[iwar] news
From: Fred Cohen
To: Information Warfare Mailing List
From: fc@all.net
To: iwar@onelist.com
Fri, 23 Mar 2001 06:20:30 -0800 (PST)
fc Fri Mar 23 06:21:08 2001
Return-Path:
Delivered-To: fc@all.net
Received: from 204.181.12.215
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Fri, 23 Mar 2001 06:21:08 -0800 (PST)
Received: (qmail 9380 invoked by uid 510); 23 Mar 2001 14:21:24 -0000
Received: from ci.egroups.com (64.211.240.235)
by 204.181.12.215 with SMTP; 23 Mar 2001 14:21:24 -0000
X-eGroups-Return: sentto-279987-1053-985357234-fc=all.net@returns.onelist.com
Received: from [10.1.4.53] by ci.egroups.com with NNFMP; 23 Mar 2001 14:20:34 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_0_4); 23 Mar 2001 14:20:33 -0000
Received: (qmail 27515 invoked from network); 23 Mar 2001 14:20:32 -0000
Received: from unknown (10.1.10.26) by l7.egroups.com with QMQP; 23 Mar 2001 14:20:32 -0000
Received: from unknown (HELO all.net) (65.0.156.78) by mta1 with SMTP; 23 Mar 2001 14:20:32 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id GAA16888 for iwar@onelist.com; Fri, 23 Mar 2001 06:20:31 -0800
Message-Id: <200103231420.GAA16888@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen
MIME-Version: 1.0
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe:
Date: Fri, 23 Mar 2001 06:20:30 -0800 (PST)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
CROP DATA FEARED OPEN TO HACKERS
The federal agency that compiles crop forecasts
used by commodity traders suffers from lax
computer security, critics say, and government
experts plan to investigate whether hackers can
obtain vital data before it is released to the
public. The crop estimates prepared by the
National Agricultural Statistics Service are
supposed to be closely guarded secrets until
their release date--otherwise, unscrupulous
traders could use the data to profit at the
expense of other investors. But the statistics
agency ignores basic computer security measures,
according to several employees.
http://www.chicagotribune.com/business/businessnews/article/0,2669,SAV-0103210085,FF.html
http://www.techtv.com/news/politicsandlaw/story/0,23008,3318192,00.html
Microsoft says beware of stolen certificates
Two digital certificates have been mistakenly
issued in Microsoft's name that could be used
by virus writers to fool people into running
harmful programs, the software giant warned
Thursday. According to Microsoft, someone
posing as a Microsoft employee tricked
VeriSign, which hands out so-called digital
signatures, into issuing the two certificates
in the software giant's name on Jan. 30 and
Jan. 31. Such certificates are critical for
businesses and consumers who download patches,
updates and other pieces of software from the
Internet, because they verify that the software
is being supplied from a particular company,
such as Microsoft.
http://www.zdnet.com/zdnn/stories/news/0,4586,5079987,00.html
http://news.cnet.com/news/0-1003-200-5222484.html
http://www.msnbc.com/news/548228.asp
http://www.newsbytes.com/news/01/163498.html
http://www.usatoday.com/life/cyber/invest/2001-03-22-microsoft.htm
Zimmermann plays down PGP flaw
Phil Zimmermann - creator of the OpenPGP encryption
software - is playing down a flaw discovered in his
hugely popular program, saying that someone would
still need access to your hard drive to break the
code. Two Czech researchers, working for their
country's National Security Authority, claimed to
have found a way to bypass the public/private key
system. The claim was posted on a Czech IT company's
Web site. They refused to give any details, however,
leading many to believe it was a hoax. Zimmermann
and Network Associates - which owns the PGP trademark
- subsequently announced that the flaw was real, but
assured all that it does not compromise the system.
They also criticised the Web site - ICZ Group - for
failing to give it any technical details and using
the news as a publicity stunt on the eve of CeBIT.
http://www.theregister.co.uk/content/8/17808.html
Hacking Incidents Skyrocket In Malaysia - MyCert
The Malaysian Computer Emergency Response Team
(MyCert) has witnessed a surge in hacking incidents
since the end of last year and is warning all
system managers to monitor, upgrade, patch and
fix their computer servers. MyCert reports a
"dramatic escalation in intrusion cases," since
December 2000, particularly attacks exploiting
known vulnerabilities in Microsoft Windows NT
and Linux computer server platforms. The MyCert
team says it's seeing such attacks each and every
day, even more so on weekends and holidays when
systems may not be monitored so closely.
http://www.newsbytes.com/news/01/163466.html
Rice Seeks Big U.S. Cyber-Security Push
President George W. Bush's top national security
aide called on Thursday for an "unprecedented"
partnership with the private sector to curb the
any threat of computer-generated attacks on vital
U.S. infrastructure. Heavy reliance on computers
has become the "soft underbelly" of U.S. life and
a juicy target for foes, National Security Advisor
Condoleezza Rice said in her first major policy
address. "Our gaming exercises have told us for
some time that a few well-organized hackers could
disrupt everything from our power lines to our 911
(emergency telephone) systems," she told an Internet
security forum organized by CIO and Darwin magazines.
http://www.reuters.com/news_article.jhtml;$sessionid$PUWZV1YAAOK1ECRBADLSFEYKEEANMIV2?type=technology&Repository=TECHNOLOGY_REP&RepositoryStoryID=%2Fnews%2FIDS%2FTechnology%2FTECH-USA-DC_TXT.XML
Bush admin warns of cyber-security threat
http://www.zdnet.com/zdnn/stories/news/0,4586,2700256,00.html
After Spam, Baloney to Swallow
The folks who bring you such e-mail favorites as
"QUIT YOUR JOB TOMORROW" and "LOSE WEIGHT NOW"
have suddenly noticed that lawmakers nationwide
are considering new rules to protect privacy on
the Internet. So Internet-related businesses have
launched a frantic lobbying campaign to derail
the train before it builds up a head of steam.
They say they don't need Washington or Sacramento
or Bismarck telling them how to protect the
consumers whose in-boxes they jam and whose Web
surfing habits they track. "Trust us," they say.
That's a little like trusting the fox in the
henhouse because the industry had its chance.
The Clinton administration gave everybody
involved in the technology--from Internet service
providers to software developers--years to clean
up their act.
http://www.latimes.com/business/cutting/20010322/t000024775.html
Privacy advocates make plea to Echelon committee
Privacy organisation Cyber-Rights and Cyber-Liberties
has submitted its objections to Internet surveillance
ahead of a meeting in the European Parliament today.
A European parliamentary committee is due to discuss
the controversial global surveillance system Echelon
and the involvement of European countries. The UK has
always refused to comment on allegations that it is
involved with the surveillance network. According to
Cyber-Rights, the UK would be in serious breach of
the Treaty of the European Union if allegations of
its involvement in Echelon are found to be true.
"Secret surveillance and interception of all forms
of communications including Internet communications,
cannot be acceptable in democratic societies," the
submission reads. While Cyber Rights welcomes the
investigation into Echelon it also calls for
accountability in the global interception of
communications.
http://www.zdnet.co.uk/news/2001/11/ns-21744.html
http://www.theregister.co.uk/content/8/17800.html
Cell phone jammers defy law
Nearly everyone has been annoyed at a cell phone
ringing at an inopportune moment or someone blabbing
away in public. Many people would love to block the
signals if they could but doing so in America is
illegal. So you might be surprised to learn that
not only are cell phone jamming devices being sold
to frustrated folks in the United States, but that
MSNBC.com has been told one purchaser is the U.S.
government.
http://www.msnbc.com/news/544178.asp
------------------------ Yahoo! Groups Sponsor ---------------------~-~>
Secure your servers with 128-bit SSL encryption!
Grab your copy of VeriSign's FREE Guide,
"Securing Your Web site for Business." Get it now!
http://us.click.yahoo.com/4cW4jC/e.WCAA/bT0EAA/kzAVlB/TM
---------------------------------------------------------------------_->
------------------
http://all.net/
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/