[iwar] Historical posting


From: Fred Cohen
From: fc@all.net
To: iwar@onelist.com

Mon, Jan 1, 1999


fc  Mon Jan 1, 1999
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA15269 for iwar@onelist.com; Tue, 18 Apr 2000 05:21:43 -0700
To: iwar@onelist.com
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Mon, Jan 1, 1999
From: Fred Cohen 
Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting

          

Japan suffers more hacking raids
Computer hackers raided Japanese government sites for the
fifth time in a week on Thursday, posting derogatory messages
and forcing Tokyo to shut down at least two sites. Officials
also reported a number of unsuccessful attempts by hackers to
penetrate government sites after the Management and Coordination
Agency (MCA) discovered early on Thursday that its site had been
raided for a second time in a week. The MCA, along with the
Science and Technology Agency, closed its site.
http://www.mercurycenter.com/svtech/news/breaking/internet/docs/139065l.htm

Japan Internet hacking raids raise security doubts
A series of humiliating hacking raids on government Internet
sites, which left them littered with inflammatory messages
and pornographic links, has shown up a wider problem of lax
computer security in Japan, experts say. Computer hackers
raided government sites in at least five known incidents this
week, even as the government scrambled to announce emergency
plans to prevent future attacks.
http://www.mercurycenter.com/svtech/news/breaking/internet/docs/138990l.htm

New hack attack is greater threat than imagined
It was news a month ago; days later it vanished. The mainstream
press may have forgotten it, but security specialists gathered
in California last week for the sixth RSA Conference to consider
the growing trend in malicious computer assaults called
distributed denial of service (DDoS) attacks. Dealing with this
sort of assault can be maddening for the primary victim. The
clients from which the attack is launched are themselves
intermediate victims who rarely know that their systems have been
compromised. They are in diverse locations around the world,
administered by people who speak different languages, making it
nearly impossible for one victim to explain to another how to
cope with the threat.
http://www.theregister.co.uk/000127-000005.html

Bernstein crypto case to be reheard
A federal appeals court will reconsider an earlier ruling striking
down export limits on computer data scrambling products in light of
new export rules announced this month by the White House. An order
from the 9th U.S. Circuit Court of Appeals in San Francisco, issued
Wednesday, requires a three-judge panel to reconsider its May ruling
in favor of computer scientist Daniel Bernstein. The panel ruled that
the export limits, by prohibiting Bernstein from posting source code
for a computer program he had written on the Internet, violated the
Constitutional protection of free speech. In September the full 9th
Circuit agreed to review the 2-1 decision by three of its judges in
favor of Bernstein. Wednesday's ruling instead required the three
judge panel to reconsider the case.
http://www.zdnet.com/zdnn/stories/news/0,4586,2428386,00.html

Security improvements made at national labs
Security at nuclear weapons labs has made "monumental strides"
in the past year, but computer protection is still not 100
percent, the Energy Department's top security official says.
Eugene Habiger, who was hired as the department's "security czar"
after the uproar over alleged Chinese espionage at the research
labs, said he is "99.5 percent confident" that America's nuclear
secrets are protected from cyber-espionage. "But when it comes
to computer stuff to say impossible is pretty tough," said Habiger
at a news conference Tuesday, in which the department catalogued
improvements made in protecting the nation's nuclear secrets.
http://www.cnn.com/2000/US/01/26/nuclear.security.ap/index.html

Visa strengthens network after number kidnap
Computer hackers demanded a #10 million ransom from Visa
in return for stolen data after breaking into the credit card
giant's network. Visa's UK head office was contacted shortly
before Christmas by a group which said it had obtained the
information during a hacking raid in the summer. Visa refused
to pay the ransom and contacted police. Last week a Visa
spokesman admitted that hackers had penetrated its computer
network last July, but stressed that they were detected almost
immediately. The company has since hardened its systems and
the hackers have not returned, he said.
http://www.vnunet.com/News/105782

International action urged to drive racists offline
European leaders called for international cooperation on
Thursday to stop the Internet's use as a tool for spreading
neo-Nazi and other racist propaganda. Many of the 700
delegates from 46 countries attending a conference on the
Holocaust expressed concern about rising neo-Nazi activity
in Europe, and the growing role of high technology in
spreading messages of hate.
http://www.mercurycenter.com/svtech/news/breaking/merc/docs/076563.htm

Chinese 'Web worms' police themselves
In China's mushrooming Internet chat rooms, Big Brother may
not be watching but Big Mama almost certainly is. ``Big Mamas''
are Web site employees who lead armies of volunteers patrolling
chat rooms and bulletin boards, zapping risky political
commentary, foul language and unwanted ads. The intricate system
shows how Chinese users are taking it upon themselves to keep the
Internet orderly -- a form of self-censorship designed to keep
the Web out of the crosshairs of a government distrustful of the
information flow.
http://www.mercurycenter.com/svtech/news/breaking/internet/docs/141404l.htm

China seeks to soothe fears over encryption rules
China sought to reassure foreign investors on Thursday over
sweeping new regulations on encryption technology that could
restrict sales of everything from imported software to mobile
phones. ``This will not affect the pace of foreign companies
entering China,'' Foreign Ministry spokesman Zhu Bangzao told
a news conference. Under regulations that take effect on Monday
all foreign and Chinese companies or individuals using
encryption technology, which protects electronic communication
from eavesdropping, must register with the government.
http://www.mercurycenter.com/svtech/news/breaking/merc/docs/005099.htm

Corel hurries to fix Linux security hole
Corel is working to patch a bug with its version of Linux that could
let unauthorized users gain access to machines running Corel Linux.
A program called Corel Update has a problem that lets ordinary users
take actions ordinarily only reserved for system administrators.
Fixing the vulnerability is a "top priority for Corel," the company
said, and a fix will be posted on the company's Web site.
http://news.cnet.com/news/0-1003-200-1533081.html

Computer crime survey
A recent survey from New York-based firm Michael G. Kessler &
Associates shows some interesting findings that we thought could
be valuable information to readers. It found that of all the theft
of proprietary information, 35 percent was due to malicious
employees and only 28 percent due to hackers. The rest is stolen
by other US companies (28 percent), foreign companies (11 percent)
and governments (8 percent). The remaining 10 percent, according
to the study, is listed as miscellaneous crimes.
http://www.bangkokpost.net/data/260100_Database13.html

New crypto technique beats current standard
Called Cipherunicorn-A, the technique creates a number of false
keys in addition to the true encryption key, making it more
difficult for potential intruders to crack. The approach should
increase security while remaining compliant with the Data Encryption
Standard (DES) introduced by the US Department of Commerce, a
company spokesperson told The Register.
http://www.theregister.co.uk/000127-000025.html

--
FC