Return-Path: <sentto-279987-4583-1015598084-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Fri, 08 Mar 2002 06:38:08 -0800 (PST) Received: (qmail 2087 invoked by uid 510); 8 Mar 2002 14:35:06 -0000 Received: from n34.groups.yahoo.com (216.115.96.84) by all.net with SMTP; 8 Mar 2002 14:35:06 -0000 X-eGroups-Return: sentto-279987-4583-1015598084-fc=all.net@returns.groups.yahoo.com Received: from [216.115.97.187] by n34.groups.yahoo.com with NNFMP; 08 Mar 2002 14:34:45 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: unknown); 8 Mar 2002 14:34:43 -0000 Received: (qmail 26648 invoked from network); 8 Mar 2002 14:34:41 -0000 Received: from unknown (216.115.97.171) by m6.grp.snv.yahoo.com with QMQP; 8 Mar 2002 14:34:41 -0000 Received: from unknown (HELO red.all.net) (12.232.72.152) by mta3.grp.snv.yahoo.com with SMTP; 8 Mar 2002 14:34:41 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g28EZbY15974 for iwar@onelist.com; Fri, 8 Mar 2002 06:35:37 -0800 Message-Id: <200203081435.g28EZbY15974@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Fri, 8 Mar 2002 06:35:37 -0800 (PST) Subject: [iwar] [NewsBits] NewsBits - 03/07/02 (fwd) Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit March 7, 2002 Gibe worm poses as a Microsoft update A new virus pretends to be an update from Microsoft, but if triggered it is a mass-mailing worm. What appears to be a new security update from Microsoft is actually a clever attempt by a virus writer to spread a worm. Gibe (w32.gibe@mm) is a nondestructive worm written in Visual Basic that attempts to mass-mail itself to everyone in an address book. Fortunately, the infected email is plagued with spelling errors and should be easy to spot. Because this worm is not destructive and only sends email to others. http://news.zdnet.co.uk/story/0,,t269-s2106131,00.html Enron investigation site shut down A congressional committee looking into the Enron collapse said Thursday that it temporarily shut down a Web site relating to its investigation because of a security problem, but it added that no sensitive data had been compromised. An official from the U.S. House of Representatives' Energy and Commerce Committee confirmed that its site was vulnerable because of a glitch in its IBM Lotus Domino database, which contained documents and information dating back to 1998. http://zdnet.com.com/2100-1105-854910.html http://news.com.com/2100-1023-854792.html Teen Anarchist Back Online Despite FBI & Big ISPs Sherman Austin has not been charged with breaking any laws, but that hasn't stopped two of the biggest Internet service providers (ISPs) from running the California teenager off their property for his anarchist views. Last month, after incarcerating Austin, 18, for more than a week, federal prosecutors decided not to file charges against Austin for publishing bomb-making information at his site Raisethefist.com and hacking into several sites to post revolutionary calls to arms. http://www.newsbytes.com/news/02/175051.html Secret Service prepares for new world disorder Best known as the protectors of presidents, the U.S. Secret Service (USSS) are often seen as the men and women in dark suits and impenetrable glasses running alongside limousines and walking two steps behind world leaders. But when the USSS was created in 1865, its mission was to safeguard the nation's financial payment systems from fraud, counterfeiting and exploitation. These days, technology is often the facilitator of these crimes, so understanding and using technology for the detection and prevention of computer crime has become an integral part of the USSS's mission. http://www.cnn.com/2002/TECH/industry/03/06/secret.service.idg/index.html U.S. studying Cuba's ability to disrupt Net The Bush administration has begun a review of Cuba policy that will include an assessment of whether Cuba can disrupt U.S. military communications through the Internet, a senior official says. That issue will be examined along with others to determine Cuba's potential to damage U.S. interests, the official said. The senior official, asking not to be identified, said Cuba's involvement in international terrorism also will be part of the review. http://www.usatoday.com/life/cyber/tech/2002/03/07/cuba-cyberattack.htm House subcommittee approves bill for kid-safe Net domain The House moved closer Thursday to setting aside part of the Internet for material suitable for children. The Energy and Commerce Committee's telecommunications panel approved legislation to create a ``kids.us'' domain for Web sites free of pornography and other material deemed inappropriate for children under 13. ``While there is no substitute for proper parental supervision, responsible parents that I talk to want more tools to assist them in protecting their kids on the Internet,'' said Rep. Fred Upton, R-Mich., the subcommittee chairman. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/2813823.htm http://zdnet.com.com/2110-1106-854937.html http://news.com.com/2100-1023-854745.html http://www.newsbytes.com/news/02/175037.html http://www.msnbc.com/news/720879.asp http://www.usatoday.com/life/cyber/tech/2002/03/07/net-domain-kids.htm http://www.nandotimes.com/technology/story/289614p-2576341c.html Agencies outline security changes Federal agencies are reviewing old security programs and kicking off new ones in response to the deficiencies discovered during the self-assessments required by Congress, officials testified March 6. Energy and Defense department officials outlined several major changes in their information security policies and practices as they testified before a hearing of the House Government Reform Committee's Government Efficiency, Financial Management and Inter-governmental Relations Subcommittee. The changes include new system certification, employee training and policy compliance programs. http://www.fcw.com/fcw/articles/2002/0304/web-action-03-07-02.asp Russian Company Asks Judge To Toss Copyright Case Attorneys for a Russian software company this week asked a federal judge to dismiss charges that the firm violated U.S. copyright laws by selling - from Russia - a product capable of circumventing security features built into Adobe eBooks. In their first round of motions in the highly anticipated case, attorneys for Moscow- based Elcomsoft argued that U.S. prosecutors did not have jurisdiction to prosecute the firm - which wrote and published the offending software product in Russia. http://www.newsbytes.com/news/02/175049.html GAO: Reports of ID theft on the rise Credit card fraud said to surpass $1 billion annually Reports of identity theft have grown rapidly over the past several years, and the resulting credit card fraud has surpassed $1 billion annually, congressional investigators said Thursday. Complaints to consumer hot lines, the Federal Trade Commission and other sources show that Americans more than ever are at risk of having their money stolen and credit records wrecked. http://www.msnbc.com/news/720936.asp Record label copyright proof due in Napster case A federal judge gave the record labels suing Napster until Thursday to produce documents proving they own the copyrights to 213 songs that once traded for free over the song-swap service. U.S. District Judge Marilyn Hall Patel ordered the labels to provide certificates of copyright registration, or applications for such proof, for top-selling artists such as the Beatles and Elvis Presley. A special master, Neil Boorstyn, was appointed by Patel to examine the labels' documents. He will file a report to the court detailing whether the labels have sufficiently established copyright ownership rights. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/2810336.htm http://www.newsbytes.com/news/02/175045.html Spies can exploit computer lights, monitor glow By monitoring the flashing lights on electronics equipment and the indirect glow from monitors, scientists have discovered ways to remotely eavesdrop on computer data. The two methods are relatively simple to carry out, but also easy to prevent, according to scientific papers written by researchers in the United States and Britain. ``Data communication equipment, and even data encryption devices, sometimes emit modulated optical signals that carry enough information for an eavesdropper to reproduce the entire data stream,'' the authors of one paper write. ``It requires little apparatus, can be done at a considerable distance, and is completely undetectable.'' http://www.siliconvalley.com/mld/siliconvalley/news/editorial/2812842.htm http://www.siliconvalley.com/mld/siliconvalley/news/editorial/2810146.htm http://zdnet.com.com/2100-1105-854350.html http://www.wired.com/news/technology/0,1282,50893,00.html http://www.cnn.com/2002/TECH/ptech/03/07/led.snooping.reut/index.html Netscape Navigator Browser Snoops On Web Searches AOL Time Warner's Netscape unit is snooping on searches performed by users of its latest Navigator browser at Google and other search sites. According to a network traffic analysis performed by Newsbytes, Netscape is capturing Navigator 6 users' search terms, along with their Internet protocol (IP) address, the date Navigator was installed and a unique identification number. http://www.newsbytes.com/news/02/175035.html Gator Branded A Trojan Horse Despite Security Fix Gator Corp. has corrected a security flaw in the Web-based installer program for its popular digital wallet software, but some anti-virus utilities still brand the program a Trojan horse. Responding to a report in February that the ActiveX installer opened a potential back door for attackers, Gator temporarily removed the program, GatorSetup.exe, from its sites and posted a security update that eliminates the vulnerability for users who have installed the program using the ActiveX control. http://www.newsbytes.com/news/02/175046.html Network Associates discontinues PGP encryption software Software company Network Associates has stopped selling PGP, the most widely used software for e-mail encryption, after failing to find a buyer for the technology, a spokeswoman said Thursday. PGP, or Pretty Good Privacy, is available free online for personal use, a major reason the company saw little future in trying to make a business of selling the software for corporate use, said spokeswoman Jennifer Keavney. ``It is the leading encryption technology out there, but it's all based on free downloads,'' she said. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/2814647.htm http://www.nandotimes.com/technology/story/290534p-2579685c.html http://www.theregister.co.uk/content/54/24336.html USPS cancels secure e-mail biz The U.S. Postal Service has decided to get out of the secure e-mail business and is pulling the plug on its PosteCS service. Unable to make money on the service or find a buyer for it, USPS will discontinue the e-mail initiative, said Postal Service spokeswoman Sue Brennan. PosteCS is a Web-based service designed to deliver digital files that are too large for some commercial e-mail services and to deliver electronic documents that require timely receipt and assurance against tampering. Documents could be stamped with an electronic postmark to verify the time, date and place of origin and receipt. http://www.fcw.com/fcw/articles/2002/0304/web-usps-03-07-02.asp MicronPC adds fingerprint safeguards to Pentium 4 notebook The three layers of biometric security built into the new TransPort GX3 notebook PC are the direct result of federal interest in security, MicronPC LLC portable product manager Jay White said yesterday. =93We looked at the requests for quotations and heard comments from federal buyers,=94 White said. =93Our No.1 target market is government.=94 IRS auditors and other security conscious users, for example, asked for =93standard removable hard drives that they could pull out every night and put in hotel safes,=94 he said. http://www.gcn.com/vol1_no1/daily-updates/18122-1.html Prevent workstation hacking Hacking isn=92t limited to the server. In fact, the workstation is often the first place a hacker will try to access because from there, he or she can gain insight into how the network is set up. Often, however, workstation protection is over-looked. To help you safeguard your workstations, I have some examples of how hackers gain access to workstations and some tips on how to keep unwanted guests from breaking into them. http://www.techrepublic.com/article_guest.jhtml?id=3Dr00720020307pos01.htm&= fro=20 mtm=3De101-3 Ripped Off Online E-commerce may allow people to shop from the privacy of their own home, but it doesn't make shopping any safer. In fact, new studies show that online fraud related to e-commerce transactions is dangerously high. Merchants surveyed by research firm GartnerG2 reported that they lost 1.14 percent of all online sales, or about $700 million, to fraud in 2001. Overall, merchants rejecting around 5 percent of Internet transactions as "suspicious." To counter this disturbing trend, credit card companies, merchants, and law enforcement are setting up new programs to stamp out online fraud. http://www.techtv.com/siliconspin/features/story/0,23008,3375042,00.html Ten Windows Password Myths With all of our advances in security technology, one aspect remains constant: passwords still play a central role in system security. The difficulty with passwords is that all too often they are the easiest security mechanism to defeat. Although we can use technology and policy to make passwords stronger, we are still fighting the weakest point in any system: the human element. Ultimately the goal is to get users to choose better passwords. However, it is not always clear how to achieve that goal. The problem is that as creative as humans are, we are way too predictable. If I asked you to make a list of totally random words, inevitably some sort of pattern will emerge in your list. http://online.securityfocus.com/infocus/1554 Blocked Site of the Day Peacefire puts the spotlight on a different site each day that is screened out by various online filtering programs, including Netnanny, Cybersitter, Cyber Patrol, SurfWatch and others. These freedom of speech advocates' selection when we visited was a site devoted to ending violence against gays and lesbians. Peacefire.org says its findings have been used by lawyers for the American Civil Liberties Union, People For the American Way, and other anti- censorship groups to challenge Internet censorship laws in Congress and in several state legislatures. http://www.newsbytes.com/news/02/175032.html Pentagon accelerates homeland security communications system The Pentagon announced this week that it will fund the fast-track development of an experimental communications system to enable federal, state and local emergency response officials to share terrorist threat information and coordinate their emergency response capabilities. "We need to have a command and control system ... so that all parties and first responders can talk to each other," Sue Payton, deputy undersecretary of Defense for advanced systems and concepts, said Tuesday during a Pentagon briefing. http://www.govexec.com/dailyfed/0302/030702td1.htm Wearable computing to defeat terrorism Wearable-computing hypemeisters Xybernaut are at it again, this time persuading former Virginia Governor James Gilmore to serve as pitch man for the company's ambition to equip US officials and law enforcement officers with wearable devices to root out terrorists. Gilmore made an appearance at the seventh annual International Conference on Wearable Computing (ICWC), which is part of the COMDEX Chicago trade show. Xybernaut apparently is paying for the ICWC bit as a prime marketing vehicle. http://www.theregister.co.uk/content/54/24328.html ------------------------ Yahoo! Groups Sponsor ---------------------~--> Tiny Wireless Camera under $80! Order Now! FREE VCR Commander! Click Here - Only 1 Day Left! http://us.click.yahoo.com/nuyOHD/7.PDAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:04 PST