Return-Path: <list@infowar.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Mon, 07 Jan 2002 12:07:08 -0800 (PST) Received: (qmail 27132 invoked by uid 510); 7 Jan 2002 20:04:59 -0000 Received: from mail.infowar.com (HELO infomail.infowar.com) (208.178.153.42) by all.net with SMTP; 7 Jan 2002 20:04:59 -0000 Received: from infowar7 (infowar.com [208.178.153.40]) by infomail.infowar.com (Build 101 8.9.3/NT-8.9.3) with ESMTP id PAA00609 for <fc@all.net>; Mon, 07 Jan 2002 15:04:23 -0500 Message-Id: <200201072004.PAA00609@infomail.infowar.com> Date: Mon, 07 Jan 2002 15:02:17 -0500 From: betty@infowar.com Sender: list@infowar.com Reply-To: betty@infowar.com Subject: News to Use from Infowar.Com 01-07-02 To: fc@all.net "News to Use from Infowar.Com" is a periodic output of information relevant to computer security, information warfare, and related genres. If you do not wish to receive this email, please feel free to unsubscribe. Those directions are at the bottom of this email. Infowar.Com PROTECTS your privacy. Your email address is never sold or leased to outside parties. You have received this email because you have JOINED the list, or someone has forwarded this to you. News to Use is brought to you by Verisign.Com https://www.verisign.com/cgi-bin/clearsales_cgi/leadgen.htm?form_id=0057&toc and Recourse Technologies http://www.recourse.com/webseminarpalm ======================================================================= 1. FREE Web Seminar: Palm Tightens Grip on Network Security 2. Free Webinar - " Authentication & Authorization in the Financial Industry" 3. New Linux Backdoor Virus Gains Smarts 4. Report warns of al-Qaeda's potential cybercapabilities 5. Power Play for Control of the Grid 6. White House Announces Changes to Dual-Use Export Controls 7. DOD Joint Spectrum Center - PRICE NAMED NEW DEPUTY FOR SPECTRUM, C3 POLICY 8. Introducing Com-Guard. Check this out! 9. Tampa ACLU ACLU Report Rips Voice Recognition Technology 10. Combating Terrorism Report - RAND 11. Corporations Risk Harboring Infoterrorists through Negligence 12. Password Protection 101 ========================================================================= 1. FREE Web Seminar: Palm Tightens Grip on Network Security, by Recourse Technologies Join us on 1/15/02 to learn how Palm, Inc. tightened their grip on Network Security, a case study approach. Learn how the right threat management infrastructure can efficiently contain, control and respond to unauthorized access attempts. Discover the best ways to proactively strengthen your own distributed enterprise defenses. Understand the most cost-effective methods to secure your business against intruders and interruptions using the latest technology. Limited seats available. Register today! www.recourse.com/webseminarpalm ============================================================================ 2. A free webinar entitled "Authentication & Authorization in the Financial Industry" will be hosted by Steve Ellis, Executive Vice President, Wholesale Internet Solutions for Wells Fargo, along with Netegrity and BioNetrix. Learn the trends and directions for increased security through authentication and authorization within financial institutions. Wednesday January 16. Sign up now at http://www.bionetrix.com/webinar ============================================================================ 3. New Linux Backdoor Virus Gains Smarts By Brian McWilliams, Newsbytes, 1/7/2002 http://www.newsbytes.com/news/02/173408.html A new and more dangerous version of a remote-control virus that targets computers running the Linux operating system may be in the wild, but security experts do not expect the malicious code to spread widely. According to preliminary analyses, the virus appears to be a "smarter" variant of the Remote Shell Trojan (RST), discovered last September, that infects programs written for Linux, an alternative to Microsoft's Windows. Managed security provider Qualys obtained a copy of one new variant last month from an "outside source," according to Gerhard Eschelbeck, vice president of engineering. Qualys will release a detailed advisory, along with detection and cleaning tools next week for the new virus, which it has labeled RST.b. Like the initial RST, the new variant identified by Qualys is designed to infect binary files in the Linux Executable and Linking Format (ELF) and create a "back door" on an infected system that gives a remote attacker full control. <snip> ======================================================================= 4. Report warns of al-Qaeda's potential cybercapabilities By DAN VERTON January 04, 2002 An obscure report issued Dec. 21 by the Canadian Office of Critical Infrastructure Protection and Emergency Services raises the specter of a possible future cyberattack by agents or sympathizers of Osama bin Laden's al-Qaeda terrorist organization. The Canadian threat analysis of al-Qaeda's cybercapabilities concludes that although there have been no examples to date of cyberterrorist attacks conducted by al-Qaeda, "Bin Laden's vast financial resources, however, would enable him or his organization to purchase the equipment and expertise required for a cyberattack and mount such an attack in very short order." < snip> http://www.computerworld.com/storyba/0,4125,NAV47_STO67092,00.html Report is at: http://www.epc-pcc.gc.ca/emergencies/other/TA01-001_E.html =========================================================================== 5. Power Play for Control of Grid Sacramento Bee, 1/4/2002 Sturdy as steel, California's power lines climb mountains and straddle valleys. But the people who run them are at a crossroads over who should control those lines in the years ahead. Federal regulators -- the same ones California battled over how to tame the state's energy crisis -- have their own plan for the electric grid. They want it swept up into a multistate transmission organization that would be regulated in Washington, D.C. The change would be part of a broader effort by the Federal Energy Regulatory Commission to create four regional super-grids to run high-voltage transmission lines nationwide. FERC expects the giant regional grids to advance its longtime goal -- more competition in the electric industry, which it says will boost efficiency and save consumers money. Those who support state control and many advocates for smaller consumers worry that what will happen, instead, is that the best deals will flow to the largest buyers and that states with low-cost power will lose it to higher-priced neighbors. "What's in play here is an effort by an industry to totally deregulate their industry in all phases of it, so they can basically do as they please," said state Sen. Joe Dunn, D-Santa Ana, who is chairing a committee investigating price manipulation. He says California must oppose regional transmission until federal regulators prove they have truly conquered every effort at manipulating the market to force up prices. <snip> http://elp.pennnet.com/News/Display_News_Story.cfm?Section=WireNews&SubSection=HOME&NewsID=40234 ========================================================================== 6. White House Announces Changes to Dual-Use Export Controls (Export limits are brought up to modern standards, it says) The Bush administration has revised export rules for dual-use computer technology. In a January 2 news release, the White House said the United States will raise the individual license requirement limit from the current level of 85,000 Millions of Theoretical Operations Per Second (MTOPS) to 190,000 MTOPS for exports of computers to Tier 3 countries, including Russia and China. MTOPS is an indicator of a computer's operating speed. The decision also affects general-purpose microprocessors with an operating speed of 12,000 MTOPS or less that now can be exported to many countries without individual licenses. The United States limits sales of civilian computer technology to certain countries that may use it for military purposes. The Bush administration also intends to remove Latvia from the list of countries for which prior review is required for computer exports, the release says. http://usinfo.state.gov/cgi-bin/washfile/display.pl?p=/products/washfile/latest&f=02010202.clt&t=/products/washfile/newsitem.shtml ============================================================================ 7. PRICE NAMED NEW DEPUTY FOR SPECTRUM, C3 POLICY Secretary of Defense Donald H. Rumsfeld announced today the creation of an office to establish policy in the area of command, control and communications and provide direction for DoD frequency spectrum issues. Steven Price was named deputy assistant secretary of defense (DASD) for Spectrum and C3 Policy, reporting to Assistant Secretary of Defense John P. Stenbit. This is the first time spectrum issues have been raised to the DASD level. As DoD's use of the electromagnetic spectrum for communications grows, it increasingly runs into potential competition, interference and coordination requirements for international and commercial frequencies. The Department's long-standing bands of spectrum are critical to meeting the needs of the warfighter yet also are considered prime by investors in third generation and ultrawideband device markets. Over the past decade, the government has ceded 247 Mhz of bandwidth to industry - more than half in the desirable 3 GHz band. Maintenance of sufficient spectrum and bandwidth is essential to network centric warfare and information superiority, two key transformational tenets of joint operations like Enduring Freedom. Price says his vision is to "help DoD build a global secure wide-band network, with wireless access, for warriors in the field so that bandwidth does not limit or impede U.S. military capability. Transforming towards a network centric military that decentralizes decision-making by allowing access to information anytime, anywhere and without concerns of bandwidth or interoperability will help create the flexible, reliable and effective joint command and control systems that will be needed in the future." Price came to DoD from LiveWire, a provider of software and outsourcing services where he was president and CEO. He is a lawyer by profession with degrees from Brown University, where he graduated magna cum laude, Phi Beta Kappa, and Columbia University School of Law. His previous experience in government was as a special assistant to the U.S. ambassador to the START Talks, under President George H.W. Bush. Joint Spectrum Center Homepage: http://www.jsc.mil/ =================================================================== 8. Com-Guard - New in the store! Com-Guard(tm) with the Sensor-Card(tm) provides a complete personal security system for a PC and its environment. This model is the PCI-slot format. Com-Guard limits unauthorized computer use/access, provides for file locking with or without encryption, and the tracking of keyboard entries. System violations spawn phone, pager, and/or email notifications. Emails may include a video clip if a standard PC-camera is present. The Sensor-Card hardware extends the protection by incorporating remote control system arming, an internal vibration sensor, an audible siren, and connectors for a variety of optional theft deterring sensors (such as motion detectors, window/door magnetic switches, thermal sensors, etc). All violations are tracked by date and time and stored for review. (An ISA-slot version is available.) Com-Guard software with PCI Sensor-Card http://estore.infowar.com/comguard/comguard_index.shtml =================================================================== 9. ACLU Report Rips Voice Recognition Technology Continuing its crusade against the use of face recognition technology in public places, the American Civil Liberties Union (ACLU) released a report today indicating that a widely deployed face-recognition system in Tampa Fla. never identified a criminal suspect during the months it was used. "If we're going to go down the road of becoming a society under total surveillance, its got to have some kind of payoff, some kind of benefit," Florida ACLU Executive Director Howard Simon told Newsbytes today. During the time that Tampa police have used the face recognition system, "they never made an apprehension, they never made an arrest (and they recorded) a large number of false positives," Simon said. The ACLU says it relied on system logs of the Tampa face-recognition system that it obtained through Florida's open records laws to compile its report, which is online at http://www.aclu.org/issues/privacy/drawing_blank.pdf . ============================================================================ 10. Combating Terrorism: Assessing the Threat of Biological Terrorism. Abstract: This is the testimony given by John Parachini before Congress on the threat of chemical and biological warfare issues that have resulted since September 11, and what the government can and should do to deal with biological and chemical threats. Online Access: http://www.rand.org/publications/CT/CT183/ Or: http://www.infowar.com/class_3/02/AssessingThreatBiologicalTerrorismCT183.pdf (170KB) ====================================================== 11. Corporations Risk Harboring Infoterrorists through Negligence By Jacques Halé, Infosec News, 1/7/2002 http://www.infosecnews.com/opinion/2002/01/02_02.htm Terrorism is not a new phenomenon but has gained special popularity recently. What is surprising is that the threat to the Internet as an economic infrastructure has not yet dawned on the business community. Ever since the use of IT in warfare, defense experts have been especially interested, as part of intelligence and counter-intelligence, in the activity of foreign powers and potential cyberterrorists over all communication channels, but their expertise enables them to understand also the nature of the threats to the Internet as the backbone of the national and international economy. One expert, Paul Strassmann, is an associate of the Butler Group. He has served as an expert member of a number of U.S. military commissions concerned with information warfare and has studied this field for at least ten years. The knowledge of these military experts is now relevant to the non-defense world as well, and it needs to be translated into practical measures for the rest of us, as we discuss below. <snip> ============================================================================ 12. Password Protection 101 Thought it was a good idea to run this again. Take the time to read it. Every year thousands of computers are illegally accessed because of weak passwords. How many users are guilty of any of the following things: * Writing down a password on a sticky note placed on or near your computer. * Using a word found in a dictionary. That's right, a dictionary. Any dictionary! * Using a word from a dictionary followed by 2 numbers. * Using the names of people, places, pets, or other common items. * Sharing your password with someone else. * Using the same password for more than one account, and for an extended period of time. * Using the default password provided by the vendor. <snip> http://www.nipc.gov/publications/nipcpub/password.htm ======================================================================= Have a good week! Betty Infowar.Com Ltd. 3030 N. Rocky Pt. Drive W # 240 Tampa, FL, 33607 813-288-1955 Voice 813-288-1985 FAX 888-648-2448 http://www.infowar.com http://estore.infowar.com --------------------------------------------------------------------------- To be unsubscribed from the mailing list simply click on the link below http://www.infowar.com/cgi-shl/sl/s.pl?r=1&l=2&e=fc=:all.net --This communication is confidential to the parties it is intended to serve-- Fred Cohen Fred Cohen & Associates.........tel/fax:925-454-0171 fc@all.net The University of New Haven.....http://www.unhca.com/ http://all.net/ Sandia National Laboratories....tel:925-294-2087 ------------------------ Yahoo! Groups Sponsor ---------------------~--> Tiny Wireless Camera under $80! Order Now! FREE VCR Commander! Click Here - Only 1 Day Left! http://us.click.yahoo.com/WoOlbB/7.PDAA/ySSFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:02 PST