[iwar] [NewsBits] NewsBits - 03/07/02 (fwd)

From: Fred Cohen (fc@all.net)
Date: 2002-03-08 06:35:37


Return-Path: <sentto-279987-4583-1015598084-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Fri, 08 Mar 2002 06:38:08 -0800 (PST)
Received: (qmail 2087 invoked by uid 510); 8 Mar 2002 14:35:06 -0000
Received: from n34.groups.yahoo.com (216.115.96.84) by all.net with SMTP; 8 Mar 2002 14:35:06 -0000
X-eGroups-Return: sentto-279987-4583-1015598084-fc=all.net@returns.groups.yahoo.com
Received: from [216.115.97.187] by n34.groups.yahoo.com with NNFMP; 08 Mar 2002 14:34:45 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: unknown); 8 Mar 2002 14:34:43 -0000
Received: (qmail 26648 invoked from network); 8 Mar 2002 14:34:41 -0000
Received: from unknown (216.115.97.171) by m6.grp.snv.yahoo.com with QMQP; 8 Mar 2002 14:34:41 -0000
Received: from unknown (HELO red.all.net) (12.232.72.152) by mta3.grp.snv.yahoo.com with SMTP; 8 Mar 2002 14:34:41 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g28EZbY15974 for iwar@onelist.com; Fri, 8 Mar 2002 06:35:37 -0800
Message-Id: <200203081435.g28EZbY15974@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Fri, 8 Mar 2002 06:35:37 -0800 (PST)
Subject: [iwar] [NewsBits] NewsBits - 03/07/02 (fwd)
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

March 7, 2002

Gibe worm poses as a Microsoft update
A new virus pretends to be an update from Microsoft,
but if triggered it is a mass-mailing worm. What appears
to be a new security update from Microsoft is actually
a clever attempt by a virus writer to spread a worm.
Gibe (w32.gibe@mm) is a nondestructive worm written
in Visual Basic that attempts to mass-mail itself to
everyone in an address book. Fortunately, the infected
email is plagued with spelling errors and should be
easy to spot. Because this worm is not destructive
and only sends email to others.
http://news.zdnet.co.uk/story/0,,t269-s2106131,00.html

Enron investigation site shut down
A congressional committee looking into the Enron
collapse said Thursday that it temporarily shut down
a Web site relating to its investigation because of
a security problem, but it added that no sensitive
data had been compromised. An official from the
U.S. House of Representatives' Energy and Commerce
Committee confirmed that its site was vulnerable
because of a glitch in its IBM Lotus Domino
database, which contained documents and
information dating back to 1998.
http://zdnet.com.com/2100-1105-854910.html
http://news.com.com/2100-1023-854792.html

Teen Anarchist Back Online Despite FBI & Big ISPs
Sherman Austin has not been charged with breaking
any laws, but that hasn't stopped two of the biggest
Internet service providers (ISPs) from running the
California teenager off their property for his
anarchist views. Last month, after incarcerating
Austin, 18, for more than a week, federal prosecutors
decided not to file charges against Austin for
publishing bomb-making information at his site
Raisethefist.com and hacking into several sites
to post revolutionary calls to arms.
http://www.newsbytes.com/news/02/175051.html

Secret Service prepares for new world disorder
Best known as the protectors of presidents, the U.S.
Secret Service (USSS) are often seen as the men and
women in dark suits and impenetrable glasses running
alongside limousines and walking two steps behind
world leaders. But when the USSS was created in 1865,
its mission was to safeguard the nation's financial
payment systems from fraud, counterfeiting and
exploitation. These days, technology is often the
facilitator of these crimes, so understanding and
using technology for the detection and prevention
of computer crime has become an integral part of
the USSS's mission.
http://www.cnn.com/2002/TECH/industry/03/06/secret.service.idg/index.html

U.S. studying Cuba's ability to disrupt Net
The Bush administration has begun a review of Cuba
policy that will include an assessment of whether
Cuba can disrupt U.S. military communications through
the Internet, a senior official says. That issue will
be examined along with others to determine Cuba's
potential to damage U.S. interests, the official
said. The senior official, asking not to be identified,
said Cuba's involvement in international terrorism
also will be part of the review.
http://www.usatoday.com/life/cyber/tech/2002/03/07/cuba-cyberattack.htm

House subcommittee approves bill for kid-safe Net domain
The House moved closer Thursday to setting aside part
of the Internet for material suitable for children.
The Energy and Commerce Committee's telecommunications
panel approved legislation to create a ``kids.us''
domain for Web sites free of pornography and other
material deemed inappropriate for children under 13.
``While there is no substitute for proper parental
supervision, responsible parents that I talk to want
more tools to assist them in protecting their kids
on the Internet,'' said Rep. Fred Upton, R-Mich.,
the subcommittee chairman.
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/2813823.htm
http://zdnet.com.com/2110-1106-854937.html
http://news.com.com/2100-1023-854745.html
http://www.newsbytes.com/news/02/175037.html
http://www.msnbc.com/news/720879.asp
http://www.usatoday.com/life/cyber/tech/2002/03/07/net-domain-kids.htm
http://www.nandotimes.com/technology/story/289614p-2576341c.html

Agencies outline security changes
Federal agencies are reviewing old security programs
and kicking off new ones in response to the deficiencies
discovered during the self-assessments required by
Congress, officials testified March 6. Energy and
Defense department officials outlined several major
changes in their information security policies and
practices as they testified before a hearing of
the House Government Reform Committee's Government
Efficiency, Financial Management and Inter-governmental
Relations Subcommittee. The changes include new system
certification, employee training and policy compliance
programs.
http://www.fcw.com/fcw/articles/2002/0304/web-action-03-07-02.asp

Russian Company Asks Judge To Toss Copyright Case
Attorneys for a Russian software company this week
asked a federal judge to dismiss charges that the firm
violated U.S. copyright laws by selling - from Russia
- a product capable of circumventing security features
built into Adobe eBooks. In their first round of motions
in the highly anticipated case, attorneys for Moscow-
based Elcomsoft argued that U.S. prosecutors did not
have jurisdiction to prosecute the firm - which wrote
and published the offending software product in Russia.
http://www.newsbytes.com/news/02/175049.html

GAO: Reports of ID theft on the rise
Credit card fraud said to surpass $1 billion annually
Reports of identity theft have grown rapidly over the
past several years, and the resulting credit card fraud
has surpassed $1 billion annually, congressional
investigators said Thursday. Complaints to consumer hot
lines, the Federal Trade Commission and other sources
  show that Americans more than ever are at risk of
having their money stolen and credit records wrecked.
http://www.msnbc.com/news/720936.asp

Record label copyright proof due in Napster case
A federal judge gave the record labels suing Napster
until Thursday to produce documents proving they own
the copyrights to 213 songs that once traded for free
over the song-swap service. U.S. District Judge Marilyn
Hall Patel ordered the labels to provide certificates
of copyright registration, or applications for such
proof, for top-selling artists such as the Beatles
and Elvis Presley. A special master, Neil Boorstyn,
was appointed by Patel to examine the labels'
documents. He will file a report to the court
detailing whether the labels have sufficiently
established copyright ownership rights.
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/2810336.htm
http://www.newsbytes.com/news/02/175045.html

Spies can exploit computer lights, monitor glow
By monitoring the flashing lights on electronics
equipment and the indirect glow from monitors, scientists
have discovered ways to remotely eavesdrop on computer
data. The two methods are relatively simple to carry out,
but also easy to prevent, according to scientific papers
written by researchers in the United States and Britain.
``Data communication equipment, and even data encryption
devices, sometimes emit modulated optical signals that
carry enough information for an eavesdropper to reproduce
the entire data stream,'' the authors of one paper write.
``It requires little apparatus, can be done at
a considerable distance, and is completely undetectable.''
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/2812842.htm
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/2810146.htm
http://zdnet.com.com/2100-1105-854350.html
http://www.wired.com/news/technology/0,1282,50893,00.html
http://www.cnn.com/2002/TECH/ptech/03/07/led.snooping.reut/index.html

Netscape Navigator Browser Snoops On Web Searches
AOL Time Warner's Netscape unit is snooping on searches
performed by users of its latest Navigator browser at
Google and other search sites. According to a network
traffic analysis performed by Newsbytes, Netscape is
capturing Navigator 6 users' search terms, along with
their Internet protocol (IP) address, the date Navigator
was installed and a unique identification number.
http://www.newsbytes.com/news/02/175035.html

Gator Branded A Trojan Horse Despite Security Fix
Gator Corp. has corrected a security flaw in the
Web-based installer program for its popular digital
wallet software, but some anti-virus utilities still
brand the program a Trojan horse. Responding to a
report in February that the ActiveX installer opened
a potential back door for attackers, Gator temporarily
removed the program, GatorSetup.exe, from its sites
and posted a security update that eliminates the
vulnerability for users who have installed the
program using the ActiveX control.
http://www.newsbytes.com/news/02/175046.html

Network Associates discontinues PGP encryption software
Software company Network Associates has stopped
selling PGP, the most widely used software for
e-mail encryption, after failing to find a buyer
for the technology, a spokeswoman said Thursday.
PGP, or Pretty Good Privacy, is available free
online for personal use, a major reason the
company saw little future in trying to make
a business of selling the software for corporate
use, said spokeswoman Jennifer Keavney. ``It
is the leading encryption technology out there,
but it's all based on free downloads,'' she said.
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/2814647.htm
http://www.nandotimes.com/technology/story/290534p-2579685c.html
http://www.theregister.co.uk/content/54/24336.html

USPS cancels secure e-mail biz
The U.S. Postal Service has decided to get out of the
secure e-mail business and is pulling the plug on its
PosteCS service. Unable to make money on the service
or find a buyer for it, USPS will discontinue the
e-mail initiative, said Postal Service spokeswoman
Sue Brennan. PosteCS is a Web-based service designed
to deliver digital files that are too large for some
commercial e-mail services and to deliver electronic
documents that require timely receipt and assurance
against tampering. Documents could be stamped with
an electronic postmark to verify the time, date
and place of origin and receipt.
http://www.fcw.com/fcw/articles/2002/0304/web-usps-03-07-02.asp

MicronPC adds fingerprint safeguards to Pentium 4 notebook
The three layers of biometric security built into
the new TransPort GX3 notebook PC are the direct
result of federal interest in security, MicronPC
LLC portable product manager Jay White said
yesterday. =93We looked at the requests for
quotations and heard comments from federal
buyers,=94 White said. =93Our No.1 target market
is government.=94 IRS auditors and other security
conscious users, for example, asked for =93standard
removable hard drives that they could pull out
every night and put in hotel safes,=94 he said.
http://www.gcn.com/vol1_no1/daily-updates/18122-1.html

Prevent workstation hacking
Hacking isn=92t limited to the server. In fact, the
workstation is often the first place a hacker will
try to access because from there, he or she can
gain insight into how the network is set up. Often,
however, workstation protection is over-looked. To
help you safeguard your workstations, I have some
examples of how hackers gain access to workstations
and some tips on how to keep unwanted guests from
breaking into them.
http://www.techrepublic.com/article_guest.jhtml?id=3Dr00720020307pos01.htm&=
fro=20
mtm=3De101-3

Ripped Off Online
E-commerce may allow people to shop from the privacy
of their own home, but it doesn't make shopping any
safer. In fact, new studies show that online fraud
related to e-commerce transactions is dangerously
high. Merchants surveyed by research firm GartnerG2
reported that they lost 1.14 percent of all online
sales, or about $700 million, to fraud in 2001.
Overall, merchants rejecting around 5 percent of
Internet transactions as "suspicious." To counter
this disturbing trend, credit card companies,
merchants, and law enforcement are setting up
new programs to stamp out online fraud.
http://www.techtv.com/siliconspin/features/story/0,23008,3375042,00.html

Ten Windows Password Myths
With all of our advances in security technology,
one aspect remains constant: passwords still play
a central role in system security. The difficulty
with passwords is that all too often they are the
easiest security mechanism to defeat. Although we
can use technology and policy to make passwords
stronger, we are still fighting the weakest point
in any system: the human element. Ultimately the
goal is to get users to choose better passwords.
However, it is not always clear how to achieve
that goal. The problem is that as creative as
humans are, we are way too predictable. If I
asked you to make a list of totally random
words, inevitably some sort of pattern will
emerge in your list.
http://online.securityfocus.com/infocus/1554

Blocked Site of the Day
Peacefire puts the spotlight on a different site
each day that is screened out by various online
filtering programs, including Netnanny, Cybersitter,
Cyber Patrol, SurfWatch and others. These freedom
of speech advocates' selection when we visited was
a site devoted to ending violence against gays and
lesbians. Peacefire.org says its findings have been
used by lawyers for the American Civil Liberties
Union, People For the American Way, and other anti-
censorship groups to challenge Internet censorship
laws in Congress and in several state legislatures.
http://www.newsbytes.com/news/02/175032.html

Pentagon accelerates homeland security communications system
The Pentagon announced this week that it will fund
the fast-track development of an experimental
communications system to enable federal, state and
local emergency response officials to share terrorist
threat information and coordinate their emergency
response capabilities. "We need to have a command
and control system ... so that all parties and first
responders can talk to each other," Sue Payton,
deputy undersecretary of Defense for advanced systems
and concepts, said Tuesday during a Pentagon briefing.
http://www.govexec.com/dailyfed/0302/030702td1.htm

Wearable computing to defeat terrorism
Wearable-computing hypemeisters Xybernaut are at it
again, this time persuading former Virginia Governor
James Gilmore to serve as pitch man for the company's
ambition to equip US officials and law enforcement
officers with wearable devices to root out terrorists.
Gilmore made an appearance at the seventh annual
International Conference on Wearable Computing (ICWC),
which is part of the COMDEX Chicago trade show.
Xybernaut apparently is paying for the ICWC bit
as a prime marketing vehicle.
http://www.theregister.co.uk/content/54/24328.html

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Tiny Wireless Camera under $80!
Order Now! FREE VCR Commander!
Click Here - Only 1 Day Left!
http://us.click.yahoo.com/nuyOHD/7.PDAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:04 PST