP Labs proposes the 7 lessons learnt from the attacks, and points out how Estonia responded accordingly to these issues. Among the lessons and issues pointed out were:

  1. Critical incidence response matters, which suggests the need to have a systematic and clearly understood procedure in place that allows a quick identification of what a critical incident response is and what kind of responses must be invoked rapidly (i.e. automatisms) to have a chance to defend against an emerging threat. Estonian responders first focused on the targets rather than sources. Filtering technology was used to throttle back on traffic aimed at target systems, which, at its peak, reached between 100 to 1,000 times the normal amount of traffic.
  2. The need for the team to make critical decisions fast. In Estonia, it was decided to protect certain systems. Once those were identified, all connections to those systems from outside the country were blocked. In addition, efforts were undertaken to lure away attackers from critical systems those that were less critical ones.
  3. Critical infrastructure can mean something different. For Estonia, where much business is being done on the net, critical infrastructure meant financial and communication services by private business were under attack and these are critical to the country’s well-functioning economy. Soon after 27 April 2007, people were unable to buy such essentials as gas and groceries using their payment cards.This is in contrast to what we usually accept as being critical infrastructure, namely electricity and transportation networks.
  4. No new attack techniques emerged. The level of traffic was not surprising and the mitigation tactics used were tried and true. But what will happen if the attackers are using fast-flux networks or DNS amplification attacks?
  5. Coordination is vital. All the above can be further complicated if the defense has to be coordinated in real time with several hundred or thousands of ISPs. As Estonia’s experience illustrates, coordination and cooperation with a centralized incident response is critical to achieve success. This was the case with CERT-EE working closely with private ISPs and banks, etc. Unfortunately, in many countries such centralized approach will be difficult to achieve unless the right things are put in place now.
  6. Trusted social networks as the key to coordinate a successful response. Even CERT-EE needed help and support from others, and social networks came in handy. How else can one convince an ISP in another country to take off a server that is part of a fast-flux network? Developing trust takes time and effort while both parties have to give. A certain degree of sharing or disclosure may result in further growth of trust needed to defend better next time.
  7. Post mortem analysis - learning to improve. Without analyzing past events learning cannot occur. The challenge with the Estonian example is that other countries must learn from the Estonian experience. This type of international collaboration must be improved beyond government CERTs. Hence, without getting the major ISPs and financial institutions involved in other countries, post mortem analysis might not help us much in preparing for the next attack of this kind or worse.

This list was made in reference to the presentation of Hillar Aarelaid, eSStonia - the case of the Estonian DDoS attacks, given at the GovCERT.NL IT Security Symposium, Response & Responsibility, in Noordwijk, Netherlands.

Read the full article here.

Monday, 05 November 2007 11:27:54 (W. Europe Standard Time, UTC+01:00)  #     | 

The House of Lords Science and Technology Committee recently states that the UK government has failed to understand the threat to the continued growth of the internet posed by cybercrime as evident in their response to the committee's report on personal internet security, published on 10 August. The Lords' report had warned of the danger that public confidence in the internet would be lost, due to "perception that the internet is a lawless 'Wild West'." In the government's reply, presented to Parliament on 24 October, the government rejected this as well as the recommendation that there should be a data-breach notification law to provide businesses with incentives to take better care of customer data. According to the government, this kind of law that forced companies to admit when they had been the victims of cybercrime does not prove to be effective, but reassures businesses that they will consider finding "more formal ways" of reporting security breaches to the Information Commissioner's Office (ICO) "when problems arise". The government also rejected calls for software and hardware vendors to be liable for the security of their products, and for banks to guarantee e-fraud refunds.

Read the full article at

Monday, 05 November 2007 10:22:34 (W. Europe Standard Time, UTC+01:00)  #     |